@networkpro/web 0.13.0 → 0.13.1

package/docs/search/search_index.json

@@ -0,0 +1 @@
+{"config":{"lang":["en"],"separator":"[\\s\\-]+","pipeline":["stopWordFilter"]},"docs":[{"location":"","title":"About Network Pro&trade;","text":"<p><sup>SPDX-License-Identifier: <code>CC-BY-4.0 OR GPL-3.0-or-later</code></sup></p> <p></p>","tags":["about","network-pro","documentation"]},{"location":"#about-network-protm","title":"About Network Pro\u2122","text":"","tags":["about","network-pro","documentation"]},{"location":"#security-that-respects-you","title":"Security That Respects You","text":"<p>At Network Pro Strategies (Network Pro\u2122), we deliver network security, cybersecurity, and digital privacy consulting with clarity, credibility, and care. We believe that real security doesn\u2019t have to come at the cost of user autonomy, and that privacy-minded solutions can be both practical and powerful.</p> <p>Our approach is built on a simple principle: the best security is the one that fits. That means we don\u2019t push ideologies\u2014we apply what works. We advocate for and implement free and open source solutions where they offer competitive functionality, control, and visibility. When proprietary platforms are better suited, we deploy them responsibly and securely\u2014ensuring every recommendation is grounded in technical merit, scalability, and client goals.</p>","tags":["about","network-pro","documentation"]},{"location":"#what-we-do","title":"What We Do","text":"<p>As a remote-first consultancy, we support clients across industries and geographies with a focus on:</p> <ul> <li>Network Hardening &amp; Perimeter Defense</li> <li>Firewall Architecture &amp; Policy Optimization</li> <li>Cloud Security &amp; Zero Trust Implementation</li> <li>Secure Infrastructure Design &amp; Implementation</li> <li>Risk Reduction &amp; Security Posture Assessment</li> </ul> <p>Our consulting engagements range from tactical one-off solutions to strategic, long-term partnerships. Whether it\u2019s helping a business segment its internal network, lock down its cloud footprint, or plan scalable defenses\u2014we deliver clear value, with zero fluff.</p> <p>We also believe education is a core pillar of real-world security. That\u2019s why we invest in raising awareness\u2014across both technical and general audiences\u2014on best practices in digital privacy, secure design, and threat mitigation.</p> <p>Network Pro\u2122 exists to bring strong, thoughtful security to organizations that value integrity\u2014without sacrificing agility or trust. We don\u2019t just secure infrastructure. We secure confidence.</p> <p> </p> <p>\ud83d\udd39 Let\u2019s connect to discuss how we can help secure and strengthen your business today.</p> <p>You can find our PGP keys and a vCard containing our contact information for your convenience below.</p> support@neteng.proPGP Key (ed25519) aexpk / asc 6590b992e2e3eff127387bce2af093e9dec61ba0 github@sl.neteng.ccPGP Key (ed25519) aexpk / asc e8b4f1193b21601207b080bbaebbb8f6d4bb723b vCard vcf <p><sub>Back to top</sub></p> <p>Network Pro\u2122, the shield logo, and the \"Locking Down Networks\u2122\" slogan are trademarks of Network Pro Strategies.</p> <p>Licensed under CC BY 4.0 and the GNU GPL, as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.</p>","tags":["about","network-pro","documentation"]},{"location":"conduct/","title":"Contributor Covenant Code of Conduct","text":"<p><sup>SPDX-License-Identifier: <code>CC-BY-4.0 OR GPL-3.0-or-later</code></sup></p> <p></p>","tags":["code-of-conduct","network-pro","documentation"]},{"location":"conduct/#contributor-covenant-code-of-conduct","title":"Contributor Covenant Code of Conduct","text":"<p>Network Pro Strategies Effective Date: 3/21/2025</p> <p> </p> <ul> <li>Our Pledge</li> <li>Our Standards</li> <li>Responsibilities</li> <li>Scope</li> <li>Enforcement</li> <li>Attribution</li> </ul> <p></p>","tags":["code-of-conduct","network-pro","documentation"]},{"location":"conduct/#our-pledge","title":"Our Pledge","text":"<p>We as members, contributors, and leaders pledge to make participation in our community a harassment-free experience for everyone, regardless of age, body size, visible or invisible disability, ethnicity, sex characteristics, gender identity and expression, level of experience, education, socio-economic status, nationality, personal appearance, race, caste, color, religion, or sexual identity and orientation.</p> <p>We pledge to act and interact in ways that contribute to an open, welcoming, diverse, inclusive, and healthy community.</p> <p><sub>Back to top</sub></p> <p></p>","tags":["code-of-conduct","network-pro","documentation"]},{"location":"conduct/#our-standards","title":"Our Standards","text":"<p>Examples of behavior that contributes to a positive environment for our community include:</p> <ul> <li>Demonstrating empathy and kindness toward other people</li> <li>Being respectful of differing opinions, viewpoints, and experiences</li> <li>Giving and gracefully accepting constructive feedback</li> <li>Accepting responsibility and apologizing to those affected by our mistakes,   and learning from the experience</li> <li>Focusing on what is best not just for us as individuals, but for the overall   community</li> </ul> <p>Examples of unacceptable behavior include:</p> <ul> <li>The use of sexualized language or imagery, and sexual attention or advances of   any kind</li> <li>Trolling, insulting or derogatory comments, and personal or political attacks</li> <li>Public or private harassment</li> <li>Publishing others' private information, such as a physical or email address,   without their explicit permission</li> <li>Other conduct which could reasonably be considered inappropriate in a   professional setting</li> </ul> <p><sub>Back to top</sub></p> <p></p>","tags":["code-of-conduct","network-pro","documentation"]},{"location":"conduct/#responsibilities","title":"Responsibilities","text":"<p>Company and community leaders are responsible for clarifying and enforcing our standards of acceptable behavior and will take appropriate and fair corrective action in response to any behavior that they deem inappropriate, threatening, offensive, or harmful.</p> <p>Company and community leaders have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct, and will communicate reasons for moderation decisions when appropriate.</p> <p>Network Pro Strategies reserves the right, at its sole discretion, to remove, edit, or reject any contributions that are contrary to or detrimental to its business interests.</p> <p><sub>Back to top</sub></p> <p></p>","tags":["code-of-conduct","network-pro","documentation"]},{"location":"conduct/#scope","title":"Scope","text":"<p>This Code of Conduct applies within all community spaces, and also applies when an individual is officially representing the company or community in public spaces. Examples of representing our company or community include using an official email address, posting via an official social media account, or acting as an appointed representative at an online or offline event.</p> <p><sub>Back to top</sub></p> <p></p>","tags":["code-of-conduct","network-pro","documentation"]},{"location":"conduct/#enforcement","title":"Enforcement","text":"<p>Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the abuse team at abuse@neteng.pro. All complaints will be reviewed and investigated and will result in a response that is deemed necessary and appropriate to the circumstances.</p> <p>The abuse team is obligated to maintain confidentiality with regard to the reporter of an incident. Further details of specific enforcement policies may be posted separately.</p> <p>Project maintainers who do not follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions as determined by other members of the project\u2019s leadership.</p> <p><sub>Back to top</sub></p> <p></p>","tags":["code-of-conduct","network-pro","documentation"]},{"location":"conduct/#attribution","title":"Attribution","text":"<p>This Code of Conduct is adapted from the Contributor Covenant, version 2.1, available at https://www.contributor-covenant.org/version/2/1/code_of_conduct.html.</p> <p>The Enforcement section is adapted from the Contributor Covenant, version 1.4, available at https://www.contributor-covenant.org/version/1/4/code-of-conduct/.</p> <p>For answers to common questions about this code of conduct, see the FAQ at https://www.contributor-covenant.org/faq. Translations are available at https://www.contributor-covenant.org/translations.</p> <p><sub>Back to top</sub></p> <p>Network Pro\u2122, the shield logo, and the \"Locking Down Networks\u2122\" slogan are trademarks of Network Pro Strategies.</p> <p>Licensed under CC BY 4.0 and the GNU GPL, as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.</p>","tags":["code-of-conduct","network-pro","documentation"]},{"location":"legal/","title":"Legal, Copyright, and Licensing","text":"<p><sup>SPDX-License-Identifier: <code>CC-BY-4.0 OR GPL-3.0-or-later</code></sup></p> <p></p>","tags":["legal","usage","copyright","trademark","licensing","network-pro","documentation"]},{"location":"legal/#legal-copyright-and-licensing","title":"Legal, Copyright, and Licensing","text":"<p>Network Pro Strategies Effective Date: April 21, 2025</p> <p> </p> <ol> <li>Copyright</li> <li>Trademark Ownership</li> <li>Restrictions on Branding and Graphics</li> <li>Licensed Material Definition</li> <li>License Terms</li> <li>Dual Licensing Notes</li> <li>Creative Commons License (CC BY 4.0)</li> <li>GNU General Public License (GPL)</li> <li>Third-Party Code and Licenses</li> <li>Prohibited Uses</li> <li>Modifications and Liability Disclaimer</li> <li>Contact</li> <li>Revisions</li> <li>Attribution</li> </ol> <p>Formats Available: HTML | Markdown</p> <p></p>","tags":["legal","usage","copyright","trademark","licensing","network-pro","documentation"]},{"location":"legal/#1-copyright","title":"1. Copyright","text":"<p>All content\u2014including text, software, logos, graphics, documentation, and other materials\u2014provided by Network Pro Strategies (\u201cNetwork Pro\u201d, \u201cCompany\u201d, \u201cLicensor\u201d) is protected by U.S. and international copyright laws.</p> <p>Copyright \u00a9 2025 Network Pro Strategies (Network Pro\u2122)</p> <p></p>","tags":["legal","usage","copyright","trademark","licensing","network-pro","documentation"]},{"location":"legal/#2-trademark-ownership","title":"2. Trademark Ownership","text":"<p>The following trademarks are the exclusive property of the Company:</p> <ul> <li>Brand Name: Network Pro\u2122</li> <li>Domain Names: netwk.pro, neteng.pro, neteng.cc</li> <li>Logo: The shield logo displayed on our homepage</li> <li>Slogan: \"Locking Down Networks, Unlocking Confidence\u2122\"</li> </ul> <p>Unauthorized use\u2014including use likely to cause confusion, misrepresentation, or disparagement\u2014is strictly prohibited.</p> <p><sub>Back to top</sub></p> <p></p>","tags":["legal","usage","copyright","trademark","licensing","network-pro","documentation"]},{"location":"legal/#3-restrictions-on-branding-and-graphics","title":"3. Restrictions on Branding and Graphics","text":"<p>Licensing under CC BY 4.0 or the GNU GPL expressly excludes any rights to use the Company\u2019s trademarks, trade dress, logos, visual branding, or other proprietary identifiers.</p> <p>Such elements are not part of the Licensed Material and remain the exclusive property of the Company. Any use of these elements\u2014including within derivative works or promotional content\u2014requires the Company\u2019s prior written consent.</p> <p><sub>Back to top</sub></p> <p></p>","tags":["legal","usage","copyright","trademark","licensing","network-pro","documentation"]},{"location":"legal/#4-licensed-material-definition","title":"4. Licensed Material Definition","text":"<p>\u201cLicensed Material\u201d refers solely to the publicly available code and documentation distributed through the Company\u2019s open repositories and websites. It expressly excludes all third-party content, proprietary brand assets (including logos, trademarks, and visual designs), and any internal or commercial backend systems.</p> <p>For clarity, the Company itself is not licensed under, nor subject to, the terms of the open-source or content licenses described in this document.</p> <p><sub>Back to top</sub></p> <p></p>","tags":["legal","usage","copyright","trademark","licensing","network-pro","documentation"]},{"location":"legal/#5-license-terms","title":"5. License Terms","text":"<p>This work is dual-licensed under:</p> <ul> <li>Creative Commons Attribution 4.0 International (CC BY 4.0)</li> <li>GNU General Public License v3.0 or later (GNU GPL)</li> </ul> <p></p>","tags":["legal","usage","copyright","trademark","licensing","network-pro","documentation"]},{"location":"legal/#6-dual-licensing-notes","title":"6. Dual Licensing Notes","text":"<ul> <li>You may choose to use the work under either license, or both where appropriate.</li> <li>See Creative Commons FAQ: Separate agreements</li> <li>See GPL compatibility: GPL FAQ</li> </ul> <p><sub>Back to top</sub></p> <p></p>","tags":["legal","usage","copyright","trademark","licensing","network-pro","documentation"]},{"location":"legal/#6-creative-commons-license-cc-by-40","title":"6. Creative Commons License (CC BY 4.0)","text":"<p><sup>Formats: HTML | Markdown | Text | RDFa | XMP</sup></p> <p>Network Pro\u2122 (the \"Licensed Material\") is licensed under Creative Commons Attribution 4.0 International (CC BY 4.0)  .</p> <p>Per the terms of the License, you are free to distribute, remix, adapt, and build upon the Licensed Material for any purpose, even commercially. You must give appropriate credit, provide a link to the License, and indicate if changes were made.</p> <p>Permissions beyond the scope of this License\u2014or instead of those permitted by this License\u2014may be available as further defined within this document.</p> <p><code> <ul> <li>SPDX Reference: https://spdx.org/licenses/CC-BY-4.0.html</li> <li>Canonical URL: https://creativecommons.org/licenses/by/4.0/</li> </ul> <p></p> <p><sub>Back to top</sub></p> <p></p>","tags":["legal","usage","copyright","trademark","licensing","network-pro","documentation"]},{"location":"legal/#7-gnu-general-public-license-gpl","title":"7. GNU General Public License (GPL)","text":"<p><sup>Formats: HTML | Markdown | Text | RDFa | ODT</sup></p> <p>Network Pro\u2122 is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License (GNU GPL) as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.</p> <p>You should have received a copy of the GNU General Public License along with this material. If not, see &lt;https://www.gnu.org/licenses/&gt;.</p> <p><code> <ul> <li>SPDX Reference: https://spdx.org/licenses/GPL-3.0-or-later.html</li> <li>Canonical URL: https://www.gnu.org/licenses/gpl-3.0.html</li> </ul> <p></p> <p><sub>Back to top</sub></p> <p></p>","tags":["legal","usage","copyright","trademark","licensing","network-pro","documentation"]},{"location":"legal/#9-third-party-code-and-licenses","title":"9. Third-Party Code and Licenses","text":"<p>Some components of the Licensed Material may include or interface with third-party libraries, frameworks, or assets. Each third-party component is governed solely by its own license terms and is expressly excluded from the scope of this document.</p> <p>The inclusion, reference, or linking of any third-party content does not constitute endorsement, approval, or warranty by the Company.</p> <p>It is the user's responsibility to review, understand, and comply with all applicable third-party licenses before use, modification, or distribution.</p> <p><sub>Back to top</sub></p> <p></p>","tags":["legal","usage","copyright","trademark","licensing","network-pro","documentation"]},{"location":"legal/#9-prohibited-uses","title":"9. Prohibited Uses","text":"<p>The following activities are strictly prohibited and may constitute infringement or unfair competition under applicable law, unless explicitly authorized in writing by the Company:</p> <ul> <li>Use of any Company trademarks, logos, domain names, slogans, or other brand identifiers</li> <li>Any representation\u2014explicit or implied\u2014that suggests endorsement, affiliation, or partnership with the Company</li> <li>Misuse, unauthorized use, or misrepresentation of the Company\u2019s intellectual property</li> <li>Incorporation of any Company branding or protected identifiers into derivative works, forks, distributions, or promotional materials</li> </ul> <p><sub>Back to top</sub></p> <p></p>","tags":["legal","usage","copyright","trademark","licensing","network-pro","documentation"]},{"location":"legal/#10-modifications-and-liability-disclaimer","title":"10. Modifications and Liability Disclaimer","text":"<p>Modifications, redistribution, or any use of the Licensed Material are performed entirely at your own risk.</p> <p>THE LICENSED MATERIAL IS PROVIDED \u201cAS IS\u201d AND \u201cAS AVAILABLE,\u201d WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES. TO THE MAXIMUM EXTENT PERMITTED BY LAW, THE COMPANY DISCLAIMS ALL WARRANTIES, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND ACCURACY.</p> <p>The Company shall not be liable for any direct, indirect, incidental, consequential, special, exemplary, or punitive damages arising from or related to the use, reproduction, modification, or distribution of the Licensed Material\u2014including, without limitation, any claims or disputes brought by third parties, whether in contract, tort, or otherwise.</p> <p><sub>Back to top</sub></p> <p></p>","tags":["legal","usage","copyright","trademark","licensing","network-pro","documentation"]},{"location":"legal/#11-contact","title":"11. Contact","text":"<p>The Company may be contacted via our contact form or by email at: \ud83d\udce7 <code>support (at) neteng.pro</code></p> <p><sub>Back to top</sub></p> <p></p>","tags":["legal","usage","copyright","trademark","licensing","network-pro","documentation"]},{"location":"legal/#12-revisions","title":"12. Revisions","text":"<p>This legal page may be updated to comply with legal or operational changes. The current effective date is listed at the top of this document.</p> <p><sub>Back to top</sub></p> <p></p>","tags":["legal","usage","copyright","trademark","licensing","network-pro","documentation"]},{"location":"legal/#13-attribution","title":"13. Attribution","text":"<p>Website base structure provided by HTML5 Boilerplate: &lt;https://html5boilerplate.com/&gt;&gt;</p> <pre><code>Copyright (c) HTML5 Boilerplate\n\nPermission is hereby granted, free of charge, to any person obtaining a copy of\nthis software and associated documentation files (the \"Software\"), to deal in\nthe Software without restriction, including without limitation the rights to\nuse, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of\nthe Software, and to permit persons to whom the Software is furnished to do so,\nsubject to the following conditions:\n\nThe above copyright notice and this permission notice shall be included in all\ncopies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\nIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS\nFOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR\nCOPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER\nIN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN\nCONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.\n</code></pre> <p><sub>Back to top</sub></p> <p>Network Pro\u2122, the shield logo, and the \"Locking Down Networks\u2122\" slogan are trademarks of Network Pro Strategies.</p> <p>Licensed under CC BY 4.0 and the GNU GPL, as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.</p>","tags":["legal","usage","copyright","trademark","licensing","network-pro","documentation"]},{"location":"privacy/","title":"Privacy Policy","text":"<p><sup>SPDX-License-Identifier: <code>CC-BY-4.0 OR GPL-3.0-or-later</code></sup></p> <p></p>","tags":["legal","privacy","privacy-policy","network-pro","documentation"]},{"location":"privacy/#privacy-policy","title":"Privacy Policy","text":"<p>Network Pro Strategies Effective Date: April 18, 2025</p> <p> </p> <ol> <li>Introduction</li> <li>Information We Collect</li> <li>Payment Information</li> <li>Use of Information</li> <li>Data Sharing</li> <li>Data Security</li> <li>User Rights</li> <li>Third-Party Links</li> <li>Disclaimers and Limitations</li> <li>Policy Changes</li> <li>Contact</li> </ol> <p>Formats Available: HTML | Markdown</p> <p></p>","tags":["legal","privacy","privacy-policy","network-pro","documentation"]},{"location":"privacy/#1-introduction","title":"1. Introduction","text":"<p>Network Pro Strategies (\"Company,\" \"we,\" \"us,\" or \"our\") is committed to protecting the privacy of clients and website visitors. This Privacy Policy outlines how we collect, use, and safeguard your information when you interact with our website or services, consistent with applicable U.S. federal law and Arizona law, including Title 18, Chapter 5, Article 4 of the Arizona Revised Statutes (A.R.S. \u00a7\u00a7 18-551, 18-552).</p> <p></p>","tags":["legal","privacy","privacy-policy","network-pro","documentation"]},{"location":"privacy/#2-information-we-collect","title":"2. Information We Collect","text":"<p>We may collect the following categories of information:</p> <ul> <li>Personal Identifiers (e.g., name, email, phone number)</li> <li>Business and Professional Information</li> <li>Device/Technical Information (e.g., IP address, browser type, access logs)</li> <li>Client-Submitted Content related to our services</li> </ul> <p><sub>Back to top</sub></p> <p></p>","tags":["legal","privacy","privacy-policy","network-pro","documentation"]},{"location":"privacy/#3-payment-information","title":"3. Payment Information","text":"<p>When processing payments, we may collect credit card details and billing contact information. All credit card data is encrypted via TLS and shared only with PCI-compliant processors. Data is purged within 90 days post-verification of payment.</p> <p><sub>Back to top</sub></p> <p></p>","tags":["legal","privacy","privacy-policy","network-pro","documentation"]},{"location":"privacy/#4-use-of-information","title":"4. Use of Information","text":"<p>Information is used to:</p> <ul> <li>Provide and improve services</li> <li>Respond to inquiries and fulfill contracts</li> <li>Conduct analytics and enhance user experience</li> <li>Ensure legal and regulatory compliance</li> </ul> <p><sub>Back to top</sub></p> <p></p>","tags":["legal","privacy","privacy-policy","network-pro","documentation"]},{"location":"privacy/#5-data-sharing","title":"5. Data Sharing","text":"<p>We do not sell personal information. However, we may share personal and business information under the following circumstances:</p> <ul> <li>With Service Providers: We may share information with trusted third-party vendors\u2014under binding agreements\u2014who support our business operations. These include, but are not limited to, services such as payment processing, analytics, hosting, and customer support. These providers are authorized to use your information only as necessary to perform their contractual obligations.</li> <li>Legal Compliance: We may disclose information if required to do so by applicable law, regulation, legal process, or enforceable governmental request, including subpoenas or court orders.</li> <li>Business Transfers: In connection with a merger, acquisition, asset sale, or similar corporate transaction, we may disclose or transfer personal information, provided that reasonable steps are taken to ensure continued confidentiality and compliance with applicable privacy laws.</li> </ul> <p><sub>Back to top</sub></p> <p></p>","tags":["legal","privacy","privacy-policy","network-pro","documentation"]},{"location":"privacy/#6-data-security","title":"6. Data Security","text":"<p>We implement industry-standard security measures to protect your data. However, no method of transmission over the Internet or electronic storage is completely secure, and we cannot guarantee absolute security. In compliance with A.R.S. \u00a7 18-552, we will notify affected individuals in the event of a data breach involving personal information.</p> <p><sub>Back to top</sub></p> <p></p>","tags":["legal","privacy","privacy-policy","network-pro","documentation"]},{"location":"privacy/#7-user-rights","title":"7. User Rights","text":"<p>Your Rights and Choices</p> <p>Under applicable state and federal law, you may have rights to:</p> <ul> <li>Access, update, or delete your personal information, subject to legal and contractual limitations.</li> <li>Restrict or object to processing under certain conditions, as permitted by law.</li> <li>Opt out of direct marketing</li> </ul> <p>To exercise these rights, please use our Privacy Rights Request Form or email us at <code>support (at) neteng.pro</code>.</p> <p><sub>Back to top</sub></p> <p></p>","tags":["legal","privacy","privacy-policy","network-pro","documentation"]},{"location":"privacy/#8-third-party-links","title":"8. Third-Party Links","text":"<p>Our site may contain links to third-party sites. We are not responsible for their privacy practices.</p> <p><sub>Back to top</sub></p> <p></p>","tags":["legal","privacy","privacy-policy","network-pro","documentation"]},{"location":"privacy/#9-disclaimers-and-limitations","title":"9. Disclaimers and Limitations","text":"<p>Network Pro Strategies offers informational content as a public service. No warranties are made regarding the accuracy or completeness of such content. Consulting services are governed by separate contracts. We disclaim liability for third-party services integrated or referenced.</p> <p><sub>Back to top</sub></p> <p></p>","tags":["legal","privacy","privacy-policy","network-pro","documentation"]},{"location":"privacy/#10-policy-changes","title":"10. Policy Changes","text":"<p>We may update this policy periodically. Changes are effective upon posting.</p> <p><sub>Back to top</sub></p> <p></p>","tags":["legal","privacy","privacy-policy","network-pro","documentation"]},{"location":"privacy/#11-contact","title":"11. Contact","text":"<p>For questions, contact:</p> <p>Network Pro Strategies \ud83d\udce7 Email: <code>support (at) neteng.pro</code> \ud83d\udcde Phone: (623) 252-4350</p> <p>Network Pro\u2122, the shield logo, and the \"Locking Down Networks\u2122\" slogan are trademarks of Network Pro Strategies.</p> <p>Licensed under CC BY 4.0 and the GNU GPL, as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.</p>","tags":["legal","privacy","privacy-policy","network-pro","documentation"]},{"location":"tags/","title":"Tags","text":"<p><sup>SPDX-License-Identifier: <code>CC-BY-4.0 OR GPL-3.0-or-later</code></sup></p>"},{"location":"tags/#tags","title":"Tags","text":"<p>This page lists all the tags used in the documentation. Click on a tag to see all the related pages.</p>"},{"location":"tags/#tag:about","title":"about","text":"<ul> <li>            About Us          </li> </ul>"},{"location":"tags/#tag:blog","title":"blog","text":"<ul> <li>            Blog Home          </li> <li>            Our Blog is Live!          </li> </ul>"},{"location":"tags/#tag:code-of-conduct","title":"code-of-conduct","text":"<ul> <li>            Contributor Covenant Code of Conduct          </li> </ul>"},{"location":"tags/#tag:consulting","title":"consulting","text":"<ul> <li>            Consulting &amp; Implementation Terms and Conditions          </li> </ul>"},{"location":"tags/#tag:copyright","title":"copyright","text":"<ul> <li>            Legal, Copyright, and Licensing          </li> </ul>"},{"location":"tags/#tag:documentation","title":"documentation","text":"<ul> <li>            About Us          </li> <li>            Consulting &amp; Implementation Terms and Conditions          </li> <li>            Contributor Covenant Code of Conduct          </li> <li>            Legal, Copyright, and Licensing          </li> <li>            Privacy Policy          </li> <li>            Website Terms of Use          </li> </ul>"},{"location":"tags/#tag:implementation","title":"implementation","text":"<ul> <li>            Consulting &amp; Implementation Terms and Conditions          </li> </ul>"},{"location":"tags/#tag:index","title":"index","text":"<ul> <li>            Blog Home          </li> </ul>"},{"location":"tags/#tag:legal","title":"legal","text":"<ul> <li>            Consulting &amp; Implementation Terms and Conditions          </li> <li>            Legal, Copyright, and Licensing          </li> <li>            Privacy Policy          </li> <li>            Website Terms of Use          </li> </ul>"},{"location":"tags/#tag:licensing","title":"licensing","text":"<ul> <li>            Legal, Copyright, and Licensing          </li> </ul>"},{"location":"tags/#tag:network-pro","title":"network-pro","text":"<ul> <li>            About Us          </li> <li>            Blog Home          </li> <li>            Consulting &amp; Implementation Terms and Conditions          </li> <li>            Contributor Covenant Code of Conduct          </li> <li>            Legal, Copyright, and Licensing          </li> <li>            Our Blog is Live!          </li> <li>            Privacy Policy          </li> <li>            Website Terms of Use          </li> </ul>"},{"location":"tags/#tag:platforms","title":"platforms","text":"<ul> <li>            Website Terms of Use          </li> </ul>"},{"location":"tags/#tag:post","title":"post","text":"<ul> <li>            Secure Secure Shell          </li> </ul>"},{"location":"tags/#tag:privacy","title":"privacy","text":"<ul> <li>            Privacy Policy          </li> </ul>"},{"location":"tags/#tag:privacy-policy","title":"privacy-policy","text":"<ul> <li>            Privacy Policy          </li> </ul>"},{"location":"tags/#tag:security","title":"security","text":"<ul> <li>            Secure Secure Shell          </li> </ul>"},{"location":"tags/#tag:terms","title":"terms","text":"<ul> <li>            Consulting &amp; Implementation Terms and Conditions          </li> <li>            Website Terms of Use          </li> </ul>"},{"location":"tags/#tag:trademark","title":"trademark","text":"<ul> <li>            Legal, Copyright, and Licensing          </li> </ul>"},{"location":"tags/#tag:usage","title":"usage","text":"<ul> <li>            Legal, Copyright, and Licensing          </li> </ul>"},{"location":"tags/#tag:website","title":"website","text":"<ul> <li>            Website Terms of Use          </li> </ul>"},{"location":"terms-conditions/","title":"Consulting & Implementation Terms and Conditions","text":"<p><sup>SPDX-License-Identifier: <code>CC-BY-4.0 OR GPL-3.0-or-later</code></sup></p> <p></p>","tags":["legal","terms","consulting","implementation","network-pro","documentation"]},{"location":"terms-conditions/#consulting-implementation-terms-and-conditions","title":"Consulting &amp; Implementation Terms and Conditions","text":"<p>Network Pro Strategies Effective Date: April 20, 2025</p> <p> </p> <ol> <li>Introduction</li> <li>Scope of Services</li> <li>Disclaimer of Warranties</li> <li>Assumption of Risk</li> <li>Limitation of Liability</li> <li>Indemnification</li> <li>Client Responsibilities</li> <li>Governing Law and Jurisdiction</li> <li>Acceptance of Terms</li> <li>Exceptions and Negotiation</li> <li>Changes to These Terms</li> </ol> <p>These Terms and Conditions apply exclusively to the provision of our consulting and implementation services. For all other uses of our website and associated platforms, please refer to the applicable Website Terms of Use.</p> <p>Formats Available: HTML | Markdown</p> <p></p>","tags":["legal","terms","consulting","implementation","network-pro","documentation"]},{"location":"terms-conditions/#1-introduction","title":"1. Introduction","text":"<p>By engaging with the information security, network security, cybersecurity, and digital privacy consulting and implementation services provided by Network Pro Strategies (\"Company,\" \"we,\" \"us,\" or \"our\"), you (\"Client\") agree to be bound by these Terms and Conditions (\"Terms\"). These Terms govern all engagements except where explicitly superseded by a separate written agreement or Statement of Work (SOW). If you do not agree to these Terms, please do not engage our services.</p> <p><sub>Back to top</sub></p> <p></p>","tags":["legal","terms","consulting","implementation","network-pro","documentation"]},{"location":"terms-conditions/#2-scope-of-services","title":"2. Scope of Services","text":"<p>These Terms apply to all consulting and implementation services offered by the Company, including but not limited to assessment, planning, risk analysis, technical implementation, and configuration of third-party cybersecurity tools and systems. Services may be delivered in-person, remotely, or via digital communication platforms. All deliverables and timelines will be governed by individual SOWs when applicable.</p> <p><sub>Back to top</sub></p> <p></p>","tags":["legal","terms","consulting","implementation","network-pro","documentation"]},{"location":"terms-conditions/#3-disclaimer-of-warranties","title":"3. Disclaimer of Warranties","text":"<p>All services are provided \"as is\" and \"as available\" without warranties of any kind, whether express, implied, statutory, or otherwise. The Company expressly disclaims all implied warranties, including but not limited to merchantability, fitness for a particular purpose, and non-infringement. We do not warrant that our services or recommendations will detect or prevent all security threats or achieve legal or regulatory compliance unless specifically agreed in writing.</p> <p><sub>Back to top</sub></p> <p></p>","tags":["legal","terms","consulting","implementation","network-pro","documentation"]},{"location":"terms-conditions/#4-assumption-of-risk","title":"4. Assumption of Risk","text":"<p>Client acknowledges that cybersecurity and privacy-related services inherently involve risk. The Company does not guarantee uninterrupted service, error-free implementation, or complete immunity from breaches or attacks. Client assumes full responsibility for decisions based on our recommendations and agrees to maintain appropriate internal controls and backup protocols.</p> <p><sub>Back to top</sub></p> <p></p>","tags":["legal","terms","consulting","implementation","network-pro","documentation"]},{"location":"terms-conditions/#5-limitation-of-liability","title":"5. Limitation of Liability","text":"<p>To the maximum extent permitted by law, the Company shall not be liable for any indirect, incidental, consequential, special, or punitive damages, including without limitation loss of profits, data, business interruption, or reputational harm, arising from or related to the use or performance of the services, even if advised of the possibility of such damages. Direct damages, if any, shall be limited to the amount paid by Client for the specific services giving rise to the claim.</p> <p><sub>Back to top</sub></p> <p></p>","tags":["legal","terms","consulting","implementation","network-pro","documentation"]},{"location":"terms-conditions/#6-indemnification","title":"6. Indemnification","text":"<p>Client agrees to indemnify, defend, and hold harmless the Company, its officers, employees, contractors, and affiliates from and against any claims, damages, liabilities, losses, and expenses (including reasonable legal fees) arising out of or related to (i) Client's misuse of the services, (ii) misconfiguration of systems by Client, or (iii) third-party claims related to services rendered under these Terms.</p> <p><sub>Back to top</sub></p> <p></p>","tags":["legal","terms","consulting","implementation","network-pro","documentation"]},{"location":"terms-conditions/#7-client-responsibilities","title":"7. Client Responsibilities","text":"<p>Client shall provide valid, secure, and licensed infrastructure, access credentials, and third-party tools necessary for service delivery. The Company shall operate exclusively within client-owned or designated environments and shall not independently host, process, or store client data. Compliance with any regulatory frameworks (e.g., HIPAA, GDPR, PCI-DSS) is the sole responsibility of the Client unless explicitly agreed otherwise in a separate written agreement.</p> <p><sub>Back to top</sub></p> <p></p>","tags":["legal","terms","consulting","implementation","network-pro","documentation"]},{"location":"terms-conditions/#8-governing-law-and-jurisdiction","title":"8. Governing Law and Jurisdiction","text":"<p>These Terms shall be governed by and construed under the laws of the State of Arizona and applicable U.S. federal laws. Any disputes shall be resolved exclusively in the state or federal courts located in Maricopa County, Arizona, and both parties consent to such jurisdiction and venue.</p> <p><sub>Back to top</sub></p> <p></p>","tags":["legal","terms","consulting","implementation","network-pro","documentation"]},{"location":"terms-conditions/#9-acceptance-of-terms","title":"9. Acceptance of Terms","text":"<p>Engagement with the Company's services constitutes acceptance of these Terms. Continued use of services after any updates indicates continued acceptance. These Terms are effective unless and until terminated or modified in writing by mutual agreement.</p> <p><sub>Back to top</sub></p> <p></p>","tags":["legal","terms","consulting","implementation","network-pro","documentation"]},{"location":"terms-conditions/#10-exceptions-and-negotiations","title":"10. Exceptions and Negotiations","text":"<p>The Company is open to negotiating specific terms upon mutual agreement. Exceptions to these Terms must be documented in writing and signed by both parties. Flexibility may be offered provided such changes do not impose undue liability or regulatory obligations on the Company.</p> <p><sub>Back to top</sub></p> <p></p>","tags":["legal","terms","consulting","implementation","network-pro","documentation"]},{"location":"terms-conditions/#11-changes-to-these-terms","title":"11. Changes to These Terms","text":"<p>The Company reserves the right to revise these Terms at any time. Updated versions will be posted on our website or delivered via direct notice. Clients are responsible for reviewing Terms periodically for updates.</p> <p><sub>Back to top</sub></p> <p>Network Pro\u2122, the shield logo, and the \"Locking Down Networks\u2122\" slogan are trademarks of Network Pro Strategies.</p> <p>Licensed under CC BY 4.0 and the GNU GPL, as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.</p>","tags":["legal","terms","consulting","implementation","network-pro","documentation"]},{"location":"terms-use/","title":"Website Terms of Use","text":"<p><sup>SPDX-License-Identifier: <code>CC-BY-4.0 OR GPL-3.0-or-later</code></sup></p> <p></p>","tags":["legal","terms","website","platforms","network-pro","documentation"]},{"location":"terms-use/#website-terms-of-use","title":"Website Terms of Use","text":"<p>Network Pro Strategies Effective Date: April 18, 2025</p> <p> </p> <ol> <li>Introduction</li> <li>Platforms Covered</li> <li>Acceptable Use</li> <li>Disclaimer of Warranties</li> <li>Assumption of Risk</li> <li>Limitation of Liability</li> <li>Indemnification</li> <li>Governing Law and Jurisdiction</li> <li>Acceptance of Terms</li> <li>Changes to This Policy</li> </ol> <p>These Terms of Use specifically govern the use of services and platforms made available via this website and its associated web properties. For provisions governing our consulting and implementation services, please refer to the applicable Terms and Conditions.</p> <p>Formats Available: HTML | Markdown</p> <p></p>","tags":["legal","terms","website","platforms","network-pro","documentation"]},{"location":"terms-use/#1-introduction","title":"1. Introduction","text":"<p>Welcome! By accessing or using any of the platforms operated by Network Pro Strategies (\"Company,\" \"we,\" \"us,\" or \"our\"), you agree to be bound by these Terms of Use (\"Terms\"). If you do not agree to these Terms, please refrain from using our services.</p> <p><sub>Back to top</sub></p> <p></p>","tags":["legal","terms","website","platforms","network-pro","documentation"]},{"location":"terms-use/#2-platforms-covered","title":"2. Platforms Covered","text":"<p>These Terms of Use apply to all platforms associated with the Company, including but not limited to: GitHub, our main website (hosted via GitHub Pages), communications on Discord and/or Slack, Stack Overflow Teams, Nextcloud, and our social media presence (e.g., Facebook, Instagram, X, and similar platforms).</p> <p><sub>Back to top</sub></p> <p></p>","tags":["legal","terms","website","platforms","network-pro","documentation"]},{"location":"terms-use/#3-acceptable-use","title":"3. Acceptable Use","text":"<p>You agree not to use our platforms or services to engage in conduct that is unlawful, abusive, threatening, harassing, defamatory, deceptive, or otherwise objectionable. Prohibited activities include but are not limited to:</p> <ul> <li>Unauthorized access or tampering with systems</li> <li>Impersonation or misrepresentation</li> <li>Uploading malicious code or spam</li> <li>Violating third-party rights or laws</li> <li>Interfering with platform functionality or availability</li> </ul> <p><sub>Back to top</sub></p> <p></p>","tags":["legal","terms","website","platforms","network-pro","documentation"]},{"location":"terms-use/#4-disclaimer-of-warranties","title":"4. Disclaimer of Warranties","text":"<p>Our platforms and services are provided \"as is\" and \"as available,\" without any express or implied warranties. We make no guarantees regarding their accuracy, reliability, availability, or security. This disclaimer does not apply to our consulting and implementation services, nor any payment portals or associated services.</p> <p><sub>Back to top</sub></p> <p></p>","tags":["legal","terms","website","platforms","network-pro","documentation"]},{"location":"terms-use/#5-assumption-of-risk","title":"5. Assumption of Risk","text":"<p>Your use of our platforms is at your own risk. We do not guarantee the security, integrity, or reliability of data stored on external or third-party infrastructure. This disclaimer does not apply to our consulting and implementation services, nor any payment portals or associated services.</p> <p><sub>Back to top</sub></p> <p></p>","tags":["legal","terms","website","platforms","network-pro","documentation"]},{"location":"terms-use/#6-limitation-of-liability","title":"6. Limitation of Liability","text":"<p>To the fullest extent permitted by law, the Company, its affiliates, owners, operators, and contributors shall not be liable for any direct, indirect, incidental, consequential, or punitive damages, including but not limited to data loss, loss of profits, or damages arising from reliance on or use of our platforms.</p> <p><sub>Back to top</sub></p> <p></p>","tags":["legal","terms","website","platforms","network-pro","documentation"]},{"location":"terms-use/#7-indemnification","title":"7. Indemnification","text":"<p>You agree to indemnify, defend, and hold harmless the Company, its affiliates, owners, operators, and contributors from any claims, damages, liabilities, losses, or expenses (including legal fees) arising from or related to your use of our services.</p> <p><sub>Back to top</sub></p> <p></p>","tags":["legal","terms","website","platforms","network-pro","documentation"]},{"location":"terms-use/#8-governing-law-and-jurisdiction","title":"8. Governing Law and Jurisdiction","text":"<p>Network Pro Strategies is based in Maricopa County, Arizona. Any legal action or dispute arising from these Terms of Use shall be subject to the exclusive jurisdiction of the state and federal courts located in Maricopa County, Arizona. These Terms shall be governed by the Arizona Revised Statutes (A.R.S.) and applicable provisions of the United States Code (U.S.C.).</p> <p><sub>Back to top</sub></p> <p></p>","tags":["legal","terms","website","platforms","network-pro","documentation"]},{"location":"terms-use/#9-acceptance-of-terms","title":"9. Acceptance of Terms","text":"<p>By accessing or using our platforms, you acknowledge and agree to these Terms of Use. Continued use of our services constitutes ongoing acceptance of these Terms.</p> <p><sub>Back to top</sub></p> <p></p>","tags":["legal","terms","website","platforms","network-pro","documentation"]},{"location":"terms-use/#10-changes-to-this-policy","title":"10. Changes to This Policy","text":"<p>We may update these Terms of Use periodically. Updates will be posted on this page with an updated effective date and will reflect any relevant changes in applicable law.</p> <p><sub>Back to top</sub></p> <p> </p> <p></p> <p>Note: For more details regarding our privacy practices, refer to our Privacy Policy. For licensing terms and content usage rights, please visit our Legal, Copyright, and Licensing page.</p> <p>Network Pro\u2122, the shield logo, and the \"Locking Down Networks\u2122\" slogan are trademarks of Network Pro Strategies.</p> <p>Licensed under CC BY 4.0 and the GNU GPL, as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.</p>","tags":["legal","terms","website","platforms","network-pro","documentation"]},{"location":"blog/","title":"Blog Home","text":"<p><sup>SPDX-License-Identifier: <code>CC-BY-4.0 OR GPL-3.0-or-later</code></sup></p>","tags":["index","network-pro","blog"]},{"location":"blog/#blog-home","title":"Blog Home","text":"","tags":["index","network-pro","blog"]},{"location":"blog/2025/04/30/our-blog-is-live/","title":"Our Blog is Live!","text":"<p><sup>SPDX-License-Identifier: <code>CC-BY-4.0 OR GPL-3.0-or-later</code></sup></p>","tags":["network-pro","blog"]},{"location":"blog/2025/04/30/our-blog-is-live/#were-live","title":"We're Live!","text":"","tags":["network-pro","blog"]},{"location":"blog/2025/04/30/our-blog-is-live/#welcome-to-the-network-protm-blog-cybersecurity-privacy-open-knowledge","title":"\ud83d\udee1\ufe0f Welcome to the Network Pro\u2122 Blog: Cybersecurity. Privacy. Open Knowledge.","text":"<p>In a digital world where threats are persistent and privacy is too often an afterthought, Network Pro Strategies was founded on a belief that effective security doesn't require compromise. We specialize in helping organizations and individuals navigate today\u2019s cybersecurity challenges with confidence, clarity, and control.</p> <p>Today marks the launch of our official blog\u2014your go-to destination for field-tested strategies, implementation insights, and transparent thought leadership across cybersecurity, network defense, and privacy-aware infrastructure.</p>","tags":["network-pro","blog"]},{"location":"blog/2025/04/30/our-blog-is-live/#why-this-blog-exists","title":"\ud83d\udce1 Why This Blog Exists","text":"<p>Modern security isn\u2019t just about technology\u2014it\u2019s about trust, autonomy, and informed choices. As threats evolve and surveillance becomes normalized, we believe clients deserve more than marketing fluff and opaque solutions.</p> <p>This blog represents our commitment to providing value through:</p> <ul> <li>\ud83d\udcbc SMBs and enterprises needing tailored, scalable security that protects business continuity</li> <li>\ud83c\udfdb\ufe0f Government and compliance-sensitive sectors where resilience and data integrity are mission-critical</li> <li>\ud83d\udc68\u200d\ud83d\udcbb Technologists and privacy-conscious communities seeking reliable strategies and tools that don\u2019t trade transparency for control</li> </ul>","tags":["network-pro","blog"]},{"location":"blog/2025/04/30/our-blog-is-live/#what-youll-find-here","title":"\ud83d\udcec What You\u2019ll Find Here","text":"<p>You won\u2019t find empty buzzwords or vendor lock-in here. This space is practical, accessible, and real. Expect content grounded in hands-on consulting experience, addressing real-world needs like:</p> <ul> <li>\ud83d\udd10 Guides on securing infrastructure through Zero Trust principles, secure network design, segmentation, and data governance</li> <li>\ud83c\udf10 Exploration of free and open source tools that align with professional-grade expectations for security and usability</li> <li>\ud83d\udcf1 Best practices for mobile and endpoint hardening, including private-by-design communications and de-Googled Android stacks</li> <li>\u2699\ufe0f Scalable implementation tips for building resilient, ethical, and vendor-neutral technology environments</li> </ul> <p>We\u2019ll also publish tutorials, deep dives, and threat-focused analyses to help you anticipate risk, strengthen defenses, and stay informed\u2014no jargon, no gatekeeping.</p>","tags":["network-pro","blog"]},{"location":"blog/2025/04/30/our-blog-is-live/#our-vision-security-that-respects-you","title":"\u2705 Our Vision: Security That Respects You","text":"<p>At Network Pro\u2122, we believe security should be transparent, adaptable, and aligned with your goals. While we advocate for privacy-first solutions and actively support open technologies, we apply them with discretion\u2014not dogma. Our priority is delivering reliable, resilient results, whether through open source tools or vetted proprietary platforms.</p> <p>We serve as trusted advisors for navigating today\u2019s threat landscape\u2014delivering infrastructure consulting, cloud and hybrid architecture support, and technical guidance rooted in industry experience. Our approach is practical, flexible, and future-focused, designed to protect what matters most without sacrificing visibility or control.</p>","tags":["network-pro","blog"]},{"location":"blog/2025/04/30/our-blog-is-live/#ready-to-build-a-safer-smarter-digital-future","title":"\ud83d\udd10 Ready to Build a Safer, Smarter Digital Future?","text":"<p>Cybersecurity isn\u2019t just a product\u2014it\u2019s a process. Whether you're designing secure networks, navigating digital privacy concerns, or evaluating new tools, Network Pro\u2122 is here to support your mission.</p> <p>Let\u2019s build something secure, sustainable, and respectful of your values.</p> <p>\ud83d\udce9 Contact us today to get started.</p> <p>Network Pro\u2122, the shield logo, and the \"Locking Down Networks\u2122\" slogan are trademarks of Network Pro Strategies.</p> <p>Licensed under CC BY 4.0 and the GNU GPL, as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.</p>","tags":["network-pro","blog"]},{"location":"blog/2015/01/04/secure-secure-shell/","title":"Secure Secure Shell","text":"&gt; **Originally published on 1/4/2015 by [stribika](https://github.com/stribika) at:   &gt; [https://blog.stribik.technology/2015/01/04/secure-secure-shell.html](https://blog.stribik.technology/2015/01/04/secure-secure-shell.html)** &gt; &gt; Mirrored to preserve information. Minor changes have been made, and this is noted where applicable. Also see:   &gt;    &gt; &gt; \ud83d\udcdd **_NOTE:_** Despite this article's age, we've yet to come across a better source of information with regard to SSH configuration.   <ul> <li>Skip to the good part.</li> </ul> <p>You may have heard that the NSA can decrypt SSH at least some of the time. If you have not, then read the latest batch of Snowden documents now. All of it. This post will still be here when you finish. My goal with this post here is to make NSA analysts sad.</p> <p>TL;DR: Scan this post for fixed width fonts, these will be the config file snippets and commands you have to use.</p> <p>Warning: You will need a recent OpenSSH version. It should work with 6.5 but I have only tested 6.7 and connections to Github. Here is a good compatibility matrix.</p>","tags":["security","post"]},{"location":"blog/2015/01/04/secure-secure-shell/#the-crypto","title":"The crypto","text":"<p>Reading the documents, I have the feeling that the NSA can 1) decrypt weak crypto and 2) steal keys. Let's focus on the crypto first. SSH supports different key exchange algorithms, ciphers and message authentication codes. The server and the client choose a set of algorithms supported by both, then proceed with the key exchange. Some of the supported algorithms are not so great and should be disabled completely. This hurts interoperability but everyone uses OpenSSH anyway. Fortunately, downgrade attacks are not possible because the supported algorithm lists are included in the key derivation. If a man in the middle were to change the lists, then the server and the client would calculate different keys.</p>","tags":["security","post"]},{"location":"blog/2015/01/04/secure-secure-shell/#key-exchange","title":"Key exchange","text":"<p>There are basically two ways to do key exchange: Diffie-Hellman and Elliptic Curve Diffie-Hellman. Both provide forward secrecy which the NSA hates because they can't use passive collection and key recovery later. The server and the client will end up with a shared secret number at the end without a passive eavesdropper learning anything about this number. After we have a shared secret we have to derive a cryptographic key from this using a key derivation function. In case of SSH, this is a hash function. Collision attacks on this hash function have been proven to allow downgrade attacks.</p> <p>DH works with a multiplicative group of integers modulo a prime. Its security is based on the hardness of the discrete logarithm problem.</p>","tags":["security","post"]},{"location":"blog/2015/01/04/secure-secure-shell/#alice-bob","title":"<pre><code>Alice Bob\n<p>Sa = random\nPa = g^Sa --&gt; Pa\nSb = random\nPb &lt;-- Pb = g^Sb\ns = Pb^Sa s = Pa^Sb\nk = KDF(s) k = KDF(s)</p>\n<p>ECDH works with elliptic curves over finite fields.\nIts security is based on the hardness of the elliptic curve discrete logarithm problem.</p>","text":"","tags":["security","post"]},{"location":"blog/2015/01/04/secure-secure-shell/#alice-bob_1","title":"<pre><code>Alice Bob\n<p>Sa = random\nPa = Sa G --&gt; Pa\nSb = random\nPb &lt;-- Pb = Sb G\ns = Sa Pb s = Sb Pa\nk = KDF(s) k = KDF(s)</p>","text":"","tags":["security","post"]},{"location":"blog/2015/01/04/secure-secure-shell/#sshd-configuration","title":"SSHD Configuration\n\n<p>NOTE: Emphasis added, it was not present in the originally published article.\nKey exchange 1 (curve25519-sha256) alone is ideal, 8 is also acceptable for interoperability.</p>\n\n<p>OpenSSH supports 11 key exchange protocols:</p>\n<ol>\n<li>curve25519-sha256: ECDH over Curve25519 with SHA2</li>\n<li>diffie-hellman-group1-sha1: 1024 bit DH with SHA1</li>\n<li>diffie-hellman-group14-sha1: 2048 bit DH with SHA1</li>\n<li>diffie-hellman-group14-sha256: 2048 bit DH with SHA2</li>\n<li>diffie-hellman-group16-sha512: 4096 bit DH with SHA2</li>\n<li>diffie-hellman-group18-sha512: 8192 bit DH with SHA2</li>\n<li>diffie-hellman-group-exchange-sha1: Custom DH with SHA1</li>\n<li>diffie-hellman-group-exchange-sha256: Custom DH with SHA2</li>\n<li>ecdh-sha2-nistp256: ECDH over NIST P-256 with SHA2</li>\n<li>ecdh-sha2-nistp384: ECDH over NIST P-384 with SHA2</li>\n<li>ecdh-sha2-nistp521: ECDH over NIST P-521 with SHA2</li>\n</ol>\n<p>We have to look at 3 things here:</p>\n<ul>\n<li>ECDH curve choice:\n  This eliminates 9-11 because NIST curves suck.\n  They leak secrets through timing side channels and off-curve inputs.\n  Also, NIST is considered harmful and cannot be trusted.</li>\n<li>Bit size of the DH modulus:\n  This eliminates 2 because the NSA has supercomputers and possibly unknown attacks.\n  1024 bits simply don't offer sufficient security margin.</li>\n<li>Security of the hash function:\n  This eliminates 2, 3, and 7 because SHA1 is broken.\n  We don't have to wait for a second preimage attack that takes 10 minutes on a cellphone to disable it right now.</li>\n</ul>\n<p>We are left with 1 and 8, as well as 4-6 which were added in OpenSSH 7.3.\n1 is better and it's perfectly OK to only support that but for interoperability (with Eclipse, WinSCP), 8 can be included.</p>\n\n<p>NOTE:: 8 should no longer be necessary in newer versions of WinSCP. If in doubt, test with only 1 first. Add 8 if it won't connect otherwise.</p>\n\n<p>Recommended <code>/etc/ssh/sshd_config</code> snippet:</p>\n<pre><code>KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256</code></pre>\n\n<p>Recommended <code>/etc/ssh/ssh_config</code> snippet:</p>\n<pre><code># Github needs diffie-hellman-group-exchange-sha1 some of the time but not always.\n#Host github.com\n#    KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1\n\nHost *\n    KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256</code></pre>\n\n\n<p>NOTE: GitHub should no longer need a separate setting, as they've transitioned away from SSH keys. They should not require an exception regardless.</p>\n\n<p>If you chose to enable 8, open <code>/etc/ssh/moduli</code> if exists, and delete lines where the 5th column is less than 2000.</p>\n<pre><code>awk '$5 &gt; 2000' /etc/ssh/moduli &gt; \"${HOME}/moduli\"\nwc -l \"${HOME}/moduli\" # make sure there is something left\nmv \"${HOME}/moduli\" /etc/ssh/moduli</code></pre>\n\n<p>If it does not exist, create it:</p>\n<pre><code>ssh-keygen -G /etc/ssh/moduli.all -b 4096\nssh-keygen -T /etc/ssh/moduli.safe -f /etc/ssh/moduli.all\nmv /etc/ssh/moduli.safe /etc/ssh/moduli\nrm /etc/ssh/moduli.all</code></pre>\n\n<p>This will take a while so continue while it's running.</p>","text":"","tags":["security","post"]},{"location":"blog/2015/01/04/secure-secure-shell/#authentication","title":"Authentication\n<p>The key exchange ensures that the server and the client shares a secret no one else knows.\nWe also have to make sure that they share this secret with each other and not an NSA analyst.</p>","text":"","tags":["security","post"]},{"location":"blog/2015/01/04/secure-secure-shell/#server-authentication","title":"Server authentication","text":"<p>The server proves its identity to the client by signing the key resulting from the key exchange.\nThere are 4 public key algorithms for authentication:</p>\n<ol>\n<li>DSA with SHA1</li>\n<li>ECDSA with SHA256, SHA384 or SHA512 depending on key size</li>\n<li>Ed25519 with SHA512</li>\n<li>RSA with SHA1</li>\n</ol>\n<p>DSA keys must be exactly 1024 bits so let's disable that.\nNumber 2 here involves NIST suckage and should be disabled as well.\nAnother important disadvantage of DSA and ECDSA is that it uses randomness for each signature.\nIf the random numbers are not the best quality, then it is possible to recover the secret key.\nFortunately, RSA using SHA1 is not a problem here because the value being signed is actually a SHA2 hash.\nThe hash function SHA1(SHA2(x)) is just as secure as SHA2 (it has less bits of course but no better attacks).</p>\n<pre><code>Protocol 2\nHostKey /etc/ssh/ssh_host_ed25519_key\nHostKey /etc/ssh/ssh_host_rsa_key</code></pre>\n\n<p>The first time you connect to your server, you will be asked to accept the new fingerprint.</p>\n<p>This will also disable the horribly broken v1 protocol that you should not have enabled in the first place.\nWe should remove the unused keys and only generate a large RSA key and an Ed25519 key.\nYour init scripts may recreate the unused keys.\nIf you don't want that, remove any <code>ssh-keygen</code> commands from the init script.</p>\n<pre><code>cd /etc/ssh\nrm ssh_host_*key*\nssh-keygen -t ed25519 -f ssh_host_ed25519_key -N \"\" &lt; /dev/null\nssh-keygen -t rsa -b 4096 -f ssh_host_rsa_key -N \"\" &lt; /dev/null</code></pre>","tags":["security","post"]},{"location":"blog/2015/01/04/secure-secure-shell/#client-authentication","title":"Client authentication","text":"<p>The client must prove its identity to the server as well.\nThere are various methods to do that.</p>\n<p>The simplest is password authentication.\nThis should be disabled immediately after setting up a more secure method because it allows compromised servers to steal passwords.\nPassword authentication is also more vulnerable to online bruteforce attacks.</p>\n<p>Recommended <code>/etc/ssh/sshd_config</code> snippet:</p>\n<pre><code>PasswordAuthentication no\nChallengeResponseAuthentication no</code></pre>\n\n<p>Recommended <code>/etc/ssh/ssh_config</code> snippet:</p>\n<pre><code>Host *\n    PasswordAuthentication no\n    ChallengeResponseAuthentication no</code></pre>\n\n<p>The most common and secure method is public key authentication, basically the same process as the server authentication.</p>\n<p>Recommended <code>/etc/ssh/sshd_config</code> snippet:</p>\n<pre><code>PubkeyAuthentication yes</code></pre>\n\n<p>Recommended <code>/etc/ssh/ssh_config</code> snippet:</p>\n<pre><code>Host *\n    PubkeyAuthentication yes\n    HostKeyAlgorithms ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,ssh-rsa</code></pre>\n\n<p>Generate client keys using the following commands:</p>\n<pre><code>ssh-keygen -t ed25519 -o -a 100\nssh-keygen -t rsa -b 4096 -o -a 100</code></pre>\n\n<p>You can deploy your new client public keys using <code>ssh-copy-id</code>.</p>\n<p>It is also possible to use OTP authentication to reduce the consequences of lost passwords.\nGoogle Authenticator is a nice implementation of TOTP, or Timebased One Time Password.\nYou can also use a printed list of one time passwords or any other PAM module, really, if you enable <code>ChallengeResponseAuthentication</code>.</p>","tags":["security","post"]},{"location":"blog/2015/01/04/secure-secure-shell/#user-authentication","title":"User Authentication","text":"<p>Even with Public Key authentication, you should only allow incoming connections from expected users. The <code>AllowUsers</code> setting in <code>sshd_config</code> lets you specify users who are allowed to connect, but this can get complicated with a large number of ssh users. Additionally, when deleting a user from the system, the username is not removed from <code>sshd_config</code>, which adds to maintenance requirements. The solution is to use the <code>AllowGroups</code> setting instead, and add users to an <code>ssh-user</code> group.</p>\n<p>Recommended <code>/etc/ssh/sshd_config</code> snippet:</p>\n<pre><code>AllowGroups ssh-user</code></pre>\n\n<p>Create the ssh-user group with <code>sudo groupadd ssh-user</code>, then add each ssh user to the group with <code>sudo usermod -a -G ssh-user &lt;username&gt;</code>.</p>","tags":["security","post"]},{"location":"blog/2015/01/04/secure-secure-shell/#symmetric-ciphers","title":"Symmetric ciphers\n\n<p>NOTE: Emphasis added.</p>\n\n<p>Symmetric ciphers are used to encrypt the data after the initial key exchange and authentication is complete.</p>\n<p>Here we have quite a few algorithms (10-14 were removed in OpenSSH 7.6):</p>\n<ol>\n<li>3des-cbc</li>\n<li>aes128-cbc</li>\n<li>aes192-cbc</li>\n<li>aes256-cbc</li>\n<li>aes128-ctr</li>\n<li>aes192-ctr</li>\n<li>aes256-ctr</li>\n<li>aes128-gcm@openssh.com</li>\n<li>aes256-gcm@openssh.com</li>\n<li>arcfour</li>\n<li>arcfour128</li>\n<li>arcfour256</li>\n<li>blowfish-cbc</li>\n<li>cast128-cbc</li>\n<li>chacha20-poly1305@openssh.com</li>\n</ol>\n<p>We have to consider the following:</p>\n<ul>\n<li>Security of the cipher algorithm:\n  This eliminates 1 and 10-12 - both DES and RC4 are broken.\n  Again, no need to wait for them to become even weaker, disable them now.</li>\n<li>Key size:\n  At least 128 bits, the more the better.</li>\n<li>Block size:\n  Does not apply to stream ciphers.\n  At least 128 bits.\n  This eliminates 13 and 14 because those have a 64 bit block size.</li>\n<li>Cipher mode:\n  The recommended approach here is to prefer AE modes and optionally allow CTR for compatibility.\n  CTR with Encrypt-then-MAC is provably secure.</li>\n</ul>\n<p>Chacha20-poly1305 is preferred over AES-GCM because the SSH protocol does not encrypt message sizes when GCM (or EtM) is in use.\nThis allows some traffic analysis even without decrypting the data.\nWe will deal with that soon.</p>\n<p>Recommended <code>/etc/ssh/sshd_config</code> snippet:</p>\n<pre><code>Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr</code></pre>\n\n<p>Recommended <code>/etc/ssh/ssh_config</code> snippet:</p>\n<pre><code>Host *\n    Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr</code></pre>","text":"","tags":["security","post"]},{"location":"blog/2015/01/04/secure-secure-shell/#message-authentication-codes","title":"Message authentication codes\n\n<p>Emphasis added.</p>\n\n<p>Encryption provides confidentiality, message authentication code provides integrity.\nWe need both.\nIf an AE cipher mode is selected, then extra MACs are not used, the integrity is already given.\nIf CTR is selected, then we need a MAC to calculate and attach a tag to every message.</p>\n<p>There are multiple ways to combine ciphers and MACs - not all of these are useful.\nThe 3 most common:</p>\n<ul>\n<li>Encrypt-then-MAC: encrypt the message, then attach the MAC of the ciphertext.</li>\n<li>MAC-then-encrypt: attach the MAC of the plaintext, then encrypt everything.</li>\n<li>Encrypt-and-MAC: encrypt the message, then attach the MAC of the plaintext.</li>\n</ul>\n<p>Only Encrypt-then-MAC should be used, period.\nUsing MAC-then-encrypt have lead to many attacks on TLS while Encrypt-and-MAC have lead to not quite that many attacks on SSH.\nThe reason for this is that the more you fiddle with an attacker provided message, the more chance the attacker has to gain information through side channels.\nIn case of Encrypt-then-MAC, the MAC is verified and if incorrect, discarded.\nBoom, one step, no timing channels.\nIn case of MAC-then-encrypt, first the attacker provided message has to be decrypted and only then can you verify it.\nDecryption failure (due to invalid CBC padding for example) may take less time than verification failure.\nEncrypt-and-MAC also has to be decrypted first, leading to the same kind of potential side channels.\nIt's even worse because no one said that a MAC's output can't leak what its input was.\nSSH by default, uses this method.</p>\n<p>Here are the available MAC choices:</p>\n<ol>\n<li>hmac-md5</li>\n<li>hmac-md5-96</li>\n<li>hmac-sha1</li>\n<li>hmac-sha1-96</li>\n<li>hmac-sha2-256</li>\n<li>hmac-sha2-512</li>\n<li>umac-64</li>\n<li>umac-128</li>\n<li>hmac-md5-etm@openssh.com</li>\n<li>hmac-md5-96-etm@openssh.com</li>\n<li>hmac-sha1-etm@openssh.com</li>\n<li>hmac-sha1-96-etm@openssh.com</li>\n<li>hmac-sha2-256-etm@openssh.com</li>\n<li>hmac-sha2-512-etm@openssh.com</li>\n<li>umac-64-etm@openssh.com</li>\n<li>umac-128-etm@openssh.com</li>\n</ol>\n<p>The selection considerations:</p>\n<ul>\n<li>Security of the hash algorithm:\n  No MD5 and SHA1.\n  Yes, I know that HMAC-SHA1 does not need collision resistance but why wait?\n  Disable weak crypto today.</li>\n<li>Encrypt-then-MAC:\n  I am not aware of a security proof for CTR-and-HMAC but I also don't think CTR decryption can fail.\n  Since there are no downgrade attacks, you can add them to the end of the list.\n  You can also do this on a host by host basis so you know which ones are less safe.</li>\n<li>Tag size:\n  At least 128 bits.\n  This eliminates umac-64-etm.</li>\n<li>Key size:\n  At least 128 bits.\n  This doesn't eliminate anything at this point.</li>\n</ul>\n<p>Recommended <code>/etc/ssh/sshd_config</code> snippet:</p>\n<pre><code>MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com</code></pre>\n\n<p>Recommended <code>/etc/ssh/ssh_config</code> snippet:</p>\n<pre><code>Host *\n    MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com</code></pre>","text":"","tags":["security","post"]},{"location":"blog/2015/01/04/secure-secure-shell/#preventing-key-theft","title":"Preventing key theft","text":"<p>Even with forward secrecy the secret keys must be kept secret.\nThe NSA has a database of stolen keys - you do not want your key there.</p>","tags":["security","post"]},{"location":"blog/2015/01/04/secure-secure-shell/#system-hardening","title":"System hardening\n<p>OpenSSH has some undocumented, and rarely used features.\nUseRoaming is one such feature with a known vulnerability.</p>\n<p>Recommended <code>/etc/ssh/ssh_config</code> snippet:</p>\n<pre><code>Host *\n   UseRoaming no</code></pre>\n\n<p>This post is not intended to be a comprehensive system security guide.\nVery briefly:</p>\n<ul>\n<li>Don't install what you don't need:\n  Every single line of code has a chance of containing a bug.\n  Some of these bugs are security holes.\n  Fewer lines, fewer holes.</li>\n<li>Use free software:\n  As in speech.\n  You want to use code that's actually reviewed or that you can review yourself.\n  There is no way to achieve that without source code.\n  Someone may have reviewed proprietary crap but who knows.</li>\n<li>Keep your software up to date:\n  New versions often fix critical security holes.</li>\n<li>Exploit mitigation:\n  Sad but true - there will always be security holes in your software.\n  There are things you can do to prevent their exploitation, such as GCC's -fstack-protector.\n  One of the best security projects out there is Grsecurity.\n  Use it or use OpenBSD.</li>\n</ul>","text":"","tags":["security","post"]},{"location":"blog/2015/01/04/secure-secure-shell/#traffic-analysis-resistance","title":"Traffic analysis resistance\n<p>Set up Tor hidden services for your SSH servers.\nThis has multiple advantages.\nIt provides an additional layer of encryption and server authentication.\nPeople looking at your traffic will not know your IP, so they will be unable to scan and target other services running on the same server and client.\nAttackers can still attack these services but don't know if it has anything to do with the observed traffic until they actually break in.</p>\n<p>Now this is only true if you don't disclose your SSH server's fingerprint in any other way.\nYou should only accept connections from the hidden service or from LAN, if required.</p>\n<p>If you don't need LAN access, you can add the following line to <code>/etc/ssh/sshd_config</code>:</p>\n<pre><code>ListenAddress 127.0.0.1:22</code></pre>\n\n<p>Add this to <code>/etc/tor/torrc</code>:</p>\n<pre><code>HiddenServiceDir /var/lib/tor/hidden_service/ssh\nHiddenServicePort 22 127.0.0.1:22</code></pre>\n\n<p>You will find the hostname you have to use in <code>/var/lib/tor/hidden_service/ssh/hostname</code>.\nYou also have to configure the client to use Tor.\nFor this, socat will be needed.\nAdd the following line to <code>/etc/ssh/ssh_config</code>:</p>\n<pre><code>Host *.onion\n    ProxyCommand socat - SOCKS4A:localhost:%h:%p,socksport=9050\n\nHost *\n    ...</code></pre>\n\n<p>If you want to allow connections from LAN, don't use the <code>ListenAddress</code> line, configure your firewall instead.</p>","text":"","tags":["security","post"]},{"location":"blog/2015/01/04/secure-secure-shell/#key-storage","title":"Key storage\n<p>You should encrypt your client key files using a strong password.\nAdditionally, you can use <code>ssh-keygen -o -a $number</code> to slow down cracking attempts by iterating the hash function many times.\nYou may want to store them on a pendrive and only plug it in when you want to use SSH.\nAre you more likely to lose your pendrive or have your system compromised?\nI don't know.</p>\n<p>Unfortunately, you can't encrypt your server key and it must be always available, or else sshd won't start.\nThe only thing protecting it is OS access controls.</p>","text":"","tags":["security","post"]},{"location":"blog/2015/01/04/secure-secure-shell/#the-end","title":"The end","text":"<p>It's probably a good idea to test the changes.\n<code>ssh -v</code> will print the selected algorithms and also makes problems easier to spot.\nBe extremely careful when configuring SSH on a remote host.\nAlways keep an active session, never restart sshd.\nInstead you can send the <code>SIGHUP</code> signal to reload the configuration without killing your session.\nYou can be even more careful by starting a new sshd instance on a different port and testing that.</p>\n<p>Can you make these changes?\nIf the answer is yes, then...</p>\n<p></p>\n<p>If the answer is no, it's probably due to compatibility problems.\nYou can try to convince the other side to upgrade their security and turn it into a yes.\nI have created a wiki page where anyone can add config files for preserving compatibility with various SSH implementations and SSH based services.</p>\n<p>If you work for a big company and change management doesn't let you do it, I'm sorry.\nI've seen the v1 protocol enabled in such places.\nThere is no chance of improvement.\nGive up to preseve your sanity.</p>\n<p>Special thanks to the people of Twitter for the improvements.</p>","tags":["security","post"]},{"location":"blog/2015/01/04/secure-secure-shell/#changelog","title":"ChangeLog","text":"<p>You may have noticed that this document changed since last time.\nI want to be very transparent about this.\nThere were three major changes:</p>\n<ul>\n<li>After some debate and going back and forth between including GCM or not, it's now back again.\n  The reason for dropping it was that SSH doesn't encrypt packet sizes when using GCM.\n  The reason for bringing it back is that SSH does the same with any EtM algorithms.\n  There is no way around this unless you can live with chacha20-poly1305 only.\n  Also, the leaked documents don't sound like they can figure out the lengths or confirm presence of some things, more like straight up \"send it to us and we'll decrypt it for you\".\n  Wrapping SSH in a Tor hidden service will take care of any traffic analysis concerns.</li>\n<li>I'm now allowing Encrypt-and-MAC algorithms with CTR ciphers as a last resort.\n  I initially thought it was possible to use downgrade attacks, I now think it is not.</li>\n<li>I briefly disabled RSA because it uses SHA1, this turned out to be a non-issue because we're signing SHA2 hashes.</li>\n</ul>\n<p>You can see the full list of changes on github.\nI promise not to use <code>git push -f</code>.</p>\n\n\n\n<p>Network Pro\u2122, the shield logo, and the \"Locking Down Networks\u2122\" slogan are trademarks of Network Pro Strategies.</p>\n\n<p>Licensed under CC BY 4.0 and the GNU GPL, as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.</p>","tags":["security","post"]},{"location":"blog/archive/2025/","title":"April 2025","text":""},{"location":"blog/archive/2015/","title":"January 2015","text":""},{"location":"blog/category/security/","title":"Security","text":""}]}

package/docs/sitemap.xml

@@ -0,0 +1,55 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">
+    <url>
+         <loc>https://netwk.pro/docs/</loc>
+         <lastmod>2025-05-06</lastmod>
+    </url>
+    <url>
+         <loc>https://netwk.pro/docs/conduct/</loc>
+         <lastmod>2025-05-06</lastmod>
+    </url>
+    <url>
+         <loc>https://netwk.pro/docs/legal/</loc>
+         <lastmod>2025-05-06</lastmod>
+    </url>
+    <url>
+         <loc>https://netwk.pro/docs/privacy/</loc>
+         <lastmod>2025-05-06</lastmod>
+    </url>
+    <url>
+         <loc>https://netwk.pro/docs/tags/</loc>
+         <lastmod>2025-05-06</lastmod>
+    </url>
+    <url>
+         <loc>https://netwk.pro/docs/terms-conditions/</loc>
+         <lastmod>2025-05-06</lastmod>
+    </url>
+    <url>
+         <loc>https://netwk.pro/docs/terms-use/</loc>
+         <lastmod>2025-05-06</lastmod>
+    </url>
+    <url>
+         <loc>https://netwk.pro/docs/blog/</loc>
+         <lastmod>2025-05-06</lastmod>
+    </url>
+    <url>
+         <loc>https://netwk.pro/docs/blog/2025/04/30/our-blog-is-live/</loc>
+         <lastmod>2025-05-06</lastmod>
+    </url>
+    <url>
+         <loc>https://netwk.pro/docs/blog/2015/01/04/secure-secure-shell/</loc>
+         <lastmod>2025-05-06</lastmod>
+    </url>
+    <url>
+         <loc>https://netwk.pro/docs/blog/archive/2025/</loc>
+         <lastmod>2025-05-06</lastmod>
+    </url>
+    <url>
+         <loc>https://netwk.pro/docs/blog/archive/2015/</loc>
+         <lastmod>2025-05-06</lastmod>
+    </url>
+    <url>
+         <loc>https://netwk.pro/docs/blog/category/security/</loc>
+         <lastmod>2025-05-06</lastmod>
+    </url>
+</urlset>