Search Results

SAP NFe is focused on SAP Localizations/Versions for Countries in Europe, North America and South America. We can improve processes, applying best practices and bringing SAP back to standard, creating value for your company. Creating value and generating positive and significant impacts on business. SAP NFe To Help Companies Run SAP Better Most of the companies spend hundreds of thousands of dollars , hiring unprepared consultancies and consultants, resulting in a expensive and unreliable system, with high maintenance costs, which ends up not meeting the company's expectations. This is the usual experience that the most valuable companies on the market are used to living on a day-to-day basis. We are focused on Europe , North America and South America country versions and localizations. We can improve processes, applying best practices and bringing the SAP back to standard, creating value to your company. If you're ready to innovate, we can help your business achieve its goals with cost-effective, tailor-made solutions. SAP Global Best Practices These articles cover the guidelines and best practices that the big techs don't want you to know. SAP Brazil Localization These articles cover roadmap implementation, localization complexity, nota fiscal (e-invoicing), indirect taxes, direct taxes, withholding, bank communication, electronic reporting (SPED) and more. SAP EU Localization These articles cover the main points about the EU Common Market, Localization, Single Euro Payments Area and more. SAP UK Localisation These articles cover roadmap implementation, localisation complexity, financial accounting, taxes, accounts payable, bank accounting and more. SAP US Localization These articles cover roadmap implementation, localization complexity, financial accounting, taxes, treasure, accounts payable, bank accounting, check (or also known as a cheque, in British English), withholding taxes (1099 misc) and more. Solutions We are focused on helping companies achieve their goals with cost-effective, tailor-made solutions. Sustainability Technology shaping the future of your company with sustainability, eliminating the waste of resources and process. Global Trends Our values go beyond simply redesigning processes. We help improve performance, compliance and more.

Before starting any negotiation with new UK business partners, it is always recommended to be safe and do some background checks on the company. You can do that thanks to Companies House. Business in United Kingdom UK Limited Company Public Information Checking UK VAT Number FSCS Financial Services Compensation Scheme ICO Information Commissioner’s Office UK Foreign Travel Advice UK Limited Company Public Information Before starting any negotiation with new UK business partners, it is always recommended to be safe and do some background checks on the company. You can do that thanks to Companies House. Companies House is an executive agency, sponsored by the DBT (Department for Business and Trade). They incorporate and dissolve limited companies, registering their information and make it available to the public. Path : https://www.gov.uk/get-information-about-a-company Get Information About a Company You can get details about a company for free, including: company information, for example registered address and date of incorporation current and resigned officers document images mortgage charge data previous company names insolvency information You just need to access the link above and click the green "Start " bottom. https://www.gov.uk/get-information-about-a-company Search the Register You can find a company using one of these information: Company Name Company Number Officer Name https://find-and-update.company-information.service.gov.uk/ Current features include File abridged or full accounts Change a registered office address View company data and document images Search for disqualified directors Order certificates and certified documents Follow companies Infomation Available Overview Filling History People (e.g., Director, Secretary) Charges More The Filing History can be Filter by Categories: Accounts Capital Charges Confirmation Statements / Annual Returns Incorporation Officers Incorporation In the filing history, filtered by incorporation, it is possible to check all incorporation information, like: Share Capital Share Capital You can see in the example the company was incorporated with a share capital of £10K pounds. Accounts In the filing history, filtered by accounts, it is possible to check all the accounts, like: Balance Sheet Profit and Loss Cash Flow Many other Information Balance Sheet This is a example of balance sheet filed, showing: Fixed Assets Tangible Assets Current Assets Debitors Due < 1 Year Debitors Due > 1 Year Cash at the Bank and In Hand Creditors Due < 1 Year Net Current Assets Total Assets Less Current Liability Provisions for Liabilities Deferred Tax Liability Net Assets Capital and Reservers Called Up Share Capital Profit and Loss Reserves Total Equity Other Useful Tools Company name availability : https://find-and-update.company-information.service.gov.uk/company-name-availability Alphabetical company search: https://find-and-update.company-information.service.gov.uk/alphabetical-search Dissolved company search: https://find-and-update.company-information.service.gov.uk/dissolved-search Bankruptcy, Insolvency and Disqualified Company Directors Search the bankruptcy and insolvency register: https://www.gov.uk/search-bankruptcy-insolvency-register Search for disqualified company directors: https://www.gov.uk/search-the-register -of-disqualified-company-directors Checking UK VAT Number You can also verify the UK VAT Number provided by your vendors and customer. Path : https://www.gov.uk/check-uk-vat-number VAT Number Just inform the VAT Number and click "Search". VAT is a 9 or 12 digit number, sometimes starting with GB. Valid UK VAT Number You will be able to see the valid number information, registered business name and the registered business address. FSCS Financial Services Compensation Sc heme The FSCS is the UK's statutory compensation scheme for customers of UK authorised financial services firms. This means that FSCS can step in to pay compensation if a firm is unable, or likely to be unable, to pay claims against it. Before you invest or deposit money in a institution, check in the FSCS Check, if the institution is a authorized firm and it is cover by FSCS. Path : https://www.fscs.org.uk/check/ Step by Step Access the FSCS Checker page Choose what you want to check, in the picture it was choose Banks Inform the name of the institution and select the right one. Informe the amount that you are planning to deposit, in this example, it was £100,000.00 And click in "Check Now" And the FSCS will show you how much you are protect. That means the limit of their coverage for that kind of institution, and how much is not. In this case £15,000.00 is at risk. And the reason why. In this case Banks in UK are protect up to £85,000.00 ICO Information Commissioner’s Office The Information Commissioner's Office (ICO) is the UK's independent regulator for data protection and information rights. ICO Data Protection fee is mandatory for most businesses, organizations, and sole traders that process personal data: Who needs to pay : You must pay the fee if you're a business, organization, or sole trader that processes personal data electronically When to pay : You must pay the fee unless you're exempt What the fee funds : The fee funds the ICO's work What the fee shows : Paying the fee shows that you take data protection seriously and value your customers' information What the fee amount is : The amount you pay depends on the size of your organization. Most companies pay £40 or £60 per year, while large organizations pay £2,900 What happens if you don't pay : If you need to pay and don't, you could be fined Purpose The ICO's mission is to uphold information rights for the public in the digital age. They do this by: Educating organizations on how to use personal data Taking action against organizations that don't comply with the law Helping individuals understand and exercise their rights Working with other regulators to improve information rights standards Services The ICO offers guidance and resources for organizations, including: Public bodies Private and third sector organizations Sole traders For the public The ICO provides information about data protection and information rights, including: How to make a SAR (Subject Access request is a right that allows individuals to request a copy of their personal data, or to understand how and why their data is being used) How to make an FOI request (The Freedom of Information Act gives the public the right to request recorded information from public authorities) Domestic CCTV and data protection Protecting yourself against nuisance marketing Register of data protection fee payers : https://ico.org.uk/ESDWebPages/Search Register of Data Protection You can search for: Registration Reference Name Address Postcode And you can see if the company is paying the fee for the ICO ICO ICO Search ICO ICO Entry List ICO ICO Search 1/2 UK Foreign T rave l Advice Get advice about travelling abroad, including the latest information on coronavirus, safety and security, entry requirements and travel warnings, direct from HMRC. There are some important contents, like : Summary Coronavirus Safety and security (Important! Check it before traveling ) Crime Pickpocketing Robbery Vehicle Crime Sexual Offences Fraud Protests Civil Unrest Others Terrorism Local laws and customs Entry requirements Health Natural disasters Money Travel advice help and support Country Link Afghanistan https://www.gov.uk/foreign-travel-advice/afghanistan Albania https://www.gov.uk/foreign-travel-advice/albania Algeria https://www.gov.uk/foreign-travel-advice/algeria Andorra https://www.gov.uk/foreign-travel-advice/andorra Angola https://www.gov.uk/foreign-travel-advice/angola Anguilla https://www.gov.uk/foreign-travel-advice/anguilla Antarctica/British Antarctic Territory https://www.gov.uk/foreign-travel-advice/antarctica-british-antarctic-territory Antigua and Barbuda https://www.gov.uk/foreign-travel-advice/antigua-and-barbuda Argentina https://www.gov.uk/foreign-travel-advice/argentina Armenia https://www.gov.uk/foreign-travel-advice/armenia Aruba https://www.gov.uk/foreign-travel-advice/aruba Australia https://www.gov.uk/foreign-travel-advice/australia Austria https://www.gov.uk/foreign-travel-advice/austria Azerbaijan https://www.gov.uk/foreign-travel-advice/azerbaijan Bahamas https://www.gov.uk/foreign-travel-advice/bahamas Bahrain https://www.gov.uk/foreign-travel-advice/bahrain Bangladesh https://www.gov.uk/foreign-travel-advice/bangladesh Barbados https://www.gov.uk/foreign-travel-advice/barbados Belarus https://www.gov.uk/foreign-travel-advice/belarus Belgium https://www.gov.uk/foreign-travel-advice/belgium Belize https://www.gov.uk/foreign-travel-advice/belize Benin https://www.gov.uk/foreign-travel-advice/benin Bermuda https://www.gov.uk/foreign-travel-advice/bermuda Bhutan https://www.gov.uk/foreign-travel-advice/bhutan Bolivia https://www.gov.uk/foreign-travel-advice/bolivia Bonaire/St Eustatius/Saba https://www.gov.uk/foreign-travel-advice/bonaire-st-eustatius-saba Bosnia and Herzegovina https://www.gov.uk/foreign-travel-advice/bosnia-and-herzegovina Botswana https://www.gov.uk/foreign-travel-advice/botswana Brazil https://www.gov.uk/foreign-travel-advice/brazil British Indian Ocean Territory https://www.gov.uk/foreign-travel-advice/british-indian-ocean-territory British Virgin Islands https://www.gov.uk/foreign-travel-advice/british-virgin-islands Brunei https://www.gov.uk/foreign-travel-advice/brunei Bulgaria https://www.gov.uk/foreign-travel-advice/bulgaria Burkina Faso https://www.gov.uk/foreign-travel-advice/burkina-faso Burundi https://www.gov.uk/foreign-travel-advice/burundi Cambodia https://www.gov.uk/foreign-travel-advice/cambodia Cameroon https://www.gov.uk/foreign-travel-advice/cameroon Canada https://www.gov.uk/foreign-travel-advice/canada Cape Verde https://www.gov.uk/foreign-travel-advice/cape-verde Cayman Islands https://www.gov.uk/foreign-travel-advice/cayman-islands Central African Republic https://www.gov.uk/foreign-travel-advice/central-african-republic Chad https://www.gov.uk/foreign-travel-advice/chad Chile https://www.gov.uk/foreign-travel-advice/chile China https://www.gov.uk/foreign-travel-advice/china Colombia https://www.gov.uk/foreign-travel-advice/colombia Comoros https://www.gov.uk/foreign-travel-advice/comoros Congo https://www.gov.uk/foreign-travel-advice/congo Cook Islands, Tokelau and Niue https://www.gov.uk/foreign-travel-advice/cook-islands-tokelau-and-niue Costa Rica https://www.gov.uk/foreign-travel-advice/costa-rica Côte d'Ivoire https://www.gov.uk/foreign-travel-advice/cote-d-ivoire Croatia https://www.gov.uk/foreign-travel-advice/croatia Cuba https://www.gov.uk/foreign-travel-advice/cuba Curaçao https://www.gov.uk/foreign-travel-advice/curaçao Cyprus https://www.gov.uk/foreign-travel-advice/cyprus Czech Republic https://www.gov.uk/foreign-travel-advice/czech-republic Democratic Republic of the Congo https://www.gov.uk/foreign-travel-advice/democratic-republic-of-the-congo Denmark https://www.gov.uk/foreign-travel-advice/denmark Djibouti https://www.gov.uk/foreign-travel-advice/djibouti Dominica https://www.gov.uk/foreign-travel-advice/dominica Dominican Republic https://www.gov.uk/foreign-travel-advice/dominican-republic Ecuador https://www.gov.uk/foreign-travel-advice/ecuador Egypt https://www.gov.uk/foreign-travel-advice/egypt El Salvador https://www.gov.uk/foreign-travel-advice/el-salvador Equatorial Guinea https://www.gov.uk/foreign-travel-advice/equatorial-guinea Eritrea https://www.gov.uk/foreign-travel-advice/eritrea Estonia https://www.gov.uk/foreign-travel-advice/estonia Eswatini https://www.gov.uk/foreign-travel-advice/eswatini Ethiopia https://www.gov.uk/foreign-travel-advice/ethiopia Falkland Islands https://www.gov.uk/foreign-travel-advice/falkland-islands Fiji https://www.gov.uk/foreign-travel-advice/fiji Finland https://www.gov.uk/foreign-travel-advice/finland France https://www.gov.uk/foreign-travel-advice/france French Guiana https://www.gov.uk/foreign-travel-advice/french-guiana French Polynesia https://www.gov.uk/foreign-travel-advice/french-polynesia Gabon https://www.gov.uk/foreign-travel-advice/gabon The Gambia https://www.gov.uk/foreign-travel-advice/the-gambia Georgia https://www.gov.uk/foreign-travel-advice/georgia Germany https://www.gov.uk/foreign-travel-advice/germany Ghana https://www.gov.uk/foreign-travel-advice/ghana Gibraltar https://www.gov.uk/foreign-travel-advice/gibraltar Greece https://www.gov.uk/foreign-travel-advice/greece Grenada https://www.gov.uk/foreign-travel-advice/grenada Guadeloupe https://www.gov.uk/foreign-travel-advice/guadeloupe Guatemala https://www.gov.uk/foreign-travel-advice/guatemala Guinea https://www.gov.uk/foreign-travel-advice/guinea Guinea-Bissau https://www.gov.uk/foreign-travel-advice/guinea-bissau Guyana https://www.gov.uk/foreign-travel-advice/guyana Haiti https://www.gov.uk/foreign-travel-advice/haiti Honduras https://www.gov.uk/foreign-travel-advice/honduras Hong Kong https://www.gov.uk/foreign-travel-advice/hong-kong Hungary https://www.gov.uk/foreign-travel-advice/hungary Iceland https://www.gov.uk/foreign-travel-advice/iceland India https://www.gov.uk/foreign-travel-advice/india Indonesia https://www.gov.uk/foreign-travel-advice/indonesia Iran https://www.gov.uk/foreign-travel-advice/iran Iraq https://www.gov.uk/foreign-travel-advice/iraq Ireland https://www.gov.uk/foreign-travel-advice/ireland Israel https://www.gov.uk/foreign-travel-advice/israel Italy https://www.gov.uk/foreign-travel-advice/italy Jamaica https://www.gov.uk/foreign-travel-advice/jamaica Japan https://www.gov.uk/foreign-travel-advice/japan Jordan https://www.gov.uk/foreign-travel-advice/jordan Kazakhstan https://www.gov.uk/foreign-travel-advice/kazakhstan Kenya https://www.gov.uk/foreign-travel-advice/kenya Kiribati https://www.gov.uk/foreign-travel-advice/kiribati Kosovo https://www.gov.uk/foreign-travel-advice/kosovo Kuwait https://www.gov.uk/foreign-travel-advice/kuwait Kyrgyzstan https://www.gov.uk/foreign-travel-advice/kyrgyzstan Laos https://www.gov.uk/foreign-travel-advice/laos Latvia https://www.gov.uk/foreign-travel-advice/latvia Lebanon https://www.gov.uk/foreign-travel-advice/lebanon Lesotho https://www.gov.uk/foreign-travel-advice/lesotho Liberia https://www.gov.uk/foreign-travel-advice/liberia Libya https://www.gov.uk/foreign-travel-advice/libya Liechtenstein https://www.gov.uk/foreign-travel-advice/liechtenstein Lithuania https://www.gov.uk/foreign-travel-advice/lithuania Luxembourg https://www.gov.uk/foreign-travel-advice/luxembourg Macao https://www.gov.uk/foreign-travel-advice/macao Madagascar https://www.gov.uk/foreign-travel-advice/madagascar Malawi https://www.gov.uk/foreign-travel-advice/malawi Malaysia https://www.gov.uk/foreign-travel-advice/malaysia Maldives https://www.gov.uk/foreign-travel-advice/maldives Mali https://www.gov.uk/foreign-travel-advice/mali Malta https://www.gov.uk/foreign-travel-advice/malta Marshall Islands https://www.gov.uk/foreign-travel-advice/marshall-islands Martinique https://www.gov.uk/foreign-travel-advice/martinique Mauritania https://www.gov.uk/foreign-travel-advice/mauritania Mauritius https://www.gov.uk/foreign-travel-advice/mauritius Mayotte https://www.gov.uk/foreign-travel-advice/mayotte Mexico https://www.gov.uk/foreign-travel-advice/mexico Micronesia https://www.gov.uk/foreign-travel-advice/micronesia Moldova https://www.gov.uk/foreign-travel-advice/moldova Monaco https://www.gov.uk/foreign-travel-advice/monaco Mongolia https://www.gov.uk/foreign-travel-advice/mongolia Montenegro https://www.gov.uk/foreign-travel-advice/montenegro Montserrat https://www.gov.uk/foreign-travel-advice/montserrat Morocco https://www.gov.uk/foreign-travel-advice/morocco Mozambique https://www.gov.uk/foreign-travel-advice/mozambique Myanmar (Burma) https://www.gov.uk/foreign-travel-advice/myanmar Namibia https://www.gov.uk/foreign-travel-advice/namibia Nauru https://www.gov.uk/foreign-travel-advice/nauru Nepal https://www.gov.uk/foreign-travel-advice/nepal Netherlands https://www.gov.uk/foreign-travel-advice/netherlands New Caledonia https://www.gov.uk/foreign-travel-advice/new-caledonia New Zealand https://www.gov.uk/foreign-travel-advice/new-zealand Nicaragua https://www.gov.uk/foreign-travel-advice/nicaragua Niger https://www.gov.uk/foreign-travel-advice/niger Nigeria https://www.gov.uk/foreign-travel-advice/nigeria North Korea https://www.gov.uk/foreign-travel-advice/north-korea North Macedonia https://www.gov.uk/foreign-travel-advice/north-macedonia Norway https://www.gov.uk/foreign-travel-advice/norway Oman https://www.gov.uk/foreign-travel-advice/oman Pakistan https://www.gov.uk/foreign-travel-advice/pakistan Palau https://www.gov.uk/foreign-travel-advice/palau The Occupied Palestinian Territories https://www.gov.uk/foreign-travel-advice/the-occupied-palestinian-territories Panama https://www.gov.uk/foreign-travel-advice/panama Papua New Guinea https://www.gov.uk/foreign-travel-advice/papua-new-guinea Paraguay https://www.gov.uk/foreign-travel-advice/paraguay Peru https://www.gov.uk/foreign-travel-advice/peru Philippines https://www.gov.uk/foreign-travel-advice/philippines Pitcairn Island https://www.gov.uk/foreign-travel-advice/pitcairn-island Poland https://www.gov.uk/foreign-travel-advice/poland Portugal https://www.gov.uk/foreign-travel-advice/portugal Qatar https://www.gov.uk/foreign-travel-advice/qatar Réunion https://www.gov.uk/foreign-travel-advice/reunion Romania https://www.gov.uk/foreign-travel-advice/romania Russia https://www.gov.uk/foreign-travel-advice/russia Rwanda https://www.gov.uk/foreign-travel-advice/rwanda Samoa https://www.gov.uk/foreign-travel-advice/samoa San Marino https://www.gov.uk/foreign-travel-advice/san-marino São Tomé and Principe https://www.gov.uk/foreign-travel-advice/sao-tome-and-principe Saudi Arabia https://www.gov.uk/foreign-travel-advice/saudi-arabia Senegal https://www.gov.uk/foreign-travel-advice/senegal Serbia https://www.gov.uk/foreign-travel-advice/serbia Seychelles https://www.gov.uk/foreign-travel-advice/seychelles Sierra Leone https://www.gov.uk/foreign-travel-advice/sierra-leone Singapore https://www.gov.uk/foreign-travel-advice/singapore Slovakia https://www.gov.uk/foreign-travel-advice/slovakia Slovenia https://www.gov.uk/foreign-travel-advice/slovenia Solomon Islands https://www.gov.uk/foreign-travel-advice/solomon-islands Somalia https://www.gov.uk/foreign-travel-advice/somalia South Africa https://www.gov.uk/foreign-travel-advice/south-africa South Georgia and the South Sandwich Islands https://www.gov.uk/foreign-travel-advice/south-georgia-and-the-south-sandwich-islands South Korea https://www.gov.uk/foreign-travel-advice/south-korea South Sudan https://www.gov.uk/foreign-travel-advice/south-sudan Spain https://www.gov.uk/foreign-travel-advice/spain Sri Lanka https://www.gov.uk/foreign-travel-advice/sri-lanka St Helena, Ascension and Tristan da Cunha https://www.gov.uk/foreign-travel-advice/st-helena-ascension-and-tristan-da-cunha St Kitts and Nevis https://www.gov.uk/foreign-travel-advice/st-kitts-and-nevis St Lucia https://www.gov.uk/foreign-travel-advice/st-lucia St Maarten https://www.gov.uk/foreign-travel-advice/st-maarten St Martin and St Barthélemy https://www.gov.uk/foreign-travel-advice/st-martin-and-st-barthelemy St Pierre & Miquelon https://www.gov.uk/foreign-travel-advice/st-pierre-and-miquelon St Vincent and the Grenadines https://www.gov.uk/foreign-travel-advice/st-vincent-and-the-grenadines Sudan https://www.gov.uk/foreign-travel-advice/sudan Suriname https://www.gov.uk/foreign-travel-advice/suriname Sweden https://www.gov.uk/foreign-travel-advice/sweden Switzerland https://www.gov.uk/foreign-travel-advice/switzerland Syria https://www.gov.uk/foreign-travel-advice/syria Taiwan https://www.gov.uk/foreign-travel-advice/taiwan Hint : You can subscribe to HMRC travel advice updates by clicking on "Get Email Alerts". References: HM Revenue & Customs (www.gov.uk ); Wikipedia (www.wikipedia.org ); FSCS (www.fscs.org.uk ); ICO (https://ico.org.uk)

The stock market is a component of a free-market economy. It allows companies to raise money by offering stock shares and corporate bonds and allows investors to participate in the financial achievements of the companies, make profits through capital gains, and earn income through dividends. Investments Stock Market Overview Brazil Stock Market Investments in the UK Stock Market Overview Stock Market (also known as Stock Exchange, Share Market or Equity Market) is a regulated and controlled environment, where tranders can buy and sell shares. The stock market ensures price transparency, liquidity, price discovery, and fair dealings in trading activities, guaranteeing all interested market participants have access to data for all buy and sell orders. The stock market is a component of a free-market economy. It allows companies to raise money by offering stock shares and corporate bonds and allows investors to participate in the financial achievements of the companies, make profits through capital gains, and earn income through dividends. Shares Shares are the equivalent of ownership in a public company. The terms "shares" and "stocks" are often used interchangeably, but they represent a company differently (For example: A company issued stock and you purchased 10 shares of it. If each share represents 1% of ownership, you own 10% of the company. The company issued stock, and you bought shares of it). Warning: The shares represent ownership, not debt, there is no legal obligation for the company to reimburse the shareholders if something happens to the business. Types Of Shares Common Stock Shares | This type comes with voting rights, giving shareholders more control over the business. These rights allow the shareholders of a company to vote on specific corporate actions. Preferred Stock Shares | This type of stock typically has set payment criteria, like a dividend paid out regularly, and takes priority over common stock if the business files for bankruptcy and is forced to repay its lenders. Stockbrokers Brokers are intermediaries between the stock exchanges and the investors by buying and selling stocks. Stock Exchanges NYSE (New York Stock Exchange) Region: US Market Place: New York City Time Zone: EST/EDT (-5:00) NASDAQ (National Association of Securities Dealers Automated Quotations) Region: US Market Place: New York City Time Zone: EST/EDT (-5:00) LSE (London Stock Exchange) Region: UK Market Place: London Time Zone: GMT/BST (+0:00) Euronext (European New Exchange Technology) Region: Europe Market Place: Amsterdam, Brussels, Dublin, Lisbon, Milan, Oslo, Paris Time Zone: CET/CEST (+1:00) ETR (Deutsche Borse AG) Region: DE Market Place: Frankfurt Time Zone: CET/CEST (+1:00) SWX (SIX Swiss Exchange) Region: CH Market Place: Zurich Time Zone: CET/CEST (+1:00) B3 (Brasil, Bolsa, Balcao - formerly know as BM&F BOVESPA) Region: BR Market Place: Sao Paulo Time Zone: GMT (-3:00) ETF The Biggest ETFs Issuers iShares Vanguard SPDR Invesco The Biggest ETFs SPY | SPDR S&P 500 ETF Trust IVV | iShares Core S&P 500 ETF VOO | Vanguard 500 Index Fund ETF VTI | Vanguard Total Stock Market Index Fund ETF QQQ | Invesco QQQ Trust Series 1 Indexes S&P500 | Standard and Poor's 500 | It is a stock market index tracking the stock performance of 500 of the largest companies listed on stock exchanges in the United States. FTSE100 | Financial Times Stock Exchange 100 | Also called the FTSE, or, informally, the "Footsie", is a share index of the 100 companies listed on the London Stock Exchange with the highest market capitalisation. DAX40 | DAX Performance | The DAX is a stock market index consisting of the 40 major German blue chip companies trading on the Frankfurt Stock Exchange. Brazil Stock Market Stock Type Codes Frequent codes 3 | Common Stock Shares (Example: "VALE3" Vale) 4 | Preferred Stock Shares (Example: "GGBR4" Gerdau) 5 | Preferred Stock Shares Class A (Example: " USIM5" Usinas Siderurgicas de Minas Gerais ) 6 | Preferred Stock Shares Class B (Example: "ELET6" Eletrobras ) 11 | Units and ETFs Units (Assets composed of more than one type of share | Example: "SANB11" Santader | Composed "SANB3" + "SANB4") ETFs (Exchange Traded Funds | Example: "BOVA11" Ibovespa Index) 34 | BDRs (Brazilian Deposits Receipts | Foreign shares traded on the Brazilian Stock Exchange | Example: "GOGL34" Alphabet Google) Not so frequent codes 1 | Subscription Right (Common Stock Shares) 2 | Subscription Right (Preferred Stock Shares) 7 | Preferred Stock Shares Class C 8 | Preferred Stock Shares Class D 9 | Subscription Receipt (Common Stock Shares) 10 | Subscription Receipt (Preferred Stock Shares) Hint: Class 5, 6, 7 and 8 shares have a different list of rules, which varies depending on the company, and such rules are described in the Bylaws. Investments in th e UK There are many different ways to invest in the UK for both residents and those overseas, from low-risk bonds to more aggressive equity shares. Overview of Available Investments ISA Savings Cash ISA Junior ISA (JISA) Stocks and Share ISA Lifetime ISA Innovative Finance ISA (IFISA) Savings Account Easy Access Account Regular Saver Account Notice Savings Account Fixed-Interest Savings Account Pension Workplace Pension Defined Contribution (DC) Defined Benefit (DB) Personal Pension Stakeholder Pension SIPP (self-invested personal pension) Investments Products Shares Real Estate Investment Trusts (REITs) Investment Funds / Mutual Funds Exchange-Traded Funds (ETFs) Bonds and Gilts Government Bonds Corporate Bonds Local Authority Bonds Green Bonds Contracts for Differences (CFDs) and Spreads CFDs Spread Betting Cryptocurrencies FAQ (Frequently asked questions) Safest Investment in the UK : Aside from cash savings accounts, the safest investment in the UK is usually considered to be government bonds. Because they are guaranteed by the British government, they have very low default risk and offer a fixed interest rate. Best Investment for Monthly Income in the UK : There are several options can be considered, although the best choice for you will depend on your indivi dual circumstances and risk tolerance. Earn the Most Interest in the UK : The highest interest rates are often found in fixed-interest savings ac counts, where you agree to lock your money away for a set period. The tradeoff for the lack of liquidity is higher interest rates than on similar savings products. Highest Returns in the UK : Shares in the stock market have offered high returns compared with other investment classes over long time periods. (For example: S&P 500 index, tracks the stock performance of 500 of the largest companies or FTSE 100 Index, which tracks the 100 largest companies listed on the stock markets) ISA Savings (Indivi dual Savings Accounts) It is a tax-efficient savings account. It is one of the most popular types of investments in the UK. Limit: Up to £20,000 per tax year Taxable: Not Taxable Protection: Subject to the Financial Services Compensation Scheme (FSCS), which protects up to £85,000 of your money if the financial institution fails. This protection applies per person, per institution. Types of ISA Savings Cash ISA It works like a regular savings account, but with the ISA benefits. Suitable: Short-term savings goals or as an emergency fund Risk: low-risk Withdrawal: You can withdraw any time Junior ISA (JISA) It is an ISA for children under age 18 living in the UK and you can open for your child or grandchild. The money belongs to the child, and they can access it when they turn 18. Suitable: Parents and grandparent, for the future of the children Risk: low-risk Limit: Up to £9,000 per tax year Stocks and Shares ISA It is an ISA that holds investments such as shares of stocks, bonds, mutual funds, or exchange-traded funds (ETFs). It works like a regular investment account but with ISA benefits. Suitable: Long-term savings goals or as a way to grow your wealth Risk: High-risk Lifetime ISA (LISA) You can use your LISA savings to buy your first home or saving for retirement. You can hold cash or investments, or a combination of both. LISA lets you save up to £4,000 per year with the government adding a 25% bonus on top of what you save (i.e. up to £1,000 per year). Suitable: Buying first home up to £450,000 or Retirement. Risk: Cash low-risk / Investment high-risk Application Rule: If you are age 18 to 39, you can keep contributing until you are 50. After your 50th birthday you can't contribute any more. If you have cash LISA the next 10 year you will receive interest, and in case of investments LISA, the valuation of the shares. Limit: Up to £4,000 per tax year, and it is part of the overall aggregated ISA £20,000 annual allowance. (The government bonus does not count toward the £20,000 limit, so you can still get up to £1,000 of extra money every year from the Lifetime ISA bonus) Withdrawal: You can withdraw to buy a house after 12 months or on your 60th birthday. Withdrawal Penalty: If you withdraw early, you will pay a 25% withdrawal charge, which recovers the government bonus and applies a small penalty. That means you can lose money. Innovative Finance ISA (IFISA) It is a type of ISA that allows you to invest in qualified peer-to-peer lending and crowdfunding platforms, which match up investors with borrowers or businesses. Suitable: Investors due to the potentially higher returns compared with other ISA options Risk: High-risk Savings Account Savings accounts can cater to different saving habits and needs. Each comes with its own set of benefits and constraints. Taxable: Yes Protection: Subject to the Financial Services Compensation Scheme (FSCS), which protects up to £85,000 of your money if the financial institution fails. This protection applies per person, per institution. Types of Savings account Easy Access Account It is a more flexibly savings account. You can add or withdraw funds whenever you wish, without penalties. The interest rates are usually variable and lower than those of fixed-interest accounts. Suitable: Good option if you might need to access your savings quickly Risk: low-risk Regular Saver Account It is type of savings account that encourage consistent saving habits by offering attractive interest rates to those who commit to making regular deposits. Suitable: To save bit by bit and do not need to use the money for everyday spending Risk: low-risk Limit: Usually £50 to £500 every month, but maximum deposits vary by bank. Withdrawal: It may also have restrictions on withdrawals Notice Savings Account It is a type of savings that requires you to provide a set notice period (typically 30 to 90 days) before you can withdraw your money. Suitable: This can help you resist the temptation to dip into your savings, and in return, you’re usually offered a higher interest rate than easy access accounts. Risk: low-risk Withdrawal: Usually 30 to 90 days Fixed-Interest Savings Account Fixed-interest (or fixed-rate) savings accounts are a type of savings account where your money is locked away for a specified period, usually from several months to up to five years. In return for committing your money, you’re rewarded with a fixed interest rate, typically higher than that of an easy access savings account. Suitable: For Long-term investments with higher returns Limit: Usually it will have no limit to invest. Withdrawal: Few months up to 5 years Pension A pension is a tax-efficient way of saving money for your retirement. It is form an integral part of financial planning for retirement later in life. Limit: Up to £60,000 per tax year 2023-24 (The total amount you can build up in all your pensions without facing tax charges, excluding the State Pension, is currently limited to £1,073,100) Types of pensions Workplace Pension A workplace pension, also known as an occupational, company, works, or work-based pension, is a pension scheme arranged by your employer. You, your employer, and the government all contribute to this. You contribute a certain percentage of your salary every payday, and these contributions are usually automatically deducted from your salary before tax, providing immediate tax relief. Your employer also contributes an additional sum to your pension pot, which is essentially free money toward your retirement. In addition, the government provides tax relief on your contributions. This means the money that would have gone to the government as income tax instead goes into your pension pot. For basic-rate taxpayers in the U.K., for every £40 you pay into your pension, your employer typically puts in £30, and the government will contribute an additional £10 in tax relief. There are two main types of workplace pension: Defined contribution (D.C.): A pension pot based on how much is paid in by the employee. They’re sometimes called “money purchase” pension schemes. Defined benefit (D.B.): A guaranteed pot based on your salary and how long you’ve worked for your employer. They’re sometimes called “final salary” or “career average” pension schemes. Personal Pension A personal pension is a pension that you set up for yourself. You can contribute to your personal pension regardless of your employment status. Like workplace pensions, personal pensions also offer tax relief. However, if you’re a higher-rate or additional-rate taxpayer, you’ll need to claim the additional rebate through your tax return. Suitable: It is particularly useful for the self-employed or those not enrolled in a workplace pension scheme. There are two main types of personal pension: stakeholder pensions and SIPPs: Stakeholder pensions have low and flexible minimum contributions, capped charges, and a default investment strategy, which can be helpful if you don’t want to make investment decisions. Many default investment funds feature “lifestyling.” Lifestyling is when your funds are automatically moved into lower-risk investments as you approach retirement. A SIPP (self-invested personal pension) works in a similar way but offers a wider choice of investments. You have more control over your pension pot and can invest in a range of assets, including shares, bonds, funds, and even commercial property. Investments Products Shares Shares, also known as equities or stocks, represent a portion of residual ownership in a company. Buying shares in a company means that you sort of own a small slice of that company. As a shareholder, you could potentially profit in two ways. Capital Gains: If you sell your shares for more than you paid Dividends: It is a portion of the company’s profits distributed pro rata to shareholders Shares are traded on stock exchanges, with the London Stock Exchange being one of the most prominent in the UK. Suitable: For people with a more bold profiles, who accept possible losses to have greater gains Risk: high-risk (share prices can be volatile and fluctuate due to various factors such as the company’s financial performance, economic conditions, and market sentiment) Real Estate Investment Trusts (REITs) Real Estate Investment Trusts are entities that own, and often operate, income-generating real estate. Investing in an REIT allows you to indirectly invest in property without having to directly own any real estate. This could be residential properties, commercial properties such as offices and shopping centers, or even specialist properties like hotels. REITs are required to distribute a majority of their taxable income to shareholders, making them an attractive option for investors seeking regular income, similar to dividend-paying stocks. Besides, they offer potential for capital growth if the value of the underlying properties increases. Suitable: For those who want to invest in real estate without having to buy a physical property Risk: high-risk (potential risk for property value decreases and rental income reductions) Investment Funds Investment funds (mutual funds) pool your money with other investors to invest in a wide range of assets, including shares, bonds, and property. Active funds: It is a type of investment fund where the investments are managed by professionals. These fund managers make decisions about where to invest the fund’s money, aiming to outperform the market or a specific benchmark. In return for this expertise, active funds generally charge higher fees than passive funds (e.g., index funds). Index funds: Also known as tracker funds in the UK, aim to replicate the performance of a specific market index, such as the FTSE 100. Rather than trying to beat the market, these funds simply try to match it. This passive management approach typically results in lower fees than active funds, making them a cost-effective way to diversify your portfolio. This shared approach can provide access to a diverse range of investments that you might not be able to afford individually, spreading the risk. Suitable: For investors who want to invest in a wide range of assets, spreading the risk Risk: high-risk Exchange-Traded Funds (ETFs) Exchange-traded funds (ETFs) are investment fund shares that are traded on stock exchanges, much like individual stocks. ETFs can track a wide range of indexes, from broad market indexes to specific sectors, commodities, or even geographical regions. They offer a flexible and cost-effective way to diversify across a wide range of assets, with the added benefit of liquidity and the ability to buy or sell shares in the ETF throughout the trading day at market prices. Suitable: It is a long-term investment, for those who invest in a wide range of stocks, and spread the risk Risk: high-risk Bonds and Gilts Essentially, a bond is a loan made by an investor to a borrower, typically corporate or governmental. As an investor, when you purchase a bond, you are lending money to the issuer of the bond in return for periodic interest payments and the return of the bond’s face value when it matures. Investing in bonds can provide a predictable income and is generally considered less risky than investing in stocks. Risks: Credit risk (the risk that the issuer will default on their payments) and interest rate risk (where a rise in interest rates can cause the value of the bond to fall). Taxable: Tax and regulatory implications may vary based on the investor’s country of residence There are several types of bonds available to investors Government Bonds It is also known as “gilts,” are considered among the safest investments because they are backed by the government. They pay a fixed interest rate (known as the coupon) twice a year until they mature, at which point the investor receives the face value of the bond. The term of a gilt can range from a few years to several decades. Risk: low-risk (They are backed by the Government) Corporate Bonds It is issued by companies to raise capital for various reasons, such as funding expansion or paying off other debts. They typically offer a higher interest rate than government bonds to compensate for the additional risk, as they rely on the company’s ability to meet its financial obligations. They can be an excellent way for investors to generate regular income and diversify their portfolio. Retail bonds are a form of corporate bond issued directly to the public and can be traded on the London Stock Exchange’s Order Book for Retail Bonds (ORB). Risk: Depends on the issuer Local Authority Bonds It is issued by local governments to finance public projects. These bonds are often tax exempt and offer competitive interest rates, making them an attractive option for those looking for a balance of risk and return. Green Bonds It is a newer addition to the bond market. The proceeds from green bonds are used to fund projects with environmental benefits. They are an excellent option for socially conscious investors who want their investments to support sustainability initiatives. Contracts for Differences (CFDs) and Spreads Contracts for differences (CFDs), spread betting, and other similar financial derivatives can also offer another avenue for retail investors. However, these types of products come with a high level of risk and complexity, so they may not be suitable for everyone. Risk: high-risk (for inexperienced investors may be considered very high-risk) Taxable: Tax laws can change and may depend on individual circumstances CFDs It is a type of derivative for speculating on the prices of fast-moving global financial markets, such as shares, indexes, commodities, currencies, and treasuries. When you trade a CFD, you are agreeing to exchange the difference in price of an asset from the point at which the contract is opened to when it is closed. You never actually own the underlying asset, but you can still benefit if the market moves in your favor, or you face a loss if it moves against you. CFDs are complex instruments and come with a high risk of losing money rapidly due to leverage. While still legal, the Financial Conduct Authority (FCA) has imposed limits and restrictions on the marketing, distribution, and sale of CFDs to retail consumers in the U.K. due to concerns about losses. Risk: high-risk Taxable: Yes. Capital gains tax and stamp duty Spread Betting It is another type of derivatives trading. It involves speculating on the direction of price movements. A spread betting company quotes two prices, the bid and offer price (also known as the spread), and investors bet whether the price of the underlying asset will be lower than the bid or higher than the offer. The main difference between spread betting and CFD trading is their tax treatment Risk: high-risk Taxable: No. It is free from capital gains tax and stamp duty Protection: Regulated by the FCA in the UK, and providers must meet certain standards and protections, including segregating client money. Cryptocurrencies Cryptocurrencies are a relatively new addition to the investment landscape and have gained significant attention globally, including in the U.K. They represent a form of digital or virtual currency, secured by cryptography, making them nearly impossible to counterfeit, and they can be bought and sold via online cryptocurrency exchanges. (the most well-known cryptocurrency is Bitcoin). Investing in cryptocurrencies can be appealing due to their high potential returns. However, it’s essential to understand that cryptocurrencies are highly volatile and can fluctuate in value significantly. Risk: Very high-risk Additional Risks: In addition to high volatility, other risks such as scams are frequent in the crypto market Protection: There is no protection References: HM Revenue & Customs ( www.gov.uk ); Investopedia (www.investopedia.com ); Wikipedia (www.wikipedia.org )

A tax is a compulsory financial charge or some other type of levy imposed on a taxpayer by a governmental in order to fund government public expenditures. You can consider that direct taxes are taxes that you pay directly to the government and indirect taxes that you do not. Remember, this may vary from region to region. Taxation Overview “Nothing Is Certain, Except Death and Taxes” I couldn't start talking about taxes without quoting those remarkable infamous words. What is tax? A tax is a compulsory financial charge or some other type of levy imposed on a taxpayer by a governmental in order to fund government public expenditures. And yes, that's the dictionary definition, but everyone knows what tax is, right? I don't want to bore you with dictionary definitions, but there are still some basic differences that create some confusion. Direct taxes vs. Indirect taxes Although the actual definition may vary a little region to region, but the basic rule is: Indirect Tax: A tax levied on goods and services. (e.g. VAT) Direct Tax: A tax levied on the income or profits. (e.g. Income Tax) In short: You can consider that direct taxes are taxes that you pay directly to the government and indirect taxes that you do not. Remember, this may vary from region to region. Indirect Tax Indirect taxes have various names around the world. Europe: VAT (Value-Added Tax) United States: Sales Tax Australia: GST (Goods and Services Tax) Japan: JCT (Japanese Consumption tax) The process for collecting these taxes can vary significantly, but the outcome is the same: The end customer pays the tax. Example: Sales tax is collected by the retailer when the final sale in the supply chain is reached. VAT is collected by all sellers in each stage of the supply chain (suppliers, manufacturers, distributors, and retailers all collect VAT on taxable sales). Similarly, all pay VAT on their purchases. (suppliers, manufacturers, distributors, retailers, and end consumers). Businesses must track and document the VAT they pay on purchases to receive a credit for the VAT paid on their tax return. Potential advantages It is easier for the consumer to understand and acknowledge It is easier for firms to pay indirect taxes than consumers Countries can levy import duties to protect their domestic economy It is effective in reducing demand and overcoming market failures by adjusting social behavior (e.g. cigarette tax can contribute to reducing cigarette consumption) Potential disadvantages Indirect taxes tend to affect those with lower incomes due to their regressive nature. That is, the tax paid will be the same for different income groups. (those with lower incomes will commit a higher percentage of their income than those with higher incomes) It can encourage tax evasion. (for example, cigarette taxes can increase the black market) Direct Tax Direct tax is based on the economic principle that whoever has more resources or earns higher incomes must pay a higher tax burden, and is also considered the unavoidable tax. In other words, there is no choice but to pay. GST Overview The GST or Goods and Services Tax is a kind of VAT (Value-Added Tax) levied on most goods and services sold for domestic consumption. The tax is included in the final price and paid by consumers at the point of sale and passed on to the government by the seller.The GST is usually taxed as a single rate across the country, simplifying the tax system and reducing tax evasion. Warning: The list below is indicative only. Please use it as an example as it changes regularly as new countries adopt or change their GST schemes. List of Countries with GST Australia Canada India Malaysia Maldives New Zealand Papua New Guinea Singapore Article written by Luiz C. Mariani | Published June 2023 Reference sources: Wikipedia (www.wikipedia.org ); Investopedia (www.investopedia.com ); Global VAT Compliance (www.globalvatcompliance.com ); European Union (european-union.europa.eu )

RUN SAP BETTER Template Web Security Network Protocols Firewall Web Security Network Protocols Firewall Web Security Network Protocols Firewall Web Security Network Protocols Firewall Web Security Network Protocols Firewall Web Security Network Protocols Firewall Web Security Network Protocols Firewall Web Security Network Protocols Firewall Header 1 Header 2 xxxx

Topics: Operating Systems | Debian | Linux | Network Protocols | Kernel Up Linux What is Linux? Linux Distros (Distributions Full List) Debian Operating System User Interface (UI) | CLI vs GUI SSH (Secure Shell) | Remote Access Installing Packages Hostname Timezone Mounting an SMB Drive Change Mode (chmod) | Access Permission File Hierarchy Structure SAMBA (SMB) Unattended Upgrades Certificates Bash Scripting Executing Bash Scripts on Multiple Remote Servers Commands What is Linux? What is Linux? Most people think of Linux as another operating system, just like Windows or Mac OS, that must be installed on a computer, rather than as a Kernel or a family of operating systems. This is an easy explanation, abstract enough to bring some sense and understanding to people. What is a Kernel? The kernel is the essential foundation of a computer's operating system (OS). It is the core that provides basic services for all other parts of the OS. It is the main layer between the OS and underlying computer hardware, and it helps with tasks such as process and memory management, file systems, device control and networking. Summary Linux is basically a Kernel. But in simpler terms, Linux is a technology. To make it clearer, you can comparing operating systems with cars : Windows | It is a complete car, with motorcycles, wheels, windows and steering wheel. You use this car to make all your activities, travelling, commuting to work (it is a popular car) and almost everyone that you know has a similar model. Microsoft do that car from the beginning to the end (all components), and Microsoft has an absolute control over all features and how it will looks like. Microsoft will lease that car for you through a license, and from time to time it launches some new models. Mac OS | It is a very similar car, but free. The difference is you can only use the card if you live in a determined city, that Apple controls (Apple's devices). Living in this city can be very expensive, despite the car is free. You can do all your activities with this car in that city, but everytime you try to leave that city with the car, you will face some difficulties. In both cases, you would be a customer of Microsoft and Apple, driving their cars. Linux | Linux wouldn't be a complete car, but an essential component, like an engine. It can be used to create different types of cars. You don't need to pay for your Linux engine, so you are not a Linux's customer and nobody will tell you what you can do with the engine. If you transform this engine in a motorcycle, that's up to you. With the engine you receives a manual, explaining how it works and how to assemble it. The Linux engine is assemble for many companies around the world. But now you are thinking that it's not possible to drive a engine, you need all the other components to make a car. And that where systems based on Linux are born, or distribution (distros). A very common Linux-based operating system is Ubuntu. Linux was created by "Linus Torvalds", a Finnish developer, in 1991. Linux Distros (Distributions Full List) This is a list of the most relevant Linux distributions categorized by distros-based and their respective variants. Linux Distros Distributions Based / Variants Description Debian Debian-based Debian (a portmanteau of the names "Deb" and "Ian") Linux is a distribution that emphasizes free software. It supports many hardware platforms. Debian and distributions based on it use the .deb package format[2] and the dpkg package manager and its frontends (such as apt or synaptic) Ubuntu Debian-based Ubuntu (named after the Nguni philosophy of ubuntu) is a distribution based on Debian, designed to have regular releases, a consistent user experience and commercial support on both desktops and servers. Edubuntu Debian-based > Ubuntu-based (Current Official Variants) A complete Linux based operating system that was targeted for primary and secondary education. Outdated versions are freely available with community-based support. The Edubuntu community is built on the ideas enshrined in the Edubuntu Manifesto: that software, especially for education, should be available free of charge and that software tools should be usable by people in their local language and despite any disabilities.[6] Kubuntu Debian-based > Ubuntu-based (Current Official Variants) An official derivative of Ubuntu Linux using KDE instead of the GNOME (or Unity) desktop environment used by default in Ubuntu.[7] Lubuntu Debian-based > Ubuntu-based (Current Official Variants) An official derivative of the Ubuntu operating system that is "lighter, less resource hungry and more energy-efficient", using the LXQt desktop environment (used LXDE before 18.10).[8][9][10] Ubuntu Budgie Debian-based > Ubuntu-based (Current Official Variants) An official derivative of Ubuntu using Budgie. Ubuntu Cinnamon Debian-based > Ubuntu-based (Current Official Variants) An official derivative of Ubuntu using the Cinnamon desktop environment.[11] Ubuntu Kylin Debian-based > Ubuntu-based (Current Official Variants) An official derivative aimed at the Chinese market. Ubuntu MATE Debian-based > Ubuntu-based (Current Official Variants) An official derivative of Ubuntu using MATE, a desktop environment forked from the now-defunct GNOME 2 code base, with an emphasis on the desktop metaphor.[12] Ubuntu Server Debian-based > Ubuntu-based (Current Official Variants) An official derivative made for use in servers & IBM mainframes. Ubuntu Server handles mail, controls printers, acts as a fileserver, can host LAMP and more.[13] Ubuntu Studio Debian-based > Ubuntu-based (Current Official Variants) Based on Ubuntu, providing open-source applications for multimedia creation aimed at the audio, video and graphic editors.[14] Ubuntu Unity Debian-based > Ubuntu-based (Current Official Variants) An official derivative of Ubuntu using the Unity desktop environment.[15][16] Xubuntu Debian-based > Ubuntu-based (Current Official Variants) An official derivative of Ubuntu using Xfce. Xubuntu is intended for use on less-powerful computers or those who seek a highly efficient desktop environment on faster systems, and uses mostly GTK applications.[17] Gobuntu Debian-based > Ubuntu-based (Discontinued Official Variants) Gobuntu was an official derivative of the Ubuntu operating system, aiming to provide a distribution consisting entirely of free software. It was officially announced by Mark Shuttleworth on July 10, 2007, and daily builds of Gobuntu 7.10 began to be publicly released. The project ended around the release of 8.04 and has since merged into mainline Ubuntu as a 'free software' option.[18] Mythbuntu Debian-based > Ubuntu-based (Discontinued Official Variants) Based on Ubuntu and MythTV, providing applications for recording TV and acting as a media center.[19] On 4 November 2016 the development team announced the end of Mythbuntu as a separate distribution, citing insufficient developers. Ubuntu GNOME Debian-based > Ubuntu-based (Discontinued Official Variants) Formerly an official Ubuntu variant,[20] but since the main Ubuntu 17.10, which uses GNOME Shell as its default desktop and GDM as its display manager, this distro has been merged into mainline releases.[21] Ubuntu JeOS Debian-based > Ubuntu-based (Discontinued Official Variants) "Just Enough OS" – was described as "an efficient variant [...] configured specifically for virtual appliances".[22] Since the release of Ubuntu 8.10 it has been included as an option as part of the standard Ubuntu Server Edition. Ubuntu Mobile Debian-based > Ubuntu-based (Discontinued Official Variants) An embedded operating system designed for use on mobile devices. The operating system will use Hildon from maemo as its graphical frontend. Ubuntu Touch is a successor to Ubuntu Mobile. Ubuntu Netbook Edition Debian-based > Ubuntu-based (Discontinued Official Variants) Netbook Edition was an official derivative of Ubuntu designed for netbooks using the Intel Atom processor. Starting from Ubuntu 11.04, Ubuntu Netbook Edition has been merged into the desktop edition.[23] Ubuntu TV Debian-based > Ubuntu-based (Discontinued Official Variants) Designed for use with TVs.[24] BackBox Debian-based > Ubuntu-based (Unofficial Variants) BackBox is a Linux distribution based on Ubuntu. It has been developed to perform penetration tests and security assessments. Designed to be fast, easy to use and provide a minimal yet complete desktop environment, thanks to its own software repositories, always being updated to the latest stable version of the most used and best known ethical hacking tools.[25] Bodhi Linux Debian-based > Ubuntu-based (Unofficial Variants) An Ubuntu-based Linux distribution featuring the Moksha Desktop environment and targeting users who want a minimum of preinstalled software or low system requirements.[26] Cub Linux Debian-based > Ubuntu-based (Unofficial Variants) Ubuntu-based distribution designed to mimic the desktop appearance and functionality of ChromeOS.[27][28][29] dyne:bolic Debian-based > Ubuntu-based (Unofficial Variants) Live CD geared toward multimedia (audio and video) production, but comes with other non-media specific application (e.g. word processor, desktop publisher)[30] EasyPeasy Debian-based > Ubuntu-based (Unofficial Variants) Fork of Ubuntu designed for netbooks[31] Eeebuntu Debian-based > Ubuntu-based (Unofficial Variants) Specifically for the Eee PC range of netbooks, based on Debian. Also rebranded as Aurora OS.[32] Element OS Debian-based > Ubuntu-based (Unofficial Variants) Based on Xubuntu, made for Home theater PCs[33] Elive Debian-based > Ubuntu-based (Unofficial Variants) A light-weight Linux distribution featuring the Enlightenment desktop, designed to be simple and suitable for new Linux users who want a fully functional environment. elementary OS Debian-based > Ubuntu-based (Unofficial Variants) A distribution focusing mainly on non-technical users, has a pay what you want model.[34] Emmabuntüs Debian-based > Ubuntu-based (Unofficial Variants) Based on Xubuntu designed to facilitate the repacking of computers donated to Emmaüs Communities.[35] GalliumOS Debian-based > Ubuntu-based (Unofficial Variants) A Linux distribution for ChromeOS devices by the community-supported GalliumOS project. Gallium is based on Xubuntu and maintains compatibility with the Ubuntu repositories.[36] GendBuntu Debian-based > Ubuntu-based (Unofficial Variants) A version adapted for use by France's National Gendarmerie. Goobuntu Debian-based > Ubuntu-based (Unofficial Variants) An Ubuntu-based distribution that was used internally by Google (until changing to non-Ubuntu, Debian-based GLinux); not available outside of Google gOS Debian-based > Ubuntu-based (Unofficial Variants) Used the GNOME desktop environment with user interface enhancements to make it work more like Mac OS X, it also featured Google Apps, Picasa, Google Gadgets and other web-based applications, and came with Wine 1.0 pre-installed. Now discontinued. Joli OS Debian-based > Ubuntu-based (Unofficial Variants) Joli OS (formerly named Jolicloud) is in development and Pre-beta testing. Joli OS is built upon Debian and Ubuntu 9.10, but is tweaked to be more suitable for computers that have weaker specifications in terms of disk storage, memory and screen size. It is designed to run on relatively low-powered netbook computers.[37] Karoshi Debian-based > Ubuntu-based (Unofficial Variants) A formerly PCLinuxOS-based distribution designed for use in schools.[38] KDE neon Debian-based > Ubuntu-based (Unofficial Variants) Focused on the development of KDE. The emphasis is on bleeding edge software packages sourced directly from KDE and offers programmers early access to new features, but potentially at the cost of greater susceptibility to software bugs.[39] LiMux Debian-based > Ubuntu-based (Unofficial Variants) A project by the city council of Munich, Germany Linux Caixa Mágica Debian-based > Ubuntu-based (Unofficial Variants) Portuguese Linux distribution.[40] Linux Lite Debian-based > Ubuntu-based (Unofficial Variants) The purpose of Linux Lite is to introduce Windows users to Linux, and provide them with a comfortable and useful user experience. It is designed to be simple and suitable for new Linux users who want a lightweight, highly responsive, and fully functional environment.[41] Linux Mint Debian-based > Ubuntu-based (Unofficial Variants) Linux Mint synchronizes its release-cycle with Ubuntu's long-term support, and is tailored to user-friendliness for desktop users.[42] Linux Mint Debian Edition (LMDE) is Mint's Debian stable based version. Its purpose is to use Debian base packages/kernel under the hood should Ubuntu ever disappear. It's also used by Mint developers to develop their Cinnamon desktop. LinuxMCE Debian-based > Ubuntu-based (Unofficial Variants) Linux Media Center Edition, a Kubuntu-based distribution that provides in-depth HTPC functionality as well as home automation.[43] LinuxTLE Debian-based > Ubuntu-based (Unofficial Variants) A Thai Linux distribution. Not maintained.[44] LliureX Debian-based > Ubuntu-based (Unofficial Variants) A distribution by the Generalitat Valenciana[45] LXLE Linux Debian-based > Ubuntu-based (Unofficial Variants) A light-weight Linux distribution based on Lubuntu, using the LXDE desktop environment.[46] MAX Debian-based > Ubuntu-based (Unofficial Variants) Stands for MAdrid LinuX. Used in education.[47] Maya OS Debian-based > Ubuntu-based (Unofficial Variants) A distribution developed by Indian Ministry of Defence.[48] Molinux Debian-based > Ubuntu-based (Unofficial Variants) Ubuntu based initiative to introduce the Castile-La Mancha community in Spain to the information society.[49] Netrunner Debian-based > Ubuntu-based (Unofficial Variants) Kubuntu based distribution with complete software and codecs installed, developed by Blue Systems (also sponsoring Kubuntu and LinuxMintKDE).[50] Nova Debian-based > Ubuntu-based (Unofficial Variants) Cuban state-sponsored distribution developed at the University of Information Science, Havana. Formerly based on Gentoo. OpenGEU Debian-based > Ubuntu-based (Unofficial Variants) Ubuntu based distribution with Enlightenment window manager, previously known as Geubuntu.[51] Peppermint OS Debian-based > Ubuntu-based (Unofficial Variants) A light-weight LXDE distribution for cloud applications through its own Ice Framework using the Chromium Web Browser. Based on Lubuntu[52] Pinguy OS Debian-based > Ubuntu-based (Unofficial Variants) An Ubuntu-based distro for people that have never used Linux before or for people that want an out-of-the-box working OS without having to tweak a fresh installation of Ubuntu or other Ubuntu-based distro.[53] Pop! OS Debian-based > Ubuntu-based (Unofficial Variants) An Ubuntu-based distro developed by System76 predominantly for use on hardware that they manufacture. Poseidon Linux Debian-based > Ubuntu-based (Unofficial Variants) For academic and scientific use. Based on Ubuntu, but enhanced by GIS/maps, numerical modelling, 2D/3D/4D visualization, statistics, tools for creating simple and complex graphics, programming languages. Sabily Debian-based > Ubuntu-based (Unofficial Variants) Ubuntu based distribution for Muslims (formerly Ubuntu Muslim Edition)[54] Unmaintained SuperGamer Debian-based > Ubuntu-based (Unofficial Variants) A Live DVD distribution focused on gaming formerly based on VectorLinux. Trisquel GNU/Linux Debian-based > Ubuntu-based (Unofficial Variants) Fully free-software system without proprietary software or firmware and uses the Linux-libre kernel deblob script, based on Ubuntu LTS Releases[55] UberStudent Debian-based > Ubuntu-based (Unofficial Variants) For higher education and advanced secondary students, those who teach them, and lifelong learners[56] Ututo Debian-based > Ubuntu-based (Unofficial Variants) Ututo UL ("Ubuntu-Libre") Distributes Simusol, a system to simulate Solar Energy projects, returned to the heart of the project. Discontinued.[57] Vinux Debian-based > Ubuntu-based (Unofficial Variants) A Linux distribution designed for visually impaired users[58] Wubuntu Debian-based > Ubuntu-based (Unofficial Variants) Former LinuxFX. Also known as "Windows Ubuntu". The distribution aims to imitate Microsoft operating system Windows 10.[59][60] Zorin OS Debian-based > Ubuntu-based (Unofficial Variants) Zorin OS is a user-friendly distribution that can emulate Microsoft Windows or macOS. It is meant for users unfamiliar with Linux.[61] Knoppix Debian-based Knoppix (a portmanteau of the surname Knopper from Klaus Knopper and Unix) itself is based on Debian. It is a live distribution, with automated hardware configuration and a wide choice of software, which is decompressed as it loads from the drive.[62] Damn Small Linux Debian-based > Knoppix-based A small Linux distro designed to run on older hardware. It is commonly used on virtual machines due to low memory requirements.[63] Feather Linux Debian-based > Knoppix-based Boots from either a CD or a USB flash drive. Uses Knoppix-based hardware detection and the Fluxbox window manager.[64] antiX Debian-based > Other Variants It is comparatively lightweight and suitable for older computers, while also providing kernel and applications, as well as updates and additions via the Aptitude and Debian-compatible repositories. Astra Linux Debian-based > Other Variants A Russian Linux-based computer operating system developed to meet the needs of the Russian army, other armed forces and intelligence agencies.[65] It provides data protection up to the level of "top secret" in Russian classified information grade. It has been officially certified by Russian Defense Ministry, Federal Service for Technical and Export Control[66] and Federal Security Service.[67] BOSS (Bharat OS) Debian-based > Other Variants An Indian Linux distribution[68] Canaima Debian-based > Other Variants A Venezuelan Linux distribution.[69] Corel Linux Debian-based > Other Variants Short-lived commercial desktop Linux distribution, bought by Xandros Linux.[70] CrunchBang Linux Debian-based > Other Variants A small Linux Distro and Live CD based on Debian Stable, featuring the Openbox window manager and tint2 panel with GTK+ applications.[71] Development has ended for CrunchBang as of February, 2015.[72] Deepin Debian-based > Other Variants A Debian-based Chinese Linux Distribution developed by Wuhan Deepin Technology Co. Devuan Debian-based > Other Variants A fork of Debian begun in 2014 with the primary goal of allowing user choice in init systems, by decoupling software packages from systemd.[73] DoudouLinux Debian-based > Other Variants A discontinued distribution intended for children. Dreamlinux Debian-based > Other Variants A discontinued Brazilian Linux distribution. Emdebian Grip Debian-based > Other Variants A small-footprint Linux distribution based on and compatible with Debian, intended for use on resource-limited embedded systems.[74] Finnix Debian-based > Other Variants A small system-administration Live CD that is available for multiple architectures[75] gLinux Debian-based > Other Variants gLinux is a Linux Distro used for Google Employees. gNewSense Debian-based > Other Variants Originally based on Ubuntu and later upon Debian, and developed with sponsorship from the Free Software Foundation. Its goal is user-friendliness, but with all proprietary (e.g. binary blobs) and non-free software removed. grml Debian-based > Other Variants Live CD for system recovery[76] HandyLinux Debian-based > Other Variants Designed for senior citizens running old computers for which Windows has become too slow[77] Kali Linux Debian-based > Other Variants Made to be a completely customizable OS, used for penetration testing. It is based on Debian and is used mostly by security experts.[78] Originally named BackTrack (named after the homonym class of backtracking algorithms), it is developed by Offensive Security.[79] In March 2013, the Offensive Security team rebuilt BackTrack on Debian and released it under the name Kali Linux.[80] Kali NetHunter Debian-based > Other Variants Mobile version based on Kali Linux. Kanotix Debian-based > Other Variants An installable live DVD/CD for desktop usage using KDE and LXDE, focusing on convenient scripts and GUI for ease of use.[81] LEAF Project Debian-based > Other Variants The Linux Embedded Appliance Framework. A tiny primarily floppy-based distribution for routers, firewalls and other appliances.[82] Libranet Debian-based > Other Variants A discontinued operating system based on Debian. LiMux Debian-based > Other Variants An ISO 9241 industry workplace certified Linux distribution, deployed at the City of Munich, Germany.[83] LMDE Debian-based > Other Variants A Debian-based version of Linux Mint that does not use any elements of Ubuntu linux, maintained to ensure continuity should Ubuntu stop being maintained or other issue effecting the core Mint distribution.[84] Maemo Debian-based > Other Variants A development platform for hand held devices such as the Nokia N800, N810, and Nokia N900 Internet Tablets and other Linux kernel–based devices.[85] MEPIS Debian-based > Other Variants A discontinued OS that focused on ease of use. Significant derivatives include antiX and MX Linux. MintPPC Debian-based > Other Variants For PowerPC computers. Although MintPPC uses some Linux Mint Debian Edition code, it is not Linux Mint.[86] Musix GNU+Linux Debian-based > Other Variants Intended for music production, graphic design, audio, video editing, and other tasks. It is built with only free software.[87] MX Linux Debian-based > Other Variants A midweight OS based on Debian Stable with core components from antiX and using Xfce, offering simple configuration, high stability, solid performance and medium-sized footprint.[88] NepaLinux Debian-based > Other Variants A Debian- and Morphix-based distribution focused for desktop usage in Nepali language computing.[89] OpenZaurus Debian-based > Other Variants Debian packages and ROM image for the Sharp Zaurus PDA. Replaced by Ångström distribution.[90] Pardus Debian-based > Other Variants Developed by Turkish National Research Institute of Electronics and Cryptology. Prior to 2013 it used PISI as the package manager, with COMAR as the configuration framework. Starting with Pardus 2013, it is Debian-based. Parrot OS Debian-based > Other Variants A Linux distribution based on Debian used by penetration testers. Parsix[91] Debian-based > Other Variants Optimized for personal computers and laptops. Built on top of Debian testing branch and comes with security support.[92] PelicanHPC Debian-based > Other Variants Dedicated to setting up a computer cluster.[93] PureOS Debian-based > Other Variants A Linux distribution based on Debian with a focus on privacy, security, and convenience.[94][95][96][97] Q4OS Debian-based > Other Variants A light-weight Linux distribution with Trinity and Plasma desktop environments.[98] Raspberry Pi OS Debian-based > Other Variants Desktop-oriented distribution, formerly known as Raspbian. Developed by the Raspberry Pi Foundation as the official OS for their family of low-power Raspberry Pi single-board computers. SolydXK Debian-based > Other Variants Xfce and KDE desktop focused on stability, security and ease of use.[99] SparkyLinux Debian-based > Other Variants A Debian-based Linux distribution which provides ready to use, out of the box operating system with a set of slightly customized lightweight desktops. Sparky is targeted to all the computer's users who want replace existing, proprietary driven OS to an open-sourced.. Sunwah Linux Debian-based > Other Variants A Chinese Linux distribution[100] TAILS (Amnesic Incognito) Debian-based > Other Variants The Amnesic Incognito Live System' or Tails is aimed at preserving privacy and anonymity, with all outgoing connections forced to go through Tor.[101] TurnKey Linux Debian-based > Other Variants Open source project developing a family of free, Debian-based appliances optimized for ease of use in server-type usage scenarios.[102] Based on Debian since 2012; previously based on Ubuntu. Twister OS Debian-based > Other Variants Raspberry Pi OS based distribution using Xfce with themes based on other OSes intended for the Raspberry Pi, RK3399 CPU, and x86-64 architecture. Univention Corporate Server Debian-based > Other Variants Enterprise distribution with integrated IT infrastructure and identity management system by the company Univention GmbH, Germany. A full version for up to 5 users for tests and for private use can be downloaded for free.[103] Webconverger Debian-based > Other Variants Debian Live-based browser only distribution, similar to ChromeOS. However based on Firefox and dwm, with no user sign-in, no special hardware required and designed for public places.[104] Vyatta Debian-based > Other Variants Commercial open source network operating system includes routing, firewall, VPN, intrusion prevention and more. Designed to be an open source Cisco replacement.[105] VyOS Debian-based > Other Variants Free routing platform. Because VyOS is run on standard amd64, i586 and ARM systems, it is able to be used as a router and firewall platform for cloud deployments. Pacman Pacman-based Pacman is a package manager that is capable of resolving dependencies and automatically downloading and installing all necessary packages. It is primarily developed and used by Arch Linux and its derivatives. Arch Linux Pacman-based Arch Linux is an independently developed, x86-64 general-purpose Linux distribution that strives to provide the latest stable versions of most software by following a rolling-release model. The default installation is a minimal base system, configured by the user to only add what is purposely required. Antergos Pacman-based > Arch Linux-based Antergos is a discontinued Linux distribution based on Arch Linux. Arch Linux ARM Pacman-based > Arch Linux-based Port of Arch Linux for ARM processors. ArchBang Pacman-based > Arch Linux-based Based on Arch Linux, but also provides Live CDs with working system and graphical installation scripts; uses i3 as default window manager. Artix Linux Pacman-based > Arch Linux-based Based on Arch Linux, but using Dinit, OpenRC, Runit, or s6 as init system instead of systemd. ArchLabs Pacman-based > Arch Linux-based Based on Arch Linux, with a custom installer, offers many choices of desktop environments and window managers. BlackArch Pacman-based > Arch Linux-based A cybersecurity-focused OS based on Arch Linux. It is designed to test security and run penetration tests. It includes window managers preconfigured, but no desktop environment. EndeavourOS Pacman-based > Arch Linux-based Continuation of Antergos, featuring a graphical installer capable of installing KDE Plasma (default, offline), Budgie, Cinnamon, Deepin, GNOME, i3, Xfce, LXQt, and MATE. Garuda Linux Pacman-based > Arch Linux-based A distribution based on gaming.[106] Hyperbola GNU/Linux-libre Pacman-based > Arch Linux-based An Arch and Debian derivative without any blobs, without systemd support and with OpenRC as its default init system. Packages are built for i686 and x64. Unlike Arch, Hyperbola uses the long-term support model like Debian. LinHES Pacman-based > Arch Linux-based LinHES (Linux Home Entertainment Server) designed for use on home theater PCs (HTPCs), providing applications for recording TV and acting as a sound and video center. Manjaro Pacman-based > Arch Linux-based Based on Arch Linux, using its own repositories and ships with either Xfce, Plasma, GNOME, or the CLI as the default desktop environment. Additional community-driven editions are available that use MATE, Cinnamon, Openbox, Awesome, i3, BSPWM, or Budgie as a base. Parabola GNU/Linux-libre Pacman-based > Arch Linux-based An Arch derivative without any blobs, plus various added packages. Packages are also built for ARMv7 in addition to i686 and x64. MATE and text-mode distributions available. SteamOS Pacman-based > Arch Linux-based Arch-based and gaming-focused distribution developed by Valve and designed for the Steam digital distribution platform and Steam Deck. Before version 3.0, was previously based on Debian. SystemRescue Pacman-based > Arch Linux-based Linux System rescue toolkit. Previously based on Gentoo, it has been based on Arch Linux since version 6.0.0 Chakra Linux Pacman-based > Other Variants Originally derived from Arch Linux, with the latest KDE. For now uses the Pacman utility for package management. Strives to be Qt-only. Discontinued.[107] Frugalware Linux Pacman-based > Other Variants A general purpose Linux distribution designed for intermediate users. Has some influences from Slackware, and uses a heavily modified version of pacman, Pacman-G2, a fork of a cvs version of the complete rewrite of Pacman-G1 by Aurelien Foret (the old monolithic Pacman-G1 is written by Judd Vinet). The packages are tar archives compressed using xz.[108] KaOS Pacman-based > Other Variants An independent 64-bit only rolling-release Linux distribution inspired by Arch that features the latest KDE Plasma environment and the Qt toolkit.[109] RPM (Red Hat Package Manager) RPM-based Red Hat Linux and SUSE Linux were the original major distributions that used the .rpm file format, which today is used in several package management systems. Both of these were later divided into commercial and community-supported distributions. Red Hat Linux was divided into a community-supported but Red Hat-sponsored distribution named Fedora, and a commercially supported distribution called Red Hat Enterprise Linux, whereas SUSE Linux was divided into openSUSE and SUSE Linux Enterprise. Fedora RPM-based Fedora is a community supported distribution. It aims to provide the latest software while maintaining a completely Free Software system RHEL (Red Hat Enterprise Linux) RPM-based > Fedora-based Red Hat Enterprise Linux is a commercial open-source Linux distribution developed by Red Hat for the commercial market. AlmaLinux RPM-based > Fedora-based > RHEL-based A 100% community owned and governed alternative CentOS as a Red Hat Enterprise Linux rebuild. Governed by the AlmaLinux OS Foundation. Asianux RPM-based > Fedora-based > RHEL-based A Linux distribution co-developed between Red Flag Software Co., Ltd., Miracle Linux Corp. and Haansoft, INC., focused on Chinese, Japanese and Korean support. ClearOS RPM-based > Fedora-based > RHEL-based A Linux distribution designed for use in small and medium enterprises. Fermi Linux LTS RPM-based > Fedora-based > RHEL-based Based on Scientific Linux.[111] Miracle Linux RPM-based > Fedora-based > RHEL-based A Linux distribution developed by Cybertrust Japan Co., Ltd., aims to be compatible with Red Hat Enterprise Linux. Oracle Linux RPM-based > Fedora-based > RHEL-based Supported by Oracle. Aims to be fully compatible with Red Hat Enterprise Linux. Red Flag Linux RPM-based > Fedora-based > RHEL-based A Linux distribution developed in China and optimized for the Chinese market. Based on Asianux. Rocks Cluster Distribution RPM-based > Fedora-based > RHEL-based A Linux distribution for building a High-Performance Computing computer cluster, with a recent release supporting Cloud computing. It is based on Red Hat Enterprise Linux but with extensions to support large multi-node heterogeneous systems for clusters (HPC), Cloud, and Data Warehousing (in development). Rocky Linux RPM-based > Fedora-based > RHEL-based A Linux distribution that is currently in development by the CentOS founder, Gregory Kurtzer, aims to be compatible with Red Hat Enterprise Linux. Scientific Linux RPM-based > Fedora-based > RHEL-based A discontinued Linux distribution co-developed by Fermi National Accelerator Laboratory and the European Organization for Nuclear Research (CERN), which aims to be compatible with and based on Red Hat Enterprise Linux. Asahi Linux RPM-based > Fedora-based > Other Variants Port of Linux to Apple silicon-powered Macs. Amazon Linux 2 RPM-based > Fedora-based > Other Variants Amazon Linux 2 is available as an Amazon Machine Image (AMI) for use on Amazon Elastic Compute Cloud (Amazon EC2). It is also available as a Docker container image and as a virtual machine image for use on Kernel-based Virtual Machine (KVM), Oracle VM VirtualBox, Microsoft Hyper-V, and VMware ESXi Berry Linux RPM-based > Fedora-based > Other Variants A medium-sized Fedora-based distribution that provides support in Japanese and English. BLAG Linux and GNU RPM-based > Fedora-based > Other Variants A completely free software distribution. CentOS Stream RPM-based > Fedora-based > Other Variants Community-supported Linux distribution originally based on RHEL and well suited for servers. Now sponsored by Red Hat.[112] EnGarde Secure Linux RPM-based > Fedora-based > Other Variants Server-only Linux distribution designed to be secure.[113] Fuduntu RPM-based > Fedora-based > Other Variants Designed to fit in somewhere between Fedora and Ubuntu. Hanthana RPM-based > Fedora-based > Other Variants Designed to cater the needs of Sri Lankan computer users who are unable to access Internet frequently, with many most-wanted applications built in. Korora RPM-based > Fedora-based > Other Variants Initially aimed at easy installation of a Gentoo system by using install scripts instead of manual configuration. Now based on Fedora. Linpus Linux RPM-based > Fedora-based > Other Variants Focused on the Chinese market, along with Linpus Lite focused on the netbook market. Linux XP RPM-based > Fedora-based > Other Variants Fedora-based shareware distribution designed to imitate the Windows environment using GNOME. MeeGo RPM-based > Fedora-based > Other Variants Built by Intel and Nokia, intended for mobile phones (mainly Nokia N9) and tablets. It is based on Moblin together with Maemo. Moblin RPM-based > Fedora-based > Other Variants Built around the Intel Atom processor; supplanted by Meego when Intel and (temporarily) Nokia combined activities Network Security Toolkit RPM-based > Fedora-based > Other Variants A live CD/DVD with security and networking tools to perform routine security and networking diagnostic and monitoring tasks. Qubes OS RPM-based > Fedora-based > Other Variants Focused on security for desktop users. Based on an "ancient" Fedora release which is said to be upgraded under YUM. Red Star OS RPM-based > Fedora-based > Other Variants A North Korean Linux distribution developed at the Korea Computer Center (KCC). It is offered only in a Korean language edition, localized with North Korean terminology and spelling. Russian Fedora Remix RPM-based > Fedora-based > Other Variants A remix of Fedora. Sailfish OS RPM-based > Fedora-based > Other Variants Built by Jolla, Sailfish OS is a 4th generation mobile Linux system ported to a line of Sony Xperia handsets, with community ports available to alternative devices. Sugar-on-a-Stick Linux RPM-based > Fedora-based > Other Variants An educational operating system, originally designed for the One-Laptop-Per-Child project. Yellow Dog Linux RPM-based > Fedora-based > Other Variants For the PowerPC platform. openSUSE RPM-based openSUSE is a community-developed Linux distribution, sponsored by SUSE. It maintains a strict policy of ensuring all code in the standard installs will be from FOSS solutions, including Linux kernel Modules. SUSE's enterprise Linux products are all based on the codebase that comes out of the openSUSE project GeckoLinux RPM-based > openSUSE-based A distribution with a focus on polish and out-of-the-box desktop usability. It is available in Static and Rolling versions, based on openSUSE Leap and Tumbleweed. SUSE Linux Enterprise RPM-based > openSUSE-based Comes in two variations. SUSE Linux Enterprise Desktop (previously branded Novell Linux Desktop) is a desktop-oriented Linux distribution supplied by SUSE and targeted at the enterprise market. SUSE Linux Enterprise Server is a server-oriented Linux distribution targeted at the business market. Mandriva RPM-based Mandriva Linux is open-source distribution (with exceptions), discontinued in 2011. The first release was named Mandrake Linux and based on Red Hat Linux (version 5.1) and KDE 1 in July 1998. It had since moved away from Red Hat's distribution and became a completely separate distribution. The name was changed to Mandriva, which included a number of original tools, mostly to ease system configuration. Mandriva Linux was the brainchild of Gaël Duval, who wanted to focus on ease of use for new users. The last stable version was in 2011. Mandriva's developers moved to Mageia[114] and OpenMandriva Mageia RPM-based > Mandriva-based A community Linux distribution initially forked from Mandriva Linux in response to the discontinuation of free versions of Mandriva Linux. ROSA Linux RPM-based > Mandriva-based A Russian distribution available in three different editions: ROSA Desktop Fresh, ROSA Enterprise Desktop and ROSA Enterprise Linux Server, with the latter two aiming at commercial users. Its desktop editions come bundled with proprietary software such as Adobe Flash Player, multimedia codecs and Steam. OpenMandriva RPM-based > Mandriva-based A fork of Mandriva Linux by the OpenMandriva Association. ALT Linux RPM-based > Other Variants ALT Linux is a set of RPM-based operating systems built on top of the Linux kernel and Sisyphus packages repository. ALT Linux has been developed collectively by ALT Linux Team developers community and ALT Linux Ltd. Caldera OpenLinux RPM-based > Other Variants A Linux distribution originally introduced by Caldera and later developed by its subsidiary Caldera Systems. It was later developed by Caldera International (which bought SCO and was renamed The SCO Group). The distribution is no longer produced. Last release: 3.1.1 – Jan. 30, 2002 PCLinuxOS RPM-based > Other Variants A rolling release Linux Live CD distribution. Originally based on Mandrake 9.2. Later rebased on Mandriva 2007. Red Hat Linux RPM-based > Other Variants Split into Fedora Core and Red Hat Enterprise Linux. The last official release of the unsplit distribution was Red Hat Linux 9 in March 2003. SUSE Linux RPM-based > Other Variants Split into openSUSE and SUSE Linux Enterprise. Think Blue Linux RPM-based > Other Variants A port of Linux to IBM S/390 (later, zSeries) mainframe computers, done by the Millenux subsidiary of German company Thinking Objects Software GmbH. Discontinued in 2006. Turbolinux RPM-based > Other Variants Originally based on Red Hat Linux. Vine Linux RPM-based > Other Variants A Japanese distribution originally based on Red Hat Linux. Gentoo Gentoo-based Gentoo is a distribution designed to have highly optimized and frequently updated software.[116] Distributions based on Gentoo use the Portage package management system with emerge[117] or one of the alternative package managers Calculate Linux Gentoo-based Calculate Linux is a family of distributions. ChromeOS Gentoo-based Google's Linux-based operating system used on various Chromebooks, Chromeboxes and tablet computers. It is primarily Internet-based, launching each app within the Chrome browser. The OS features a user interface that looks very similar to Chrome instead of GNOME, Cinnamon, LXQt, Xfce, etc. ChromiumOS Gentoo-based Free and open-source version of ChromeOS. Clip OS Gentoo-based Created by ANSSI, the National Cybersecurity Agency of France and based on hardened Gentoo, it's aimed to secure sensitive information which meets the needs of the French Administration. Container Linux Gentoo-based Linux distribution by CoreOS designed for clustered and containerized deployments with update subscription Pentoo Gentoo-based Penetration-testing Live CD. Sabayon Linux Gentoo-based Discontinued Italian made Linux distribution based on Funtoo. It followed the "out of the box" philosophy, aiming to give the user a wide number of applications ready to use and a self-configured operating system. Like Gentoo, Sabayon used the rolling release model; it used a customized version of Red Hat's Anaconda Installer and included a Media Center application. Slackware Slackware-based Slackware is a highly customizable distribution that stresses ease of maintenance and reliability over cutting-edge software and automated tools. It is generally considered a distribution for advanced users Absolute Linux Slackware-based A Light-weight Linux distribution based on Slackware Austrumi Linux Slackware-based Slackware-based Live CD distribution. Dormant as of 2023.[119] Damn Vulnerable Linux Slackware-based Damn Vulnerable Linux (DVL) is a discontinued Linux distribution geared toward computer security students. KateOS Slackware-based A desktop distribution aimed at intermediate users. It uses Xfce as its default desktop environment. No longer in development. MuLinux Slackware-based Floppy-based Linux distribution with replaceable modules NimbleX Slackware-based Completely customizable through the NimbleX website. Now no longer producing new versions. Platypux Slackware-based A French Linux distribution of the Slackware family. Porteus Slackware-based A small and portable Linux distro focused on speed. Salix OS Slackware-based Originally a fork of Zenwalk, Salix is a complete Linux distribution fully backwards compatible with Slackware. It uses Xfce, KDE, LXDE, Fluxbox or Ratpoison as its default desktop environment. Salix OS is available as 32 and 64bit version, and also as Live CD versions. Sentry Firewall Slackware-based A firewall, server, or intrusion detection system distribution Slackintosh Slackware-based An unofficial port of Slackware to the PowerPC architecture Debian Operating System Debian had a long history. Founded in 1993 by Ian Murdock, it is one of the early Linux distributions and one that is the basis for many other Linux distributions. Debian releases are named for characters from the Toy Story movies. Debian 1.1 Buzz (June 17th, 1996): Named for the Buzz Lightyear. Debian 1.2 Rex (December 12th, 1996): Named for the plastic dinosaur in the Toy Story movies. Debian 1.3 Bo (June 5th, 1997): Named for Bo Peep, the shepherdess. Debian 2.0 Hamm (July 24th, 1998): Named for the piggy-bank in the Toy Story movies. Debian 2.1 Slink (March 9th, 1999): Named for the slinky-dog in the movie. Debian 2.2 Potato (15 August 2000): Named for "Mr Potato Head" in the Toy Story movies. Debian 3.0 Woody (19 July 2002): Named for the main character the Toy Story movies: "Woody" the cowboy. Debian 3.1 Sarge (6 June 2005): Named for the sergeant of the Green Plastic Army Men. Debian 4.0 Etch (8 April 2007): Named for the sketch toy in the movie. Debian 5.0 Lenny (February 2009): Named for the wind up binoculars in the Toy Story movies. Debian 6.0 Squeeze (February 2011): Named for the green three-eyed aliens. Debian 7.0 Wheezy (May 2013): Named for the rubber toy penguin with a red bow tie. Debian 8 Jessie (April 2015): Named for the cow girl doll who first appeared in Toy Story 2. Debian 9 Stretch (June 2017): Named for the toy rubber octopus with suckers on her eight long arms that appeared in Toy Story 3. Debian 10 Buster (July 2019): Named for Andy's pet dog, received as Christmas present in the end of Toy Story. Debian 11 Bullseye (August 14th, 2021): Named for Woody's wooden toyhorse that appeared in Toy Story 2. User Interface (UI) | CLI vs GUI Usually there are two different interfaces available in all operating systems. These interfaces are Command Line Interface (CLI) and Graphical User Interface (GUI). What are the different types of UIs (User Interfaces)? CLI (Command-Line Interface) | A command-line interface is a means of interacting with a computer program by inputting lines of text called command-lines. Command-line interfaces emerged in the mid-1960s, on computer terminals, as an interactive and more user-friendly alternative to the non-interactive interface available with punched cards. GUI (Graphical User Interface) | A graphical user interface is a form of user interface that allows users to interact with electronic devices through graphical icons and visual indicators such as secondary notation. In many applications, GUIs are used instead of text-based UIs, which are based on typed command labels or text navigation. Linux GUI | Graphical User Interface Linux provides variety of GUI known as desktop environment. Each desktop environment has peculiar features. The most popular and widely used desktop environments available on Linux are: GNOME | GNOME is bundled as the default desktop environment for many distributions, including RHEL, Fedora, CentOS, SUSE Linux Enterprise, and Debian. GNOME has menu-based navigation KDE | KDE is another popular desktop environment, KDE is often used in SUSE and openSUSE XFCE | XFCE is a free and open-source desktop environment for Linux and other Unix-like operating systems. Xfce aims to be fast and lightweight while still being visually appealing and easy to use. It embodies the traditional Unix philosophy of modularity and re-usability LXDE | LXDE (Lightweight X11 Desktop Environment) is a free, open-source desktop environment for Linux that is designed to be fast, energy-efficient, and lightweight. It's a good choice for older or resource-constrained computers, such as netbooks, mobile devices, or cloud computers Unity | In Unity, the graphical user interface (GUI) is a subset of the user interface (UI) that includes graphical representations like images, animations, and icons SSH (Secure Shell) | Remote Access Secure Shell (SSH) is a network protocol that allows users to securely connect to and access computers, routers, and servers over an unsecured network. SSH is often used for remote logins, file transfers, and managing applications. Key Features Encryption: SSH encrypts communication between computers, making it suitable for use on insecure networks Remote access: SSH allows users to remotely log in to and perform operations on other computers File transfer: SSH enables users to securely transfer files between computers Tunneling: SSH also enables tunneling Automated access: SSH tools can be used by non-human entities to access other devices with little to no human intervention SSH Design: The first version of SSH designed in 1995 by Tatu Ylönen, a researcher at Helsinki University of Technology in Finland. How to access Linux terminal remotely through Windows It is possible to access the Linux terminal remotely using Windows PowerShell through SSH (Secure Shell). Installing SSH on Linux For non-root users, use the command "sudo " to perform administrative tasks Update the list of available packages and their versions stored | Command: apt update Install SSH | Command: apt install openssh-server Accessing SSH On Windows, open "Powershell" Establish connection | Command: SSH @ Example: SSH johnsmith@10.10.1.217 When connection question pops up, choose "Yes " Insert your "Password" The Linux Terminal will be connected Accessing SSH using "Root" User On Linux machine, open the Terminal For non-root users, use the command "sudo " to perform administrative tasks (Optional) If you've never used "root" user before, change password | Command: sudo passwd root Inform your password to elevate your "sudo" rights, than inform the "root" password, and confirm it Edit the SSH config to "Permit Root Login" | Command: nano /etc/ssh/sshd_config Find the line "#PermitRootLogin prohibit-password " and change to "PermitRootLogin yes " Press "Ctrl+X", yes to save it Restart the SSH service 1 Option | Restart only the SSH service | Command: systemctl restart ssh 2 Option | Restart the Linux machine | Command: shutdown -r now Try to access again with "root" user (see all steps above ) | Command: ssh root@ Installing Packages How to install packages on Ubuntu with one command line. Preparing to install the packages For non-root users, use the command "sudo " to perform administrative tasks It is recommended run the update command (if your system is not updated) | Command: apt update Than, check if you already have the package | Command: --version Installing the desired packages Netstat | Command: apt install net-tools Netstat derived from the words network and statistics and it is a command-line utility used by system administrators for analyzing network statistics. It displays a whole manner of statistics such as open ports and corresponding addresses on the host system, routing table, and masquerade connections NMap | Command: apt install nmap Nmap is a powerful network discovery and security auditing utility that is free, open-source, and easy to install. Nmap scans for vulnerabilities on your network, performs inventory checks, and monitors host or service uptime, alongside many other useful features. Snap | Command: apt install snapd Snap is a software packaging and deployment system developed by Canonical for operating systems that use the Linux kernel and the systemd init system Curl | Command: apt install curl Curl (Client URL) is a command-line tool used for transferring data with various protocols, including HTTP, HTTPS, FTP, and many more. Ubuntu, being one of the most popular Linux distributions, often has curl available in its software repositories. This allows users to easily install and update curl using Ubuntu’s package management tools like apt Crontab | Command: apt install cron The cron command-line utility is a job scheduler on Unix-like operating systems. Users who set up and maintain software environments use cron to schedule jobs, also known as cron jobs, to run periodically at fixed times, dates, or intervals. Hostname How to check and manage hostname For non-root users, use the command "sudo " to perform administrative tasks Check your current Hostname | Command: hostname Check additional Hostname information | Command: hostnamectl Change the Hostname | Command: hostnamectl set-hostname Example: ho stnamectl set-hostname ubuntu Linux | Timezone How to check and manage timezone For non-root users, use the command "sudo " to perform administrative tasks Check your current Timezone | Command: timedatectl Verify the list of all timezones | Command: timedatectl list-timezones Or you can find the right timezone per city | Command: timedatectl list-timezones | grep Example: timedatectl list-timezones | grep London Change the Timezone | Command: timedatectl set-timezone Example: timedatectl set-timezone Europe/London Check your new T imezone | Command: timedatectl Linux | Mounting an SMB Drive How to Mount an SMB Drive on Ubuntu Mount an SMB P assword-Pr otected S hare Drive Open your Linux Terminal For non-root users, use the command ' sudo' to perform administrative tasks Install CIFS | Command: apt install cifs-utils Create the Mount Directory | Command: mkdir Example: mkdir /mnt/smb-media (Optional) Check details about file systems | Command: stat Example: stat /mnt/smb-media File System Info | Access: (0777 /drwxrwxrwx) UID: (0 /root) GID: (0 /root) Changing Directory Permission | If you need change the directory permission | Check it here Mount the SMB Drive | Command: mount -t cifs -o username=,password=,uid=0,gid=0,rw,nounix,iocharset=utf8,file_mode=0777,dir_mode=0777 /// Example: mount -t cifs -o username=JohnSmith ,password=Secret123 ,uid=0,gid=0,rw,nounix,iocharset=utf8,file_mode=0777,dir_mode=0777 //192.168.0.115/storage /mnt/smb-media (Optional) If you want to mount a specific directory inside the SMB drive | //// | Example: //192.168.115/storage/media Verify that SMB is mounted correctly | Command: ls Example: ls /mnt/smb-media Auto-mount on boot an SMB Password-Protected Share Drive Permanently Open your Linux Terminal For non-root users, use the command 'sudo' to perform administrative tasks Install CIFS | Command: apt install cifs-utils Create the Mount Directory | Command: mkdir Example: mkdir /mnt/smb-media Edit the 'fstab' file | Command: nano /etc/fstab Add this line | /// cifs username=,password= 0 0 Example: //192.168.0.115/storage /mnt/smb-media cifs username=JohnSmith,password=Secret123 0 0 (Optional) If you want to mount a specific directory inside the SMB drive | //// | Example: //192.168.115/storage/media Reload the new 'fstab' version | Command: systemctl daemon-reload Mount the SMB Drive | Command: mount Example: mount /mnt/smb-media Verify that SMB is mounted correctly | Command: ls Example: ls /mnt/smb-media Unmount the SMB Drive 1 Option | Unmount the drive (Optional) If you are inside the drive, leave the directory or it will be currently busy | Command: cd Unmount the Drive| Command: umount -i Example: umount -i /mnt/smb-media 2 Option | Unmount the permanent drive Edit the 'fstab' file| Command: nano /etc/fstab Remove the previous added line | /// cifs username=,password= 0 0 Reload the new 'fstab' version | Command: systemctl daemon-reload (Optional) If you are inside the drive, leave the directory or it will be currently busy | Command: cd Unmount the Drive| Command: umount -i Example: umount -i /mnt/smb-media 3 Option | Unmount the drive if the target is busy or currently in use (be careful) | Laze Unmount (Optional) Verify the processes | Command: lsof | grep Example: lsof | grep /mnt/smb-media Leave the directory | Command: cd Unmount the Drive (laze unmount)| Command: umount -l Example: umount -l /mnt/smb-media Linux | Change Mode (chmod) | Access Permission Purpose The chmod, or change mode, command allows an administrator to set or modify a file’s permissions. Every UNIX/Linux file has an owner user and an owner group attached to it, and every file has permissions associated with it. The permissions are as follows: Read, Write, or Execute. Application UNIX/Linux systems have many users. In this context, a user may refer to an individual or a system operation. UNIX/Linux identifies each user with a UID, and users may be organized into groups. Syntax Chmod Syntax for Files| Command: chmod Example: chmod 720 readme.txt Chmod Syntax for Directories| Command: chmod Example: chmod 777 /mnt/sharedfolder Each number in the mode parameter represents the permissions for a user or group of users: The first number represents the file’s owner The second number represents the file’s group The third number represents everyone else The Change Mode (chmod) Parameters Reference Table below shows the eight numbers that can be used within the chmod parameter. The RWX specifies Read, Write, and Execute access, offering a binary value for each operation. 1 = "Yes" 0 = "No" If RWX reads 110, then that permission may Read and Write, but not Execute. Parameters Reference Number 0 | None | RWX 000 Number 1 | Execute Only | RWX 001 Number 2 | Write Only | RWX 010 Number 3 | Write and Execute | RWX 011 Number 4 | Read Only | RWX 100 Number 5 | Read and Execute | RWX 101 Number 6 | Read and Write | RWX 110 Number 7 | Read, Write, and Execute | RWX 111 Example 1 Access Code = 720 7 = File’s owner may Read, Write and Execute the file 2 = File’s group may only Write the file 0 = All others cannot access the file Example 2 Access Code = 600 6 = File’s owner may Read and Write the file 0 = File’s group cannot access the file 0 = All others cannot access the file Linux | File Hierarchy Structure Linux file hierarchy structure describes the directory structure and it's contents in Unix and Unix-like Operating systems. It is maintained by Linux Foundation. /bin /bin | This directory contains executable programs which are needed in single user mode and to bring the system up or repair it /usr/X11R6/bin | Binaries which belong to the X-Window system; often, there is a symbolic link from the more traditional /usr/bin/X11 to here. /usr/bin | This is the primary directory for executable programs. Most programs executed by normal users which are not needed for booting or for repairing the system and which are not installed locally should be /usr/local/bin | Binaries for programs local to the site. It contains binaries of the third-party apps we install. Any local executable that didn't come with the Linux install may get it's place here /boot /dev /etc /lib /media /mnt /opt /home /var /usr /tmp /sys /proc /root /sbin | It contains the binaries for root users /etc/ssl/certs/ /etc/ssh/sshd_config /etc/passwd Linux | SAMBA (SMB) Samba is an open-source software package that allows users to share files and print services across a network, including between Linux and Windows systems. It's a common way to network Ubuntu and Windows computers. Samba uses the Server Message Block (SMB) and Common Internet File System (CIFS) protocols, making it available to clients running Linux, macOS, and Windows. It's a useful service for organizations that support multiple operating systems, and can also be useful on networks that are homogeneous. Here are some things Samba can do: File sharing : Samba allows users to share files, directories, and print services across a network Access permissions : Samba allows users to grant read, write, and anonymous access permissions on a shared directory Authentication and authorization : Samba supports authentication and authorization Name resolution : Samba supports name resolution, such as DNS Service announcements : Samba supports service announcements between Linux/Unix servers and Windows clients Install and Configure Samba on Ubuntu Open your Linux Terminal For non-root users, use the command "sudo " to perform administrative tasks Install Samba | Command: apt install samba (Optional) Check the installation | Command: whereis samba Output Example: samba: /usr/sbin/samba /usr/lib/samba /etc/samba /usr/share/samba /usr/share/man/man7/samba.7.gz /usr/share/man/man8/samba.8.gz (Optional) Create a directory to share | Command: mkdir /home/public Configuring Samba File, o pen the CONF file | Command: nano /etc/samba/smb.conf Copy and paste the lines below in the bottom of the file and save it: Lines: [share] comment = Ubuntu File Server Share path = /home/public browsable = yes guest ok = yes read only = no create mask = 0755 Restart the service | Command: service smbd restart (Optional) Maybe you need to adjust your firewall | Command: ufw allow samba * Warning : Your directory maybe not showing in the Windows Network, but it is there, and you can map it as network drive Linux | Certificates How to add a Certificate on Ubuntu Issue your Certificate Open your Linux Terminal For non-root users, use the command "sudo " to perform administrative tasks (Optional) If your system id not updated | Update Ubuntu | Command: apt update (Optional) If you don't have the CA-Certificate | Command: apt install ca-certificates -y 1 Option | If you already have your Certificate file in the system Go to certificate directory | Command: cd Copy the certificate to right directory | Command: cp local-ca.crt /usr/local/share/ca-certificates 2 Option | Create the certificate ".crt" file direct in the directory Go to Certificate directory | Command: cd /usr/local/share/ca-certificates Create the file ".crt" | Command: nano .crt Example: nano myCert.crt Copy and Past you Certificate key to the file, exit "Ctrl+X" and Save it Update the Certificates | Command: update-ca-certificates The CA trust store (as generated by update-ca-certificates) will be available, as a single file (PEM bundle), at /etc/ssl/certs/ca-certificates.crt You can check the file | Command: nano /etc/ssl/certs/ca-certificates.crt Linux | Unattended Upgrades Check the Debian Unattended Upgrades page: https://wiki.debian.org/UnattendedUpgrades Install Unattended Upgrades on Ubuntu Open your Linux Terminal For non-root users, use the command "sudo " to perform administrative tasks Install Unattended-Upgrades package | Command: apt-get install unattended-upgrades apt-listchanges Configuring Unattended Upgrades Copy file | Command: cp /etc/apt/apt.conf.d/50unattended-upgrades /etc/apt/apt.conf.d/52unattended-upgrades-local Configure the unattended upgrades | Command: nano /etc/apt/apt.conf.d/52unattended-upgrades-local This '50' file will be overwritten by '52': /etc/apt/apt.conf.d/50unattended-upgrades Configure '20auto-upgrades' | Command: dpkg-reconfigure unattended-upgrades Confirm with 'yes ' This file is modified (you can also configure directly) | File: /etc/apt/apt.conf.d/20auto-upgrades Configure 'apt-listchanges' | Command: nano /etc/apt/listchanges.conf Changing Schedules Update Schedule | Command: systemctl edit apt-daily.timer Restart Schedule | Command: systemctl restart apt-daily.timer (Optional) Checking Status | Command: systemctl status apt-daily.timer Original schedule file | File: /lib/systemd/system/apt-daily.timer Recommended to not change the original, but if you do, reload it | Command: systemctl daemon-reload Gets overridden by | File: /etc/systemd/system/apt-daily.timer.d/override.conf Upgrade Schedule | Command: systemctl edit apt-daily-upgrade.timer Restart Schedule | Command: systemctl restart apt-daily-upgrade.timer (Optional) Checking Status | Command: systemctl status apt-daily-upgrade.timer Original schedule file | File: /lib/systemd/system/apt-daily-upgrade.timer Recommended to not change the original, but if you do, reload it | Command: systemctl daemon-reload Gets overridden by| File: /etc/systemd/system/apt-daily-upgrade.timer.d/override.conf Verifying Unattended Upgrades (Optional) Manual Run | Command: unattended-upgrade -d (Optional) Check Unattended Upgrades Log | Command: nano /var/log/unattended-upgrades/unattended-upgrades.log Warnings Email: To receive emails, you need to set up email first (using postfix for example) and then set up unattended updates Schedule: You only check the agenda correctly the next day, after the calendar is reset correctly Config Files Example of how to override the download time via 'apt-daily.timer' [Unit] Description=Daily apt download activities [Timer] OnCalendar= OnCalendar=*-*-* 6,18:00 RandomizedDelaySec=12h Persistent=true [Install] WantedBy=timers.target Example of how to override the download time via 'apt-daily-upgrade.timer' [Unit] Description=Daily apt upgrade and clean activities After=apt-daily.timer [Timer] OnCalendar= OnCalendar=*-*-* 06:00 RandomizedDelaySec=2h Persistent=true [Install] WantedBy=timers.target Example of 'listchanges.conf' [apt] frontend=pager which=both email_address=root email_format=text confirm=false headers=false reverse=false save_seen=/var/lib/apt/listchanges.db Bash Scripting How to Create and Execute Bash scripts Script naming conventions By naming convention, bash scripts end with ".sh" . However, bash scripts can run perfectly fine without the "sh" extension. Adding the Shebang Bash scripts start with a "shebang ". Shebang is a combination of "bash # " and "bang ! " followed by the bash shell path. This is the first line of the script. Shebang tells the shell to execute it via bash shell. Shebang is simply an absolute path to the bash interpreter. Bash Shell Path | Command: which bash Examples of the shebang statement: #! /bin/bash #! /user/bin/bash Creating your Bash Script For non-root users, use the command "sudo " to perform administrative tasks Creating a directory to your script | Command: mkdir Example: mkdir /home/script Creating the file name with "touch" | Command: touch Example: touch /home/script/update.sh Assign execution rights to your user, to make the script executable | Command: chmod u+x Example: chmod u+x /home/script/update.sh "chmod " modifies the ownership of a file for the current user "u " " +x " adds the execution rights to the current user. This means that the user who is the owner can now run the script "update.sh" is the file we wish to run Open with editor "nano" to create your script | Command: nano Example: nano /home/script/ update.sh Write your Script | Check the example below to update your Ubuntu When you finish it, press Ctrl+X and Save To run your script | Command: bash Example: bash /home/script/ update.sh Other example: sh /home/script/ update.sh Example to run the update --- #! /bin/bash # Update and Upgrade apt-get update; apt-get dist-upgrade -y # Remove and Clean apt-get autoremove; apt-get autoclean #Write a Log echo "Update Run: `date`" >> /home/script/ update.log # End exit --- Executing Bash Scripts on Multiple Remote Servers How to access a remote server bypassing the password prompt You can use a RSA Keypair to bypass the password request. Open your Linux Terminal on Local Server For non-root users, use the command "sudo " to perform administrative tasks Generating a RSA Keypair | Command: ssh-keygen Enter file in which to save the key: Blank Passphrase: Blank Confirm Passphrase: Blank Two files will be created Example: "id_rsa" ans "id_rsa.pub" You can see the files in the ssh directory | Command: cd ~/.ssh Copy the keypair to the Remote Server | Command: ssh-copy-id @ Example: ssh-copy-id root@ubuntu.home.arpa You can see the rsa keypair copied | Command: cat ~/.ssh/authorized_keys Now you can log in without a password | Command: ssh @ Example: ssh root@ubuntu.home.arpa How to run a local script on a remote server You can use the options below to run a local script on a remote server without having the script on your remote server. Option 1 | Command: ssh user@remote_server 'bash -s' < localfile Option 2 | Command: ssh user@remote_server "$(< localfile)" Option 3 | Command: cat localfile | ssh user@remote_server How to run a local script on multiple remote servers You can create a script to run a script on multiple remote servers. Username = This is the username of your remote server Hosts = This is your remote servers Script = This is your command to run your script (see options above) Example: --- #! /bin/bash USERNAME="root" HOSTS="ubuntu1.home.arpa ubunt2.home.arpa" SCRIPT="bash -s < /home/update.sh" for HOSTNAME in ${HOSTS} do ssh -l ${USERNAME} ${HOSTNAME} "${SCRIPT}" done --- Linux | Commands ssh - Secure Shell command in Linux sudo - Command to escalate privileges in Linux ls - The most frequently used command in Linux to list directories pwd - Print working directory command in Linux cd - Linux command to navigate through directories mkdir - Command used to create directories in Linux mv - Move or rename files in Linux cp - Similar usage as mv but for copying files in Linux rm - Delete files or directories touch - Create blank/empty files ln - Create symbolic links (shortcuts) to other files cat - Display file contents on the terminal clear - Clear the terminal display echo - Print any text that follows the command less - Linux command to display paged outputs in the terminal man - Access manual pages for all Linux commands uname - Linux command to get basic information about the OS whoami - Get the active username tar - Command to extract and compress files in Linux grep - Search for a string within an output head - Return the specified number of lines from the top tail - Return the specified number of lines from the bottom diff - Find the difference between two files cmp - Allows you to check if two files are identical comm - Combines the functionality of diff and cmp sort - Linux command to sort the content of a file while outputting export - Export environment variables in Linux zip - Zip files in Linux unzip - Unzip files in Linux service - Linux command to start and stop services ps - Display active processes kill and killall - Kill active processes by process ID or name df - Display disk filesystem information mount - Mount file systems in Linux chmod - Command to change file permissions chown - Command for granting ownership of files or folders ifconfig - Display network interfaces and IP addresses traceroute - Trace all the network hops to reach the destination wget - Direct download files from the internet ufw - Firewall command iptables - Base firewall for all other firewall utilities to interface with apt, pacman, yum, rpm - Package managers depending on the distro cal - View a command-line calendar alias - Create custom shortcuts for your regularly used commands dd - Majorly used for creating bootable USB sticks whereis - Locate the binary, source, and manual pages for a command whatis - Find what a command is used for top - View active processes live with their system usage useradd and usermod - Add new user or change existing users data passwd - Create or update passwords for existing users Command Description Type Example Comments ar -xvf .tar Unpack a tar file Compress tar -cvf .tar Pack a directory into a tar file Compress unzip Unzip a file Compress zip Zip a file Compress df -alh Show free disk spaces for each block device Disk du -h ./* Display the disk usage of files under the current directory Disk lsblk Show block devices Disk chmod Change file access. File Access chmod 720 readme.txt Example of mode "(Access-code): 720, 600. Check the article about chmod chown [:] Change file owner File Access cat Print file content File Content grep -e Search regex pattern in file File Content grep Search texts in file File Content head -n Show first few lines in file File Content tail -f Follow file changes File Content tail -n Show last few lines in file File Content cd Change current directory File Management cp -Rf Copy directory File Management cp Copy file File Management find . -iname Find files File Management find . -type f Find all files File Management ls List files in the current directory File Management ls -alh List files in the current directory with details File Management mkdir Create an empty directory File Management mv Move file or directory File Management pwd Show current directory File Management rm -Rf Remove a non-empty directory File Management rm Remove file File Management rmdir Remove an empty directory File Management touch Create a new empty file File Management apk add net-tools Install netstat Netstat sudo apk add net-tools Netstat is command-line utility to analyze network and statistics apt install net-tools Install netstat Netstat sudo apt install net-tools Netstat is command-line utility to analyze network and statistics emerge -a sys-apps/net-tools Install netstat Netstat sudo emerge -a sys-apps/net-tools Netstat is command-line utility to analyze network and statistics netstat -ai Display Network Interface Statistics Netstat If you don't have the Netstat, you just need install it netstat -ant Show Network Connections Netstat If you don't have the Netstat, you just need install it netstat -nr Viewing the Network Routing Table Netstat If you don't have the Netstat, you just need install it netstat -pnltu Show Network Services Netstat If you don't have the Netstat, you just need install it netstat -v Check the version of netstat installed Netstat If you don't have the Netstat, you just need install it pacman -S net-tools Install netstat Netstat sudo pacman -S net-tools Netstat is command-line utility to analyze network and statistics yum install net-tools Install netstat Netstat sudo yum install net-tools Netstat is command-line utility to analyze network and statistics zypper install net-tools Install netstat Netstat sudo zypper install net-tools Netstat is command-line utility to analyze network and statistics curl Download data from url Network curl -o Download data from url to local file Network ifconfig List network configuration Network netstat -an List all ports opened Network ping Ping network connectivity Network ping 8.8.8.8 apt install [=] Install packages Packages apt-get --purge remove Uninstall packages Packages apt-get update Update the apt package index Packages sudo apt-get update htop List all processes in an advanced terminal UI Process kill -9 Kill a process with SIGKILL (the strongest killing signal) Process kill Kill a process with SIGTERM Process ps aux List process Process top List all processes in a terminal UI Process systemctl enable Enable a service to start as system starts Service Management systemctl list-units List all units Service Management systemctl list-units --type=service List all service units Service Management systemctl restart Restart a service Service Management systemctl start Start a service Service Management systemctl status Check a service status Service Management systemctl stop Stop a service Service Management --help Display this help System wireshark --help --version Check installed program version System wireshark --version hostname Show hostname System lsb_release -a Display Linux release information System man Display the user manual System man groups Show de manual of the command groups reboot now Reboot system now System shutdown -h now Shutdown system now System sudo Super User privileges to run commands System Temporarily elevate your current user account to have root privileges uname -a Display information about your system System adduser Add a User to a Group User Management adduser john001 group1 chgrp Change group ownership User Management chgrp wireshark /usr/bin/dumpcap Changes the group of the file or directory specified by the File or Directory parameter to the group specified by the Group parameter deluser Delete a user User Management sudo deluser john001 gpasswd -d Remove a User from a Group User Management gpasswd -d john001 group1 groupadd Create a system group User Management groupadd group1 groups Check a User Group User Management groups John001 usermod -aG Add a User to a Group (Another way) User Management usermod -aG John001 group1 Allows users to change the settings of existing user accounts vigr Allows to edit some designated files safely User Management vigr -g -g (/etc/group), -p (/etc/passwd), -s (/etc/shadow and /etc/gshadow) References: Wikipedia (www.wikipedia.org ); Google (www.google.com ); Oracle (www.oracle.com ); Raspberry PI (www.raspberrypi.org ); Microsoft (www.microsoft.com ); CloudFlare (www.cloudflare.com )

There are different types and levels of certifications. There are basically 3 levels being the associate the first level and the more easy to pass and the professional more difficult. The associate you can basically pass just studying the sap books, courses and training available by SAP, but the other levels you will need to have deeper knowledge, with more technical part, that you can only have it, after some time working as a SAP consultant. Career change guide for SAP Understanding the SAP Market When you come across opportunities in the market, you will see many different types of requirements, but you need to keep a few guidelines in mind. Interns do not need to have experience Junior Consultants do not master processes Consultants do not manage teams Senior Consultants do not make strategic decisions Certifications There are different types and levels of certifications. You can see all in the link below: Valid Certification : https://training.sap.com/certification/validity There are basically 3 levels being the associate the first level and the more easy to pass and the professional more difficul. The associate you can basically pass just stutying the sap books, courses and training available by SAP, but the other levels you will need to have deeper knowledge, with more techinical part, that you can only have it, after some time working as a SAP consultant. But dont you worry, most os the consultants has only the associate level, even the 15 years of experiences type of consultant. Level Associate Level Specialist Level Professional SAP FI Finance Certification Traning Code: C_TS4FI_2021 SAP Certified Application Associate - SAP S/4HANA for Financial Accounting Associates Level: Associate SAP Version: SAP S/4HANA 2021 Exam: 80 questions Duration: 180 mins Cut Score: 63% UK Certification Exam Price: £175.00 (GBP) + Taxes (One Attempt) Languages: German, English, Spanish, French, Japanese, Portuguese, Chinese Topic Area % Content Price Duration URL Course Financial Closing > 12% £6,810.00 10 Days [+] TS4F02 (Financial Accounting in SAP S/4HANA - Academy Part II) General Ledger Accounting > 12% £6,810.00 10 Days [+] TS4F01 (Financial Accounting in SAP S/4HANA - Academy Part I) Accounts Payable & Accounts Receivable > 12% £6,810.00 10 Days [+] TS4F01 (Financial Accounting in SAP S/4HANA - Academy Part I) Asset Accounting > 12% £6,810.00 10 Days [+] TS4F02 (Financial Accounting in SAP S/4HANA - Academy Part II) Organizational Assignments and Process Integration > 12% £6,810.00 10 Days [+] TS4F01 (Financial Accounting in SAP S/4HANA - Academy Part I) Overview and Deployment of SAP S/4HANA < 8% £6,810.00 10 Days [+] TS4F01 (Financial Accounting in SAP S/4HANA - Academy Part I) Topic Areas Content Financial Closing Perform month and year-end closing in Financial Accounting (exchange rate valuation, post provisions etc.), create balance sheet, create profit and loss statements, monitor closing operations using the Financial Closing Cockpit, post accruals with accrual documents and recurring entry documents, and manage posting periods. General Ledger Accouting Create and maintain general ledger accounts, exchange rates, bank master data and define house banks. Create and reverse general ledger transfer postings, post cross-company code transactions, create profit centers and segments. Clear an account and define and use a chart of accounts. Maintain tolerances, tax codes, and post documents with document splitting. Accounts Payable & Accounts Receivable Create and maintain business partners, post invoices and payments and use special g/l transactions, reverse invoices and payments, block open invoices for payment, configure the payment program, and manage partial payments. Define the customizing settings for the Payment Medium Workbench, use the debit balance check for handling payments, define terms of payment and payment types, explain the connection of customers to vendors, describe integration with procurement and sales. Asset Accounting Create and maintain charts of depreciation and the depreciation areas, asset classes, asset master data, and configure and perform FI-AA business processes in the SAP system. Set up valuation and depreciation, perform periodic and year-end closing processes, and explain and configure parallel accounting. Organizational Assignments and Process Integration Manage Organizational Units, currencies, configure Validations and Document Types, utilize Reporting Tools, configure Substitutions, and manage Number ranges. Overview and Deployment of SAP S/4HANA Explain the SAP HANA Architecture and describe the SAP S/4HANA scope and deployment options. SAP Training Locations UK Official Location: https://training.sap.com/training-locations/GB/London US Official Location: https://training.sap.com/training-locations/US/philadelphia-new-town-square BR Official Location (Partner): https://training.sap.com/training-locations/BR/sao-paulo-ka-solution-sap-training

The market for Data Brokers dealing personal data has a prominent role in the global economy. The increasing volume of personal data collection can build strong and accurate population profiles.You probably know some of the main Data Brokers: Experian, TransUnion, Equifax, CoreLogic, Epsilon, Acxiom​. Global Market Data Broker Experian | UK Credit Score Segmentation True Size of Countries Geographic Information Data Brokers The market for Data Brokers dealing personal data has a prominent role in the global economy. The increasing volume of personal data collection can build strong and accurate population profiles. The analysis of consumer groups and segments helps organizations to: Targeted offers Prospection Monetization of the customer portfolio Targeted communication Statistical modeling Market study (such as profile and consumption analysis) Geomarketing You probably know some of the main Data Brokers : Experian TransUnion Equifax CoreLogic Epsilon Acxiom Experian | UK Credit Score Segmentation Experian has a services called Mosaic. Mosaic is a comprehensive cross-channel consumer classification that groups together individuals likely to share similar demographics, lifestyles and behaviours into 15 summary groups and 66 detailed types by codes and names. Group Codes Groups Segment Codes Segments A City Prosperity A01 World-Class Wealth A02 Uptown Elite A03 Penthouse Chic A04 Metro High-Flyers B Prestige Positions B05 Premium Fortunes B06 Diamond Days B07 Alpha Families B08 Bank of Mum and Dad B09 Empty-Nest Adventure C Country Living C10 Wealthy Landowners C11 Rural Vogue C12 Scattered Homesteads C23 Village Retirement D Rural Reality D14 Satellite Settlers D15 Local Focus D16 Outlying Seniors C17 Far-Flung Outposts E Senior Security E18 Legacy Elders E19 Bungalow Haven E20 Classic Grandparents E21 Solo Retirees F Suburban Stability F22 Boomerang Boarders F23 Family Ties F24 Fledgling Free F25 Dependable Me G Domestic Success G26 Cafes and Catchments G27 Thriving Independence G28 Penthouse Chic G29 Mid-Career Convention H Aspiring Homemakers H30 Primary Ambitions H31 Affordable Fringe H32 First-Rung Futures H33 Contemporary Starts H34 New Foundations H35 Flying Solo I Family Basics I36 Solid Economy I37 Budget Generations I38 Economical Families I39 Families on a Budget J Transient Renters J40 Value Rentals J41 Youthful Endeavours J42 Midlife Renters J43 Renting Rooms K Municipal Tenants K44 Inner City Stalwarts K45 City Diversity K46 High Rise Residents K47 Single Essentials K48 Mature Workers L Vintage Value L49 Flatlet Seniors L50 Pocket Pensions L51 Retirement Communities L52 Estate Veterans L53 Seasoned Survivors M Modest Traditions M54 Down-to-Earth Owners M55 Back with the Folks M56 Self Supporters N Urban Cohesion N57 Community Elders N58 Culture & Comfort N59 Large Family Living N60 Ageing Access O Rental Hubs O61 Career Builders O62 Central Pulse O63 Flexible Workforce O64 Bus-Route Renters O65 Learners & Earners O66 Student Scene True Size of Countries The Mercator projection is a cylindrical map projection and it became the standard map projection for navigation because it is unique in representing north as up and south as down everywhere while preserving local directions and shapes. As a side effect, the Mercator projection inflates the size of objects away from the equator. In the transformation of a curved structure to the plane, a kind of deformation occurs so that there are the necessary adjustments to fit the object of study in that proposed form. Geographi c Information Check all the information in the table below. Country Land Area (Km²) Population Density (P/Km²) Afghanistan 652.860 42.239.854 65 Albania 27.400 2.832.439 103 Algeria 2.381.740 45.606.480 19 Andorra 470 80.088 170 Angola 1.246.700 36.684.202 29 Antigua and Barbuda 440 94.298 214 Argentina 2.736.690 45.773.884 17 Armenia 28.470 2.777.970 98 Australia 7.682.300 26.439.111 3 Austria 82.409 8.958.960 109 Azerbaijan 82.658 10.412.651 126 Bahamas 10.010 412.623 41 Bahrain 760 1.485.509 1.955 Bangladesh 130.170 172.954.319 1.329 Barbados 430 281.995 656 Belarus 202.910 9.498.238 47 Belgium 30.280 11.686.140 386 Belize 22.810 410.825 18 Benin 112.760 13.712.828 122 Bhutan 38.117 787.424 21 Bolivia 1.083.300 12.388.571 11 Bosnia and Herzegovina 51 3.210.847 63 Botswana 566.730 2.675.352 5 Brazil 8.358.140 216.422.446 26 Brunei 5.270 452.524 86 Bulgaria 108.560 6.687.717 62 Burkina Faso 273.600 23.251.485 85 Burundi 25.680 13.238.559 516 Côte d'Ivoire 318 28.873.034 91 Cabo Verde 4.030 598.682 149 Cambodia 176.520 16.944.826 96 Cameroon 472.710 28.647.293 61 Canada 9.093.510 38.781.291 4 Central African Republic 622.980 5.742.315 9 Chad 1.259.200 18.278.568 15 Chile 743.532 19.629.590 26 China 9.388.211 1.425.671.352 152 Colombia 1.109.500 52.085.168 47 Comoros 1.861 852.075 458 Congo (Congo-Brazzaville) 341.500 6.106.869 18 Costa Rica 51.060 5.212.173 102 Croatia 55.960 4.008.617 72 Cuba 106.440 11.194.449 105 Cyprus 9.240 1.260.138 136 Czechia (Czech Republic) 77.240 10.495.295 136 Democratic Republic of the Congo 2.267.050 102.262.808 45 Denmark 42.430 5.910.913 139 Djibouti 23.180 1.136.455 49 Dominica 750 73.040 97 Dominican Republic 48.320 11.332.972 235 Ecuador 248.360 18.190.484 73 Egypt 995.450 112.716.598 113 El Salvador 20.720 6.364.943 307 Equatorial Guinea 28.050 1.714.671 61 Eritrea 101 3.748.901 37 Estonia 42.390 1.322.765 31 Eswatini (fmr. "Swaziland") 17.200 1.210.822 70 Ethiopia 1.000.000 126.527.060 127 Fiji 18.270 936.375 51 Finland 303.890 5.545.475 18 France 547.557 64.756.584 118 Gabon 257.670 2.436.566 9 Gambia 10.120 2.773.168 274 Georgia 69.490 3.728.282 54 Germany 348.560 83.294.633 239 Ghana 227.540 34.121.985 150 Greece 128.900 10.341.277 80 Grenada 340 126.183 371 Guatemala 107.160 18.092.026 169 Guinea 245.720 14.190.612 58 Guinea-Bissau 28.120 2.150.842 76 Guyana 196.850 813.834 4 Haiti 27.560 11.724.763 425 Holy See - 518 1.295 Honduras 111.890 10.593.798 95 Hungary 90.530 10.156.239 112 Iceland 100.250 375.318 4 India 2.973.190 1.428.627.663 481 Indonesia 1.811.570 277.534.122 153 Iran 1.628.550 89.172.767 55 Iraq 434.320 45.504.560 105 Ireland 68.890 5.056.935 73 Israel 21.640 9.174.520 424 Italy 294.140 58.870.762 200 Jamaica 10.830 2.825.544 261 Japan 364.555 123.294.513 338 Jordan 88.780 11.337.052 128 Kazakhstan 2.699.700 19.606.633 7 Kenya 569.140 55.100.586 97 Kiribati 810 133.515 165 Kuwait 17.820 4.310.108 242 Kyrgyzstan 191.800 6.735.347 35 Laos 230.800 7.633.779 33 Latvia 62.200 1.830.211 29 Lebanon 10.230 5.353.930 523 Lesotho 30.360 2.330.318 77 Liberia 96.320 5.418.377 56 Libya 1.759.540 6.888.388 4 Liechtenstein 160 39.584 247 Lithuania 62.674 2.718.352 43 Luxembourg 2.590 654.768 253 Madagascar 581.795 30.325.732 52 Malawi 94.280 20.931.751 222 Malaysia 328.550 34.308.525 104 Maldives 300 521.021 1.737 Mali 1.220.190 23.293.698 19 Malta 320 535.064 1.672 Marshall Islands 180 41.996 233 Mauritania 1.030.700 4.862.989 5 Mauritius 2.030 1.300.557 641 Mexico 1.943.950 128.455.567 66 Micronesia 700 544.321 778 Moldova 32.850 3.435.931 105 Monaco 1 36.297 24.360 Mongolia 1.553.560 3.447.157 2 Montenegro 13.450 626.485 47 Morocco 446.300 37.840.044 85 Mozambique 786.380 33.897.354 43 Myanmar (formerly Burma) 653.290 54.577.997 84 Namibia 823.290 2.604.172 3 Nauru 20 12.780 639 Nepal 143.350 30.896.590 216 Netherlands 33.720 17.618.299 522 New Zealand 263.310 5.228.100 20 Nicaragua 120.340 7.046.310 59 Niger 1.266.700 27.202.843 21 Nigeria 910.770 223.804.632 246 North Korea 120.410 26.160.821 217 North Macedonia 25.220 2.085.679 83 Norway 365.268 5.474.360 15 Oman 309.500 4.644.384 15 Pakistan 770.880 240.485.658 312 Palau 460 18.058 39 Palestine State 6.020 5.371.230 892 Panama 74.340 4.468.087 60 Papua New Guinea 452.860 10.329.931 23 Paraguay 397.300 6.861.524 17 Peru 1.280.000 34.352.719 27 Philippines 298.170 117.337.368 394 Poland 306.230 41.026.067 134 Portugal 91.590 10.247.605 112 Qatar 11.610 2.716.391 234 Romania 230.170 19.892.812 86 Russia 16.376.870 144.444.359 9 Rwanda 24.670 14.094.683 571 Saint Kitts and Nevis 260 47.755 184 Saint Lucia 610 180.251 295 Saint Vincent and the Grenadines 390 103.698 266 Samoa 2.830 225.681 80 San Marino 60 33.642 561 Sao Tome and Principe 960 231.856 242 Saudi Arabia 2.149.690 36.947.025 17 Senegal 192.530 17.763.163 92 Serbia 87.460 7.149.077 82 Seychelles 460 107.66 234 Sierra Leone 72.180 8.791.092 122 Singapore 700 6.014.723 8.592 Slovakia 48.088 5.795.199 121 Slovenia 20.140 2.119.675 105 Solomon Islands 27.990 740.424 26 Somalia 627.340 18.143.378 29 South Africa 1.213.090 60.414.495 50 South Korea 97.230 51.784.059 533 South Sudan 610.952 11.088.796 18 Spain 498.800 47.519.628 95 Sri Lanka 62.710 21.893.579 349 Sudan 1.765.048 48.109.006 27 Suriname 156 623.236 4 Sweden 410.340 10.612.086 26 Switzerland 39.516 8.796.669 223 Syria 183.630 23.227.014 126 Tajikistan 139.960 10.143.543 72 Tanzania 885.800 67.438.106 76 Thailand 510.890 71.801.279 141 Timor-Leste 14.870 1.360.596 91 Togo 54.390 9.053.799 166 Tonga 720 107.773 150 Trinidad and Tobago 5.130 1.534.937 299 Tunisia 155.360 12.458.223 80 Turkey 769.630 85.816.199 112 Turkmenistan 469.930 6.516.100 14 Tuvalu 30 11.396 380 Uganda 199.810 48.582.334 243 Ukraine 579.320 36.744.634 63 United Arab Emirates 83.600 9.516.871 114 United Kingdom 241.930 67.736.802 280 United States of America 9.147.420 339.996.563 37 Uruguay 175.020 3.423.108 20 Uzbekistan 425.400 35.163.944 83 Vanuatu 12.190 334.506 27 Venezuela 882.050 28.838.499 33 Vietnam 310.070 98.858.950 319 Yemen 527.970 34.449.825 65 Zambia 743.390 20.569.737 28 Zimbabwe 386.850 16.665.409 43 References: Wikipedia (www.wikipedia.org ); World O Meters (www.worldometers.info ); Experian (www.experian.co.uk )

Topics: Brazil Localization | BR Country Version; Localized Processes in Purchasing (PTP/MM) and Sales (OTC/SD); Material Management (MM) Localization; SAP Third-Party Solution Partners (Graded); NF-e | Nota Fiscal | DANFE; Tax Engine (Thomson Reuters | Sabrix | OneSource GlobalNest IDT Customization Steps); CFOP; CNAE; Tax Regimes; Brazilian Tax Reform (New Brazilian VAT); SPED; ECD, EFD; ECF; e-Reporting Up Brazil Localization Tax Overview Brazilian Taxes Localized Processes in Purchasing (MM) and Sales (SD) Material Management (MM) Localization SAP Brazilian Tax Calculation Schema Brazilian Tax-O-Meter SAP Third-Party Solution Partners (Graded) NF-e | Nota Fiscal NF-e | Danfe Tax Engine (Thomson Reuters | Customization Steps) CFOP (Fiscal Code of Operations and Benefits) CNAE (National Classification of Economic Activities) Tax Regimes SPED (e-Reporting) Brazilian Tax Reform (New Brazilian VAT) Brazilian Taxes Tax / Fiscal terms Tribute (pt: Tributo)| It is an obligation to pay, created by law, imposed on taxpayers with the aim of managing the development of the State, since we live in society The Brazilian Federal Constitution classifies taxes into a list of 5 elements: Taxes Fees Improvement Contributions Compulsory Loans Special Contributions Fee (pt: Taxa)| It is a tax charged to a public administration activity that is directly or indirectly linked to the taxpayer, for the provision of a service that is paid for by the State The fee will be found in most public services, such as: Court Fees Traffic Fines (as this is a police power) Fire fees Urban Waste Collection Fees Tax (pt: Imposto) | Unlike other tributes, such as fees and contributions, this is an unlinked tax, that is, it is due by the taxpayer regardless of any consideration from the State It is considered the most important tribute in the country. Among the main taxes in Brazil, we can mention: ICMS, IPI, ISS, IR and other Classification Direct (pt: Diretos) | Direct taxes are those that directly affect the income, assets and economic activities of individuals and companies, such as Income Tax, IPVA, ITR, IPTU, ISS, among others Indirect (pt: Indiretos) | Indirect taxes are those that are levied on goods, services and commercial transactions, reflecting on the final price of products and services, such as ICMS, IPI, PIS, COFINS, among others Additional (pt: Adicional) | When the taxable event is represented by the payment of another tax. As an example, we have the additional 10% of the Income Tax, Legal Entity Fixed (pt: Fixo) | When determined in a specific amount, regardless of calculations. For example, the ISS for independent professionals Proportional (pt: Proporcional) | When established as a single percentage incident on the value of the taxable material, the tax amount increases only when the basic value for calculation increases (ICMS, IPI and ISS, when incident on revenue) Progressive (pt: Progressivo) | When the rates are set at variable and increasing percentages, according to the increase in the value of the taxable matter - for example, Personal Income Tax Regressive (pt: Regressivo) | Taxes are levied in equal percentages on taxpayers, without taking into account the economic capacity of the person who will bear the tax burden. This makes them "regressive", that is, taxpayers with lower economic conditions end up paying (proportionally) a larger share of taxes on their income. ICMS, IPI, PIS and COFINS are examples of regressive taxes (at the same time, they are also classified as indirect) Real (pt: Real) | This is a tax based on real (physical) assets, known as "Taxes on Assets", such as IPTU, IPVA and ITR Personal (pt: Pessoal) | Personal is the tax that establishes tax differences based on conditions inherent to the taxpayer. Taxes are levied according to the taxpayer's economic capacity (Income Tax for individuals and legal entities) Extrafiscal (pt: Extrafiscal) | Tax that aims not only at collecting revenue, but also at correcting anomalies. Example: Export Tax Parafiscal (pt: Parafiscal) | Contribution charged by an autarchy, parastatal, professional or social bodies, to cover their autonomous financing. Example: annual fee for CRC, CREA, OAB, etc Taxation II - Import Tax In Portuguese: Imposto de Importacao Level: Federal Levy: It is levied on all imported products in two different ways: goods worth up to US$100 and between US$100 and US$3,000 IE - Export Tax In Portuguese: Imposto de Exportacao Level: Federal Levy: It is levied on products produced in Brazil and sent to other countries IPI - Tax on Industrialized Products In Portuguese: Imposto sobre Produtos Industrializados Level: Federal Levy: It is levied on products that have undergone some industrialization process, whether imported or not; it is paid by importers and business owners IOF - Tax on Financial Transactions In Portuguese: Imposto sobre Operacoes Financeiras Level: Federal Levy: It is levied on credit, exchange or insurance transactions, for both individuals and legal entities IRPJ - Corporate Income Tax In Portuguese: Imposto de Renda Pessoa Juridica Level: Federal Levy: Monthly, quarterly or annual tax, depending on the tax regime, levied on companies on their gross income IRPF - Individual Income Tax In Portuguese: Imposto de Renda Pessoa Fisica Level: Federal Levy: Tax required from taxpayers with earnings above the ceiling established by the Federal Revenue Service ITR - Tax on Rural Land Property In Portuguese: Imposto sobre a Propriedade Territorial Rural Level: Federal Levy: Annual tax levied on rural property owners, whether individuals or legal entities COFINS - Contribution for the Financing of Social Security In Portuguese: Contribuicao para o Financiamento da Seguridade Social Level: Federal Levy: Annual tax levied on almost all companies to finance programs such as social security CIDE - Contribution for Intervention in the Economic Domain In Portuguese: Contribuicao de Intervencao no Dominio Economico Level: Federal Levy: Tax added to oil, natural gas and their derivatives; the rate is based on the cubic meter of fuel CSLL - Social Contribution on Net Income In Portuguese: Contribuicao Social sobre o Lucro Liquido Level: Federal Levy: Tax levied on the company's net income as set forth in the IRPJ INSS - National Institute of National Security In Portuguese: Instituto Nacional da Seguridade Nacional Level: Federal Levy: Tax collected from both individuals and legal entities to fund social security, among other areas FGTS - Service Time Guarantee Fund In Portuguese: Fundo de Garantia do Tempo de Servico Level: Federal Levy: Tax deducted from workers' salaries; it can be withdrawn by them in cases provided for by law, such as unfair dismissals PIS/PASEP - Social Integration Program / Public Servant Asset Formation Program In Portuguese: Programa de Integracao Social / Programa de Formacao do Patrimonio do Servidor Publico Level: Federal Levy: Tax collected to fund bonuses and unemployment insurance for workers in state-owned companies ICMS - Tax on the Circulation of Goods and Services In Portuguese: Imposto sobre Circulacao de Mercadorias e Servicos Level: State Levy: Tax collected by companies and passed on to consumers when they purchase products and services sold in Brazil ITCMD - Tax on Transfers of Property by Death and Donation In Portuguese: Imposto sobre Transmissao Causa Mortis e Doacao Level: State Levy: Tax levied on inheritances and donations and goes directly to the state coffers IPVA - Tax on Ownership of Motor Vehicles In Portuguese: Imposto sobre a Propriedade de Veiculos Automotores Level: State Levy: Tax collected from owners of motor vehicles; half of the amount collected goes to the state and the other part goes to city governments, which decide how to manage the money ITBI - Tax on Transfer of Assets Inter Vivos In Portuguese: Imposto sobre Transmissao de Bens Inter Vivos Level: Municipal Levy: Tax paid by the buyer of a property when transferring assets of this nature ISS - Tax on Services In Portuguese: Imposto sobre Servicos Level: Municipal Levy: Tax collected from companies and self-employed professionals IPTU - Tax on Urban Land and Real Estate Property In Portuguese: Imposto sobre a Propriedade Predial e Territorial Urbana Level: Municipal Levy: Tax collected from property owners or tenants Complexity of PIS and COFINS Some tax scholars say that PIS/COFINS can be considered Direct Taxes due to all the conceptual notions illustrated below. But, in fact, PIS/COFINS are widely considered Indirect Taxes by Brazilian Authorities, Companies and by the vast majority of tax experts (even by SAP). The complexity of those taxes lies in conceptual notions of: Direct / Indirect Taxes Cumulativeness Legal Taxpayer Actual taxpayer General Economic Impact Specific Economic Impact Taxable Event Localized Processes in Purchasing (MM) and Sales (SD) These are some examples of localized logistics processes. Although sometimes there is an inherent complexity in SD pricing, in Brazil, the complexity of the operation and purchasing processes, including also inventory management, can be much greater in procurement (MM). And in sales, if the company sells not only goods, but services, then the complexity of sales processes can increase significantly. Sales (SD/OTC) Consignment Sales Future Delivery Sales Triangular Transactions (Third Party Sales) Sale with Returnable Packaging Sales Return (Return with original NF and issuing incoming NF) Sales Return (Return with NF and issued by the customer) Procurement (MM/PTP) Purchase Operations with Goods Receipt for: Industrialization Resales Use and Consumption Assets Services Freight Material Management (MM) Localization Localization of SAP ERP Materials Management is a part of SAP Logistics functionality. The SAP Logistics function incorporate a number of distinct areas that together follow the movement of materials from manufacturer to consumer. Materials Management contains many aspects of SAP functi onality, including purchasing, goods receiving, material storage, inventory, and invoicing. Standard Supported Scenarios in Brazil Localization Basic Scenarios Purchase Order scenario in Brazilian Localization Subsequent Debit/Credit scenario in Brazilian Localization Future Delivery scenario in Brazilian Localization Future Delivery - DIFAL scenario in Brazilian Localization Consignment scenario in Brazilian Localization Third-Party Selling scenario in Brazilian Localization Subcontracting Process with one Nota Fiscal in Brazilian Localization Subcontracting Process with two Notas Fiscais in Brazilian Localization Subcontracting Process with Deliveries in Brazilian Localization Normal Resale Process in Brazilian Localization Industry Resale material in Brazilian Localization Returnable Packaging with one Nota Fiscal in Brazilian Localization Returnable Packaging with two Notas Fiscais in Brazilian Localization Freight Scenarios Planned Freight (Planned Delivery Costs) scenario in Brazilian Localization Unplanned Freight (Unplanned Delivery Costs) scenario in Brazilian Localization Freight with several Notas Fiscais scenario in Brazilian Localization Conhecimento de Transporte Eletrônico (CTe) scenario in Brazilian Localization Stock Transfer Scenarios Stock Transfer with Materials Management (MM) in Brazilian Localization Stock Transfer Order (STO) in Brazilian Localization Intracompany Stock Transport Order with Valuated Stock In Transit (STO SiT) for Brazilian Localization Stock Transport Order using Inbound Delivery scenario in Brazilian Localization Stock Transfer Order (STO) with Full/Partial Return of Transit Stock in Brazilian Localization Services Scenarios Service Purchase Order process with DIEN material type in Brazilian Localization Service Purchase Order Withholding - Service Management in Brazilian Localization Service Purchase Order scenario using External Services Management in Brazilian Localization Service Purchase Order Withholding Accumulation - Service Management in Brazilian Localization SAP Brazilian Tax Calculation Schema Sales (SD/OTC) Tax Procedure: RVABRA Procurement (MM/PTP) Tax Procedure: TAXBRA Hint : TAXBRJ is a deprecated tax procedure (do not use) Main Customizing Related with the Brazilian Tax Procedures CBT activation Configure Tax Codes Tax Groups Dynamic Exceptions Tax Rates Condition Types Account Keys Condition Records Access Sequences Condition Codes Tax Jurisdiction Screen Controls Conditions Mappings Tax Posting Strings Internal codes Price conditions TAXBRA/RVABRA pricing adjustments MP135 Implementation (Withholding Tax and ISS) CFOP Jurisdiction Codes Tax Laws Tax Situations Hint : All this customizing are done by Logistic Consultants (MM/SD) TAXBRA additional information Transaction "FTXP" is not used in "TAXBRA" In simple terms: TAXBRJ = FTXP (Deprecated) TAXBRA = FV11 Tax Codes must be maintain via Transaction "J1BTAX" Conditions are activated via Transaction "FV11" and "FV12" Using Transaction "J1BTAX" to maintain the tax tables J_1BTX* and tax codes creates condition records automatically Brazilian Tax-O-Meter This is a meter of all taxes charged in the Brazilian territory. Currency: BRL (Brazilian Real) Period: Beginning of the current year until today (Each year the meter is reset) Warning : You're seeing it right. Depending on the month of the year, the value of taxes collected reaches billions or even trillions, with a “T”. The tax burden in Brazil is incredibly high. SAP Third-Party Solution Partners (Graded) These are some third-party solutions available in the Brazilian market to help companies with tax compliance, workflows, business intelligence (BI), artificial intelligence (AI) and automation. Solution Tax Engine E-Reporting E-Invoicing Inbound Automation Tax Correction Tax Payments Tax Management Foreign Trade Tax Refund Tax Files Exchange Tax Workflow Workflow AI /Automation BI / Reporting SAP S4 / ECC A+ SAP GRC NF-e A+ A B- SAP TDF A SAP ACR/DRC B Synchro B B+ B A- B B- Engineering B Thomson Reuters B B- B C B C VIM C GSF Fiscal A- KPMG KTAX B B- C B Sovos B Avalara B- C NSI B- Sonda B CIC B Dootax B Tecnospeed B C Service Now A SAP BPM B+ Automation Anywhere B UiPath B SAP BI A Power BI B- Tableau B- * These grades are not official grades, they were taken from personal experiences and research. Every day companies evolve and improve their technologies, solutions and services. Solution Topics Tax Engine (Motor Fiscal) | Very Important E-Reporting (SPED) | Very Important E-Invoicing (NF-e) | Very Important Inbound Automation (NF-e Entrada) | Important Tax Correction (Carta de Correcao) | Important Tax Payments (Guia / Pagamentos) | Optional Tax Management (Gestao Fiscal) | Optional Foreign Trade (Comex) | Optional Tax Refund (PER/DCOMP) | Optional Tax Files Exchange (Automacao PVA) | Nice to Have Tax Workflow (Agenda Tributaria)| Nice to Have Workflow (Fluxo de Trabalho)| Nice to Have AI - Artificial Intelligence / Automation (Inteligencia Artificial / Automacao)| Nice to Have BI - Business Intelligence / Reporting (Relatorios)| Nice to Have Warning : Don't take this as a recommendation. Every company has different requirements depending on size, industry, processes, budget and pain points. Do your homework looking for the best solution for your company. And remember, always ask the solution provider for a demo, references from other companies as a success case, and if possible, put yourself in contact with their success case companies. NF-e | Nota Fiscal Electronic Nota Fiscal or simply NF-e is the official document in Brazil in a form of "electronic tax invoice". This kind of e-invoicing is used in logistics and services operations. This document is the basis for Brazilian legal operations and reports. SAP has the solution to create, validate and bookkeeping it as well. The Nota Fiscal is under States and Municipality rules, it can be electronic and can be on paper, which it is called DANFE (Auxiliary Document of the Electronic Invoice). The use of NF-e is mandatory and that official file is a digital magnetic file, on XML format. The NF-e deals with sales, purchases and returns. SAP solution for NF-e ensuring creation and validations in the government system. NFe Authorization Flow Outbound Receive Nota Fiscal, Convert to XML Digital Signature Create Batches Manage Status with Government Store Status Updates with Back-end Inbound Receive XML and Check Authorization Check Digital Signature Nofity Issuer Create Documents in ERP Backend (e.g. Inbound Delivery, Goods Receipt, Invoice) Inbound Nota Fiscal The inbound nota fiscal, or MM nota fiscal, is not issued by the company, but by the venders. The company must acknowledge, book and report its. Outbound Nota Fiscal The outbound nota fiscal, or SD nota fiscal, must be issued, validated, booked and reported be the company. Examples of NF: NF for Billing NF for Shipments NF for returns NF for transfer NF-e | DANFE Electronic Nota Fiscal or simply NF-e is the official the official document in Brazil in a form of "electronic tax invoice". This kind of e-invoicing is used in logistics and services operations. This document is the basis for Brazilian legal operations and reports. SAP has the solution to create, validate and bookkeeping it as well. The Nota Fiscal is under States and Municipality rules, it can be electronic and can be on paper, which it is called DANFE (Auxiliary Document of the Electronic Invoice). DANFE Example The DANFE , on paper NF-e, is mandatory for goods movement, so it should be printed and carried along with the goods. Failing to do the goods movement, out of the branches gates, with the DANFE can cause penalties for the company. Tax Engine (Thomson Reuters | Customization Steps) Corporations using SAP as their Enterprise Resource Planning (ERP) system can simplify their worldwide Indirect Tax requirements by implementing third-party solutions. Some features can include Tax Determination, Integration for SAP, Reporting, and Compliance. Thomson Reuters | OneSource (Global Next / IDT Indirect Determination Tax) The Brazil tax calculation logic is notably complex with many calculations and configuration requirements. It is a challenge to implement even by the most experienced and requires a lot of adjustments and configurations that are specific to your company requirements, customers, products, business models, and reporting needs. The benefits provided by OneSource Indirect Tax Suite are : Fast, accurate sales, use, consumer’s use tax, and VAT results. Monthly tax rate and rules updates for over 175 countries. Integrated tax calculation with SAP minimizing user decisions and tax errors. Removal of the need to change SAP tax codes e ach time a rate/rule changes, eliminating business interruptions, and running out of tax codes in SAP. Complete audit database from which you can generate both standard and custom reports as well as returns. Limitations of the Third-party Solution (OneSource) Solution doesn't include Nota Fiscal creation (Only Tax Determinantion). Nota Fiscal feature needs to be enabled by SAP TAXBRA standard solution. Withholding Taxes Outbound for Sale of Services. Withholding Taxes Inbound for Purchase of Services (Solution developed in July 2023). These are some settings to support Brazil Enablement FI Configuration Createing New Brazil Contigiton Types for FI Creating the Tax Procesure Defining Tax Codes for Sales and Purchases Jurisdiction Code Settings Adding the Required Tax Regions * This step is called "FI Configuration" because the transactions are located in the IMG financial tree like other global VAT tax configuration, but in Brazil it is done by logistics consultants, not financial consultants. SD Configuration Creating New Brazil Condition Types for SD Creating the Pricing Procedure Assigning the New Pricing Procedure to Sales Transactions Define Tax Determination Rules Define Tax Relevance of Customer Master Records MM Configuration Creating New Condition Types Creating a Calculation Schema Assingin the New Calculation Schema to Purchase Transactions Master Data Setup Assign Tax Indicator in the Material Master Sales Organization View Maintain Default Values for Tax Codes Maintain Commodity Code Assign Tax indicator in the Customer Master Maintain Condition Type to Determine Tax Code Global Next (OneSource) Configuration Maintain Determine Condition Types for Taxes Table Brazil Registration Number Requeriments and Other Fiel Mapping Class /IDT/BRAZIL_MATERIAL_USAGE Class /IDT/BRAZIL_FED_REG_NUMBER Commodity Code Map in Field Mapping Table Nota Fiscal Support Configuration J1BTAX Settings Other Configuration Seetings (SPRO) New Brazil Route /IDT/ROUTE_GROUP_DELIVERY New Brazil Auto Journey /IDT/JOURNEY_BRAZIL_SD_ADJUST Dynamic CST Determination for MM CST Determinantion for SD Tax Jurisdiction Codes for Brazil Nota Fiscal Filed Mappings for Inbound STO Process CFOP (Fiscal Code for Operations and Provisions) CFOP is the acronym of the "Codigo Fiscal de Operacoes e Prestacoes" or in English "Fiscal Code for Operations and Provisions". This code identifies a specific transaction by category when issuing the nota fiscal. The nota fiscal contains a huge amount of information. That is why cannot be compared with a simply invoice or even an e-invoicing from other countries in the South America. With that in mind, it is important to know the main information in the nota fiscal, and one of them is the CFOP. Understanding the CFOP is very useful to start to assimilate the content of the nota fiscal and avoid mistakes. The CFOP Code determines the taxation on the operation and if there is any financial or inventory movements for to the Tax Authorities. The different types of CFOP separate the nota fiscal by type (inbound or outbound nota fiscal), by region and by nature of the operation. CFOP Examples Warning : In the CFOP full list there are hundreds of CFOPs. CFOP Description Movement SAP Module 1102 Purchase of products from vendors Same State MM 2102 Purchase of products from vendors Other State MM 3102 Purchase of products from vendors Other Country MM 5102 Product Sales to customers Same State SD 6102 Product Sales to customers Other State SD 7102 Product Sales to customers Other Country SD Understanding the CFOP The CFOP code is basically a 4-digit code. Example : 1102 Purchase of products from vendors in the same state 1º Digit : Identifies the direction (Inbound or Outbound) 2º Digit : Identifies which group or operation is referred 3º and 4º Digits : Identifies the type of operation CFOP Coding 1º digit identifies the direction. Example : 1102 / 2102 / 3102 / 5102 / 6102 / 7102 1xxx |Purchase of the same state (Intrastate operation) 2xxx |Purchase of other state (Interstate operation) 3xxx |Purchase of other country (Importation) 5xxx |Sales to the same state (Intrastate operation) 6xxx |Sales to other state (Interstate operation) 7xxx |Sales to other country (Exportation) 2º digit identifies which group or operation is referred. Example : 1102 / 1202 / 1302 / 1403 / 1556 / 1653 / 1916 x1xx | Purchase / Industrialization / Transfers / Services x2xx | Return / Electricity x3xx | Communication services / Transport services x4xx | Goods with tax substitution / Integration x5xx | Export / Fixed Assets / Material for Use x9xx | Other Entries / Free Samples / Bonus / Repairs / Exhibition Warning : It is not possible to perform operations of different natures on the same nota fiscal. For example, even if it refers to the same customer, a sales nota fiscal cannot be issued together with a return item. Each operation must have a different nota fiscal. CFOP Detailed list You can see below a more complete list of the CFOPs. Unfortunately the Brazilian Government only provides it in Portuguese. Type Origin/Destination CFOP Description Detailed Explanation Compra Mesmo estado 1102 Compra para comercialização Compra de produtos, de fornecedor do seu estado, sem substituição tributária Compra Outro estado 2102 Compra para comercialização Compra de produtos, de fornecedor de outro estado, sem substituição tributária Compra Outro estado 2403 Compra para comercialização em operação com mercadoria sujeita ao regime de substituição tributária Compra de produtos, de fornecedor de outro estado, com substituição tributária Compra Outro estado 2556 Classificam-se neste código as compras de produtos destinadas ao uso ou consumo do estabelecimento. Compra de produtos de fornecedor/vendedor de outro estado, destinados ao uso / consumo da empresa, por exemplo, materiais para consumir no dia-a-dia. Compra Outro estado 2551 Compra de bem para o ativo imobilizado Compra de produtos de fornecedor/vendedor de outro estado, que são destinados às atividades da empresa. Entrada Mesmo estado 1908 Entrada de bem por conta de contrato de comodatoo Entrada de bem que você recebe em comodato. No contrato de comodato, a empresa que é dona do bem o “empresta” sem cobrar por isso, mas por outro lado, pode retirar quando decidir. Neste caso (1908), o bem “emprestado” pertence ao mesmo estado. Entrada Mesmo estado 1912 Entrada de mercadoria ou bem recebido para demonstração ou mostruário Entrada Mesmo estado 1917 Entrada de mercadoria recebida em consignação mercantil ou industrial Entrada de mercadoria recebida em consignação. No contrato de consignação mercantil ou industrial, a mercadoria é consignada com a intenção de ser vendida. Neste caso (1917), a mercadoria é do mesmo estado. Entrada Outro estado 2908 Entrada de bem por conta de contrato de comodato Entrada de bem que você recebe em comodato. No contrato de comodato, a empresa que é dona do bem o “empresta” sem cobrar por isso, mas por outro lado, pode retirar quando decidir. Neste caso (2908), o bem “emprestado” pertence a outro estado. Entrada Outro estado 2912 Entrada de mercadoria ou bem recebido para demonstração ou mostruário Entrada Outro estado 2917 Entrada de mercadoria recebida em consignação mercantil ou industrial Entrada de mercadoria recebida em consignação. No contrato de consignação mercantil ou industrial, a mercadoria é consignada com a intenção de ser vendida. Neste caso (1917), a mercadoria é de outro estado. Devolução Outro estado 2411 Devolução de venda de mercadoria adquirida ou recebida de terceiros em operação com mercadoria sujeita ao regime de substituição tributária Devolução de um produto que você vendeu para um cliente de outro estado e possui substituição tributária. Devolução Outro estado 2202 Devolução de venda de mercadoria adquirida ou recebida de terceiros Devolução de um produto que você vendeu para um cliente de outro estado e não possui substituição tributária. Devolução Outro estado 2204 Devolução de venda de mercadoria adquirida ou recebida de terceiros, destinada à Zona Franca de Manaus ou Áreas de Livre Comércio Devolução de um produto que você vendeu para um cliente de outro estado, na Zona Franca de Manaus ou Áreas de Livre Comércio, e que não possui substituição tributária. Devolução Mesmo estado 1202 Devolução de venda de mercadoria adquirida ou recebida de terceiros Devolução de um produto que você vendeu para um cliente do mesmo estado e não possui substituição tributária. Devolução Mesmo estado 1204 Devolução de venda de mercadoria adquirida ou recebida de terceiros, destinada à Zona Franca de Manaus ou Áreas de Livre Comércio Devolução de um produto que você vendeu para um cliente do mesmo estado, na Zona Franca de Manaus ou Áreas de Livre Comércio, e que não possui substituição tributária. Devolução Mesmo estado 1411 Devolução de venda de mercadoria adquirida ou recebida de terceiros em operação com mercadoria sujeita ao regime de substituição tributária Devolução de um produto que você vendeu para um cliente do mesmo estado e possui substituição tributária. Devolução Outro estado 2553 Devolução de venda de bem do ativo imobilizado Devolução de uma venda feita com bens utilizados nas atividades da sua empresa, para pessoa ou empresa de outro estado. Devolução Mesmo estado 1553 Devolução de venda de bem do ativo imobilizado Devolução de uma venda feita com bens utilizados nas atividades da sua empresa, para pessoa ou empresa do mesmo estado. Devolução Mesmo estado 1209 Devolução de mercadoria adquirida ou recebida de terceiros, remetida em transferência Devolução de um produto que foi enviado pela sua empresa para terceiros do mesmo estado, para fins diversos (venda, demonstração, etc). Devolução Mesmo estado 1918 Devolução de mercadoria remetida em consignação mercantil ou industrial Devolução de um produto que você enviou em consignação para outra empresa que está no mesmo estado que a sua. Devolução Outro estado 2209 Devolução de mercadoria adquirida ou recebida de terceiros, remetida em transferência Devolução de um produto que foi enviado pela sua empresa para terceiros de outro estado, para fins diversos (venda, demonstração, etc). Devolução Outro estado 2918 Devolução de mercadoria remetida em consignação mercantil ou industrial Devolução de um produto que você enviou em consignação para uma empresa que é de outro estado. Retorno Mesmo estado 1415 Retorno de mercadoria adquirida ou recebida de terceiros, remetida para venda fora do estabelecimento em operação com mercadoria sujeita ao regime de substituição tributária Retorno de mercadoria com substituição tributária, que você enviou para vender fora da sua empresa, mas no mesmo estado. Retorno Mesmo estado 1904 Retorno de remessa para venda fora do estabelecimento Retorno de mercadoria sem substituição tributária, que você enviou para vender fora da sua empresa, mas no mesmo estado. Retorno Outro estado 2415 Retorno de mercadoria adquirida ou recebida de terceiros, remetida para venda fora do estabelecimento em operação com mercadoria sujeita ao regime de substituição tributária Retorno de mercadoria com substituição tributária, que você enviou para vender fora da sua empresa e em outro estado. Retorno Outro estado 2904 Retorno de remessa para venda fora do estabelecimento Retorno de mercadoria sem substituição tributária, que você enviou para vender fora da sua empresa e em outro estado. Retorno Mesmo estado 1554 Retorno de bem do ativo imobilizado remetido para uso fora do estabelecimento Retorno de um bem da sua empresa que foi enviado para ser usado em outro local, dentro do seu estado. Retorno Outro estado 2554 Retorno de bem do ativo imobilizado remetido para uso fora do estabelecimento Retorno de um bem da sua empresa que foi enviado para ser usado em outro local, fora do seu estado. Retorno Mesmo estado 1555 Entrada de bem do ativo imobilizado de terceiro, remetido para uso no estabelecimento Quando sua empresa recebe um bem de outra empresa, que está no mesmo estado, para utilização nas atividades de sua empresa. Retorno Outro estado 2555 Entrada de bem do ativo imobilizado de terceiro, remetido para uso no estabelecimento Quando sua empresa recebe um bem de outra empresa, que está em outro estado, para utilização nas atividades de sua empresa. Retorno Mesmo estado 1906 Retorno de mercadoria remetida para depósito fechado ou armazém geral Quando sua própria mercadoria retorna ao seu estoque de um armazém ou depósito no mesmo estado que o seu. Retorno Mesmo estado 1907 Retorno simbólico de mercadoria remetida para depósito fechado ou armazém geral Quando ocorre algum imprevisto no envio da sua própria mercadoria para um armazém ou depósito de estocagem (no mesmo estado) e ela retorna ao seu estoque, antes de ter chegado ao destino inicial. Retorno Outro estado 2906 Retorno de mercadoria remetida para depósito fechado ou armazém geral Quando sua própria mercadoria retorna ao seu estoque de um armazém ou depósito de outro estado. Retorno Outro estado 2907 Retorno simbólico de mercadoria remetida para depósito fechado ou armazém geral Quando ocorre algum imprevisto no envio da sua própria mercadoria para um armazém ou depósito de estocagem (em outro estado) e ela retorna ao seu estoque, antes de ter chegado ao destino inicial. Retorno Mesmo estado 1909 Retorno de bem remetido por conta de contrato de comodato Retorno de bem que você enviou em comodato. No contrato de comodato, a empresa que é dona do bem o “empresta” sem cobrar por isso, mas por outro lado, pode retirar quando decidir. Neste caso (2908), o bem da sua empresa foi emprestado para uma empresa do mesmo estado. Retorno Mesmo estado 1913 Retorno de mercadoria ou bem remetido para demonstração, mostruário ou treinamento Retorno de mercadoria que você enviou para demonstração, mostruário ou treinamento em outra empresa no mesmo estado que o seu. Retorno Mesmo estado 1914 Retorno de mercadoria ou bem remetido para exposição ou feira Retorno de mercadoria que você enviou para uma exposição ou feira que ocorreu no mesmo estado que o seu. Retorno Mesmo estado 1916 Retorno de mercadoria ou bem remetido para conserto ou reparo Retorno de uma mercadoria de sua empresa, que você enviou para arrumar em um lugar no mesmo estado. Retorno Outro estado 2909 Retorno de bem remetido por conta de contrato de comodato Retorno de bem que você enviou em comodato. No contrato de comodato, a empresa que é dona do bem o “empresta” sem cobrar por isso, mas por outro lado, pode retirar quando decidir. Neste caso (2908), o bem da sua empresa foi emprestado para uma empresa de outro estado. Retorno Outro estado 2913 Retorno de mercadoria ou bem remetido para demonstração, mostruário ou treinamento Retorno de mercadoria que você enviou apenas para demonstração, mostruário ou treinamento em outra empresa em outro estado diferente do seu. Retorno Outro estado 2914 Retorno de mercadoria ou bem remetido para exposição ou feira Retorno de mercadoria que você enviou para uma exposição ou feira que ocorreu em outro estado diferente do seu. Retorno Outro estado 2916 Retorno de mercadoria ou bem remetido para conserto ou reparo Retorno de uma mercadoria de sua empresa, que você enviou para arrumar em um lugar em um estado diferente do seu. Retorno Mesmo estado 1915 Entrada de mercadoria ou bem recebido para conserto ou reparo Quando sua empresa recebe um produto para arrumar/consertar, vindo do mesmo estado que o seu. Retorno Outro estado 2915 Entrada de mercadoria ou bem recebido para conserto ou reparo Quando sua empresa recebe um produto para arrumar/consertar, vindo de um estado diferente do seu. Retorno Mesmo estado 1925 Retorno de mercadoria remetida para industrialização por conta e ordem do adquirente da mercadoria, quando esta não transitar pelo estabelecimento do adquirente Quando um produto seu, que foi enviado para uma indústria no mesmo estado que o da sua empresa, retorna para você antes mesmo de chegar no seu cliente. Retorno Outro estado 2925 Retorno de mercadoria remetida para industrialização por conta e ordem do adquirente da mercadoria, quando esta não transitar pelo estabelecimento do adquirente Quando um produto seu, que foi enviado para uma indústria em outro estado, retorna para você antes mesmo de chegar no seu cliente. Retorno Outro estado 2949 Outra entrada de mercadoria ou prestação de serviço não especificada Qualquer outra entrada de mercadoria na sua empresa, vinda de outro estado, que não se encaixe em nenhuma das outras especificações anteriores. Este CFOP é muito usado para troca em garantia. Retorno Mesmo estado 1949 Outra entrada de mercadoria ou prestação de serviço não especificada Qualquer outra entrada de mercadoria na sua empresa, vinda do mesmo estado, que não se encaixe em nenhuma das outras especificações anteriores. Transferência Mesmo estado 1152 Transferência de produtos de outro estabelecimento da mesma empresa, para serem comercializadas. Quando sua empresa recebe seus produtos vindos de outro espaço da sua própria rede, dentro do mesmo estado, para que seja vendido. Transferência Outro estado 2152 Transferência de produtos de outro estabelecimento da mesma empresa, para serem comercializadas. Quando sua empresa recebe seus produtos vindos de outro espaço da sua própria rede, dentro de outro estado, para que seja vendido. Transferência Mesmo estado 1409 Transferência para comercialização em operação com mercadoria sujeita ao regime de substituição tributária, para serem comercializadas, decorrentes de operações sujeitas ao regime de substituição tributária. Quando sua empresa recebe seus produtos com substituição tributária vindos de outro espaço da sua própria rede, dentro do mesmo estado, para que seja vendido. Transferência Outro estado 2409 Transferência para comercialização em operação com mercadoria sujeita ao regime de substituição tributária, para serem comercializadas, decorrentes de operações sujeitas ao regime de substituição tributária. Quando sua empresa recebe seus produtos com substituição tributária vindos de outro espaço da sua própria rede, dentro de outro estado, para que seja vendido. Transferência Mesmo estado 1154 Transferência para utilização na prestação de serviço de outro estabelecimento da mesma empresa, para serem utilizadas nas prestações de serviços. Quando sua empresa recebe uma mercadoria vinda da sua própria empresa, de uma sede no mesmo estado, para utilizar ao prestar um serviço. Transferência Outro estado 2154 Transferência para utilização na prestação de serviço de outro estabelecimento da mesma empresa, para serem utilizadas nas prestações de serviços. Quando sua empresa recebe uma mercadoria vinda da sua própria empresa, de uma sede em outro estado, para utilizar ao prestar um serviço. Transferência Mesmo estado 1557 Transferência de material para uso ou consumo recebidos em transferência de outro estabelecimento da mesma empresa. Quando sua empresa recebe uma mercadoria vinda da sua própria empresa, de uma sede no mesmo estado, para uso ou consumo. Transferência Outro estado 2557 Transferência de material para uso ou consumo recebidos em transferência de outro estabelecimento da mesma empresa. Quando sua empresa recebe uma mercadoria vinda da sua própria empresa, de uma sede em outro estado, para uso ou consumo. Transferência Mesmo estado 1552 Transferência de bem do ativo imobilizado recebidos em transferência de outro estabelecimento da mesma empresa. Quando sua empresa recebe uma mercadoria vinda da sua própria empresa, de uma sede no mesmo estado, mercadoria essa para ser destinada às atividades da empresa. Transferência Outro estado 2552 Transferência de bem do ativo imobilizado recebidos em transferência de outro estabelecimento da mesma empresa. Quando sua empresa recebe uma mercadoria vinda da sua própria empresa, de uma sede de outro estado, mercadoria essa para ser destinada às atividades da empresa. Venda Mesmo estado 5102 Venda de mercadoria adquirida ou recebida de terceiros Venda de um produto para um cliente do mesmo estado e que não possui substituição tributária. Venda Outro estado 6102 Venda de mercadoria adquirida ou recebida de terceiros Venda de um produto para um cliente de outro estado e que não possui substituição tributária. Venda Mesmo estado 5403 Venda de mercadoria, adquirida ou recebida de terceiros, sujeita ao regime de substituição tributária, na condição de **contribuinte-substituto** Venda de uma mercadoria que você comprou de terceiros e que tenha substituição tributária. Nesse caso, a venda é feita dentro do mesmo estado e sua empresa é quem vai pagar o imposto. Venda Mesmo estado 5405 Venda de mercadoria, adquirida ou recebida de terceiros, sujeita ao regime de substituição tributária, na condição de contribuinte-substituído Venda de uma mercadoria que você comprou de terceiros e que tenha substituição tributária. Nesse caso, a venda é feita dentro do mesmo estado e a empresa que comprou é quem vai pagar o imposto. Venda Outro estado 6403 Venda de mercadoria, adquirida ou recebida de terceiros, sujeita ao regime de substituição tributária, na condição de **contribuinte-substituto** Venda de uma mercadoria que você comprou de terceiros e que tenha substituição tributária. Nesse caso, a venda é feita para outro estado e sua empresa é quem vai pagar o imposto. Venda Outro estado 6404 Venda de mercadoria sujeita ao regime de substituição tributária, cujo imposto já tenha sido retido anteriormente Venda para cliente de outro estado, de uma mercadoria que já teve o imposto retido anteriormente. Venda Mesmo estado 5110 Venda de mercadoria, adquirida ou recebida de terceiros, destinada à Zona Franca de Manaus ou Áreas de Livre Comercio, de que trata o Anexo do Convênio SINIEF s/n, de 15 de dezembro de 1970, que dispõe sobre o Sistema Nacional Integrado de Informações Econômico-Fiscais Venda de produto para um cliente do mesmo estado, na Zona Franca de Manaus ou Áreas de Livre Comércio, e que não possui substituição tributária. Venda Outro estado 6108 Venda de mercadoria adquirida ou recebida de terceiros, destinada a não contribuinte Venda de mercadoria, que foi comprada de terceiros, para comprador de outro estado que não contribui com ICMS. Isento de ICMS, isso não significa que não possui Inscrição Estadual, ok? Venda Mesmo estado 5551 Venda de bem do ativo imobilizado Venda de BEM da empresa para comprador do mesmo estado. Venda Outro estado 6551 Venda de bem do ativo imobilizado Venda de BEM da empresa para comprador de outro estado. Venda Mesmo estado 5114 Venda de mercadoria adquirida ou recebida de terceiros **REMETIDA** anteriormente em consignação mercantil Quando você vende um produto que anteriormente enviou como em consignação, você utiliza esse CFOP após fazer uma emissão com o 1917. Venda Mesmo estado 5115 Venda de mercadoria adquirida ou recebida de terceiros, **RECEBIDA** anteriormente em consignação mercantil Quando sua empresa compra um produto que foi recebido em consignação e faz a venda deste dentro do mesmo estado. Venda Mesmo estado 5117 Venda de mercadoria adquirida ou recebida de terceiros, originada de encomenda para entrega futura Quando você emite uma nota de venda para um cliente do mesmo estado, que encomendou mercadoria da sua empresa, mas ainda não a recebeu. Utilizado na entrega da mercadoria emitida pela NF com CFOP 5922. Venda Mesmo estado 5119 Venda de mercadoria adquirida ou recebida de terceiros entregue ao destinatário por conta e ordem do adquirente originário, em venda à ordem Quando seu cliente, do mesmo estado que sua empresa, vende um produto que comprou da sua empresa e manda entregar direto no cliente dele. Nesse caso, seu cliente paga pelo frete. Venda Mesmo estado 5120 Venda de mercadoria adquirida ou recebida de terceiros entregue ao destinatário pelo vendedor remetente, em venda à ordem Quando seu cliente, do mesmo estado que sua empresa, vende um produto que comprou da sua empresa e manda entregar direto no cliente dele. Nesse caso, sua empresa paga pelo frete. Venda Mesmo estado 5922 Lançamento efetuado a título de simples faturamento decorrente de venda para entrega futura Quando você emite uma nota de lançamento de mercadoria sem substituição tributária para um cliente do mesmo estado, que encomendou mercadoria da sua empresa mas ainda não a recebeu. Utilizado em casos de adiantamento ou recebimento financeiro. Venda Outro estado 6922 Lançamento efetuado a título de simples faturamento decorrente de venda para entrega futura. Quando você emite uma nota de lançamento de mercadoria sem substituição tributária para um cliente de outro estado, que encomendou mercadoria da sua empresa mas ainda não a recebeu. Utilizado em casos de adiantamento ou recebimento financeiro. Venda Outro estado 6104 Venda de mercadoria adquirida ou recebida de terceiros, efetuada fora do estabelecimento Quando a nota é referente a uma venda que foi realizada fora do estabelecimento, para cliente de outro estado. Venda Mesmo estado 5104 Venda de mercadoria adquirida ou recebida de terceiros, efetuada fora do estabelecimento Quando a nota é referente a uma venda que foi realizada fora do estabelecimento, para cliente do mesmo estado. Venda Outro estado 6110 Venda de mercadoria, adquirida ou recebida de terceiros, destinada à Zona Franca de Manaus ou Áreas de Livre Comércio Venda de produto para um cliente de outro estado, na Zona Franca de Manaus ou Áreas de Livre Comércio, e que não possui substituição tributária. Venda Mesmo estado 5110 Venda de mercadoria, adquirida ou recebida de terceiros, destinada à Zona Franca de Manaus ou Áreas de Livre Comércio Venda de produto para um cliente do mesmo estado, na Zona Franca de Manaus ou Áreas de Livre Comércio, e que não possui substituição tributária. Venda Outro estado 6114 Venda de mercadoria adquirida ou recebida de terceiros **REMETIDA** anteriormente em consignação mercantil Quando sua empresa consigna um produto a um cliente de outro estado e esse cliente faz a venda desse produto. Venda Outro estado 6115 Venda de mercadoria adquirida ou recebida de terceiros, **RECEBIDA** anteriormente em consignação mercantil Quando sua empresa recebe um produto em consignação e faz a venda dele para outro estado. Venda Outro estado 6117 Venda de mercadoria adquirida ou recebida de terceiros, originada de encomenda para entrega futura Quando você emite uma nota de venda para um cliente de outro estado, que encomendou mercadoria da sua empresa, mas ainda não a recebeu. Venda Outro estado 6119 Venda de mercadoria adquirida ou recebida de terceiros entregue ao destinatário por conta e ordem do adquirente originário, em venda à ordem Quando seu cliente, de outro estado, vende um produto que comprou da sua empres e manda entregar direto no cliente dele. Nesse caso, seu cliente paga pelo frete. Venda Outro estado 6120 Venda de mercadoria adquirida ou recebida de terceiros entregue ao destinatário pelo vendedor remetente, em venda à ordem Quando seu cliente, de outro estado, vende um produto que comprou da sua empresa e manda entregar direto no cliente dele. Nesse caso, sua empresa paga pelo frete. Venda Mesmo estado 5123 Venda de mercadoria adquirida ou recebida de terceiros remetida para industrialização, por conta e ordem do adquirente, sem transitar pelo estabelecimento do adquirente Quando você manda uma mercadoria para alteração, adição de outros itens para compor o que você vende, sem que a matéria-prima passe por seu estabelecimento Venda Outro estado 6123 Venda de mercadoria adquirida ou recebida de terceiros remetida para industrialização, por conta e ordem do adquirente, sem transitar pelo estabelecimento do adquirente Quando você manda uma mercadoria para alteração, adição de outros itens para compor o que você vende, sem que a matéria-prima passe por seu estabelecimento Remessa Mesmo estado 5917 Remessa de mercadoria em consignação mercantil ou industrial Saída de mercadoria em consignação. No contrato de consignação mercantil ou industrial, a mercadoria é consignada com a intenção de ser vendida. Neste caso, a mercadoria vai para o mesmo estado. Remessa Mesmo estado 5908 Remessa de bem por conta de contrato de comodato Saída de bem da sua empresa em comodato. No contrato de comodato, a empresa que é dona do bem o “empresta” sem cobrar por isso, mas por outro lado, pode retirar quando decidir. Neste caso o bem é “emprestado” para uma empresa no mesmo estado. Remessa Mesmo estado 5909 Retorno de bem recebido por conta de contrato de comodato Saída de bem que você recebeu em comodato. No contrato de comodato, a empresa que é dona do bem o “empresta” sem cobrar por isso, mas por outro lado, pode retirar quando decidir. Neste caso, o bem “emprestado” pertence a uma outra empresa do mesmo estado e você está devolvendo. Remessa Outro estado 6908 Remessa de bem por conta de contrato de comodato Saída de bem da sua empresa em comodato. No contrato de comodato, a empresa que é dona do bem o “empresta” sem cobrar por isso, mas por outro lado, pode retirar quando decidir. Neste caso o bem é “emprestado” para uma empresa em outro estado. Remessa Outro estado 6909 Retorno de bem recebido por conta de contrato de comodato Saída de bem que você recebeu em comodato. No contrato de comodato, a empresa que é dona do bem o “empresta” sem cobrar por isso, mas por outro lado, pode retirar quando decidir. Neste caso, o bem “emprestado” pertence a uma outra empresa de outro estado e você está devolvendo. Remessa Outro estado 6917 Remessa de mercadoria em consignação mercantil ou industrial Saída de mercadoria em consignação. No contrato de consignação mercantil ou industrial, a mercadoria é consignada com a intenção de ser vendida. Neste caso, a mercadoria vai para outro estado. Devolução Mesmo estado 5412 Devolução de bem do ativo imobilizado, em operação com mercadoria sujeita ao regime de substituição tributária Devolução de produtos que seriam destinados ao consumo/uso da empresa para fornecedor/vendedor do mesmo estado. Produtos com substituição tributária. Devolução Mesmo estado 5553 Devolução de compra de bem para o ativo imobilizado Devolução de produtos que seriam destinados ao consumo/uso da empresa para fornecedor/vendedor do mesmo estado. Produtos sem substituição tributária. Devolução Outro estado 6412 Devolução de bem do ativo imobilizado, em operação com mercadoria sujeita ao regime de substituição tributária Devolução de produtos que seriam destinados ao consumo/uso da empresa para fornecedor/vendedor de outro estado. Produtos com substituição tributária. Devolução Outro estado 6553 Devolução de compra de bem para o ativo imobilizado Devolução de produtos que seriam destinados ao consumo/uso da empresa para fornecedor/vendedor de outro estado. Produtos com substituição tributária. Devolução Mesmo estado 5202 Devolução de compra para comercialização Devolução de produtos que foram comprados para sua empresa vender. Quando esses produtos não têm substituição tributária e são de fornecedor do mesmo estado que o da sua empresa. Devolução Outro estado 6202 Devolução de compra para comercialização Devolução de produtos que foram comprados para sua empresa vender. Quando esses produtos não têm substituição tributária e são de fornecedor de outro estado. Devolução Mesmo estado 5411 Devolução de compra para comercialização em operação com mercadoria sujeita ao regime de substituição tributária Devolução de produtos que foram comprados para sua empresa vender. Quando esses produtos possuem substituição tributária e são de fornecedor do mesmo estado que o da sua empresa. Devolução Outro estado 6411 Devolução de compra para comercialização em operação com mercadoria sujeita ao regime de substituição tributária Devolução de produtos que foram comprados para sua empresa vender. Quando esses produtos possuem substituição tributária e são de fornecedor de outro estado. Devolução Mesmo estado 5918 Devolução de mercadoria recebida em consignação mercantil ou industrial Devolução de mercadoria que foi recebida em consignação. No contrato de consignação mercantil ou industrial, a mercadoria é consignada com a intenção de ser vendida. Neste caso, a mercadoria é do mesmo estado. Devolução Mesmo estado 5919 Devolução simbólica de mercadoria vendida ou utilizada em processo industrial, recebida anteriormente em consignação mercantil ou industrial Quando, por algum motivo pontual, você precisa fazer uma devolução apenas simbólica dentro do mesmo estado, sem realmente devolver a mercadoria que foi acordada em consignação. Devolução Mesmo estado 5921 evolução de vasilhame ou sacaria Quando sua empresa devolve uma embalagem, vasilhame ou sacaria para outra empresa do mesmo estado. Devolução Mesmo estado 5209 Devolução de produtos recebidas em transferência de outro estabelecimento da mesma empresa, para serem comercializadas. Quando, dentro do mesmo estado, sua empresa devolve produtos para outro espaço da sua própria rede, para que sejam vendidos. Devolução Outro estado 6209 Devolução de produtos recebidas em transferência de outro estabelecimento da mesma empresa, para serem comercializadas. Quando, entre diferentes estados, sua empresa devolve produtos para outro espaço da sua própria rede, para que sejam vendidos. Devolução Outro estado 6918 Devolução de mercadoria recebida em consignação mercantil ou industrial Devolução de mercadoria que foi recebida em consignação. No contrato de consignação mercantil ou industrial, a mercadoria é consignada com a intenção de ser vendida. Neste caso, a mercadoria é de outro estado. Devolução Outro estado 6919 Devolução simbólica de mercadoria vendida ou utilizada em processo industrial, recebida anteriormente em consignação mercantil ou industrial Quando, por algum motivo pontual, você precisa fazer uma devolução apenas simbólica para outro estado, sem realmente devolver a mercadoria que foi acordada em consignação. Devolução Outro estado 6921 evolução de vasilhame ou sacaria Quando sua empresa devolve uma embalagem, vasilhame ou sacaria para outra empresa de outro estado. Devolução Mesmo estado 5210 Devolução de compra para utilização na prestação de serviço Quando você devolve uma mercadoria, que comprou para usar na prestação de serviço, para uma empresa dentro do mesmo estado. Devolução Outro estado 6210 Devolução de compra para utilização na prestação de serviço Quando você devolve uma mercadoria, que comprou para usar na prestação de serviço, para uma empresa de outro estado. Devolução Mesmo estado 5413 Devolução de mercadoria destinada ao uso ou consumo, em operação com mercadoria sujeita ao regime de substituição tributária. Devolução de mercadoria que você comprou de fornecedor/vendedor do mesmo estado, destinada ao uso / consumo da empresa e que tenha substituição tributária. Devolução Outro estado 6413 Devolução de mercadoria destinada ao uso ou consumo, em operação com mercadoria sujeita ao regime de substituição tributária. Devolução de mercadoria que você comprou de fornecedor/vendedor de outro estado, destinada ao uso / consumo da empresa e que tenha substituição tributária. Devolução Outro estado 6556 Devolução de compra de material de uso ou consumo Devolução de mercadoria que você comprou de fornecedor/vendedor de outro estado, destinada ao uso / consumo da empresa e que não tenha substituição tributária. Devolução Mesmo estado 5556 Devolução de compra de material de uso ou consumo Devolução de mercadoria que você comprou de fornecedor/vendedor do mesmo estado, destinada ao uso / consumo da empresa e que não tenha substituição tributária. Remessa Mesmo estado 5904 Remessa para venda fora do estabelecimento Envio de mercadoria para fora do seu estabelecimento dentro do mesmo estado. Remessa Mesmo estado 6905 Remessa para depósito fechado ou armazém geral Envio de mercadoria para um depósito fechado ou armazém que fica em um outro estado. Remessa Mesmo estado 5905 Remessa para depósito fechado ou armazém geral Envio de mercadoria para um depósito fechado ou armazém que fica dentro do mesmo estado que sua empresa. Remessa Mesmo estado 5415 Remessa de mercadoria adquirida ou recebida de terceiros para venda fora do estabelecimento, em operação com mercadoria sujeita ao regime de substituição tributária Quando sua empresa envia, dentro do mesmo estado, uma mercadoria que foi recebida ou adquirida de terceiros e contém substituição tributária Remessa Outro estado 6904 Remessa para venda fora do estabelecimento Envio de mercadoria para fora do seu estabelecimento em outro estado. Remessa Outro estado 6415 Remessa de mercadoria adquirida ou recebida de terceiros para venda fora do estabelecimento, em operação com mercadoria sujeita ao regime de substituição tributária Quando sua empresa envia para outro estado uma mercadoria que foi recebida ou adquirida de terceiros e contém substituição tributária. Remessa Mesmo estado 5910 Remessa em bonificação, doação ou brinde Envio de mercadoria dentro do mesmo estado, com o intuito de doar, bonificar ou apenas dar um brinde, sem fins comerciais. Remessa Mesmo estado 5911 Remessa de amostra grátis Envio de amostra grátis para empresa do mesmo estado. Remessa Outro estado 6910 Remessa em bonificação, doação ou brinde Envio de mercadoria para outro estado, com o intuito de doar, bonificar ou apenas dar um brinde, sem fins comerciais. Remessa Outro estado 6911 Remessa de amostra grátis Envio de amostra grátis para empresa de outro estado. Remessa Mesmo estado 5912 Remessa de mercadoria ou bem para demonstração, mostruário ou treinamento Envio de mercadoria apenas para demonstração, mostruário ou treinamento no mesmo estado, sem fins comerciais, ou seja, não pode ser vendida. Remessa Mesmo estado 5913 Retorno de mercadoria ou bem recebido para demonstração ou mostruário Quando você devolve, para uma empresa no mesmo estado, uma mercadoria que foi recebida apenas para demonstração ou mostruário, não para ser vendida. Remessa Mesmo estado 5914 Remessa de mercadoria ou bem para exposição ou feira Quando você envia uma mercadoria para uma feira ou para ficar exposta no mesmo estado, mas que pode ser vendida caso necessário. Remessa Mesmo estado 5915 emessa de mercadoria ou bem para conserto ou reparo Quando você envia uma mercadoria ou bem de sua empresa, para arrumar em um lugar no mesmo estado. Remessa Mesmo estado 5916 Retorno de mercadoria ou bem recebido para conserto ou reparo Quando você devolve para uma empresa do mesmo estado, uma mercadoria ou bem que sua empresa recebeu para arrumar. Remessa Outro estado 6912 Remessa de mercadoria ou bem para demonstração, mostruário ou treinamento Envio de mercadoria apenas para demonstração, mostruário ou treinamento em outro estado, sem fins comerciais, ou seja, não pode ser vendida. Remessa Outro estado 6913 Retorno de mercadoria ou bem recebido para demonstração ou mostruário Quando você devolve, para uma empresa de outro estado, uma mercadoria que foi recebida apenas para demonstração ou mostruário, não para ser vendida. Remessa Outro estado 6914 Remessa de mercadoria ou bem para exposição ou feira Quando você envia uma mercadoria para uma feira ou para ficar exposta em outro estado, mas que pode ser vendida caso necessário. Remessa Outro estado 6915 Remessa de mercadoria ou bem para conserto ou reparo Quando você envia uma mercadoria ou bem de sua empresa, para arrumar em um lugar em outro estado. Remessa Outro estado 6916 Retorno de mercadoria ou bem recebido para conserto ou reparo Quando você devolve para uma empresa de outro estado, uma mercadoria ou bem que sua empresa recebeu para arrumar. Remessa Mesmo estado 5554 Remessa de bem do ativo imobilizado para uso fora do estabelecimento Quando você envia um bem da sua empresa para que seja utilizado fora do seu estabelecimento, no mesmo estado. Remessa Outro estado 6554 Remessa de bem do ativo imobilizado para uso fora do estabelecimento Quando você envia um bem da sua empresa para que seja utilizado fora do seu estabelecimento, em outro estado. Remessa Mesmo estado 5555 Devolução de bem do ativo imobilizado de terceiro, recebido para uso no estabelecimento Quando você devolve um bem de outra empresa, do mesmo estado que o seu, que foi “emprestado” para que fosse utilizado na sua empresa. Remessa Outro estado 6555 Devolução de bem do ativo imobilizado de terceiro, recebido para uso no estabelecimento Quando você devolve um bem de outra empresa, de outro estado, que foi “emprestado” para que fosse utilizado na sua empresa. Remessa Mesmo estado 5927 Lançamento efetuado a título de baixa de estoque decorrente de perda, roubo ou deterioração Quando você precisa emitir uma nota de baixa de estoque apenas, para um produto que foi roubado, perdido ou estragado. Remessa Mesmo estado 5928 Lançamento efetuado a título de baixa de estoque decorrente do encerramento da atividade da empresa Quando você precisa emitir uma nota de baixa de estoque porque sua empresa não terá mais atividade. Remessa Mesmo estado 5929 Lançamento efetuado em decorrência de emissão de documento fiscal relativo a operação ou prestação também registrada em equipamento Emissor de Cupom Fiscal – ECF Quando você compra mercadoria em estabelecimento que emite Cupom Fiscal, e você precisará de uma nota fiscal para entrada em Estoque/Uso Consumo Remessa Mesmo estado 5949 Outra saída de mercadoria ou prestação de serviço não especificado Qualquer outra saída de mercadoria da sua empresa, para o mesmo estado, que não se encaixe em nenhuma das outras especificações anteriores. Remessa Outro estado 6929 Lançamento efetuado em decorrência de emissão de documento fiscal relativo a operação ou prestação também registrada em equipamento Emissor de Cupom Fiscal – ECF Quando você compra mercadoria em estabelecimento que emite Cupom Fiscal, e você precisará de uma nota fiscal para entrada em Estoque/Uso Consumo Remessa Outro estado 6949 Outra saída de mercadoria ou prestação de serviço não especificado Qualquer outra saída de mercadoria da sua empresa, para outro estado, que não se encaixe em nenhuma das outras especificações anteriores. Remessa Mesmo estado 5206 Anulação de valor relativo a aquisição de serviço de transporte Quando você paga para uma transportadora para enviar ou receber uma mercadoria, e por algum motivo cancelará o processo, deverá emitir uma NF com essa CFOP para anular o valor de Frete, assim o transportador pode recuperar o valor sobre. Remessa Outro estado 6206 Anulação de valor relativo a aquisição de serviço de transporte Quando você paga para uma transportadora para enviar ou receber uma mercadoria, e por algum motivo cancelará o processo, deverá emitir uma NF com essa CFOP para anular o valor de Frete, assim o transportador pode recuperar o valor sobre. Remessa Mesmo estado 5603 Ressarcimento de ICMS retido por substituição tributária Quando você emite uma nota com valores que não deveriam ser debitados quanto a substituição tributária, e precisa recuperá-los de forma legal Remessa Mesmo estado 5606 Utilização de saldo credor do ICMS para extinção por compensação de débitos fiscais Esse é utilizado de acordo com estado e sua base legal. Remessa Outro estado 6603 Ressarcimento de ICMS retido por substituição tributária Quando você emite uma nota com valores que não deveriam ser debitados quanto a substituição tributária, e precisa recuperá-los de forma legal. Transferência Mesmo estado 5409 Transferência de mercadoria adquirida ou recebida de terceiros em operação com mercadoria sujeita ao regime de substituição tributária Saída de um produto que você comprou ou recebeu de um fornecedor / vendedor do mesmo estado e possui substituição tributária. Transferência Outro estado 6409 Transferência de mercadoria adquirida ou recebida de terceiros em operação com mercadoria sujeita ao regime de substituição tributária Saída de um produto que você comprou ou recebeu de um fornecedor / vendedor de outro estado e possui substituição tributária. Transferência Mesmo estado 5557 Transferência de material de uso ou consumo Transferência dentro do mesmo estado de materiais destinados ao uso ou consumo da empresa, por exemplo, para consumir no dia-a-dia. Transferência Outro estado 6557 Transferência de material de uso ou consumo Transferência para outro estado de materiais destinados ao uso ou consumo da empresa, por exemplo, para consumir no dia-a-dia. Transferência Mesmo estado 5552 Transferência de bem do ativo imobilizado Transferência dentro do mesmo estado de materiais que são destinados às atividades da empresa. Transferência Outro estado 6552 Transferência de bem do ativo imobilizado Transferência para outro estado de materiais que são destinados às atividades da empresa. CFOP Links Each Treasury Department maintains an updated table on its website. Here you can see links for some of the main states: CFOP Table | Sefaz AM | State Amazonas | https://online.sefaz.am.gov.br CFOP Table | Sefaz BA | State Bahia | https://www.sefaz.ba.gov.br/contribuinte/cfop.htm CFOP Table | Sefaz MA | State Maranhao | https://sistemas1.sefaz.ma.gov.br/portalsefaz/pdf?codigo=1577 CFOP Table | Sefaz SC | State Santa Catarina | https://legislacao.sef.sc.gov.br/cabecalhos/frame_ricms_01_10.htm CFOP Table | Sefaz SP | State Sao Paulo | https://legislacao.fazenda.sp.gov.br/Paginas/l6an5.aspx CNAE (National Classification of Economic Activities) The National Classification of Economic Activities or simply CNAE is used to determine which activities are carried out by a company. It is mandatory for all legal entities, the CNAE is essential for obtaining the Company ID. In addition to contributing to improving the country's tax management, this classification ensures that your company pays only the relevant taxes to the business. What happens if a divergent CNAE is chosen? If the CNAE is chosen incorrectly, there is a risk of paying undue taxes (even for more) and there is also a great chance that the company will be considered irregular by the regulators, including the payment of fines. How not to make a mistake in defining the company's CNAE? It is very important to have the guidance of registered accountant. In addition, the accountant will help you to: Choose the legal nature Define the size of the company Choose the tax regime and check the tax rates Carry out accounting and tax bookkeeping Guarantee the delivery of ancillary obligations Issue debt clearance certificates Provide labor advice Provide advice on tax planning Provide advice on financial management Example of CNAEs 69.11-7/01: Legal Services 71.12-0/00: Engineering Services 73.19-0/04: Advertising Consulting 62.04-0/00: IT Consulting 62.01-5/02: Web design 74.20-0/04: Filming and Events Hint : In the full list, there are more than a thousand CNAEs available. CNAE Full List You can check the full list below or you can visit the official IBGE webpage and check the updated list at the link below. IBGE Search System | https://concla.ibge.gov.br/busca-online-cnae.html What is : IBGE CNAE Description Appendix Factor R Rate 32.50-7/06 Serviços de prótese dentária V Sim 15.5% 32.50-7/06 Serviços de prótese dentária III Sim 6% 32.50-7/09 Serviço de laboratório óptico V Sim 15.5% 32.50-7/09 Serviço de laboratório óptico III Sim 6% 43.99-1/01 Administração de obras III Não 6% 45.12-9/01 Representantes comerciais e agentes do comércio de veículos automotores V Sim 15.5% 45.30-7/02 Comércio por atacado de pneumáticos e câmaras-de-ar I Não 4% 45.30-7/03 Comércio a varejo de peças e acessórios novos para veículos automotores I Não 4% 45.30-7/04 Comércio a varejo de peças e acessórios usados para veículos automotores I Não 4% 45.30-7/05 Comércio a varejo de pneumáticos e câmaras-de-ar I Não 4% 45.30-7/06 Representantes comerciais e agentes do comércio de peças e acessórios novos e usados para veículos automotores V Sim 15.5% 45.41-2/02 Comércio por atacado de peças e acessórios para motocicletas e motonetas I Não 4% 45.41-2/06 Comércio a varejo de peças e acessórios novos para motocicletas e motonetas I Não 4% 45.41-2/07 Comércio a varejo de peças e acessórios usados para motocicletas e motonetas I Não 4% 45.42-1/01 Representantes comerciais e agentes do comércio de motocicletas e motonetas, peças e acessórios V Sim 15.5% 46.11-7/00 Representantes comerciais e agentes do comércio de matérias-primas agrícolas e animais vivos V Sim 15.5% 46.12-5/00 Representantes comerciais e agentes do comércio de combustíveis, minerais, produtos siderúrgicos e químicos V Sim 15.5% 46.13-3/00 Representantes comerciais e agentes do comércio de madeira, material de construção e ferragens V Sim 15.5% 46.14-1/00 Representantes comerciais e agentes do comércio de máquinas, equipamentos, embarcações e aeronaves V Sim 15.5% 46.15-0/00 Representantes comerciais e agentes do comércio de eletrodomésticos, móveis e artigos de uso doméstico V Sim 15.5% 46.16-8/00 Representantes comerciais e agentes do comércio de têxteis, vestuário, calçados e artigos de viagem V Sim 15.5% 46.17-6/00 Representantes comerciais e agentes do comércio de produtos alimentícios, bebidas e fumo V Sim 15.5% 46.18-4/01 Representantes comerciais e agentes do comércio de medicamentos, cosméticos e produtos de perfumaria V Sim 15.5% 46.18-4/02 Representantes comerciais e agentes do comércio de instrumentos e materiais odonto-médico-hospitalares V Sim 15.5% 46.18-4/03 Representantes comerciais e agentes do comércio de jornais, revistas e outras publicações V Sim 15.5% 46.18-4/99 Outros representantes comerciais e agentes do comércio especializado em produtos não especificados anteriormente V Sim 15.5% 46.19-2/00 Representantes comerciais e agentes do comércio de mercadorias em geral não especializado V Sim 15.5% 46.35-4/01 Comércio atacadista de água mineral I Não 4% 46.35-4/02 Comércio atacadista de cerveja, chope e refrigerante I Não 4% 46.37-1/04 Comércio atacadista de pães, bolos, biscoitos e similares I Não 4% 46.37-1/05 Comércio atacadista de massas alimentícias I Não 4% 46.37-1/06 Comércio atacadista de sorvetes I Não 4% 46.37-1/07 Comércio atacadista de chocolates, confeitos, balas, bombons e semelhantes I Não 4% 46.37-1/99 Comércio atacadista especializado em outros produtos alimentícios não especificados anteriormente I Não 4% 46.39-7/01 Comércio atacadista de produtos alimentícios em geral I Não 4% 46.41-9/01 Comércio atacadista de tecidos I Não 4% 46.41-9/02 Comércio atacadista de artigos de cama, mesa e banho I Não 4% 46.41-9/03 Comércio atacadista de artigos de armarinho I Não 4% 46.42-7/01 Comércio atacadista de artigos do vestuário e acessórios, exceto profissionais e de segurança I Não 4% 46.42-7/02 Comércio atacadista de roupas e acessórios para uso profissional e de segurança do trabalho I Não 4% 46.43-5/01 Comércio atacadista de calçados I Não 4% 46.43-5/02 Comércio atacadista de bolsas, malas e artigos de viagem I Não 4% 46.46-0/01 Comércio atacadista de cosméticos e produtos de perfumaria I Não 4% 46.46-0/02 Comércio atacadista de produtos de higiene pessoal I Não 4% 46.47-8/01 Comércio atacadista de artigos de escritório e de papelaria I Não 4% 46.47-8/02 Comércio atacadista de livros, jornais e outras publicações I Não 4% 46.49-4/01 Comércio atacadista de equipamentos elétricos de uso pessoal e doméstico I Não 4% 46.49-4/02 Comércio atacadista de aparelhos eletrônicos de uso pessoal e doméstico I Não 4% 46.49-4/03 Comércio atacadista de bicicletas, triciclos e outros veículos recreativos I Não 4% 46.49-4/04 Comércio atacadista de móveis e artigos de colchoaria I Não 4% 46.49-4/05 Comércio atacadista de artigos de tapeçaria persianas e cortinas I Não 4% 46.49-4/06 Comércio atacadista de lustres, luminárias e abajures I Não 4% 46.49-4/07 Comércio atacadista de filmes, cds, dvds, fitas e discos I Não 4% 46.49-4/08 Comércio atacadista de produtos de higiene, limpeza e conservação domiciliar I Não 4% 46.49-4/09 Comércio atacadista de produtos de higiene, limpeza e conservação domiciliar, com atividade de fracionamento e acondicionamento associada I Não 4% 46.49-4/10 Comércio atacadista de jóias, relógios e bijuterias, inclusive pedras preciosas e semipreciosas lapidadas I Não 4% 46.49-4/99 Comércio atacadista de outros equipamentos e artigos de uso pessoal e doméstico não especificados anteriormente I Não 4% 46.51-6/01 Comércio atacadista de equipamentos de informática I Não 4% 46.51-6/02 Comércio atacadista de suprimentos para informática I Não 4% 46.52-4/00 Comércio atacadista de componentes eletrônicos e equipamentos de telefonia e comunicação I Não 4% 46.79-6/03 Comércio atacadista de vidros, espelhos e vitrais I Não 4% 46.86-9/02 Comércio atacadista de embalagens I Não 4% 46.91-5/00 Comércio atacadista de mercadorias em geral, com predominância de produtos alimentícios I Não 4% 46.93-1/00 Comércio atacadista de mercadorias em geral, sem predominância de alimentos ou de insumos agropecuários I Não 4% 47.11-3/01 Comércio varejista de mercadorias em geral, com predominância de produtos alimentícios – hipermercados I Não 4% 47.11-3/02 Comércio varejista de mercadorias em geral, com predominância de produtos alimentícios – supermercados I Não 4% 47.12-1/00 Comércio varejista de mercadorias em geral, com predominância de produtos alimentícios – minimercados, mercearias e armazéns I Não 4% 47.13-0/02 Lojas de variedades, exceto lojas de departamentos ou magazines I Não 4% 47.13-0/04 Lojas de departamentos ou magazines, exceto lojas francas (duty free) I Não 4% 47.21-1/02 Padaria e confeitaria com predominância de revenda I Não 4% 47.21-1/03 Comércio varejista de laticínios e frios I Não 4% 47.21-1/04 Comércio varejista de doces, balas, bombons e semelhantes I Não 4% 47.23-7/00 Comércio varejista de bebidas I Não 4% 47.24-5/00 Comércio varejista de hortifrutigranjeiros I Não 4% 47.29-6/01 Tabacaria I Não 4% 47.29-6/99 Comércio varejista de produtos alimentícios em geral ou especializado em produtos alimentícios não especificados anteriormente I Não 4% 47.43-1/00 Comércio varejista de vidros I Não 4% 47.44-0/02 Comércio varejista de madeira e artefatos I Não 4% 47.51-2/01 Comércio varejista especializado de equipamentos e suprimentos de informática I Não 4% 47.51-2/02 Recarga de cartuchos para equipamentos de informática III Não 6% 47.52-1/00 Comércio varejista especializado de equipamentos de telefonia e comunicação I Não 4% 47.53-9/00 Comércio varejista especializado de eletrodomésticos e equipamentos de áudio e vídeo I Não 4% 47.54-7/01 Comércio varejista de móveis I Não 4% 47.54-7/02 Comércio varejista de artigos de colchoaria I Não 4% 47.54-7/03 Comércio varejista de artigos de iluminação I Não 4% 47.55-5/01 Comércio varejista de tecidos I Não 4% 47.55-5/02 Comércio varejista de artigos de armarinho I Não 4% 47.55-5/03 Comércio varejista de artigos de cama, mesa e banho I Não 4% 47.56-3/00 Comércio varejista especializado de instrumentos musicais e acessórios I Não 4% 47.57-1/00 Comércio varejista especializado de peças e acessórios para aparelhos eletroeletrônicos para uso doméstico, exceto informática e comunicação I Não 4% 47.59-8/01 Comércio varejista de artigos de tapeçaria, cortinas e persianas I Não 4% 47.59-8/99 Comércio varejista de outros artigos de uso doméstico não especificados anteriormente I Não 4% 47.61-0/01 Comércio varejista de livros I Não 4% 47.61-0/02 Comércio varejista de jornais e revistas I Não 4% 47.61-0/03 Comércio varejista de artigos de papelaria I Não 4% 47.62-8/00 Comércio varejista de discos, cds, dvds e fitas I Não 4% 47.63-6/01 Comércio varejista de brinquedos e artigos recreativos I Não 4% 47.63-6/02 Comércio varejista de artigos esportivos I Não 4% 47.63-6/03 Comércio varejista de bicicletas e triciclos peças e acessórios I Não 4% 47.63-6/04 Comércio varejista de artigos de caça, pesca e camping I Não 4% 47.72-5/00 Comércio varejista de cosméticos, produtos de perfumaria e de higiene pessoal I Não 4% 47.74-1/00 Comércio varejista de artigos de óptica I Não 4% 47.81-4/00 Comércio varejista de artigos do vestuário e acessórios I Não 4% 47.82-2/01 Comércio varejista de calçados I Não 4% 47.82-2/02 Comércio varejista de artigos de viagem I Não 4% 47.83-1/02 Comércio varejista de artigos de relojoaria I Não 4% 47.85-7/01 Comércio varejista de antigüidades I Não 4% 47.85-7/99 Comércio varejista de outros artigos usados I Não 4% 47.89-0/01 Comércio varejista de suvenires, bijuterias e artesanatos I Não 4% 47.89-0/02 Comércio varejista de plantas e flores naturais I Não 4% 47.89-0/03 Comércio varejista de objetos de arte I Não 4% 47.89-0/07 Comércio varejista de equipamentos para escritório I Não 4% 47.89-0/08 Comércio varejista de artigos fotográficos e para filmagem I Não 4% 47.89-0/99 Comércio varejista de outros produtos não especificados anteriormente I Não 4% 56.11-2/01 Restaurantes e similares I Não 4% 56.11-2/03 Lanchonetes, casas de chá, de sucos e similares I Não 4% 56.11-2/04 Bares e outros estabelecimentos especializados em servir bebidas, sem entretenimento I Não 4% 56.20-1/01 Fornecimento de alimentos preparados preponderantemente para empresas I Não 4% 56.20-1/03 Cantinas – serviços de alimentação privativos I Não 4% 56.20-1/04 Fornecimento de alimentos preparados preponderantemente para consumo domiciliar I Não 4% 59.11-1/01 Estúdios cinematográficos III Não 6% 59.11-1/02 Produção de filmes para publicidade III Não 6% 59.11-1/99 Atividades de produção cinematográfica, de vídeos e de programas de televisão não especificadas anteriormente III Não 6% 59.12-0/01 Serviços de dublagem III Não 6% 59.12-0/02 Serviços de mixagem sonora em produção audiovisual III Não 6% 59.12-0/99 Atividades de pós-produção cinematográfica, de vídeos e de programas de televisão não especificadas anteriormente III Não 6% 59.13-8/00 Distribuição cinematográfica, de vídeo e de programas de televisão III Não 6% 59.14-6/00 Atividades de exibição cinematográfica III Não 6% 59.20-1/00 Atividades de gravação de som e de edição de música III Não 6% 62.01-5/01 Desenvolvimento de programas de computador sob encomenda V Sim 15.5% 62.01-5/01 Desenvolvimento de programas de computador sob encomenda III Sim 6% 62.01-5/02 Web design V Sim 15.5% 62.01-5/02 Web design III Sim 6% 62.02-3/00 Desenvolvimento e licenciamento de programas de computador customizáveis V Sim 15.5% 62.02-3/00 Desenvolvimento e licenciamento de programas de computador customizáveis III Sim 6% 62.03-1/00 Desenvolvimento e licenciamento de programas de computador não-customizáveis V Sim 15.5% 62.03-1/00 Desenvolvimento e licenciamento de programas de computador não-customizáveis III Sim 6% 62.04-0/00 Consultoria em tecnologia da informação V Sim 15.5% 62.09-1/00 Suporte técnico, manutenção e outros serviços em tecnologia da informação V Sim 15.5% 62.09-1/00 Suporte técnico, manutenção e outros serviços em tecnologia da informação III Sim 6% 63.11-9/00 Tratamento de dados, provedores de serviços de aplicação e serviços de hospedagem na internet V Sim 15.5% 63.11-9/00 Tratamento de dados, provedores de serviços de aplicação e serviços de hospedagem na internet III Sim 6% 63.19-4/00 Portais, provedores de conteúdo e outros serviços de informação na internet V Sim 15.5% 63.19-4/00 Portais, provedores de conteúdo e outros serviços de informação na internet III Sim 6% 63.91-7/00 Agências de notícias III Não 6% 63.99-2/00 Outras atividades de prestação de serviços de informação não especificadas anteriormente III Não 6% 66.19-3/02 Correspondentes de instituições financeiras III Não 6% 66.21-5/01 Peritos e avaliadores de seguros V Sim 15.5% 66.21-5/02 Auditoria e consultoria atuarial V Sim 15.5% 66.22-3/00 Corretores e agentes de seguros, de planos de previdência complementar e de saúde III Não 6% 66.29-1/00 Atividades auxiliares dos seguros, da previdência complementar e dos planos de saúde não especificadas anteriormente III Não 6% 68.21-8/01 Corretagem na compra e venda e avaliação de imóveis III Não 6% 68.21-8/02 Corretagem no aluguel de imóveis III Não 6% 69.11-7/01 Serviços advocatícios IV Não 4.5% 69.11-7/03 Agente de propriedade industrial V Sim 15.5% 70.20-4/00 Atividades de consultoria em gestão empresarial, exceto consultoria técnica específica V Sim 15.5% 71.11-1/00 Serviços de arquitetura III Sim 6% 71.12-0/00 Serviços de engenharia V Sim 15.5% 71.19-7/01 Serviços de cartografia, topografia e geodésia V Sim 15.5% 71.19-7/02 Atividades de estudos geológicos V Sim 15.5% 71.19-7/03 Serviços de desenho técnico relacionados à arquitetura e engenharia V Sim 15.5% 71.19-7/04 Serviços de perícia técnica relacionados à segurança do trabalho V Sim 15.5% 71.19-7/99 Atividades técnicas relacionadas à engenharia e arquitetura não especificadas anteriormente V Sim 15.5% 71.20-1/00 Testes e análises técnicas V Sim 15.5% 72.10-0/00 Pesquisa e desenvolvimento experimental em ciências físicas e naturais V Sim 15.5% 72.20-7/00 Pesquisa e desenvolvimento experimental em ciências sociais e humanas V Sim 15.5% 73.11-4/00 Agências de publicidade V Sim 15.5% 73.12-2/00 Agenciamento de espaços para publicidade, exceto em veículos de comunicação III Não 6% 73.19-0/01 Criação de estandes para feiras e exposições V Sim 15.5% 73.19-0/02 Promoção de vendas III Não 6% 73.19-0/03 Marketing direto III Não 6% 73.19-0/04 Consultoria em publicidade V Sim 15.5% 73.19-0/99 Outras atividades de publicidade não especificadas anteriormente III Não 6% 73.20-3/00 Pesquisas de mercado e de opinião pública V Sim 15.5% 74.10-2/02 Design de interiores V Sim 15.5% 74.10-2/02 Design de interiores IV Sim 4.5% 74.10-2/03 Design de produto V Sim 15.5% 74.10-2/99 Atividades de design não especificadas anteriormente V Sim 15.5% 74.20-0/01 Atividades de produção de fotografias, exceto aérea e submarina III Não 6% 74.20-0/02 Atividades de produção de fotografias aéreas e submarinas III Não 6% 74.20-0/03 Laboratórios fotográficos III Não 6% 74.20-0/04 Filmagem de festas e eventos III Não 6% 74.20-0/05 Serviços de microfilmagem III Não 6% 74.90-1/01 Serviços de tradução, interpretação e similares V Sim 15.5% 74.90-1/02 Escafandria e mergulho III Não 6% 74.90-1/03 Serviços de agronomia e de consultoria às atividades agrícolas e pecuárias V Sim 15.5% 74.90-1/04 Atividades de intermediação e agenciamento de serviços e negócios em geral, exceto imobiliários V Sim 15.5% 74.90-1/05 Agenciamento de profissionais para atividades esportivas, culturais e artísticas V Sim 15.5% 74.90-1/99 Outras atividades profissionais, científicas e técnicas não especificadas anteriormente V Sim 15.5% 75.00-1/00 Atividades veterinárias V Sim 15.5% 77.21-7/00 Aluguel de equipamentos recreativos e esportivos III Não 6% 77.22-5/00 Aluguel de fitas de vídeo, dvds e similares III Não 6% 77.23-3/00 Aluguel de objetos do vestuário, jóias e acessórios III Não 6% 77.29-2/01 Aluguel de aparelhos de jogos eletrônicos III Não 6% 77.29-2/02 Aluguel de móveis, utensílios e aparelhos de uso doméstico e pessoal; instrumentos musicais III Não 6% 77.29-2/03 Aluguel de material médico III Não 6% 77.29-2/99 Aluguel de outros objetos pessoais e domésticos não especificados anteriormente III Não 6% 77.31-4/00 Aluguel de máquinas e equipamentos agrícolas sem operador III Não 6% 77.32-2/01 Aluguel de máquinas e equipamentos para construção sem operador, exceto andaimes III Não 6% 77.32-2/02 Aluguel de andaimes III Não 6% In Summary CNAE stands for National Classification of Economic Activities For the government, the objective of the CNAE is to improve tax management and control possible fraudulent actions related to the payment of taxes For companies, CNAE guarantees the correct payment of taxes, the possibility of payroll exemption, the right tax and union structure, also, for small companies to be included in the Simplified tax regimes, and it is mandatory even for self-employed professionals and non-profit organizations All legal entities must have their CNAE defined, this code being essential to obtain the Company ID Choosing a CNAE that differs from the activity carried out may cause the company to be considered irregular, lose tax incentives, not obtain an operating license and is even liable to pay fines The support and guidance of an accountant is very important for a company's CNAE to be defined correctly Tax Regimes The tax regime is what determines which taxes will be paid by a company and how it will be done. There are 3 tax regimes: Actual profit, Presumed profit and Simplified. Actual Profit The Real Profit is a tax regime in which the direct taxes are calculated based on the effective profit that the business had within the calculation period. That means, the greater the profitability, the greater the amount of taxes to be paid. However, the opposite is also valid, that is, if there is no profit, or the company has a loss, it is exempt from paying taxes for that period. Which companies can opt for Profit Real? Profit Real can be the tax option of any company. However, businesses with revenues above $78 million (BRL) in the calendar year or the previous year are required to be classified as Actual Profit. Presumed Profit The calculation of this tax regime is based on a fixed tax table, provided by authorities, for the direct taxes collection. Sale of goods or products: 8% Industrialization: 8% Rural Activity: 8% Transport services: 16% Provision of services: 32% And so on ... Which companies can opt for Presumed Profit? Presumed Profit can also be used by any company, as long as they do not exceed $78 million (BRL) in annual revenue or cannot be listed as mandatory for Actual Profit. Simplified Simplified is a tax regime created with the objective of assisting Small Businesses. The main purpose of this tax regime is to facilitate the collection of taxes by these entrepreneurs. As a result, all taxes under this regime are calculated according progressive table, provided by authorities, and collected a monthly single payment. Which companies can opt for Simplified? In order to qualify for Simplified, the company must comply with certain rules, which are: Small business only Annual revenue of up to $4,8 million (BRL) Activity qualified as Simplified by authorities And so on ... SPED (e-Reporting) SPED stands for Sistema Publico de Escrituracao Digital (in Portuguese) or Public System of Digital bookkeeping (in English). It is an e-Reporting to standardize and simplify the fiscal and accounting reports, with objective to replace paper-based reports. There are several SPEDs to be delivery to the Brazilian authorities, and they are mandatory. They are classified as: ECD | Digital Accounting Bookkeeping EFD | Digital Fiscal Bookkeeping ECF | Tax Accounting Bookkeeping The most important SPEDs are: SPED ECD Accounting | Annually | Reporting the entire balance sheet and P&L SPED EFD Fiscal | Monthly | Reporting amount owed of ICMS (Goods and Services Tax) and IPI (Tax on Industrialized Products) SPED EFD Contributions | Monthly | Reporting amount owed of PIS (Social Integration Program) and COFINS (Contribution to Social Security Financing) SPED ECF Tax Accounting | Annually | Reporting amount owed of IRPJ (Corporate Income Tax) and CSLL (Social Contribution on Net Profit) You can see in the table below some examples of the blocks and registers that should contain the SPED flat file. SPED Block Register Description Bookkeeping Type G Bookkeeping Type R Bookkeeping Type B ECD 0 Opening of the File, Identification, and References ECD 0 0000 Register 0000: Opening of digital file/entity identification Mandatory Mandatory Mandatory ECD 0 0001 Register 0001: Block 0 Opening Mandatory Mandatory Mandatory ECD 0 0007 Register 0007: Other Entity's Subscriptions Mandatory Mandatory Mandatory ECD 0 0020 Register 0020: Decentralized Accounting Bookkeeping Optional Optional Optional ECD 0 0150 Register 0150: Participant Register Table Optional Optional Not Applicable ECD 0 0180 Register 0180: Identification of Related Participant Mandatory (Dependent) Mandatory (Dependent) Not Applicable ECD 0 0990 Register 0990: Block 0 Closing Mandatory Mandatory Mandatory ECD I Details of Accounting Postings ECD I I001 Register I001 – Block I Opening Mandatory Mandatory Mandatory ECD I I010 Register I010 – Bookkeeping Identification Mandatory Mandatory Mandatory ECD I I012 Register I012 – Subsidiary Journal Not Applicable Mandatory Optional ECD I I015 Register I015 – Account Identification of Summary Bookkeeping that Refers to the Auxiliary Bookkeeping Not Applicable Mandatory Optional ECD I I020 Register I020 – Additional Fields Optional Optional Optional ECD I I030 Register I030 – Journal Opening Term Mandatory Mandatory Mandatory ECD I I050 Register I050 – Chart of Accounts Mandatory Mandatory Mandatory ECD I I051 Register I051 – Referential Chart of Accounts Optional Optional Optional ECD I I052 Register I052 – Identification of Agglutination Codes Optional Optional Optional ECD I I075 Register I075 – Table for Standard History Optional Optional Not Applicable ECD I I100 Register I100 – Cost Center Optional Optional Optional ECD I I150 Register I150 – Periodic Balances, Period Identification Mandatory Mandatory Mandatory ECD I I151 Register I151 – Digital signature of the files that have "Fichas de Lancamentos" used in the period Not Applicable Not Applicable Optional ECD I I155 Register I155 – Periodic Balances Details Mandatory Mandatory Mandatory ECD I I200 Register I200 – Accounting Postings Mandatory Mandatory Not Applicable ECD I I250 Register I250 – Posting Entries Mandatory Mandatory Not Applicable ECD I I300 Register I300 – Daily Trial Balances – Date Identification Not Applicable Not Applicable Mandatory ECD I I310 Register I310 – Details of Daily Trial Balances Not Applicable Not Applicable Mandatory ECD I I350 Register I350 – Balance of Profit & Loss Account – Before the Closing Period Optional Optional Optional ECD I I355 Register I355 – Details of Account's Balances before Financial Year Closing Mandatory (Dependent) Mandatory (Dependent) Mandatory (Dependent) ECD I I500 Register I500 – Parameters do Print and Display the Auxiliary Ledger with Flexible Layout Not Applicable Not Applicable Not Applicable ECD I I510 Register I510 – Definition of Fields for Auxiliary Ledger Book with Flexible Layout Not Applicable Not Applicable Not Applicable ECD I I550 Register I550 – Details of Auxiliary Ledger with Flexible Layout Not Applicable Not Applicable Not Applicable ECD I I555 Register I555 – Totals in Auxiliary Ledger Book Not Applicable Not Applicable Not Applicable ECD I I990 Register I990 – Block I Closure Mandatory Mandatory Mandatory ECD J Accounting Statements ECD J J001 Register J001: Block J Opening Mandatory Mandatory Mandatory ECD J J005 Register J005: Accounting Statement Optional Optional Optional ECD J J100 Register J100: Balance Sheet Optional Optional Optional ECD J J150 Register J150: Profit & Loss Statement Optional Optional Optional ECD J J800 Register J800: Other Information Optional Optional Optional ECD J J900 Register J900: Closure Statement Mandatory Mandatory Mandatory ECD J J930 Register J930: Identification of Bookkeeping Signatory Mandatory Mandatory Mandatory ECD J J990 Register J990: Block J Closure Mandatory Mandatory Mandatory ECD 9 Closing of the File ECD 9 9001 Register 9001: Block 9 Opening Mandatory Mandatory Mandatory ECD 9 9900 Register 9900: File Registers Mandatory Mandatory Mandatory ECD 9 9990 Register 9990: Block 9 Closing Mandatory Mandatory Mandatory ECD 9 9999 Register 9999: Digital File Closing Mandatory Mandatory Mandatory Brazilian Tax Reform (New Brazilian VAT) The tax reform will replace all consumption taxes with a VAT value-added tax, paid by the final consumer, charged non-cumulatively at all stages of the production chain. The five current consumption taxes – IPI, PIS, Cofins, ICMS and ISS – are replaced by two consumption taxes (IBS and CBS) and a Selective Tax (IS). IBS - Tax on Goods and Services / CBS - Conbribution on Goods and Services In both proposals, IBS and CBS have the following characteristics: They are charged on all operations with tangible or intangible goods and services They are charged at all stages of the production chain, giving the right to credit for the previously paid tax (non-cumulative) They are not charged on exports They are charged on imports They adopt the principle of destination (rate and collection linked to the place of consumption) Provide for a single rate for all goods and services consumed in each location Due to the particularities of certain sectors, differentiated taxation regimes are foreseen for: Financial services, real estate, fuel, public sector procurement, health care plans, and prediction contests Real estate, fuel, public sector acquisitions, tobacco products and financial intermediation There are plans for special treatments to reduce the impact of changing the model: 50% reduction of IBS and CBS rates for: urban, semi-urban or metropolitan public transport services; medicines; medical devices and healthcare services; education services; agricultural, fishing, forestry and plant extractive products in natura; agricultural inputs, food intended for human consumption and personal hygiene products national artistic and cultural activities exempt public urban, semi-urban or metropolitan transport services; reduce by 100% the rate of CBS and IBS levied on medications; reduce by 100% the CBS rate levied on higher education education services (PROUNI) and, until 12/28/2027, on services benefited by the Emergency Program for the Resumption of the Events Sector (Perse) Complementary law will define the sectors that will have differentiated treatment; Provide for the maintenance of the global tax burden on consumption Makes taxation on consumption less unfair, as they adopt the possibility of refunding the tax (cashback). In this way, the granting of tax benefits is focused on those who need it most, in contrast to the option for exemptions by type of merchandise. Preserve Simples Nacional and the favored treatment of the Manaus Free Zone Maintain constitutional bonds and divisions, such as Health and Education Contain transitional rules, shorter for society in general (taxation regime) and longer and smoother for sharing with states and municipalities (sharing system) IS - Selective Tax The Selective Tax will be charged to discourage the consumption of harmful goods and services to Health and the Environment, such as alcoholic beverages, cigarettes and pollutants.

Topics: Web Security | DNS Setup DNSSEC | pfSense | Network Protocols | Gmail Advanced Optimization | Plus Addressing | Dotted Addressing Up Cyber Security Cyber Security Overview Cyber Security Solution | XDR vs SIEM Wazuh (XDR + SIEM Platform) Reverse Proxy Google | Gmail Optimization | DNSSEC Webserver DNS | Domain Name System Public DNS Servers rDNS |Reverse DNS mDNS | Multicast DNS Ping | How to Ping a Specific Port? Telnet | Teletype Network NMAP | Network Mapper Wireshark | Open-Source Network Packet Analyzer Network Protocols TCP vs UDP | Protocol Comparison SSL vs TLS | Protocol Comparison Public Cloud Services Comparison Cyber Security Overview Cyber security is the practice of defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks. The term applies in a variety of contexts, from business to mobile computing, and can be divided into a few common categories. Network security is the practice of securing a computer network from intruders, whether targeted attackers or opportunistic malware. Application security focuses on keeping software and devices free of threats. A compromised application could provide access to the data its designed to protect. Successful security begins in the design stage, well before a program or device is deployed. Information security protects the integrity and privacy of data, both in storage and in transit. Operational security includes the processes and decisions for handling and protecting data assets. The permissions users have when accessing a network and the procedures that determine how and where data may be stored or shared all fall under this umbrella. Disaster recovery and business continuity define how an organization responds to a cyber-security incident or any other event that causes the loss of operations or data. Disaster recovery policies dictate how the organization restores its operations and information to return to the same operating capacity as before the event. Business continuity is the plan the organization falls back on while trying to operate without certain resources. End-user education addresses the most unpredictable cyber-security factor: people. Anyone can accidentally introduce a virus to an otherwise secure system by failing to follow good security practices. Teaching users to delete suspicious email attachments, not plug in unidentified USB drives, and various other important lessons is vital for the security of any organization. Cyber Security Solution | XDR vs SIEM XDR (Extended detection and response) It is a comprehensive cybersecurity solution that combines multiple security technologies and data sources to provide enhanced threat detection, response, and remediation capabilities. XDR expands beyond traditional EDR (Endpoint Detection and Response) solutions and incorporates additional security telemetry data from various sources, such as network traffic, cloud environments, and other endpoints. Key features and benefits Enhanced visibility : XDR collects and analyzes data from diverse sources, including endpoints, network traffic, cloud platforms, and more. This broader visibility provides a comprehensive understanding of the organization's security posture and allows for the detection of complex threats that may span multiple layers. Advanced analytics and detection : XDR leverages advanced analytics, machine learning, and threat intelligence to detect and prioritize potential security incidents accurately. By applying behavioral analytics and anomaly detection, XDR can identify and flag suspicious activities or indicators of compromise. Automated and streamlined response : XDR streamlines the incident response process by automating investigation and remediation actions. It can orchestrate response activities across different security tools and endpoints, reducing the time and effort required to contain and mitigate threats. Threat hunting capabilities : XDR enables proactive threat hunting by allowing security teams to search for indicators of compromise (IoCs) and suspicious activities across the entire security ecosystem. This helps in identifying and eliminating threats before they cause significant damage. Improved operational efficiency : By consolidating and correlating security data from multiple sources, XDR simplifies security operations and reduces alert fatigue. It provides context-rich insights and actionable intelligence, enabling security teams to focus on critical threats and respond more efficiently. SIEM (Security information and event management) It is a cybersecurity solution that helps organizations collect, analyze, and correlate security event data from various sources within their IT infrastructure. SIEM systems provide real-time monitoring, threat detection, incident response, and compliance management capabilities. Key features and benefits Data Collection : SIEM collects log data, security events, and system activity logs from a wide range of sources, including network devices, servers, applications, firewalls, intrusion detection systems (IDS), and more. These logs contain valuable information about security events, user activities, and system behavior. Log Management : SIEM systems store and manage log data in a centralized repository or database. This allows for easy search, retrieval, and long-term retention of logs for compliance and forensic purposes. Event Correlation : SIEM analyzes and correlates log data from different sources to identify patterns, anomalies, and potential security incidents. It applies predefined rules or algorithms to match events and generate meaningful alerts or notifications. Real-Time Monitoring : SIEM continuously monitors security events in real time and provides dashboards and visualizations to give security teams a holistic view of the organization's security posture. It allows them to track activities, detect threats, and respond promptly to incidents. Threat Detection : SIEM uses rule-based correlation or advanced analytics techniques to detect potential security threats and malicious activities. It can identify patterns that indicate attacks, such as brute-force login attempts, suspicious network traffic, or unauthorized access attempts. Incident Response : SIEM provides workflows and automation capabilities to streamline incident response processes. It enables security teams to investigate and respond to security incidents efficiently, including threat containment, analysis, and remediation. Compliance Management : SIEM assists organizations in meeting regulatory compliance requirements by collecting and analyzing security logs for auditing purposes. It generates reports and provides evidence of compliance with standards such as PCI DSS, HIPAA, GDPR, and others. Log Retention and Forensics : SIEM systems store logs for extended periods, allowing security teams to perform forensic analysis and investigations when necessary. This helps in understanding the scope and impact of security incidents and supports post incident remediation efforts. XDR vs SIEM (Key Differences) 1. Data Sources: SIEM primarily focuses on log data from various sources within the network, such as firewalls, servers, applications, and network devices. It collects and analyzes logs to identify security events and generate alerts. XDR goes beyond logs and incorporates a broader range of security telemetry data. It collects and analyzes data from diverse sources, including endpoints, network traffic, cloud environments, and sometimes additional sources like cloud applications, email gateways, or user behavior analytics. 2. Endpoint vs. Network Focus: SIEM traditionally places more emphasis on network-focused data sources, analyzing logs from network devices and servers. While it can incorporate some endpoint data, the primary focus is on network-centric security events. XDR expands the scope to include both endpoint and network data. It incorporates endpoint detection and response (EDR) capabilities, analyzing endpoint activities, processes, and behaviors. It also includes network detection and response (NDR) functionalities to monitor network traffic and identify threats. 3. Threat Detection Approach: SIEM typically relies on rule-based correlation and signature-based detection to identify security incidents. It uses predefined rules and signatures to match events and generate alerts based on known patterns. XDR leverages advanced analytics, machine learning, and threat intelligence to detect sophisticated threats. It applies behavioral analytics, anomaly detection, and machine learning algorithms to identify anomalies, unknown threats, and indicators of compromise. 4. Response and Automation: SIEM systems provide alerting and reporting capabilities, allowing security teams to investigate and respond to incidents manually. While some level of automation is possible, the focus is primarily on generating alerts and providing analysis for human decision-making. XDR offers more extensive automation and orchestration capabilities. It can automate response actions, such as isolating compromised endpoints, blocking malicious network traffic, or initiating remediation tasks. 5. Holistic View and Context: SIEM provides visibility into security events and logs, allowing security teams to monitor activities and detect threats within the network. XDR aims to provide a unified and holistic view of the organization's security posture. By collecting and correlating data from various sources, including endpoints, network, and cloud. Wazuh (XDR + SIEM Platform) Wazuh is a free and open-source security platform that unifies XDR and SIEM capabilities. It protects workloads across on-premises, virtualized, containerized, and cloud-based environments. Wazuh unifies historically separate functions into a single agent and platform architecture. Active XDR protection from modern threats: Wazuh provides analysts real-time correlation and context. Active responses are granular, encompassing on-device remediation so endpoints are kept clean and operational. A comprehensive SIEM solution : The Wazuh Security Information and Event Management (SIEM) solution provides monitoring, detection, and alerting of security events and incidents. Endpoint Security | Configuration Assessment, Malware Detection and File Integrity Monitoring Threat Intelligence | Threat Hunting, Log Data Analysis and Vulnerability Detection Security Operations | Incident Response, Regulatory Compliance and IT Hygiene Cloud Security | Container Security, Posture Management and Workload Protection How it is Structured Wazuh is structured around three pivotal components, each playing a distinct role: 1 | Indexer | The Indexer is the backbone of Wazuh, responsible for efficiently storing and managing vast amounts of security data. It plays a crucial role in facilitating rapid data retrieval and analysis Stage 1 Installation |Certificate creation Stage 2 Installation |Nodes installation Stage 3 Installation |Cluster initialization 2 | Server | Acting as the core processing unit, the Server interprets and analyzes the data collected by agents. It executes essential security operations, such as threat detection, incident response, and compliance management Stage 1 Installation | Wazuh server node installation Stage 2 Installation |Cluster configuration for multi-node deployment 3 | Dashboard | The Dashboard is the user-friendly interface that provides a visual representation of your security data. It offers pre-built dashboards for quick insights into security events, vulnerabilities, file integrity monitoring, configuration assessments, cloud infrastructure monitoring, and compliance standards Together, these three components form the foundation of Wazuh, offering a scalable and flexible solution to enhance your organization’s cybersecurity posture. Requirements OS: 64-bit Linux OS Versions: RHEL 7, 8, 9 | Amazon Linux 2 | CentOS 7, 8 | Ubuntu 16.04, 18.04, 20.04, 22.04 Hardware for 1-25 agents: Minimum: 2 CPU (cores) | 4 RAM (GBs) Recommended: 4 CPU (cores) | 8 RAM (GBs) Disk space for 1-25 agents: 50 GBs per 90 Days data Browser Compatibility: Chrome 95 or later | Firefox 93 or later | Safari 13.7 or later Browser w/Limited Support: Other Chromium-based browsers Browser Not Supported: Internet Explorer 11 is not supported Before Installation | Lessons Learned | Common constraints CPU/Memory Error | In the installation step the process can be aborted if the requirements are not met Even with the right CPUs/Memory RAM set, the script consider the available at the moment of installation, and the system will be consuming some of the resources. You can just increase a little more 1 Option: If you are using a VM, you can increase the CPU cores and Memory RAM 2 Option: You the "-i" in the end of the command to bypass that (you will see in the prompt command) Disk Space Error | In the final steps of the script (dashboard installation), the processes can fail and the installation reverted, due a lack of free disk Even with a large VM disk, this can happens due the way the Ubuntu setted the partitions 1 Option: You need to increase the partition before installation (How to do it) Virtual Hard Disk expands to Maximum Size If you are using a VM with a dynamically expanding disk, be aware that Wazuh may expand exponentially until it reaches the maximum disk size, despite the internal space being unused and available. Restrict the maximum size accordingly After Installation To deploy your first agent On the Wazuh Dashboard, go to Menu > Server Management > Endpoints Summary Lost Password | If you lost your initial admin password you can run this command Retrieve Users and Passwords | Command: tar -O -xvf wazuh-install-files.tar wazuh-install-files/wazuh-passwords.txt Deploying on Ubuntu This is the quickstart method, provided by Wazuh, to deploy the version v4.9.0 using the official bash script. You can check the official page for the latest version deployments. (https://documentation.wazuh.com/current/quickstart.html ) Open the terminal For non-root users, use the command "sudo " to perform administrative tasks (Optional) If your system id not updated | Update Ubuntu | Command: apt update Download the Wazuh installation assistant | Command: curl -sO https://packages.wazuh.com/4.9/wazuh-install.sh Execute the Wazuh Scrip using the assistant | Command: bash wazuh-install.sh -a (Optional) If the minimum hardware requirement error appears use "-i" | Command: bash wazuh-install.sh -a -i Login to wazuh using the Browser | Command: https:// Just wait a little longer if you get a message "Wazuh dashboard server is not ready yet " Initial user and password is informed at the end of installation Deploying on Docker This is the installation alternative method, provided by Wazuh, to deploy the version v4.8.2 on docker. You can check the official page for the latest version deployments. (https://documentation.wazuh.com/current/deployment-options/docker/wazuh-container.html ) Open the terminal For non-root users, use the command "sudo " to perform administrative tasks (Optional) If your system id not updated | Update Ubuntu | Command: apt update Install Docker and Docker Compose | Command: apt install docker.io docker-compose -y Clone the Wazuh | Command: git clone https://github.com/wazuh/wazuh-docker.git -b v4.8.2 Check the new wazuh-docker directory | Command: ls Enter in the new wazuh-docker directory (single-node) | Command: cd wazuh-docker/single-node/ Generate the certificate | Command: docker-compose -f generate-indexer-certs.yml run --rm generator Deploy Wazuh single-node using docker-compose in background | Command: docker-compose up -d Check the Docker Stats to see if all is done and running | Command: docker stats Login to wazuh using the Browser | Command: https:// Just wait a little longer if you get a message "Wazuh dashboard server is not ready yet " Initial user and password | User: admin / Password: SecretPassword Upgrading Wazuh on Docker If you have a previous version like v4.8.2, in this example you can upgrade to v4.9.0 Open terminal For non-root users, use the command "sudo " to perform administrative tasks Enter in the new wazuh-docker directory (single-node) | Command: cd wazuh-docker/single-node/ Stop the outdated environment | Command: docker-compose down Checkout the tag for the current version | Command: git checkout v4.9.0 Start the new version of Wazuh | Command: docker-compose up -d Check the Docker Stats to see if all is done and running | Command: docker stats Restarting the Wazuh Container If you restart your VM, or for any other reason, your Wazuh dashboard starts giving errors, you can restart the Wazuh container to continue using it until you check the logs and fix the issues. Open terminal For non-root users, use the command "sudo " to perform administrative tasks Enter in the new wazuh-docker directory (single-node) | Command: cd wazuh-docker/single-node/ Stop the outdated environment | Command: docker-compose down Wait until all processes are "done" Start the new version of Wazuh | Command: docker-compose up -d Check the Docker Stats to see if all is done and running | Command: sudo docker stats Reverse Proxy A reverse proxy is a server that sits in front of web servers and forwards client (e.g. web browser) requests to those web servers. Reverse proxies are typically implemented to help increase security, performance, and reliability. In order to better understand how a reverse proxy works and the benefits it can provide, let’s first define what a proxy server is. Benefits of a P roxy To avoid state or institutional browsing restrictions To block access to certain content To protect their identity online Benefits of a Reverse Proxy Load balancing Protection from attacks GSLB (Global server load balancing) Caching SSL encryption Forward Proxy Flow Reverse Proxy Flow Forward Proxy Flow 1/2 Google | Gmail Optimization | DNSSEC Webserver Gmail Advanced Optimization Plus Addressing Probably you receive a lot of unsolicited emails every day. That happens because many companies sell your data for data brokers. The Google "Plus Addressing" feature helps you to add additional information in your gmail address. Gmail Address: "Email Address" + "@gmail.com" (e.g. "johndoe@gmail.com ") Gmail Plus Addressing: "Email Address" + "Plus Addressing" + "@gmail.com" (e.g. "johndoe+amazon@gmail.com ") Example : If your email is "johndoe@gmail.com " and you want to to create a Amazon Account You can add "+amazon" in you email. So your email will be on Amazon "johndoe+amazon@gmail.com " You will receive the amazon emails in your gmail like the other emails, but you will be able to see the receiver as "johndoe+amazon@gmail.com " If Amazon sells your data for data brokers you will know what they did Warning : Nowadays, many companies already know this trick and are blocking Plus Addressing Dotted Addressing Unlike Plus Addressing, companies don't block dots in the Gmail address. It's not as flexible, but it's another way to change your email address without having to create another Gmail account. Gmail Address: "Email Address" + "@gmail.com" (e.g. "johndoe@gmail.com ") Gmail Dotted Addressing: "Email prefix" + "." "+ "Email suffix" (e.g. "john.doe@gmail.com ") Gmail Filtering You can use some filters in Gmail to find specific emails. On the gmail account, go to 'Show Search Option" In the field 'Has the words' Filter for emails with no Label | Syntax: has:nouserlabels Filter by Labels with space | Label '[ Important ]' nested on '[ Personal ]'|Syntax: user label:{[-Personal-] [-Important-]} Filter removing a specific Label | Syntax: -{label:[-Personal-]-[-Important-]} Filter by emails with no label, from yourself, before a date | Syntax: has:nouserlabels -from:me before:01/01/2013 DNSSEC on Google Domain with Cloudflare Activating DNSSEC on Google Domains with Cloudflare In Cloudflare go to | DNS > Settings > Activate DNSSEC Get the: Tag Key Digest In Google Domains go to | DNS Paste the: Tag Key Algorithm = 13 Digest Type = SHA256 Digest Wait a couple minutes and it is done. You can go back to Cloudflare and see the message "Success! Your domain is protected with DNSSEC." Google Domains DNSSEC Google Domains DNSSEC 1/1 DNS | Domain Name System DNS is often compared to a phone book, and it allows users to type domain names into their browsers without having to remember IP addresses. Browser: www.google.com > DNS Translates > IP Address: 142.250.187.228 Example: when a user types "www.google.com " into their browser, DNS translates that domain name into an IP address that their browser can use to load the website. DNS Record Types IP address resolution CNAME | CNAME records maps a domain name to another (canonical) domain name. They can be used to resolve other record types present on the target domain name Example: CNAME = 'finance' on google, like 'finance.google.com', will be mapped to 'https://www.google.com/finance/' A | A records map a domain name to one or multiple IPv4 address(es) Example: A = 'google.com' will be mapped to '142.250.187.238' AAAA | AAAA records map a domain name to one or multiple IPv6 address(es) Example: AAAA = 'google.com' will be mapped to '2a00:1450:4009:827::200e' Email authentication MX | A mail exchange (MX) record is required to deliver email to a mail server DKIM | A DomainKeys Identified Mail (DKIM) record ensures email authenticity by cryptographically signing emails SPF | A Sender Policy Framework (SPF) record lists authorized IP addresses and domains that can send email on behalf of your domain DMARK | A Domain-based Message Authentication Reporting and Conformance (DMARC) record helps generate aggregate reports about your email traffic and provide clear instructions for how email receivers should treat non-conforming emails Specialized records TXT | A text (TXT) record lets you enter text into the DNS system NS | A nameserver (NS) record indicates which server should be used for authoritative DNS CCA | A Certificate Authority Authorization (CAA) record specifies which Certificate Authorities (CAs) are allowed to issue certificates for a domain SRV | A service record (SRV) specifies a host and port for specific services like voice over IP (VOIP), instant messaging, and more SVCB and HTTPS | Service Binding (SVCB) and HTTPS Service (HTTPS) records allow you to provide a client with information about how it should connect to a server upfront, without the need of an initial plaintext HTTP connection PTR | A pointer (PTR) record specifies the allowed hosts for a given IP address SOA | A start of authority (SOA) record stores information about your domain such as admin email address, when the domain was last updated, and more DS and DNSKEY | DS and DNSKEY records help implement DNSSEC, which cryptographically signs DNS records to prevent domain spoofing There are 4 DNS servers involved in loading a webpage DNS Recursor | The recursor can be thought of as a librarian who is asked to go find a particular book somewhere in a library. The DNS recursor is a server designed to receive queries from client machines through applications such as web browsers. Typically the recursor is then responsible for making additional requests in order to satisfy the client’s DNS query Root Nameserver | The root server is the first step in translating (resolving) human readable host names into IP addresses. It can be thought of like an index in a library that points to different racks of books - typically it serves as a reference to other more specific locations TLD Nameserver | The top level domain server (TLD) can be thought of as a specific rack of books in a library. This nameserver is the next step in the search for a specific IP address, and it hosts the last portion of a hostname (In example.com, the TLD server is “com”) Authoritative Nameserver | This final nameserver can be thought of as a dictionary on a rack of books, in which a specific name can be translated into its definition. The authoritative nameserver is the last stop in the nameserver query. If the authoritative name server has access to the requested record, it will return the IP address for the requested hostname back to the DNS Recursor (the librarian) that made the initial request DNS Lookup For most situations, DNS is concerned with a domain name being translated into the appropriate IP address. Often DNS lookup information will be cached either locally inside the querying computer or remotely in the DNS infrastructure. There are typically 8 steps in a DNS lookup. When DNS information is cached, steps are skipped from the DNS lookup process which makes it quicker. The example below outlines all 8 steps when nothing is cached 1. A user types ‘example.com’ into a web browser and the query travels into the Internet and is received by a DNS recursive resolver 2. The resolver then queries a DNS root nameserver (.) 3. The root server then responds to the resolver with the address of a Top Level Domain (TLD) DNS server (such as .com or .net), which stores the information for its domains. When searching for example.com, our request is pointed toward the .com TLD 4. The resolver then makes a request to the .com TLD 5. The TLD server then responds with the IP address of the domain’s nameserver, example.com 6. Lastly, the recursive resolver sends a query to the domain’s nameserver 7. The IP address for example.com is then returned to the resolver from the nameserver 8. The DNS resolver then responds to the web browser with the IP address of the domain requested initially DNS Lookup DNS Lookup and Webpage Query DNS Record Request Sequence DNS Lookup DNS Lookup and Webpage Query 1/2 Once the 8 steps of the DNS lookup have returned the IP address for 'example.com', the browser is able to make the request for the web page: 9. The browser makes a HTTP request to the IP address 10. The server at that IP returns the webpage to be rendered in the browser DNS resolver The DNS resolver is the first stop in the DNS lookup, and it is responsible for dealing with the client that made the initial request. The resolver starts the sequence of queries that ultimately leads to a URL being translated into the necessary IP address. A typical uncached DNS lookup will involve both recursive and iterative queries. It's important to differentiate between a recursive DNS query and a recursive DNS resolver. The query refers to the request made to a DNS resolver requiring the resolution of the query. A DNS recursive resolver is the computer that accepts a recursive query and processes the response by making the necessary requests. 3 types of DNS queries Recursive Query | In a recursive query, a DNS client requires that a DNS server (typically a DNS recursive resolver) will respond to the client with either the requested resource record or an error message if the resolver can't find the record Iterative Query | In this situation the DNS client will allow a DNS server to return the best answer it can. If the queried DNS server does not have a match for the query name, it will return a referral to a DNS server authoritative for a lower level of the domain namespace. The DNS client will then make a query to the referral address. This process continues with additional DNS servers down the query chain until either an error or timeout occurs Non-recursive Query | Typically this will occur when a DNS resolver client queries a DNS server for a record that it has access to either because it's authoritative for the record or the record exists inside of its cache. Typically, a DNS server will cache DNS records to prevent additional bandwidth consumption and load on upstream servers DNS Caching The purpose of caching is to temporarily stored data in a location that results in improvements in performance and reliability for data requests. DNS caching involves storing data closer to the requesting client so that the DNS query can be resolved earlier and additional queries further down the DNS lookup chain can be avoided, thereby improving load times and reducing bandwidth/CPU consumption. DNS data can be cached in a variety of locations, each of which will store DNS records for a set amount of time determined by a time-to-live (TTL) Public DNS Servers A free, global DNS resolution service that you can use as an alternative to your current DNS provider. It first appeared to simplify and direct internet traffic for users globally. Public DNS servers are accessible to anyone with an internet connection and are often provided by internet service providers or third-party companies. These servers are most commonly used by individuals and organizations that do not require a private network for their DNS queries. They offer a straightforward and efficient way to navigate the web, helping users access websites quickly and reliably. DNS Ports DNS Standard | Port: 53 | Protocol: TCP and UDP DoH DNS-over-HTTPS | Port: 443 | Protocol: HTTPS (HTTP + SSL/TLS) DoT DNS-over-TLS | Port: 853 | Protocol: TCP DoQ DNS-over-QUIC | Port: 853 | Protocol: UDP DNSCrypt | Port: 443, 4443, 5443 or 8443 | Protocol: TCP or UDP Providers Type Category DNS IPv4 DNS-over-HTTPS DNS-over-TLS DNS-over-QUIC DNSCrypt IPv4 DNS IPv6 DNSCrypt IPv6 Ctry Page Comments Google DNS Top 8.8.8.8 and 8.8.4.4 https://dns.google/dns-query tls://dns.google 2001:4860:4860::8888 and 2001:4860:4860::8844 https://developers.google.com/speed/public-dns/ Google DNS is a free, global DNS resolution service that you can use as an alternative to your current DNS provider Cloudflare DNS Standard Top 1.1.1.1 and 1.0.0.1 https://dns.cloudflare.com/dns-query (IPv6: https://dns.cloudflare.com/dns-query) tls://one.one.one.one 2606:4700:4700::1111 and 2606:4700:4700::1001 https://1.1.1.1/ Cloudflare DNS is a free and fast DNS service which functions as a recursive name server providing domain name resolution for any host on the Internet Cloudflare DNS Malware blocking only Top 1.1.1.2 and 1.0.0.2 https://security.cloudflare-dns.com/dns-query tls://security.cloudflare-dns.com 2606:4700:4700::1112 and 2606:4700:4700::1002 https://1.1.1.1/ Cloudflare DNS is a free and fast DNS service which functions as a recursive name server providing domain name resolution for any host on the Internet Cloudflare DNS Malware and adult content blocking Top 1.1.1.3 and 1.0.0.3 https://family.cloudflare-dns.com/dns-query tls://family.cloudflare-dns.com 2606:4700:4700::1113 and 2606:4700:4700::1003 https://1.1.1.1/ Cloudflare DNS is a free and fast DNS service which functions as a recursive name server providing domain name resolution for any host on the Internet OpenDNS (Cisco) Standard Top 208.67.222.222 and 208.67.220.220 https://doh.opendns.com/dns-query tls://dns.opendns.com 2.dnscrypt-cert.opendns.com (IP: 208.67.220.220) 2620:119:35::35 and 2620:119:53::53 2.dnscrypt-cert.opendns.com (IPv6: [2620:0:ccc::2]) https://www.opendns.com/ Cisco OpenDNS is a service which extends the DNS by incorporating features such as content filtering and phishing protection with a zero downtime OpenDNS (Cisco) FamilyShield Top 208.67.222.123 and 208.67.220.123 https://doh.familyshield.opendns.com/dns-query tls://familyshield.opendns.com 2.dnscrypt-cert.opendns.com (IP: 208.67.220.123) https://www.opendns.com/ Cisco OpenDNS is a service which extends the DNS by incorporating features such as content filtering and phishing protection with a zero downtime OpenDNS (Cisco) Sandbox Top 208.67.222.2 and 208.67.220.2 https://doh.sandbox.opendns.com/dns-query tls://sandbox.opendns.com 2620:0:ccc::2 IP: 2620:0:ccd::2 https://www.opendns.com/ Cisco OpenDNS is a service which extends the DNS by incorporating features such as content filtering and phishing protection with a zero downtime Quad9 DNS Standard Well Known 9.9.9.9 and 149.112.112.112 https://dns.quad9.net/dns-query tls://dns.quad9.net 2.dnscrypt-cert.quad9.net (IP: 9.9.9.9:8443) 2620:fe::fe IP: 2620:fe::fe:9 2.dnscrypt-cert.quad9.net (IPv6: [2620:fe::fe]:8443) https://quad9.net/ Quad9 DNS is a free, recursive, anycast DNS platform that provides high-performance, privacy, and security protection from phishing and spyware. Quad9 servers don't provide a censoring component. Regular DNS servers which provide protection from phishing and spyware. They include blocklists, DNSSEC validation, and other security features Quad9 DNS Unsecured Well Known 9.9.9.10 and 149.112.112.10 https://dns10.quad9.net/dns-query tls://dns10.quad9.net 2.dnscrypt-cert.quad9.net (IP: 9.9.9.10:8443) 2620:fe::10 IP: 2620:fe::fe:10 2.dnscrypt-cert.quad9.net (IPv6: [2620:fe::fe:10]:8443) https://quad9.net/ Quad9 DNS is a free, recursive, anycast DNS platform that provides high-performance, privacy, and security protection from phishing and spyware. Quad9 servers don't provide a censoring component. Unsecured DNS servers don't provide security blocklists, DNSSEC, or EDNS Client Subnet Quad9 DNS ECS support Well Known 9.9.9.11 and 149.112.112.11 https://dns11.quad9.net/dns-query tls://dns11.quad9.net 2.dnscrypt-cert.quad9.net (IP: 9.9.9.11:8443) 2620:fe::11 IP: 2620:fe::fe:11 2.dnscrypt-cert.quad9.net (IPv6: [2620:fe::11]:8443) https://quad9.net/ Quad9 DNS is a free, recursive, anycast DNS platform that provides high-performance, privacy, and security protection from phishing and spyware. Quad9 servers don't provide a censoring component. EDNS Client Subnet is a method that includes components of end-user IP address data in requests that are sent to authoritative DNS servers. It provides security blocklist, DNSSEC, EDNS Client Subnet AdGuard Default Well Known 94.140.14.14 and 94.140.15.15 https://dns.adguard-dns.com/dns-query tls://dns.adguard-dns.com quic://dns.adguard-dns.com 2.dnscrypt.default.ns1.adguard.com (IP: 94.140.14.14:5443) 2a10:50c0::ad1:ff and 2a10:50c0::ad2:ff 2.dnscrypt.default.ns1.adguard.com (IPv6: [2a10:50c0::ad1:ff]:5443) https://adguard-dns.io/welcome.html AdGuard DNS is an alternative solution for ad blocking, privacy protection, and parental control. It provides the necessary number of protection features against online ads, trackers, and phishing, no matter what platform and device you use AdGuard Family Protection Well Known 94.140.14.15 and 94.140.15.16 https://family.adguard-dns.com/dns-query tls://family.adguard-dns.com quic://family.adguard-dns.com 2.dnscrypt.family.ns1.adguard.com (IP: 94.140.14.15:5443) 2a10:50c0::bad1:ff and 2a10:50c0::bad2:ff 2.dnscrypt.family.ns1.adguard.com (IPv6: [2a10:50c0::bad1:ff]:5443) https://adguard-dns.io/welcome.html AdGuard DNS is an alternative solution for ad blocking, privacy protection, and parental control. It provides the necessary number of protection features against online ads, trackers, and phishing, no matter what platform and device you use AdGuard Non-filtering Well Known 94.140.14.140 and 94.140.14.141 https://unfiltered.adguard-dns.com/dns-query tls://unfiltered.adguard-dns.com quic://unfiltered.adguard-dns.com 2.dnscrypt.unfiltered.ns1.adguard.com (IP: 94.140.14.140:5443) 2a10:50c0::1:ff and 2a10:50c0::2:ff 2.dnscrypt.unfiltered.ns1.adguard.com (IPv6: [2a10:50c0::1:ff]:5443) https://adguard-dns.io/welcome.html AdGuard DNS is an alternative solution for ad blocking, privacy protection, and parental control. It provides the necessary number of protection features against online ads, trackers, and phishing, no matter what platform and device you use 0ms DNS Relevant https://0ms.dev/dns-query https://0ms.dev/ DNS is a global DNS resolution service provided by 0ms Group as an alternative to your current DNS provider. It uses OISD Big as the basic filter to give everyone a more secure environment. It is designed with various optimizations, such as HTTP/3, caching, and more. It leverages machine learning to protect users from potential security threats while also optimizing itself over time 360 Secure DNS Relevant 101.226.4.6 and 218.30.118.6 https://doh.360.cn/dns-query tls://dot.360.cn 123.125.81.6 and 140.207.198.6 CN Ali DNS Relevant 223.5.5.5 and 223.6.6.6 https://dns.alidns.com/dns-query tls://dns.alidns.com quic://dns.alidns.com:853 2400:3200::1 and 2400:3200:baba::1 https://alidns.com/ Ali DNS is a free recursive DNS service that committed to providing fast, stable and secure DNS resolution for the majority of Internet users. It includes AliGuard facility to protect users from various attacks and threats BebasDNS by BebasID Security Relevant https://antivirus.bebasid.com/dns-query tls://antivirus.bebasid.com:853 https://github.com/bebasid/bebasdns BebasDNS is a free and neutral public resolver based in Indonesia which supports OpenNIC domain. Created by Komunitas Internet Netral Indonesia (KINI) to serve Indonesian user with free and neutral internet connection BebasDNS by BebasID Family Relevant https://internetsehat.bebasid.com/dns-query tls://internetsehat.bebasid.com:853 2.dnscrypt-cert.internetsehat.bebasid.com (IP: 103.87.68.196:8443) https://github.com/bebasid/bebasdns BebasDNS is a free and neutral public resolver based in Indonesia which supports OpenNIC domain. Created by Komunitas Internet Netral Indonesia (KINI) to serve Indonesian user with free and neutral internet connection BebasDNS by BebasID Family With Ad Filtering Relevant https://internetsehat.bebasid.com/adblock tls://family-adblock.bebasid.com:853 https://github.com/bebasid/bebasdns BebasDNS is a free and neutral public resolver based in Indonesia which supports OpenNIC domain. Created by Komunitas Internet Netral Indonesia (KINI) to serve Indonesian user with free and neutral internet connection BebasDNS by BebasID OISD Filter Relevant https://dns.bebasid.com/dns-oisd tls://oisd.dns.bebasid.com:853 https://github.com/bebasid/bebasdns BebasDNS is a free and neutral public resolver based in Indonesia which supports OpenNIC domain. Created by Komunitas Internet Netral Indonesia (KINI) to serve Indonesian user with free and neutral internet connection BebasDNS by BebasID Hagezi Multi Normal Filter Relevant https://dns.bebasid.com/dns-hagezi tls://hagezi.dns.bebasid.com:853 https://github.com/bebasid/bebasdns BebasDNS is a free and neutral public resolver based in Indonesia which supports OpenNIC domain. Created by Komunitas Internet Netral Indonesia (KINI) to serve Indonesian user with free and neutral internet connection BebasDNS by BebasID Unfiltered Relevant https://dns.bebasid.com/unfiltered tls://unfiltered.dns.bebasid.com:853 https://github.com/bebasid/bebasdns BebasDNS is a free and neutral public resolver based in Indonesia which supports OpenNIC domain. Created by Komunitas Internet Netral Indonesia (KINI) to serve Indonesian user with free and neutral internet connection BebasDNS by BebasID Default Relevant https://dns.bebasid.com/dns-query tls://dns.bebasid.com:853 2.dnscrypt-cert.dns.bebasid.com (IP: 103.87.68.194:8443) https://github.com/bebasid/bebasdns BebasDNS is a free and neutral public resolver based in Indonesia which supports OpenNIC domain. Created by Komunitas Internet Netral Indonesia (KINI) to serve Indonesian user with free and neutral internet connection CFIEC Public DNS Relevant https://dns.cfiec.net/dns-query tls://dns.cfiec.net 240C::6666 and 240C::6644 IPv6-based anycast DNS service with strong security capabilities and protection from spyware, malicious websites. It supports DNS64 to provide domain name resolution only for IPv6 users CleanBrowsing Adult Filter Relevant 185.228.168.10 and 185.228.169.11 https://doh.cleanbrowsing.org/doh/adult-filter/ tls://adult-filter-dns.cleanbrowsing.org cleanbrowsing.org (IP: 185.228.168.10:8443) 2a0d:2a00:1::1 and 2a0d:2a00:2::1 cleanbrowsing.org (IPv6: [2a0d:2a00:1::1]:8443) https://cleanbrowsing.org/ CleanBrowsing is a DNS service which provides customizable filtering. This service offers a safe way to browse the web without inappropriate content CleanBrowsing Family Filter Relevant 185.228.168.168 and 185.228.169.168 https://doh.cleanbrowsing.org/doh/family-filter/ tls://family-filter-dns.cleanbrowsing.org cleanbrowsing.org (IP: 185.228.168.168:8443) 2a0d:2a00:1:: and 2a0d:2a00:2:: cleanbrowsing.org (IPv6: [2a0d:2a00:1::]:8443) https://cleanbrowsing.org/ CleanBrowsing is a DNS service which provides customizable filtering. This service offers a safe way to browse the web without inappropriate content CleanBrowsing Security Filter Relevant 185.228.168.9 and 185.228.169.9 https://doh.cleanbrowsing.org/doh/security-filter/ tls://security-filter-dns.cleanbrowsing.org 2a0d:2a00:1::2 and 2a0d:2a00:2::2 https://cleanbrowsing.org/ CleanBrowsing is a DNS service which provides customizable filtering. This service offers a safe way to browse the web without inappropriate content Comodo Secure DNS Relevant 8.26.56.26 and 8.20.247.20 2.dnscrypt-cert.shield-2.dnsbycomodo.com (IP: 8.20.247.2) https://comodo.com/secure-dns/ Comodo Secure DNS is a domain name resolution service that resolves your DNS requests through worldwide network of DNS servers. Removes excessive ads and protects from phishing and spyware ControlD Block malware Relevant 76.76.2.1 https://freedns.controld.com/p1 tls://p1.freedns.controld.com https://controld.com/free-dns ControlD is a customizable DNS service with proxy capabilities. This means it not only blocks things (ads, porn, etc.), but can also unblock websites and services ControlD Block malware + ads Relevant 76.76.2.2 https://freedns.controld.com/p2 tls://p2.freedns.controld.com https://controld.com/free-dns ControlD is a customizable DNS service with proxy capabilities. This means it not only blocks things (ads, porn, etc.), but can also unblock websites and services ControlD Block malware + ads + social Relevant 76.76.2.3 https://freedns.controld.com/p3 tls://p3.freedns.controld.com https://controld.com/free-dns ControlD is a customizable DNS service with proxy capabilities. This means it not only blocks things (ads, porn, etc.), but can also unblock websites and services ControlD Non-filtering Relevant 76.76.2.0 and 76.76.10.0 https://freedns.controld.com/p0 p0.freedns.controld.com 2606:1a40:: and 2606:1a40:1:: https://controld.com/free-dns ControlD is a customizable DNS service with proxy capabilities. This means it not only blocks things (ads, porn, etc.), but can also unblock websites and services DNS Privacy Run by the Stubby developers Relevant tls://getdnsapi.net (IP: 185.49.141.37 and IPv6: 2a04:b900:0:100::37) https://dnsprivacy.org/ A collaborative open project to promote, implement, and deploy DNS Privacy. DNS servers run by the Stubby developers DNS Privacy Run by the Stubby developers | Provider: Surfnet Relevant tls://dnsovertls.sinodun.com (IP: 145.100.185.15 and IPv6: 2001:610:1:40ba:145:100:185:15) https://dnsprivacy.org/ A collaborative open project to promote, implement, and deploy DNS Privacy. DNS servers run by the Stubby developers DNS Privacy Run by the Stubby developers | Provider: Surfnet Relevant tls://dnsovertls1.sinodun.com (IP: 145.100.185.16 and IPv6: 2001:610:1:40ba:145:100:185:16) https://dnsprivacy.org/ A collaborative open project to promote, implement, and deploy DNS Privacy. DNS servers run by the Stubby developers DNS Privacy No-logging policy | Provider: UncensoredDNS Relevant tls://unicast.censurfridns.dk (IP: 89.233.43.71 and IPv6: 2a01:3a0:53:53::0) DK https://dnsprivacy.org/ A collaborative open project to promote, implement, and deploy DNS Privacy. Other DNS servers with no-logging policy DNS Privacy No-logging policy | Provider: UncensoredDNS Relevant tls://anycast.censurfridns.dk (IP: 91.239.100.100 and IPv6: 2001:67c:28a4::) DK https://dnsprivacy.org/ A collaborative open project to promote, implement, and deploy DNS Privacy. Other DNS servers with no-logging policy DNS Privacy No-logging policy | Provider: dkg Relevant tls://dns.cmrg.net (IP: 199.58.81.218 and IPv6: 2001:470:1c:76d::53) https://dnsprivacy.org/ A collaborative open project to promote, implement, and deploy DNS Privacy. Other DNS servers with no-logging policy DNS Privacy No-logging policy Relevant tls://dns.larsdebruin.net (IP: 51.15.70.167) https://dnsprivacy.org/ A collaborative open project to promote, implement, and deploy DNS Privacy. Other DNS servers with no-logging policy DNS Privacy No-logging policy Relevant tls://dns-tls.bitwiseshift.net (IP: 81.187.221.24 and IPv6: 2001:8b0:24:24::24) https://dnsprivacy.org/ A collaborative open project to promote, implement, and deploy DNS Privacy. Other DNS servers with no-logging policy DNS Privacy No-logging policy Relevant tls://ns1.dnsprivacy.at (IP: 94.130.110.185 and IPv6: 2a01:4f8:c0c:3c03::2) AT https://dnsprivacy.org/ A collaborative open project to promote, implement, and deploy DNS Privacy. Other DNS servers with no-logging policy DNS Privacy No-logging policy Relevant tls://ns2.dnsprivacy.at (IP: 94.130.110.178 and IPv6: 2a01:4f8:c0c:3bfc::2) AT https://dnsprivacy.org/ A collaborative open project to promote, implement, and deploy DNS Privacy. Other DNS servers with no-logging policy DNS Privacy No-logging policy Relevant tls://dns.bitgeek.in (IP: 139.59.51.46) IN https://dnsprivacy.org/ A collaborative open project to promote, implement, and deploy DNS Privacy. Other DNS servers with no-logging policy DNS Privacy No-logging policy Relevant tls://dns.neutopia.org (IP: 89.234.186.112 and IPv6: 2a00:5884:8209::2) https://dnsprivacy.org/ A collaborative open project to promote, implement, and deploy DNS Privacy. Other DNS servers with no-logging policy DNS Privacy No-logging policy | Provider: Go6Lab Relevant tls://privacydns.go6lab.si (IPv6: 2001:67c:27e4::35) SI https://dnsprivacy.org/ A collaborative open project to promote, implement, and deploy DNS Privacy. Other DNS servers with no-logging policy DNS Privacy No-logging policy Relevant tls://dot.securedns.eu (IP: 146.185.167.43 and IPv6: 2a03:b0c0:0:1010::e9a:3001) EU https://dnsprivacy.org/ A collaborative open project to promote, implement, and deploy DNS Privacy. Other DNS servers with no-logging policy DNS Privacy Minimal logging/restrictions | Provider: NIC Chile Relevant tls://dnsotls.lab.nic.cl (IP: 200.1.123.46 and IPv6: 2001:1398:1:0:200:1:123:46) CL https://dnsprivacy.org/ A collaborative open project to promote, implement, and deploy DNS Privacy. These servers use some logging, self-signed certs or no support for strict mode DNS Privacy Minimal logging/restrictions | Provider: OARC Relevant tls://tls-dns-u.odvr.dns-oarc.net (IP: 184.105.193.78 and IPv6: 2620:ff:c000:0:1::64:25) https://dnsprivacy.org/ A collaborative open project to promote, implement, and deploy DNS Privacy. These servers use some logging, self-signed certs or no support for strict mode DNS.SB Relevant 185.222.222.222 and 45.11.45.11 https://doh.dns.sb/dns-query tls://dot.sb 2a09:: and 2a11:: SB https://dns.sb/ DNS.SB provides free DNS service without logging and with DNSSEC enabled DNSPod Public DNS+ Relevant 119.29.29.29 and 119.28.28.28 https://doh.pub/dns-query tls://dot.pub https://www.dnspod.com/ DNSPod Public DNS+ is a privacy-friendly DNS provider with years of experience in domain name resolution services development, it aims to provide users more rapid, accurate and stable recursive resolution service DNSPod Public DNS+ Relevant https://dns.pub/dns-query https://www.dnspod.com/ DNSPod Public DNS+ is a privacy-friendly DNS provider with years of experience in domain name resolution services development, it aims to provide users more rapid, accurate and stable recursive resolution service DNSWatchGO Relevant 54.174.40.213 and 52.3.100.184 https://www.watchguard.com/wgrd-products/dnswatchgo DNSWatchGO is a DNS service by WatchGuard that prevents people from interacting with malicious content DeCloudUs DNS Relevant https://dns.decloudus.com/dns-query tls://dns.decloudus.com 2.dnscrypt-cert.DeCloudUs-test (IP: 78.47.212.211:9443) 2.dnscrypt-cert.DeCloudUs-test (IPv6: [2a01:4f8:13a:250b::30]:9443) https://decloudus.com/ DeCloudUs DNS is a DNS service that lets you block anything you wish while by default protecting you and your family from ads, trackers, malware, phishing, malicious sites, and much more Dyn DNS Relevant 216.146.35.35 and 216.146.36.36 https://help.dyn.com/internet-guide-setup/ Dyn DNS is a free alternative DNS service by Dyn Freenom World Relevant 80.80.80.80 and 80.80.81.81 https://freenom.world/en/index.html Freenom World is a free anonymous DNS resolver by Freenom World Hurricane Electric Public Recursor Relevant 74.82.42.42 https://ordns.he.net/dns-query tls://ordns.he.net 2001:470:20::2 https://dns.he.net/ Hurricane Electric Public Recursor is a free alternative DNS service by Hurricane Electric with anycast Mullvad Ad blocking Relevant https://adblock.dns.mullvad.net/dns-query tls://adblock.dns.mullvad.net https://mullvad.net/en/help/dns-over-https-and-dns-over-tls/ Mullvad provides publicly accessible DNS with QNAME minimization, endpoints located in Germany, Singapore, Sweden, United Kingdom and United States (Dallas & New York) Mullvad Non-filtering Relevant https://dns.mullvad.net/dns-query tls://dns.mullvad.net https://mullvad.net/en/help/dns-over-https-and-dns-over-tls/ Mullvad provides publicly accessible DNS with QNAME minimization, endpoints located in Germany, Singapore, Sweden, United Kingdom and United States (Dallas & New York) Mullvad Ad + malware blocking Relevant https://base.dns.mullvad.net/dns-query tls://base.dns.mullvad.net https://mullvad.net/en/help/dns-over-https-and-dns-over-tls/ Mullvad provides publicly accessible DNS with QNAME minimization, endpoints located in Germany, Singapore, Sweden, United Kingdom and United States (Dallas & New York) Mullvad Ad + malware + social media blocking Relevant https://extended.dns.mullvad.net/dns-query tls://extended.dns.mullvad.net https://mullvad.net/en/help/dns-over-https-and-dns-over-tls/ Mullvad provides publicly accessible DNS with QNAME minimization, endpoints located in Germany, Singapore, Sweden, United Kingdom and United States (Dallas & New York) Mullvad Ad + malware + adult + gambling blocking Relevant https://family.dns.mullvad.net/dns-query tls://family.dns.mullvad.net https://mullvad.net/en/help/dns-over-https-and-dns-over-tls/ Mullvad provides publicly accessible DNS with QNAME minimization, endpoints located in Germany, Singapore, Sweden, United Kingdom and United States (Dallas & New York) Mullvad Ad + malware + adult + gambling + social media blocking Relevant https://all.dns.mullvad.net/dns-query tls://all.dns.mullvad.net https://mullvad.net/en/help/dns-over-https-and-dns-over-tls/ Mullvad provides publicly accessible DNS with QNAME minimization, endpoints located in Germany, Singapore, Sweden, United Kingdom and United States (Dallas & New York) Nawala Childprotection DNS Relevant 180.131.144.144 and 180.131.145.145 2.dnscrypt-cert.nawala.id (IP: 180.131.144.144) http://nawala.id/ Nawala Childprotection DNS is an anycast Internet filtering system that protects children from inappropriate websites and abusive contents Neustar Recursive DNS Reliability & Performance 2 Relevant 156.154.70.5 and 156.154.71.5 2610:a1:1018::5 and 2610:a1:1019::5 https://www.security.neustar/digital-performance/dns-services/recursive-dns Neustar Recursive DNS is a free cloud-based recursive DNS service that delivers fast and reliable access to sites and online applications with built-in security and threat intelligence. These servers provide reliable and fast DNS lookups without blocking any specific categories and also prevent redirecting NXDomain (non-existent domain) responses to landing pages Neustar Recursive DNS Threat Protection Relevant 156.154.70.2 and 156.154.71.2 2610:a1:1018::2 and 2610:a1:1019::2 https://www.security.neustar/digital-performance/dns-services/recursive-dns Neustar Recursive DNS is a free cloud-based recursive DNS service that delivers fast and reliable access to sites and online applications with built-in security and threat intelligence. These servers provide protection against malicious domains and also include "Reliability & Performance" features Neustar Recursive DNS Family Secure Relevant 156.154.70.3 and 156.154.71.3 2610:a1:1018::3 and 2610:a1:1019::3 https://www.security.neustar/digital-performance/dns-services/recursive-dns Neustar Recursive DNS is a free cloud-based recursive DNS service that delivers fast and reliable access to sites and online applications with built-in security and threat intelligence. These servers provide adult content blocking and also include "Reliability & Performance" + "Threat Protection" features Neustar Recursive DNS Business Secure Relevant 156.154.70.4 and 156.154.71.4 2610:a1:1018::4 and 2610:a1:1019::4 https://www.security.neustar/digital-performance/dns-services/recursive-dns Neustar Recursive DNS is a free cloud-based recursive DNS service that delivers fast and reliable access to sites and online applications with built-in security and threat intelligence. These servers provide blocking unwanted and time-wasting content and also include "Reliability & Performance" + "Threat Protection" + "Family Secure" features Neustar Recursive DNS Reliability & Performance 1 Relevant 156.154.70.1 and 156.154.71.1 2610:a1:1018::1 and 2610:a1:1019::1 https://www.security.neustar/digital-performance/dns-services/recursive-dns Neustar Recursive DNS is a free cloud-based recursive DNS service that delivers fast and reliable access to sites and online applications with built-in security and threat intelligence. These servers provide reliable and fast DNS lookups without blocking any specific categories NextDNS Anycast Relevant https://anycast.dns.nextdns.io tls://anycast.dns.nextdns.io https://nextdns.io/ NextDNS provides publicly accessible non-filtering resolvers without logging in addition to its freemium configurable filtering resolvers with optional logging NextDNS Ultra-low latency Relevant https://dns.nextdns.io tls://dns.nextdns.io https://nextdns.io/ NextDNS provides publicly accessible non-filtering resolvers without logging in addition to its freemium configurable filtering resolvers with optional logging OpenBLD.net DNS Strict Filtering (RIC) Relevant https://ric.openbld.net/dns-query tls://ric.openbld.net https://openbld.net/ OpenBLD.net DNS — Anycast/GeoDNS DNS-over-HTTPS, DNS-over-TLS resolvers with blocking: advertising, tracking, adware, malware, malicious activities and phishing companies, blocks ~1M domains. Has 24h/48h logs for DDoS/Flood attack mitigation. More strictly filtering policies with blocking — ads, marketing, tracking, clickbait, coinhive, malicious, and phishing domains OpenBLD.net DNS Adaptive Filtering (ADA) Relevant https://ada.openbld.net/dns-query tls://ada.openbld.net https://openbld.net/ OpenBLD.net DNS — Anycast/GeoDNS DNS-over-HTTPS, DNS-over-TLS resolvers with blocking: advertising, tracking, adware, malware, malicious activities and phishing companies, blocks ~1M domains. Has 24h/48h logs for DDoS/Flood attack mitigation. Recommended for most users, very flexible filtering with blocking most ads networks, ad-tracking, malware and phishing domains RethinkDNS Non-filtering Relevant https://basic.rethinkdns.com/ tls://max.rethinkdns.com https://www.rethinkdns.com/configure Safe DNS Relevant 195.46.39.39 and 195.46.39.40 https://www.safedns.com/ Safe Surfer Relevant 104.155.237.225 and 104.197.28.121 2.dnscrypt-cert.safesurfer.co.nz (IP: 104.197.28.121) NZ https://www.safesurfer.co.nz/ Verisign Public DNS Relevant 64.6.64.6 and 64.6.65.6 2620:74:1b::1:1 and 2620:74:1c::2:2 https://www.verisign.com/security-services/public-dns/ Wikimedia DNS Relevant https://wikimedia-dns.org/dns-query tls://wikimedia-dns.org (IP: 185.71.138.138 and IPv6: 2001:67c:930::1) https://meta.wikimedia.org/wiki/Wikimedia_DNS dns0.eu Relevant 193.110.81.0 and 185.253.5.0 https://zero.dns0.eu/ tls://zero.dns0.eu quic://zero.dns0.eu EU https://www.dns0.eu/ dns0.eu is a free, sovereign and GDPR-compliant recursive DNS resolver with a strong focus on security to protect the citizens and organizations of the European Union 114DNS Family Regional 114.114.114.110 and 114.114.115.110 https://www.114dns.com/ 114DNS Normal Regional 114.114.114.114 and 114.114.115.115 https://www.114dns.com/ 114DNS Safe Regional 114.114.114.119 and 114.114.115.119 https://www.114dns.com/ Applied Privacy DNS Regional https://doh.applied-privacy.net/query tls://dot1.applied-privacy.net https://applied-privacy.net/ ByteDance Public DNS Regional 180.184.1.1 and 180.184.2.2 CIRA Canadian Shield DNS Protected Regional 149.112.121.20 and 149.112.122.20 https://protected.canadianshield.cira.ca/dns-query tls://protected.canadianshield.cira.ca (IP: 149.112.121.20 and IPv6: 2620:10A:80BB::20) 2620:10A:80BB::20 and 2620:10A:80BC::20 CA https://www.cira.ca/cybersecurity-services/canadianshield/how-works CIRA Canadian Shield DNS Family Regional 149.112.121.30 and 149.112.122.30 https://family.canadianshield.cira.ca/dns-query tls://family.canadianshield.cira.ca (IP: 149.112.121.30 and IPv6: 2620:10A:80BB::30) 2620:10A:80BB::30 and 2620:10A:80BC::30 CA https://www.cira.ca/cybersecurity-services/canadianshield/how-works CIRA Canadian Shield DNS Private Regional 149.112.121.10 and 149.112.122.10 https://private.canadianshield.cira.ca/dns-query tls://private.canadianshield.cira.ca (IP: 149.112.121.10 and IPv6: 2620:10A:80BB::10) 2620:10A:80BB::10 and 2620:10A:80BC::10 CA https://www.cira.ca/cybersecurity-services/canadianshield/how-works CZ.NIC ODVR Regional 193.17.47.1 and 185.43.135.1 https://odvr.nic.cz/doh tls://odvr.nic.cz 2001:148f:ffff::1 and 2001:148f:fffe::1 CZ https://www.nic.cz/odvr/ Comss.one DNS Regional https://dns.controld.com/comss tls://comss.dns.controld.com quic://comss.dns.controld.com RU https://www.comss.ru/page.php?id=7315 DNS for Family Regional 94.130.180.225 and 78.47.64.161 https://dns-doh.dnsforfamily.com/dns-query tls://dns-dot.dnsforfamily.com quic://dnsforfamily.com (IP: 94.130.180.225) dnsforfamily.com (IP: 94.130.180.225) 2a01:4f8:1c0c:40db::1 and 2a01:4f8:1c17:4df8::1 dnsforfamily.com (IPv6: [2a01:4f8:1c0c:40db::1]) https://dnsforfamily.com/ Digitale Gesellschaft DNS Regional https://dns.digitale-gesellschaft.ch/dns-query (IP: 185.95.218.42 and IPv6: 2a05:fc84::42) tls://dns.digitale-gesellschaft.ch (IP: 185.95.218.43 and IPv6: 2a05:fc84::43) CH https://www.digitale-gesellschaft.ch/dns/ Fondation Restena DNS Regional https://kaitain.restena.lu/dns-query (IP: 158.64.1.29 and IPv6: 2001:a18:1::29) tls://kaitain.restena.lu (IP: 158.64.1.29 and IPv6: 2001:a18:1::29) LU https://www.restena.lu/en/service/public-dns-resolver IIJ.JP DNS Regional https://public.dns.iij.jp/dns-query tls://public.dns.iij.jp JP https://public.dns.iij.jp/ JupitrDNS Regional 35.215.30.118 and 35.215.48.207 https://dns.jupitrdns.com/dns-query tls://dns.jupitrdns.com quic://dns.jupitrdns.com https://jupitrdns.com/ LibreDNS Regional 88.198.92.222 https://doh.libredns.gr/dns-query tls://dot.libredns.gr (IP: 116.202.176.26) GR https://libredns.gr/ LibreDNS Ads Regional https://doh.libredns.gr/ads GR https://libredns.gr/ OneDNS Pure Edition Regional 117.50.10.10 and 52.80.52.52 https://www.onedns.net/ OneDNS Block Edition Regional 117.50.11.11 and 52.80.66.66 https://www.onedns.net/ OpenNIC DNS Regional 217.160.70.42 2001:8d8:1801:86e7::1 https://www.opennic.org/ Quad101 Regional 101.101.101.101 and 101.102.103.104 https://dns.twnic.tw/dns-query tls://101.101.101.101 2001:de4::101 and 2001:de4::102 TW https://101.101.101.101/ SWITCH DNS Regional dns.switch.ch IP: 130.59.31.248 https://dns.switch.ch/dns-query tls://dns.switch.ch (IP: 130.59.31.248 and IPv6: 2001:620:0:ff::2) dns.switch.ch IPv6: 2001:620:0:ff::2 CH https://www.switch.ch/security/info/public-dns/ SkyDNS RU Regional 193.58.251.251 RU https://www.skydns.ru/en/ Yandex DNS Basic Regional 77.88.8.8 and 77.88.8.1 https://common.dot.dns.yandex.net/dns-query tls://common.dot.dns.yandex.net 2a02:6b8::feed:0ff and 2a02:6b8:0:1::feed:0ff RU https://dns.yandex.com/ Yandex DNS Safe Regional 77.88.8.88 and 77.88.8.2 https://safe.dot.dns.yandex.net/dns-query tls://safe.dot.dns.yandex.net 2a02:6b8::feed:bad and 2a02:6b8:0:1::feed:bad RU https://dns.yandex.com/ Yandex DNS Family Regional 77.88.8.3 and 77.88.8.7 https://family.dot.dns.yandex.net/dns-query tls://family.dot.dns.yandex.net 2a02:6b8::feed:a11 and 2a02:6b8:0:1::feed:a11 RU https://dns.yandex.com/ AhaDNS Small (Risky) 5.2.75.75 https://doh.nl.ahadns.net/dns-query tls://dot.nl.ahadns.net 2a04:52c0:101:75::75 NL https://ahadns.com/ AhaDNS Small (Risky) 45.67.219.208 https://doh.la.ahadns.net/dns-query tls://dot.la.ahadns.net 2a04:bdc7:100:70::70 US https://ahadns.com/ Arapurayil Small (Risky) Host: https://dns.arapurayil.com/dns-query 2.dnscrypt-cert.dns.arapurayil.com (IP: 3.7.156.128) https://dns.arapurayil.com/ BlackMagicc DNS Small (Risky) 103.178.234.160 https://robin.techomespace.com/dns-query tls://robin.techomespace.com:853 2405:19c0:2:ea2e::1 https://bento.me/blackmagicc Captnemo DNS Small (Risky) 2.dnscrypt-cert.captnemo.in (IP: 139.59.48.222:4434) IN https://captnemo.in/dnscrypt/ DNS Forge Small (Risky) 176.9.93.198 and 176.9.1.117 https://dnsforge.de/dns-query tls://dnsforge.de 2a01:4f8:151:34aa::198 and 2a01:4f8:141:316d::117 DE https://dnsforge.de/ DNSWarden Small (Risky) https://dns.dnswarden.com/uncensored tls://uncensored.dns.dnswarden.com https://dnswarden.com/customfilter.html Dandelion Sprout's Official DNS Server Small (Risky) https://dandelionsprout.asuscomm.com:2501/dns-query tls://dandelionsprout.asuscomm.com:853 quic://dandelionsprout.asuscomm.com:48582 https://github.com/DandelionSprout/adfilt/tree/master/Dandelion%20Sprout's%20Official%20DNS%20Server FFMUC DNS Small (Risky) https://doh.ffmuc.net/dns-query tls://dot.ffmuc.net 2.dnscrypt-cert.ffmuc.net (IP: 5.1.66.255:8443) 2.dnscrypt-cert.ffmuc.net (IPv6: [2001:678:e68:f000::]:8443) https://ffmuc.net/ Lelux DNS Small (Risky) https://resolver-eu.lelux.fi/dns-query tls://resolver-eu.lelux.fi FI https://lelux.fi/resolver/ OSZX DNS OSZX DNS Small (Risky) 51.38.83.141 https://dns.oszx.co/dns-query tls://dns.oszx.co 2.dnscrypt-cert.oszx.co (IP: 51.38.83.141:5353) 2001:41d0:801:2000::d64 2.dnscrypt-cert.oszx.co (IPv6: [2001:41d0:801:2000::d64]:5353) UK https://dns.oszx.co/ OSZX DNS PumpleX Small (Risky) 51.38.82.198 https://dns.pumplex.com/dns-query tls://dns.pumplex.com 2.dnscrypt-cert.pumplex.com (IP: 51.38.82.198:5353) 2001:41d0:801:2000::1b28 2.dnscrypt-cert.pumplex.com (IPv6: [2001:41d0:801:2000::1b28]:5353) UK https://dns.oszx.co/ Privacy-First DNS Japan Server Small (Risky) 172.104.93.80 https://jp.tiar.app/dns-query tls://jp.tiar.app 2.dnscrypt-cert.jp.tiar.app (IP: 172.104.93.80) 2400:8902::f03c:91ff:feda:c514 Provider: 2.dnscrypt-cert.jp.tiar.app IP: [2400:8902::f03c:91ff:feda:c514] JP https://tiarap.org/ Privacy-First DNS Singapore Server Small (Risky) 174.138.21.128 https://doh.tiar.app/dns-query tls://dot.tiar.app quic://doh.tiar.app 2.dnscrypt-cert.dns.tiar.app (IP: 174.138.21.128) 2400:6180:0:d0::5f6e:4001 2.dnscrypt-cert.dns.tiar.app (IPv6: [2400:6180:0:d0::5f6e:4001]) SG https://tiarap.org/ Privacy-First DNS Cached via third-party Small (Risky) https://jp.tiarap.org/dns-query JP https://tiarap.org/ Privacy-First DNS Cached via third-party Small (Risky) https://doh.tiarap.org/dns-query SG https://tiarap.org/ Seby DNS Small (Risky) 45.76.113.31 tls://dot.seby.io 2.dnscrypt-cert.dns.seby.io (IP: 45.76.113.31) RS https://dns.seby.io/ fvz DNS Small (Risky) 2.dnscrypt-cert.dnsrec.meo.ws (IP: 185.121.177.177:5353) http://meo.ws/ fvz DNS Small (Risky) 2.dnscrypt-cert.dnsrec.meo.ws (IP: 169.239.202.202:5353) http://meo.ws/ ibksturm DNS Small (Risky) https://ibksturm.synology.me/dns-query (IP: 213.196.191.96) tls://ibksturm.synology.me (IP: 213.196.191.96) quic://ibksturm.synology.me (IP: 213.196.191.96) 2.dnscrypt-cert.ibksturm (IP: 213.196.191.96:8443) https://ibksturm.synology.me/ rDNS | Reverse DNS What is reverse DNS? A reverse DNS lookup is a DNS query for the domain name associated with a given IP address. This accomplishes the opposite of the more commonly used forward DNS lookup, in which the DNS system is queried to return an IP address. Standards from the Internet Engineering Task Force (IETF) suggest that every domain should be capable of reverse DNS lookup, but as reverse lookups are not critical to the normal function of the Internet, they are not a hard requirement. As such, reverse DNS lookups are not universally adopted. How does reverse DNS work? Reverse DNS lookups query DNS servers for a PTR (pointer) record; if the server does not have a PTR record, it cannot resolve a reverse lookup. PTR records store IP addresses with their segments reversed, and they append ".in-addr.arpa" to that. For example if a domain has an IP address of 192.0.2.1, the PTR record will store the domain's information under 1.2.0.192.in-addr.arpa. In IPv6, the latest version of the Internet Protocol, PTR records are stored within the ".ip6.arpa" domain instead of ".in-addr.arpa." What are reverse DNS lookups used for? Reverse lookups are commonly used by email servers. Email servers check and see if an email message came from a valid server before bringing it onto their network. Many email servers will reject messages from any server that does not support reverse lookups or from a server that is highly unlikely to be legitimate. Spammers often use IP addresses from hijacked machines, which means there will be no PTR record. Or, they may use dynamically assigned IP addresses that lead to server domains with highly generic names. Logging software also employs reverse lookups in order to provide users with human-readable domains in their log data, as opposed to a bunch of numeric IP addresses. mDNS | Multicast DNS What is multicast DNS? mDNS is meant to deal with having names for machines on local networks without needing to register them on DNS servers. This is especially useful when there are no DNS servers you can control – think of a home with a couple of devices who need to interact locally without going to the internet. Examples: Chromecast and network printers are some good examples. In the context of WebRTC, mDNS has been introduced to protect against the JavaScript application accessing the local IP addresses that are exchanged during ICE negotiation. This is achieved by the browser replacing its local IP addresses with random mDNS ones that it registers on the local network. ICE | Interactive Connectivity Establishment It is a standard method of NAT traversal used in WebRTC. It is defined in IETF RFC 5245. ICE deals with the process of connecting media through NATs by conducting connectivity checks. ICE collects all available candidates (local IP addresses, reflexive addresses – STUN ones and relayed addresses – TURN ones). All the collected addresses are then sent to the remote peer via SDP. Once the WebRTC Client has all the collected ICE addresses of itself and its peer, it starts initiating connectivity checks. These checks essentially try sending media over the various addresses until success. The downside of using ICE is the time it takes, which can be 10s of seconds. To run faster, a new mechanism was added in WebRTC called Trickle ICE. Ping | How to Ping a Specific Port? The Ping (Packet Internet or Inter-Network Groper) is a network tool for checking whether a remote system is up and running. In other words, the command determines if a certain IP address or a host are accessible. Ping uses a network layer protocol called Internet Control Message Protocol (ICMP) and is available on all operating systems. On the other hand, port numbers belong to transport layer protocols, such as TCP and UDP. Port numbers help identify where an Internet or other network message is forwarded when it arrives. Why Can't I Ping a Specific Port? Network devices use ICMP to send error messages and information on whether communication with an IP address is successful or not. ICMP differs from transport protocols as ICMP is not used to exchange data between systems. Ping uses ICMP packets, and ICMP does not use port numbers which means a port can’t be pinged . How Can I Ping a Specific Port? (Workaround) However, we can use ping with a similar intention to check if a port is open or not. Some network tools and utilities can simulate an attempt to establish a connection to a specific port and wait to see if the target host responds. If there is a response, the target port is open. If not, the target port is closed, or the host is unable to accept a connection because there is no service configured to listen for connections on that port. Tools to Ping a Port Telnet (Windows / Linux) On Windows, open the CMD Prompt (searching for "CMD") or Powershell (searching for "Powershell) On Linux, you can use the command directly at the prompt Command: telnet Example: telnet 10.0.0.100 8006 (Port 8006 is used by Proxmox) If the port is open, telnet establishes a connection. Otherwise, it states a failure NC | Netcat (Linux) Command: nc -vz Example: nc -vz 10.0.0.100 8006 (Port 8006 is used by Proxmox) The output informs the user if the connection to the specified port is successful or not. If it is successful, the port is open NMAP | Network Mapper (Linux) Command: nmap -p Example: nmap -p 8006 10.0.0.100 (Port 8006 is used by Proxmox) The output informs the user about the port’s state and service type, latency, and the time elapsed until the completion of the task To ping more than one port. Command: nmap -p Powershell (Windows) Open Powershell (searching for "Powershell) Command: Test-NetConnection -p Example: Test-NetConnection 10.0.0.100 -p 8006 (Port 8006 is used by Proxmox) If the port is open and the connection passes, the TCP test is successful. Otherwise, a warning message appears saying the TCP connection failed Installing the Tools Telnet (Windows / Linux) Ubuntu | Command: sudo apt install telnet CentOS/Fedora | Command: yum -y install telnet Windows | Check Here NC | Netcat (Linux) Debian, Ubuntu, and Mint Check if Netcat is installed| Command: netcat -h Fedora, Red Hat Enterprise Linux, and CentOS Check if Netcat is installed| Command: ncat -h If not installed | Command: sudo apt install netcat NMAP | Network Mapper (Linux) Check if NMAP is installed| Command: nmap -version If not installed Ubuntu or Debian | Command: sudo apt install nmap CentOS or RHEL | Command: sudo yum install nmap Telnet | Teletype Network Telnet is a network protocol that allows users to connect to and communicate with remote computers using a transmission control protocol/Internet protocol (TCP/IP) network. It provides a command-line interface that acts like a virtual terminal, allowing users to access a remote system as if they were physically there. It was developed in 1969 and has been an essential tool for connecting computers and devices remotely. Despite being an old protocol, it still plays a critical role in modern-day remote access solutions. Security Issue : Telnet is a popular choice for remote access because it's reliable and secure, and it's also easy to use and configure. However, it does have some security concerns because it lacks encryption and transmits data in clear text. This means that anyone with access to the network could potentially intercept and read the data, including passwords and sensitive data. Alternatives like SSH offer more secure remote management options. Common uses Remote management : Users can access and manage network nodes, such as servers, routers, and switches, from a distance Initial device setup : Users can set up network hardware Testing services : Users can test services Debugging email problems : Users can send emails directly from the server to detect errors Configuring servers : Users can quickly and easily implement changes to the directory structure, file access rights, or passwords Accessing legacy systems : Some legacy computer systems still rely on Telnet for remote access. It helps connect to these systems, run applications, process data, and manage resources. Troubleshooting network connectivity : It can be used to test connectivity to a network device or server. By establishing a Telnet connection to the device or server, you can check whether it’s reachable, identify any errors or connectivity issues, and diagnose network problems. How to use it to troubleshooting network connectivity You can check if a specific port is open simply: Open the PowerShell Typing the command: telnet Example: telnet 10.0.0.100 8006 (Port 8006 is used by Proxmox) If the port is open, telnet establishes a connection. Otherwise, it states a failure Installing Telnet Ubuntu Command: yum -y install telnet CentOS/Fedora Command: sudo apt install telnet Windows Open “Control Panel“ Open “Programs“ Select the “Turn Windows features on or off ” option Check the “Telnet Client” box Click “OK“. A box will appear that says “Windows features” and “Searching for required files“. When complete, the Telnet client should be installed in Windows NMAP | Network Mapper NMAP (Network Mapper) is a free and open source utility for network discovery and security auditing. Nmap uses raw IP packets in novel ways to determine: What hosts are available on the network What services (application name and version) those hosts are offering What operating systems (and OS versions) they are running What type of packet filters/firewalls are in use and other characteristics It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X. Installing NMAP on Linux Check if NMAP is installed| Command: nmap -version If not installed Ubuntu or Debian | Command: sudo apt install nmap CentOS or RHEL | Command: sudo yum install nmap Running NMAP Run TCP Scan | Command: nmap -sT Run Script to find Vulnerabilities | Command: nmap --script vuln Wireshark | Open-Source Network Packet Analyzer Wireshark, Originally named Ethereal but renamed in May 2006, is a free and open-source network packet analyzer. It is used for network troubleshooting, analysis, software and communications protocol development, and education. A network packet analyzer presents captured packet data in as much detail as possible. You could think of a network packet analyzer as a measuring device for examining what’s happening inside a network cable, just like an electrician uses a voltmeter for examining what’s happening inside an electric cable (but at a higher level, of course). Intended Purposes Network administrators use it to troubleshoot network problems Network security engineers use it to examine security problems QA engineers use it to verify network applications Developers use it to debug protocol implementations People use it to learn network protocol internals What is not provided Wireshark isn’t an intrusion detection system Wireshark will not manipulate things on the network, it will only “measure” things from it Features Available for UNIX and Windows Capture live packet data from a network interface Open files containing packet data captured with tcpdump/WinDump, Wireshark, and many other packet capture programs Import packets from text files containing hex dumps of packet data Display packets with very detailed protocol information Save packet data captured Export some or all packets in a number of capture file formats Filter packets on many criteria Search for packets on many criteria Colorize packet display based on filters Create various statistics Capabilities Live capture from many different network media Wireshark can capture traffic from many different network media types, including Ethernet, Wireless LAN, Bluetooth, USB, and more The specific media types supported may be limited by several factors, including your hardware and operating system Import files from many other capture programs Wireshark can open packet captures from a large number of capture programs Export files for many other capture programs Wireshark can save captured packets in many formats, including those used by other capture programs Many protocol dissectors There are protocol dissectors (or decoders, as they are known in other products) for a great many protocols Ubuntu | Installing Wireshark Using the APT (Advanced Package Tool) Method) The software repository of Ubuntu includes Wireshark by default, which enables you to install the package using the APT. It is the easiest and most straightforward method. It ensures you have the latest version of Wireshark when the Ubuntu system is updated. Execute the following command in the Ubuntu terminal. Install the Wireshark | Command: sudo apt install wireshark You will be asked if a "non-superuser can capture packets". This means that a user other than the "root" user can run Wireshark. If you have another user, select "Yes " Add your user to the wireshark group | Command: sudo usermod -aG wireshark Example: sudo usermod -aG wireshark john01 If you use the "root" user, select "No " and you won't need to perform anything else OPTIONAL | If you want to change your "non-superuser packet capture" option later, use the Command: sudo dpkg-reconfigure wireshark-common Verify if the Wireshark was installed checking its version | Command: wireshark --version Launch the Wireshark | Command: sudo wireshark To uninstall Wireshark | Command: sudo apt-get remove --purge wireshark Using the PPA (Personal Package Archive) Method If the Ubuntu version of your computer is older, you can use the PPA maintained by the Wireshark developers. Add the official Wireshark PPA to your list of repositories |Command: sudo add-apt-repository ppa:wireshark-dev/stable -y Update the package list | Command: sudo apt update Install the Wireshark | Command: sudo apt install wireshark You will be asked if a "non-superuser can capture packets". This means that a user other than the "root" user can run Wireshark. If you have another user, select "Yes " Add your user to the wireshark group | Command: sudo usermod -aG wireshark Example: sudo usermod -aG wireshark john01 If you use the "root" user, select "No " and you won't need to perform anything else OPTIONAL | If you want to change your "non-superuser packet capture" option later, use the Command: sudo dpkg-reconfigure wireshark-common Verify if the Wireshark was installed checking its version | Command: wireshark --version Launch the Wireshark | Command: sudo wireshark To uninstall Wireshark | Command: sudo apt-get-repository –remove ppa:wireshark-dev/stable -y Network Protocols Network protocols are the sets of standards that allow two or more machines connected to the internet to communicate with each other. It works as a universal language, which can be interpreted by computers from any manufacturer, using any operating system. They are responsible for taking data transmitted over the network and dividing it into small pieces, which are called packets. Each packet carries source and destination addressing information. Protocols are also responsible for systematizing the establishment, control, traffic and closure phases. Key elements that define network protocols: Syntax: Represents the format of the data and the order in which it is presented Semantics: Refers to the meaning of each syntactic set that gives meaning to the message sent Timing: Defines an acceptable packet transmission speed Types of Network Protocols For communication between computers to be carried out correctly, both computers must be configured according to the same parameters and comply with the same communication standards. The network is divided into layers, each with a specific function. The different types of network protocols vary according to the type of service used and the corresponding layer. The main layers and their main protocol types: Application Layer: WWW, HTTP, SMTP, Telnet, FTP, SSH, NNTP, RDP, IRC, SNMP, POP3, IMAP, SIP, DNS, PING Transport Layer: TCP, UDP, RTP, DCCP, SCTP Network Layer: IPv4, IPv6, IPsec, ICMP Physical Link Layer: Ethernet, Modem, PPP, FDDi Transmission Control Protocol (TCP) TCP is a popular communication protocol which is used for communicating over a network. It divides any message into series of packets that are sent from source to destination and there it gets reassembled at the destination. Internet Protocol (IP) IP is designed explicitly as addressing protocol. It is mostly used with TCP. The IP addresses in packets help in routing them through different nodes in a network until it reaches the destination system. TCP/IP is the most popular protocol connecting the networks. User Datagram Protocol (UDP) UDP is a substitute communication protocol to Transmission Control Protocol implemented primarily for creating loss-tolerating and low-latency linking between different applications. Post office Protocol (POP) POP3 is designed for receiving incoming E-mails. Simple mail transport Protocol (SMTP) SMTP is designed to send and distribute outgoing E-Mail. File Transfer Protocol (FTP) FTP allows users to transfer files from one machine to another. Types of files may include program files, multimedia files, text files, and documents, etc. Hyper Text Transfer Protocol (HTTP) HTTP is designed for transferring a hypertext among two or more systems. HTML tags are used for creating links. These links may be in any form like text or images. HTTP is designed on Client-server principles which allow a client system for establishing a connection with the server machine for making a request. The server acknowledges the request initiated by the client and responds accordingly. Hyper Text Transfer Protocol Secure (HTTPS) HTTPS is abbreviated as Hyper Text Transfer Protocol Secure is a standard protocol to secure the communication among two computers one using the browser and other fetching data from web server. HTTP is used for transferring data between the client browser (request) and the web server (response) in the hypertext format, same in case of HTTPS except that the transferring of data is done in an encrypted format. So it can be said that https thwart hackers from interpretation or modification of data throughout the transfer of packets. SSL - Secure Sockets Layer It is an encryption-based Internet security protocol. It was first developed by Netscape in 1995 for the purpose of ensuring privacy, authentication, and data integrity in Internet communications. SSL is the predecessor to the modern TLS encryption used today. A website that implements SSL/TLS has "HTTPS" in its URL instead of "HTTP." TLS - Transport Layer Security It is a widely adopted security protocol designed to facilitate privacy and data security for communications over the Internet. A primary use case of TLS is encrypting the communication between web applications and servers, such as web browsers loading a website. TLS can also be used to encrypt other communications such as email, messaging, and voice over IP (VoIP). In this article we will focus on the role of TLS in web application security. TLS was proposed by the Internet Engineering Task Force (IETF), an international standards organization, and the first version of the protocol was published in 1999. The most recent version is TLS 1.3, which was published in 2018. Telnet Telnet is a set of rules designed for connecting one system with another. The connecting process here is termed as remote login. The system which requests for connection is the local computer, and the system which accepts the connection is the remote computer. Gopher Gopher is a collection of rules implemented for searching, retrieving as well as displaying documents from isolated sites. Gopher also works on the client/server principle. Protocols used by SAP Common Programming Interface for Communication (CPI-C) SAP uses Common Programming Interface for Communication (CPIC) protocol to transfer data between systems. CPIC is an SAP specific protocol. Open Data Protocol (OData) The Open Data Protocol (OData) is a standardized protocol for exposing and accessing information from various sources. OData is based on core protocols, including HTTP, AtomPub (Atom Publishing Protocol), XML, and JSON (Java Script Object Notation). MQTT - Message Queuing Telemetry Transport MQTT is a message protocol for machine-to-machine communication (M2M) and IoT. You can use the MQTT source system to set up a connection to an MQTT broker (MQTT server). It is most commonly run over TCP/IP stack, but there are MQTT implementations that use other protocols. The supported communication protocol between SAP S/4HANA and SAP Cloud Platform Enterprise Messaging will be MQTT (over Websocket). With the feature of Enterprise Event Enablement of S/4HANA, you can pass the S/4HANA event to the external systems via the middleware called SAP Cloud Platform Enterprise Messaging. HTTP vs MQTT: HTTP is typically a transient interface in which each request is a short-lived session. MQTT sessions are long-lived. Another important difference is that HTTP operates on a command-response basis. A command gets sent to the server and a response returns. TCP vs UDP | Protocol Comparison Whether your data is transferred quickly and in full depends on which network protocols you use, UDP or TCP. They both do the same job but in different ways. One is more reliable and the other one is faster. TCP (transmission control protocol) is connection-based, so it establishes a connection between the receiver and sender and maintains it while transferring data. It guarantees that the data arrives completely intact. UDP (User Datagram Protocol) is connectionless, so it doesn’t establish a prior connection between two parties. It has the potential to lose data along the way, but in return you’ll have much higher speeds. Reliability TCP: High UDP: Lower Speed TCP: Lower UDP: High Transfer Method TCP: Packets are delivered in a sequence UDP: Packets are delivered in a stream Error Detection and Correction TCP: Yes UDP: No Congestion Control TCP: Yes UDP: No Acknowledgement TCP: Yes UDP: Only the Checksum (Checksum is the final two bytes of the UDP header, a field that's used by the sender and receiver to check for data corruption) Warning : UDP is not recommended for transmitting large files. SSL vs TLS | Protocol Comparison Protocol Evolution : SSL 1.0 > SSL 2.0 > SSL 3.0 > TLS 1.0 > TLS 1.1 > TLS 1.2 > TLS 1.3 SSL (Secure Sockets Layer) Secure Sockets Layer (SSL) is a protocol that encrypts and secures data transmitted over the internet. SSL protects data from being intercepted by hackers and prevents them from stealing personal or financial information. SSL works by: Encryption: SSL encrypts data sent between a browser and a website or between two servers Authentication: SSL authenticates web servers. SSL initiates an authentication process between two devices called a handshake Integrity: SSL digitally signs data to verify that it hasn't been tampered with SSL was introduced by Netscape in 1995 and was the first widely used protocol for securing online transactions. Although it has been replaced by a more updated protocol called Transport Layer Security (TLS), SSL is still commonly used today. TLS (Transport Layer Security) Transport Layer Security (TLS) is a security protocol that encrypts data sent between computers over the internet. It's used to protect data from hackers and ensure that all parties involved in a transaction are who they claim to be. TLS has three main functions: Encryption: Hides sensitive data during transfer Authentication: Verifies the identities of the client and server Integrity: Verifies that data hasn't been tampered with or forged TLS is the most widely used security protocol today. It's primarily used to encrypt communication between web browsers and servers, but it can also secure email and other protocols. TLS handshakes are a multi-step process that involves the client authenticating the server and the client and server exchanging a shared secret. TLS replaced SSL in 2015 after SSL was compromised by vulnerabilities. Most people still use the term SSL because it's more widely known. Protocol Comparison Stands For SSL: Secure Sockets Layer TLS: Transport Layer Security Version History SSL: Replaced with TLS. SSL moved through versions 1.0, 2.0, and 3.0 TLS: Upgraded version of SSL. TLS has moved through versions 1.0, 1.1, 1.2, and 1.3 Algorithm SSL: Supports older algorithms with known security vulnerabilities TLS: Utilizes advanced encryption algorithms (Fortezza algorithm is not supported) Activity SSL: It is now considered deprecated due to significant vulnerabilities TLS: Currently the versions 1.2 and 1.3 are actively used due to its robust security Alert Messages SSL has only two types of alert messages. Alert messages are unencrypted TLS alert messages are encrypted and more diverse Message Authentication SSL: Uses Message Authentication Code (MAC) protocols TLS: Deploys Hashed Message Authentication Code (HMAC) protocols Cipher Suites SSL: Supports older algorithms with known security vulnerabilities TLS: Uses advanced encryption algorithms Handshake SSL: Handshake is complex and slow TLS: Handshake is simplified (it has fewer steps), faster, and more secure Connection SSL: Establishes connection using a port TLS: Establishes connection using protocol Public Cloud Services Comparison Cloud services are application and infrastructure resources that exist on the Internet. Third-party providers contract with subscribers for these services, allowing customers to leverage powerful computing resources without having to purchase or maintain hardware and software. Services Microsoft Azure Amazon AWS Google Cloud Analytics Azure Stream Analytics Amazon Kinesis Cloud Dataflow App Hosting Azure Cloud Services Amazon Elastic Beanstalk Google App Engine Automation Azure Automation AWS Opsworks Compute Engine Management Block Storage Azure Managed Storage Amazon Elastic Block Storage Persistent Disk Cloud Agnostic Container Azure AKS Amazon EKS GKE Cloud Specific Container Azure Container Service EC2 Container Service Container Engine Compliance Azure Trust Center AWS Cloud HSM Google Cloud Plataform Security Computing Virtual Machine Elastic Compute Cloud (EC2) Compute Engine Content Delivery Network (CDN) Azure CDN Amazon CloudFront Cloud CDN DNS Services Azure Traffic Manager AWS Route 53 Cloud DNS Identity & Access Management Azure Active Directory AWS Identity and Access Management Cloud Identity Access Management Key Management Services Azure Key Vault AWS KMS Google Cloud KMS Load Balancing Load Balancing for Azure Elastic Load Balancing Cloud Load Balancing Log Monitoring Azure Operational Insights Amazon CloudTrail Cloud Logging NoSQL Database Options Azure DocumentDB AWS DynamoDB Cloud Datastore Notifications Azure Notification Hub Amazon Simple Notification Service - Object Storage Azure Blob Storage Amazon Storage (S3) Cloud Storage Performance Monitoring Azure Application Insights Amazon CloudWatch Stackdriver Monitoring Private Connectivity Azure Express Route AWS Direct Connect Cloud Interconnect Relational Database Azure Relational Database Amazon RDS Cloud SQL Scaling Options Azure Autoscale Auto Scaling Auto Scaler Serverless Computing Azure Functions AWS Lambda Google Cloud Functions Virtual Network Azure Virtual Network Amazon VPC Cloud Virtual Network References: Palo Alto Networks (www.paloaltonetworks.com ); Wikipedia (www.wikipedia.org); Google (www.google.com ); Oracle (www.oracle.com ); Raspberry PI (www.raspberrypi.org ); Microsoft (www.microsoft.com ); CloudFlare (www.cloudflare.com ); NordVPN (nordvpn.com )

Finance Currency Types Account Master Data Document Split Currency Types T-Code : SPRO Path : IMG -> Financial Accounting -> Financial Accounting Global Settings -> Ledgers -> Ledger -> Define Settings for Ledgers and Currency Types Section : Currency Types SAP Version : SAP S/4 HANA 2020 Currency Types List 00 = Document Currency 01 = Document Currency, Group Valuation 02 = Document Currency, Profit Center Valuation 10 = Company Code Currency 11 = Company Code Currency, Group Valuation 12 = Company Code Currency, Profit Center Valuation 20 = Controlling Area Currency 30 = Group Currency 31 = Group Currency, Group Valuation 32 = Group Currency, Profit Center Valuation 40 = Hard Currency 50 = Index-Based Currency 60 = Global Company Currency 70 = Controlling Object Currency Currency Type in the Controlling Area The controlling area currency type determines which currency is allowed as controlling area currency and whether the CO area currency can differ from the currency of the assined company codes. CO area currency is either set by the user or derived from other organizational units. The Assignment Control is a very important setting when the subject is controlling area currency type. There are 2 options: 1 = Controlling Area Same As Company Code 2 = Cross-Company-Code Cost Accounting 1 Controlling Area Same As Company Code Relationship (1:1): The financial accounting and cost accounting views of the organization are identical. Currency Type: The system will automatically assign currency type 10 (Company Code). 2 Cross-Company-Code Cost Accounting Relationship (1:n): Cost accounting is carried out in multiple company codes in the same controlling area. The Company Codes must use: The same number of posting periods (you can check it in the fiscal year variant) The same Chart of Account Hint : A 1:n relationship is appropriate, for example, if the organization has independent subsidiaries using a global cost accounting system, since it is possible to perform internal allocations between company codes. Account Master Data T-Code : FS00 | G/L Account Centrally Control Data | Account Control (Company Code) Balances in Local Currency Only Indicates that balances are updated only in local currency when users post items to this account. You set this if you do not want the system yp update transaction figures se parately by currency. Recommended for some Balance Sheet Accounts: Not managed as open items and not kept in foreign currencies. Managed as open items and and have the same types of items posted in different currencies, but always allow clearing to be made if the local currency amounts correspond. Example : You set up a clearing account for GR/IR and post these itema to it. Goods Receipt (Posted always in Local Currency) EUR 890 Invoice Receipt (Posted Invoice Currency) USD 1000 EUR 890 Both items can be cleared if the clearing account balances are recorded in Local Currency Only. Unless you set the indicator for this account, the system will translate the USD to EUR during the clearing procedure to determine the account in EUR required to clear 1000 USD. If the translation rate is 0.89, the system displays 900 EUR for the invoice receipt and 890 EUR for the goods receipt when the open items are processed. This means that to clear both od these items, you will also have to enter a difference posting for 10 EUR, and the system will automatically make an additional exchange rate difference posting for this amount. Posting without tax allowed Indicates that acoount can be posted without tax code. It is possible to post both taxable and non-taxable items to that account. But If you post with tax code the system checks the entry against the Tax Category. Tax Category You only use Tax Category if the account is tax-relevant, If not, leave the field in blank. Example of tax categories: "*" All Tax Types Permitted "+ " Only Output Tax Permitted "- " Only Input Tax Permitted "> " Output Tax Account "< " Input Tax Account Control Data | Account Management (Company Code) Open Item Management Indicator activated: The items posted are marked as open or cleared. Indicator Inactivated: The items posted has no offsetting option, with open and clared marks. Accounts managed as open items: Clearing accounts Blank Clearing Account Payroll Clearing Account Cash Discount Clearing Account GR/IR Clearing Account Accounts that are NOT managed as open items: Bank Accounts Tax Accounts Raw Material Accounts Reconciliation Accounts (There are managed implicitly using the subledger open item function) Profit and Loss Accounts Materials Management (MM) Accounts (Posted with a posting key that has account type 'M') Create/Bank/Interest | Control of Document Creation ( Company Code) Post Automatically Only Indicates that this account can only be posted to by the system using account determination tables. Docum ent Split Document Splitting is a function delivered initially within the New G/L, similar to FI-SL splitting available from release 4.7 onwards. It is an essential tool for drawing up complete financial statements for the selected dimensions (e.g. Segment, Profit Center, Business Area, Fund, Grant or Customer field) at any time. Document splitting splits up line items during the posting for selected dimensions such as receivable lines by "Profit Center". Also, to affect a zero balance setting in the document for selected dimensions such as "Segment", document splitting can be used. The zero balance setting may generate additional clearing lines in the general ledger view. Seq Transaction Name Module Reference SAP Path Comments 001 GSP_CD Maintain constans FI-GL 002 GSP_KD Maintain account determination FI-GL 003 GSP_KD1 Maintain acct deter: 0 balance FI-GL 004 GSP_KD2 Maintain acct deter: Additional rows FI-GL 005 GSP_LD Define item type FI-GL business transaction - do not change 006 GSP_LZ1 SAP internal item cat. Assigment FI-GL assignment do de cima 007 GSP_LZ2 Allocation: acct number - item type FI-GL Clsssify G/L Accounts for Document Splitting 008 GSP_MD Define Splitting Method FI-GL 009 GSP_PD Define business process FI-GL do not change 010 GSP_RD Define Split Rule FI-GL 011 GSP_VD Define business process variant FI-GL 012 GSP_VZ1 Transaction->process var. assignment FI-GL Assigment: Transaction Code - Accounting Transaction Variant 013 GSP_VZ2 MM movem. Type->process var. assgmt FI-GL Assigment: MM Movement Type - Accounting Transaction Variant 014 GSP_VZ3 FI doc type->process var. assignment FI-GL Classify FI Document Type for Document Splitting Views Entry View | Based on table BSEG as used in Classic G/L General Ledger View | Based on the New G/L tables for ECC (ACDOCA for S/4 HANA) You can choose between displaying the document either in its original form in the entry view or with the generated clearing lines from the perspective of a ledger in the general ledger view. Issues Balancing Field is not Filled |Error messages for example "the balancing field is not filled" may arise while you are working with relevant business processes. These issues are usually based on missing or incorrect document split customizing New G/L Migration | Subsequent activation of document split functionality within a productive environment (with existing transactional data) is critical. It has to be handled with a separate migration project Subsequent Changes | Processes in a customer system are dynamic and changes in document split customizing may arise. If subsequent changes are necessary, please refer to the long text of the warnings and also to OSS Note 891144 1. Document Split Functionality With the functionality 'document splitting' a complete financial statement for selected dimensions can be provided at any time. Document splitting splits up line items for selected dimensions such as "Segment", "Profit Center", etc. Document Splitting Method | A splitting method contains the splitting rules governing how the individual item categories are dealt with Splitting Rule | Depending on the business transactions the rule governs how the individual item categories will be processed by the system Business Transaction | SAP delivers 10 business transactions. A business transaction describes the structure of a business process for each document type. For each business transaction, you can determine which item categories (can) appear in the transaction. Business transactions are only used in document splitting Item category | The item category characterizes the items of an accounting document. You need to classify the individual document items so that the system knows how to handle them. Therefore, an item category has to be assigned to all G/L accounts (T-Code: GSP_LZ2) Processing category | The processing category controls how the amounts are split. 0 | Transfer a fixed value (No Splitting) 1 | Splitting by base item categories specified 2 | Splitting based on current account balance Warning When using document splitting SAP recommends to avoid posting mixed business processes A new document type for each business process needs to be defined in order to separate them. Generally it has to be ensured that each business process is posted with an appropriate document type (Example: Within SAP standard delivered customizing for business transaction "0300 Vendor Invoices" it is not possible to post customer or bank account lines) 2. New G/L Scenarios In order to define the relevant fields to be updated within open items and totals, scenarios have to be assigned to the ledgers used. SAP standard delivers 6 scenarios (Also custom fields can be assigned). To split the posted items of a particular ledger by the selected criteria (Segment, Profit Center, Custom Field [ZZxxx], etc.), the relevant New G/L scenario has to be assigned to the ledger. 2.1. Define Document Splitting Method The document splitting method contains the rules governing how the individual item categories are dealt with. In case changes need to be applied to standard customizing, SAP recommends copying the standard method 0000000012 and applying the changes. 2.1.1. Define Document Splitting Method T-Code | SM30 ( V_T8G01) Path | IMG -> Financial Accounting (New) -> General Ledger Accounting (New) -> Business Transactions -> Document Splitting -> Extended Document Splitting -> Define Document Splitting Method Step 1 | Create an own defined method (e.g. Z000000012) Step 2 | Select all rules included in the standard method and copy it to the Z000000012 Step 3 | Apply the changes needed Step 4 | Activate the new to be used document splitting method 2.2. Activate Document Splitting T-Code | SM34 (VC_FAGL_SPLIT) Path | IMG -> Financial Accounting (New) -> General Ledger Accounting (New) -> Business Transactions >- Document Splitting -> Activate Document Splitting Step 1 | Document Splitting Assignment - Document splitting method has to be assigned (e.g. Z000000012) Step 2 | Activating Inheritance of Account Assignments Inheritance of Account Assignments The indicator "Inheritance of Account Assignments" transfers the account assignments which are defined as split criteria. The values of the split criteria are always taken into consideration together as a combination of the account assignments. The field values are inherited only in case the account assignment combination is unique within the complete document. That means the account assignments are being inherited if the values of the split criteria in the complete document are the same. Please consider that only account assignments relevant for the balance sheet (G/L split criteria) are taken over since it is rather a fallback mechanism for the unassigned processes Hint: There is also a possibility to deactivate inheritance for some specific business transactions. Deactivating Inheritance of Account Assignments T-Code | GSP_RD Path | IMG -> Financial Accounting (New) -> General Ledger Accounting (New) -> Business Transactions -> Document Splitting -> Extended Document Splitting -> Define Document Splitting Rules Step 1 | In the "Header Data", double click in the "Method + Business Transaction + Variant" desired Step 2 | Flag the indicator " No Inheritance of A/c Assignments" Hint: This indicator 'No Inheritance of A/c Assignments' can be set/removed in the definition of the business transaction (Only available in ERP2005) Activation Standard A/C Assignment on the Splitting Method Level The constant defines default account assignments for all line items for which it is not possible to derive any account assignments via the splitting rule or the inheritance. To activate this function select indicator "Standard A/C Assgnmt" and assign the constant. Constant Definition T-Code | SM34 (FAGL_CONSTANTS_GLOBAL) Path | IMG -> Financial Accounting (New) -> General Ledger Accounting (New) -> Business Transactions >- Document Splitting -> Edit Constant for Nonassigne d Processes Step 1 | Create the Constant (eg. Zxxx) Step 2 | Assign Profit Center Deactivate Constant Default at Business Transaction Level T-Code | GSP_RD Path | IMG -> Financial Accounting (New) -> General Ledger Accounting (New) -> Business Transactions -> Document Splitting -> Extended Document Splitting -> Define Document Splitting Rules Step 1 | In the "Header Data", double click in the "Method + Business Transaction + Variant" desired Step 2 | Flag the indicator " No Default of A/c Assignments" There is also a possibility to deactivate the default account assignment (constant) set on method level for some specific business transactions. Deactivate Document Splitting at Company Code Level Document split can be deactivated at company code level. In case one or more company codes in your system should not use document splitting functionality, then choose the "inactive" indicator at company code level. Define Document Splitting T-Code | SM34 (VC_FAGL_SPLIT) Path | IMG -> Financial Accounting (New) -> General Ledger Accounting (New) -> Business Transactions >- Document Splitting -> Activate Document Splitting Step 1 | In the Dialog Structure, click in "Deactivation per Company Code" Step 2 | Flag the indicator "Inactive" in the desired Company Code Warning: If you perform any cross company code postings please make sure that all company codes involved use document splitting Hint: In addition the company codes which are used in cross company postings have to be assigned in Transaction "OBY6" to companies in a 1:1 relation 2.3. Document splitting characteristics Document splitting is a tool for drawing up complete financial statements for selected dimensions. Additional zero balance items are automatically created in case the balance of account assignment objects is not zero. Document splitting characteristics can be defined for General Ledger and additional characteristics for controlling and assets. Characteristics for General Ledger Accounting Characteristics for Controlling Characteristics for Cash Discounts Capitalized to Assets 2.3.1. Document splitting Characteristics for General Ledger In this IMG-step the account assignments taken into consideration in document splitting are defined. It can be defined if a zero balance setting for the characteristic and a partner field has to be used. If the zero balance flag has been activated, the system makes sure that the document balances to zero on account assignment level. The account assignment can also be defined as mandatory. The system accepts postings if the account assignment has been filled in the general ledger view. Either it can be filled in the entry view by entering it or it is derived from the document splitting rules. If a field is defined as a splitting characteristic, but the relevant scenario or custom field is not assigned to a ledger, then it will not be updated in certain new g/l tables. The account assignments specified have to be maintained at least in one of the ledgers. Otherwise the mandatory check is not processed. 2.3.2. Define Document Splitting Characteristics for Controlling Document splitting characteristics for controlling are being transferred only into relevant line items. The CO account assignments are just needed for the cost elements. Therefore the accounts of the corresponding line items need to be defined as a cost element. 2.3.3. Characteristics for Cash Discounts Capitalized to Assets (Post-Capitalization of Cash Discount to Assets) he activation of the "Post-Capitalization of Cash Discount to Assets" has the effect that the cash discount of an asset-relevant payment is not posted to the cash discount account, but directly to the asset. 2.3.4. Zero balance indicator and balance zero clearing account The zero balance indicator setting, ensures that the document is balanced according to document split characteristics for the selected dimensions such as "Segment". In case the balance of account assignment objects is not zero after document splitting the system generates additional clearing items. The triggered line items in the document are posted to the zero balance clearing account defined for each account key in customizing. Define Zero-Balance Clearing Account T-Code | GSP_KD1 Path | IMG -> Financial Accounting (New) -> General Ledger Accounting (New) -> Business Transactions >- Document Splitting -> Define Zero-Balance Clearing Account Warning: Therefore, a clearing account has to be created for the additional clearing line items. 2.4. Account key assignment (define zero-balance clearing account) As explained above in some business processes additional clearing line items have to be created automatically so a full financial statement per splitting criteria is available. The automatic posting is made to a zero-balance clearing account defined in the account key. One or more zero-balance clearing accounts may be used. To post to different clearing accounts, each clearing account has to be assigned to a separate account key and each account key to the relevant business transaction variants. Define Zero-Balance Clearing Account T-Code | GSP_KD1 Path | IMG -> Financial Accounting (New) -> General Ledger Accounting (New) -> Business Transactions >- Document Splitting -> Define Zero-Balance Clearing Account 2.5. Constant definition In order to set default account assignments within the document splitting, one or more constants can be defined. Edit Constants for Non-assigned Processes T-Code | GSP_CD Path | IMG -> Financial Accounting (New) -> General Ledger Accounting (New) -> Business Transactions >- Document Splitting -> Edit Constants for Non-assigned Processes For defining the constant only the defined split criteria can be chosen. A default value can either be assigned to all or just to several split criteria. The default values are always set as a combination, meaning all or nothing. Example: Split criteria A and B is set as default If fields A and B are both not filled during posting, the default values of the constant are set. If field A is set with the default value of the constant and B is not filled, the constant fills the value of field B. If field A is set but not with the default value of the constant, nothing is done by the constant. If any other split criteria is filled which is not defined within the constant, the constant fills fields A and B. If an assigned split criteria is set with default 'blank', the system considers 'blank' as a value. Two different ways of using a constant exist: General constant for all business processes Specific constant assigned to explicit item categories References: SAP (www.sap.com ); SAP Support (support.sap.com ); SAP Help (help.sap.com ); SAP Blog (blogs.sap.com )

When we are working on daily activities, doing customizing, testing and checking, it is very common to work with different screens logged in different environments and clients. Using the same color can be tricky and lead to mistakes. A good alternative is to change the colors to identify between the DEV and QA environment, or even between DEV Gold and DEV unit test. SAP Optimization SAP GUI Layout Color Parameter ID SAP Field Commands Adding transaction codes (T-Codes) in the SAP Menu Removing SAP Initial Picture Show Keys within Dropdown Lists SAP GUI Layout Color When we are working on daily activities, doing customizing, testing and checking, it is very common to work with different screens logged in different environments and clients. Using the same color can be tricky and lead to mistakes. A good alternative is to change the colors to identify between the DEV and QA environment, or even between DEV Gold and DEV unit test. In this example we are going to change the colors of the same environment but of different clients. SAP DEV Client 100 (Gold) SAP DEV Client 200 (Unit Test) Log in Click in "More" SAP GUI Settgins and actions Options SAP DEV Client 100 (Gold) Visual Design Colors Settings Colors in System And choose the desired color In this case, I am setting client 100 with the golden color (yellow). SAP DEV Client 200 (Unit Test) Log in the other client Click in "More" SAP GUI Settgins and actions Options And repeat the steps. Visual Design Colors Settings Colors in System And choose the desired color In this case, I am setting client 200 with green color. Now you can log in and log out and these clients will keep the different colors and you will be able to work on both clients at the same time with no mistakes. Warning : Screens, backgrounds and options may differ due to the chosen SAP GUI version or theme. Parameter ID Go to "Maintain User Profile" T-Code: SU3 In the section "Patameters" Add Parameter ID Parameter Value In this example a Controlling Area is set using the Parameter ID "CAC". BUK - Company code CAC - Controlling Area ERB - Operating Concern FWS - Currency Unit GJR - Fiscal Year KPL - Chart Of account WRK - Plant SAP Field Commands To call a transaction | In the same session Command: /n How: Enter: /nxxxx (xxxx = transaction code) To call a transaction | In the same session, whereby the initial screen is skipped Command: /* How: Enter: /*xxxx (xxxx = transaction code) To call a transaction | In a additional session Command: /o How: Enter: /oxxxx (xxxx = transaction code) To end the current transaction Command: /n How: Enter: /n (Unsaved changes are lost without warning) To delete the current session Command: /i To generate a session list Command: /o To end the current transaction and return to the starting menu Command: /ns000 To log off from the system Command: /nend To log off from the system without a confirmation prompt Command: /nex How: Enter: /nex (Changes that were not saved are lost without warning) Adding transaction codes (T-Codes) in the SAP Menu In the initial screen Go to Extras -> Settings And Select "Display Technical Names" You can see in the screenshot: Before activation, only transaction names are displayed. Then you can see the displayed T-Codes. Knowing the T-Codes, you can access the transaction using the command prompt directly, saving you some time. Instead of navigating through the SAP menu every time. Removing SAP Initial Picture In the initial screen Go to Extras -> Settings And Select "Do Not Display Picture" The default image on most SAP installations is the same. It's the standard "a drop in water" image. There are companies that customize that image, changing it to the company logo. But you have this option to remove it, and leave the home screen a little cleaner. Show Keys within Dropdown Lists Dropdown lists in SAP without these flags only show available descriptions. After activating this option you will be able to see, not only the descriptions, but also the object names. By selecting "Sort by Key", the dropdown will be sorted alphabetically by object names. In the SAP GUI Go to Options Then, go to "Interaction Design" -> "Visualization 1" In the section "Controls" Select: Show Keys Within Dropdown List Sort By Keys Within Dropdown lists for Most Efficient Keyboard Input References: SAP (www.sap.com ); SAP Support (support.sap.com ); SAP Help (help.sap.com ); SAP Blog (blogs.sap.com )