web/html/docs/security-guide/es_ES chap-Security_Guide-Securing_Your_Network.html, 1.1, 1.2 chap-Security_Guide-Security_Overview.html, 1.1, 1.2 index.html, 1.1, 1.2 pref-Security_Guide-Preface.html, 1.1, 1.2 sect-Security_Guide-Kerberos.html, 1.1, 1.2 sect-Security_Guide-Threats_to_Server_Security-Inattentive_Administration.html, 1.1, 1.2
Eric Christensen
sparks at fedoraproject.org
Tue Jul 28 21:37:44 UTC 2009
Author: sparks
Update of /cvs/fedora/web/html/docs/security-guide/es_ES
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv16910/es_ES
Modified Files:
chap-Security_Guide-Securing_Your_Network.html
chap-Security_Guide-Security_Overview.html index.html
pref-Security_Guide-Preface.html
sect-Security_Guide-Kerberos.html
sect-Security_Guide-Threats_to_Server_Security-Inattentive_Administration.html
Log Message:
Latest Spanish version of the Security Guide.
Index: chap-Security_Guide-Securing_Your_Network.html
===================================================================
RCS file: /cvs/fedora/web/html/docs/security-guide/es_ES/chap-Security_Guide-Securing_Your_Network.html,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- chap-Security_Guide-Securing_Your_Network.html 19 Jul 2009 23:53:13 -0000 1.1
+++ chap-Security_Guide-Securing_Your_Network.html 28 Jul 2009 21:37:43 -0000 1.2
@@ -23,7 +23,7 @@
</div><div class="para">
If the workstation is located in a place where only authorized or trusted people have access, however, then securing the BIOS or the boot loader may not be necessary.
</div><div class="section" lang="es-ES" xml:lang="es-ES"><div class="titlepage"><div><div><h4 class="title" id="sect-Security_Guide-BIOS_and_Boot_Loader_Security-BIOS_Passwords">2.1.2.1. Contraseña BIOS</h4></div></div></div><div class="para">
- The two primary reasons for password protecting the BIOS of a computer are<sup>[<a id="id2989569" href="#ftn.id2989569" class="footnote">11</a>]</sup>:
+ The two primary reasons for password protecting the BIOS of a computer are<sup>[<a id="id854263" href="#ftn.id854263" class="footnote">11</a>]</sup>:
</div><div class="orderedlist"><ol><li><div class="para">
<span class="emphasis"><em>Preventing Changes to BIOS Settings</em></span> — If an intruder has access to the BIOS, they can set it to boot from a diskette or CD-ROM. This makes it possible for them to enter rescue mode or single user mode, which in turn allows them to start arbitrary processes on the system or copy sensitive data.
</div></li><li><div class="para">
@@ -55,7 +55,7 @@
Next, edit the GRUB configuration file <code class="filename">/boot/grub/grub.conf</code>. Open the file and below the <code class="command">timeout</code> line in the main section of the document, add the following line:
</div><pre class="screen"><code class="command">password --md5 <em class="replaceable"><code><password-hash></code></em></code>
</pre><div class="para">
- Replace <em class="replaceable"><code><password-hash></code></em> with the value returned by <code class="command">/sbin/grub-md5-crypt</code><sup>[<a id="id2989320" href="#ftn.id2989320" class="footnote">12</a>]</sup>.
+ Replace <em class="replaceable"><code><password-hash></code></em> with the value returned by <code class="command">/sbin/grub-md5-crypt</code><sup>[<a id="id854045" href="#ftn.id854045" class="footnote">12</a>]</sup>.
</div><div class="para">
The next time the system boots, the GRUB menu prevents access to the editor or command interface without first pressing <span class="keycap"><strong>p</strong></span> followed by the GRUB password.
</div><div class="para">
@@ -310,12 +310,12 @@
</td></tr><tr><td>
Use PAM to limit root access to services.
</td><td>
- Edit the file for the target service in the <code class="filename">/etc/pam.d/</code> directory. Make sure the <code class="filename">pam_listfile.so</code> is required for authentication.<sup>[<a id="id2884484" href="#ftn.id2884484" class="footnote">a</a>]</sup>
+ Edit the file for the target service in the <code class="filename">/etc/pam.d/</code> directory. Make sure the <code class="filename">pam_listfile.so</code> is required for authentication.<sup>[<a id="id806733" href="#ftn.id806733" class="footnote">a</a>]</sup>
</td><td>
<table class="simplelist" border="0" summary="Simple list"><tr><td>Prevents root access to network services that are PAM aware. </td></tr><tr><td>The following services are prevented from accessing the root account: </td></tr><tr><td>· FTP clients </td></tr><tr><td>· Email clients </td></tr><tr><td>· <code class="command">login</code></td></tr><tr><td>· <code class="command">gdm</code></td></tr><tr><td>· <code class="command">kdm</code></td></tr><tr><td>· <code class="command">xdm</code></td></tr><tr><td>· <code class="command">ssh</code></td></tr><tr><td>· <code class="command">scp</code></td></tr><tr><td>· <code class="command">sftp</code></td></tr><tr><td>· Any PAM aware services </td></tr></table>
</td><td>
<table class="simplelist" border="0" summary="Simple list"><tr><td>Programs and services that are not PAM aware. </td></tr></table>
- </td></tr></tbody><tbody class="footnotes"><tr><td colspan="4"><div class="footnote"><p><sup>[<a id="ftn.id2884484" href="#id2884484" class="para">a</a>] </sup>
+ </td></tr></tbody><tbody class="footnotes"><tr><td colspan="4"><div class="footnote"><p><sup>[<a id="ftn.id806733" href="#id806733" class="para">a</a>] </sup>
Refer to <a class="xref" href="chap-Security_Guide-Securing_Your_Network.html#sect-Security_Guide-Disallowing_Root_Access-Disabling_Root_Using_PAM" title="2.1.4.2.4. Desabilitando Root Usando PAM">Sección 2.1.4.2.4, “Desabilitando Root Usando PAMâ€</a> for details.
</p></div></td></tr></tbody></table></div><h6>Tabla 2.1. Methods of Disabling the Root Account</h6></div><br class="table-break" /><div class="section" lang="es-ES" xml:lang="es-ES"><div class="titlepage"><div><div><h5 class="title" id="sect-Security_Guide-Disallowing_Root_Access-Disabling_the_Root_Shell">2.1.4.2.1. Disabling the Root Shell</h5></div></div></div><div class="para">
To prevent users from logging in directly as root, the system administrator can set the root account's shell to <code class="command">/sbin/nologin</code> in the <code class="filename">/etc/passwd</code> file. This prevents access to the root account through commands that require a shell, such as the <code class="command">su</code> and the <code class="command">ssh</code> commands.
@@ -350,7 +350,7 @@
</div><div class="section" lang="es-ES" xml:lang="es-ES"><div class="titlepage"><div><div><h5 class="title" id="sect-Security_Guide-Limiting_Root_Access-The_su_Command">2.1.4.3.1. El Comando <code class="command">su</code></h5></div></div></div><div class="para">
When a user executes the <code class="command">su</code> command, they are prompted for the root password and, after authentication, is given a root shell prompt.
</div><div class="para">
- Once logged in via the <code class="command">su</code> command, the user <span class="emphasis"><em>is</em></span> the root user and has absolute administrative access to the system<sup>[<a id="id2936846" href="#ftn.id2936846" class="footnote">13</a>]</sup>. In addition, once a user has become root, it is possible for them to use the <code class="command">su</code> command to change to any other user on the system without being prompted for a password.
+ Once logged in via the <code class="command">su</code> command, the user <span class="emphasis"><em>is</em></span> the root user and has absolute administrative access to the system<sup>[<a id="id815607" href="#ftn.id815607" class="footnote">13</a>]</sup>. In addition, once a user has become root, it is possible for them to use the <code class="command">su</code> command to change to any other user on the system without being prompted for a password.
</div><div class="para">
Because this program is so powerful, administrators within an organization may wish to limit who has access to the command.
</div><div class="para">
@@ -524,10 +524,10 @@
Although the <code class="command">sshd</code> service is inherently secure, the service <span class="emphasis"><em>must</em></span> be kept up-to-date to prevent security threats. Refer to <a class="xref" href="sect-Security_Guide-Security_Updates.html" title="1.5. Actualizaciones de Seguridad">Sección 1.5, “Actualizaciones de Seguridadâ€</a> for more information.
</div></div><div class="para">
GPG is one way to ensure private email communication. It can be used both to email sensitive data over public networks and to protect sensitive data on hard drives.
- </div></div></div><div class="footnotes"><br /><hr /><div class="footnote"><p><sup>[<a id="ftn.id2989569" href="#id2989569" class="para">11</a>] </sup>
+ </div></div></div><div class="footnotes"><br /><hr /><div class="footnote"><p><sup>[<a id="ftn.id854263" href="#id854263" class="para">11</a>] </sup>
Since system BIOSes differ between manufacturers, some may not support password protection of either type, while others may support one type but not the other.
- </p></div><div class="footnote"><p><sup>[<a id="ftn.id2989320" href="#id2989320" class="para">12</a>] </sup>
+ </p></div><div class="footnote"><p><sup>[<a id="ftn.id854045" href="#id854045" class="para">12</a>] </sup>
GRUB also accepts unencrypted passwords, but it is recommended that an MD5 hash be used for added security.
- </p></div><div class="footnote"><p><sup>[<a id="ftn.id2936846" href="#id2936846" class="para">13</a>] </sup>
+ </p></div><div class="footnote"><p><sup>[<a id="ftn.id815607" href="#id815607" class="para">13</a>] </sup>
This access is still subject to the restrictions imposed by SELinux, if it is enabled.
</p></div></div></div><ul class="docnav"><li class="previous"><a accesskey="p" href="sect-Security_Guide-Updating_Packages-Applying_the_Changes.html"><strong>Anterior</strong>1.5.4. Applying the Changes</a></li><li class="up"><a accesskey="u" href="#"><strong>Subir</strong></a></li><li class="home"><a accesskey="h" href="index.html"><strong>Inicio</strong></a></li><li class="next"><a accesskey="n" href="sect-Security_Guide-Server_Security.html"><strong>Siguiente</strong>2.2. Server Security</a></li></ul></body></html>
Index: chap-Security_Guide-Security_Overview.html
===================================================================
RCS file: /cvs/fedora/web/html/docs/security-guide/es_ES/chap-Security_Guide-Security_Overview.html,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- chap-Security_Guide-Security_Overview.html 19 Jul 2009 23:53:13 -0000 1.1
+++ chap-Security_Guide-Security_Overview.html 28 Jul 2009 21:37:43 -0000 1.2
@@ -7,7 +7,7 @@
</div><div class="section" lang="es-ES" xml:lang="es-ES"><div class="titlepage"><div><div><h2 class="title" id="sect-Security_Guide-Introduction_to_Security">1.1. Introduction to Security</h2></div></div></div><div class="section" lang="es-ES" xml:lang="es-ES"><div class="titlepage"><div><div><h3 class="title" id="sect-Security_Guide-Introduction_to_Security-What_is_Computer_Security">1.1.1. What is Computer Security?</h3></div></div></div><div class="para">
Computer security is a general term that covers a wide area of computing and information processing. Industries that depend on computer systems and networks to conduct daily business transactions and access crucial information regard their data as an important part of their overall assets. Several terms and metrics have entered our daily business vocabulary, such as total cost of ownership (TCO) and quality of service (QoS). Using these metrics, industries can calculate aspects such as data integrity and high-availability as part of their planning and process management costs. In some industries, such as electronic commerce, the availability and trustworthiness of data can be the difference between success and failure.
</div><div class="section" lang="es-ES" xml:lang="es-ES"><div class="titlepage"><div><div><h4 class="title" id="sect-Security_Guide-What_is_Computer_Security-How_did_Computer_Security_Come_about">1.1.1.1. How did Computer Security Come about?</h4></div></div></div><div class="para">
- Information security has evolved over the years due to the increasing reliance on public networks not to disclose personal, financial, and other restricted information. There are numerous instances such as the Mitnick <sup>[<a id="id2935210" href="#ftn.id2935210" class="footnote">1</a>]</sup>and the Vladimir Levin <sup>[<a id="id2920281" href="#ftn.id2920281" class="footnote">2</a>]</sup>cases that prompted organizations across all industries to re-think the way they handle information, as well as its transmission and disclosure. The popularity of the Internet was one of the most important developments that prompted an intensified effort in data security.
+ Information security has evolved over the years due to the increasing reliance on public networks not to disclose personal, financial, and other restricted information. There are numerous instances such as the Mitnick <sup>[<a id="id826085" href="#ftn.id826085" class="footnote">1</a>]</sup>and the Vladimir Levin <sup>[<a id="id826093" href="#ftn.id826093" class="footnote">2</a>]</sup>cases that prompted organizations across all industries to re-think the way they handle information, as well as its transmission and disclosure. The popularity of the Internet was one of the most important developments that prompted an intensified effort in data security.
</div><div class="para">
An ever-growing number of people are using their personal computers to gain access to the resources that the Internet has to offer. From research and information retrieval to electronic mail and commerce transaction, the Internet has been regarded as one of the most important developments of the 20th century.
</div><div class="para">
@@ -15,19 +15,19 @@
</div></div><div class="section" lang="es-ES" xml:lang="es-ES"><div class="titlepage"><div><div><h4 class="title" id="sect-Security_Guide-What_is_Computer_Security-Security_Today">1.1.1.2. Security Today</h4></div></div></div><div class="para">
In February of 2000, a Distributed Denial of Service (DDoS) attack was unleashed on several of the most heavily-trafficked sites on the Internet. The attack rendered yahoo.com, cnn.com, amazon.com, fbi.gov, and several other sites completely unreachable to normal users, as it tied up routers for several hours with large-byte ICMP packet transfers, also called a <em class="firstterm">ping flood</em>. The attack was brought on by unknown assailants using specially created, widely available programs that scanned vulnerable network servers, installed client applications called <em class="firstterm">trojans</em> on the servers, and timed an attack with every infected server flooding the victim sites and rendering them unavailable. Many blame the attack on fundamental flaws in the way routers and the protocols used are structured to accept all incoming data, no matter where or for what purpose the packets are sent.
</div><div class="para">
- In 2007, a data breach exploiting the widely-known weaknesses of the Wired Equivalent Privacy (WEP) wireless encryption protocol resulted in the theft from a global financial institution of over 45 million credit card numbers.<sup>[<a id="id2871672" href="#ftn.id2871672" class="footnote">3</a>]</sup>
+ In 2007, a data breach exploiting the widely-known weaknesses of the Wired Equivalent Privacy (WEP) wireless encryption protocol resulted in the theft from a global financial institution of over 45 million credit card numbers.<sup>[<a id="id826043" href="#ftn.id826043" class="footnote">3</a>]</sup>
</div><div class="para">
- In a separate incident, the billing records of over 2.2 million patients stored on a backup tape were stolen from the front seat of a courier's car.<sup>[<a id="id2904980" href="#ftn.id2904980" class="footnote">4</a>]</sup>
+ In a separate incident, the billing records of over 2.2 million patients stored on a backup tape were stolen from the front seat of a courier's car.<sup>[<a id="id826031" href="#ftn.id826031" class="footnote">4</a>]</sup>
</div><div class="para">
- Currently, an estimated 1.4 billion people use or have used the Internet worldwide.<sup>[<a id="id2953596" href="#ftn.id2953596" class="footnote">5</a>]</sup> At the same time:
+ Currently, an estimated 1.4 billion people use or have used the Internet worldwide.<sup>[<a id="id826018" href="#ftn.id826018" class="footnote">5</a>]</sup> At the same time:
</div><div class="itemizedlist"><ul><li><div class="para">
- On any given day, there are approximately 225 major incidences of security breach reported to the CERT Coordination Center at Carnegie Mellon University.<sup>[<a id="id2873499" href="#ftn.id2873499" class="footnote">6</a>]</sup>
+ On any given day, there are approximately 225 major incidences of security breach reported to the CERT Coordination Center at Carnegie Mellon University.<sup>[<a id="id826000" href="#ftn.id826000" class="footnote">6</a>]</sup>
</div></li><li><div class="para">
- In 2003, the number of CERT reported incidences jumped to 137,529 from 82,094 in 2002 and from 52,658 in 2001.<sup>[<a id="id2862502" href="#ftn.id2862502" class="footnote">7</a>]</sup>
+ In 2003, the number of CERT reported incidences jumped to 137,529 from 82,094 in 2002 and from 52,658 in 2001.<sup>[<a id="id825989" href="#ftn.id825989" class="footnote">7</a>]</sup>
</div></li><li><div class="para">
- The worldwide economic impact of the three most dangerous Internet Viruses of the last three years was estimated at US$13.2 Billion.<sup>[<a id="id2898770" href="#ftn.id2898770" class="footnote">8</a>]</sup>
+ The worldwide economic impact of the three most dangerous Internet Viruses of the last three years was estimated at US$13.2 Billion.<sup>[<a id="id825975" href="#ftn.id825975" class="footnote">8</a>]</sup>
</div></li></ul></div><div class="para">
- From a 2008 global survey of business and technology executives "The Global State of Information Security"<sup>[<a id="id2880029" href="#ftn.id2880029" class="footnote">9</a>]</sup>, undertaken by <span class="emphasis"><em>CIO Magazine</em></span>, some points are:
+ From a 2008 global survey of business and technology executives "The Global State of Information Security"<sup>[<a id="id825960" href="#ftn.id825960" class="footnote">9</a>]</sup>, undertaken by <span class="emphasis"><em>CIO Magazine</em></span>, some points are:
</div><div class="itemizedlist"><ul><li><div class="para">
Just 43% of respondents audit or monitor user compliance with security policies
</div></li><li><div class="para">
@@ -100,22 +100,22 @@
Personnel registration and accounting
</div></li></ul></div></div></div><div class="section" lang="es-ES" xml:lang="es-ES"><div class="titlepage"><div><div><h3 class="title" id="sect-Security_Guide-Introduction_to_Security-Conclusion">1.1.4. Conclusión</h3></div></div></div><div class="para">
Now that you have learned about the origins, reasons, and aspects of security, you will find it easier to determine the appropriate course of action with regard to Fedora. It is important to know what factors and conditions make up security in order to plan and implement a proper strategy. With this information in mind, the process can be formalized and the path becomes clearer as you delve deeper into the specifics of the security process.
- </div></div></div><div class="footnotes"><br /><hr /><div class="footnote"><p><sup>[<a id="ftn.id2935210" href="#id2935210" class="para">1</a>] </sup>
+ </div></div></div><div class="footnotes"><br /><hr /><div class="footnote"><p><sup>[<a id="ftn.id826085" href="#id826085" class="para">1</a>] </sup>
http://law.jrank.org/pages/3791/Kevin-Mitnick-Case-1999.html
- </p></div><div class="footnote"><p><sup>[<a id="ftn.id2920281" href="#id2920281" class="para">2</a>] </sup>
+ </p></div><div class="footnote"><p><sup>[<a id="ftn.id826093" href="#id826093" class="para">2</a>] </sup>
http://www.livinginternet.com/i/ia_hackers_levin.htm
- </p></div><div class="footnote"><p><sup>[<a id="ftn.id2871672" href="#id2871672" class="para">3</a>] </sup>
+ </p></div><div class="footnote"><p><sup>[<a id="ftn.id826043" href="#id826043" class="para">3</a>] </sup>
http://www.theregister.co.uk/2007/05/04/txj_nonfeasance/
- </p></div><div class="footnote"><p><sup>[<a id="ftn.id2904980" href="#id2904980" class="para">4</a>] </sup>
+ </p></div><div class="footnote"><p><sup>[<a id="ftn.id826031" href="#id826031" class="para">4</a>] </sup>
http://www.healthcareitnews.com/story.cms?id=9408
- </p></div><div class="footnote"><p><sup>[<a id="ftn.id2953596" href="#id2953596" class="para">5</a>] </sup>
+ </p></div><div class="footnote"><p><sup>[<a id="ftn.id826018" href="#id826018" class="para">5</a>] </sup>
http://www.internetworldstats.com/stats.htm
- </p></div><div class="footnote"><p><sup>[<a id="ftn.id2873499" href="#id2873499" class="para">6</a>] </sup>
+ </p></div><div class="footnote"><p><sup>[<a id="ftn.id826000" href="#id826000" class="para">6</a>] </sup>
http://www.cert.org
- </p></div><div class="footnote"><p><sup>[<a id="ftn.id2862502" href="#id2862502" class="para">7</a>] </sup>
+ </p></div><div class="footnote"><p><sup>[<a id="ftn.id825989" href="#id825989" class="para">7</a>] </sup>
http://www.cert.org/stats/fullstats.html
- </p></div><div class="footnote"><p><sup>[<a id="ftn.id2898770" href="#id2898770" class="para">8</a>] </sup>
+ </p></div><div class="footnote"><p><sup>[<a id="ftn.id825975" href="#id825975" class="para">8</a>] </sup>
http://www.newsfactor.com/perl/story/16407.html
- </p></div><div class="footnote"><p><sup>[<a id="ftn.id2880029" href="#id2880029" class="para">9</a>] </sup>
+ </p></div><div class="footnote"><p><sup>[<a id="ftn.id825960" href="#id825960" class="para">9</a>] </sup>
http://www.csoonline.com/article/454939/The_Global_State_of_Information_Security_
</p></div></div></div><ul class="docnav"><li class="previous"><a accesskey="p" href="We_Need_Feedback.html"><strong>Anterior</strong>2. ¡Se necesita retroalimentación!</a></li><li class="up"><a accesskey="u" href="#"><strong>Subir</strong></a></li><li class="home"><a accesskey="h" href="index.html"><strong>Inicio</strong></a></li><li class="next"><a accesskey="n" href="sect-Security_Guide-Vulnerability_Assessment.html"><strong>Siguiente</strong>1.2. Vulnerability Assessment</a></li></ul></body></html>
Index: index.html
===================================================================
RCS file: /cvs/fedora/web/html/docs/security-guide/es_ES/index.html,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- index.html 19 Jul 2009 23:53:13 -0000 1.1
+++ index.html 28 Jul 2009 21:37:43 -0000 1.2
@@ -1,8 +1,8 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>security-guide</title><link rel="stylesheet" href="./Common_Content/css/default.css" type="text/css" /><meta name="generator" content="publican" /><meta name="package" content="fedora-security-guide-es-ES-1.0-Security Guide" /><meta name="description" content="The Linux Security Guide is designed to assist users of Linux in learning the processes and practices of securing workstations and servers against local and remote intrusion, exploitation, and malicious activity. The Linux Security Guide details the planning and the tools involved in creating a secured computing environment for the data center, workplace, and home. With proper administrative knowledge, vigilance, and tools, systems running Linux can be both fully functional and secured from most common intrusion and exploit methods." /><link rel="home" href="index.html" title="security-guide" /><
link rel="next" href="pref-Security_Guide-Preface.html" title="Prefacio" /></head><body class=""><p id="title"><a class="left" href="http://www.fedoraproject.org"><img src="Common_Content/images/image_left.png" alt="Product Site" /></a><a class="right" href="http://docs.fedoraproject.org"><img src="Common_Content/images/image_right.png" alt="Documentation Site" /></a></p><ul class="docnav"><li class="previous"></li><li class="next"><a accesskey="n" href="pref-Security_Guide-Preface.html"><strong>Siguiente</strong></a></li></ul><div class="book" lang="es-ES" xml:lang="es-ES"><div class="titlepage"><div><div class="producttitle"><span class="productname">fedora</span> <span class="productnumber">11</span></div><div><h1 id="id2715584" class="title">security-guide</h1></div><div><h2 class="subtitle">A Guide to Securing Fedora Linux</h2></div><p class="edition">Edición 1.0</p><div><h3 class="corpauthor">
+<html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>security-guide</title><link rel="stylesheet" href="./Common_Content/css/default.css" type="text/css" /><meta name="generator" content="publican" /><meta name="package" content="fedora-security-guide-es-ES-1.0-Security Guide" /><meta name="description" content="The Linux Security Guide is designed to assist users of Linux in learning the processes and practices of securing workstations and servers against local and remote intrusion, exploitation, and malicious activity. The Linux Security Guide details the planning and the tools involved in creating a secured computing environment for the data center, workplace, and home. With proper administrative knowledge, vigilance, and tools, systems running Linux can be both fully functional and secured from most common intrusion and exploit methods." /><link rel="home" href="index.html" title="security-guide" /><
link rel="next" href="pref-Security_Guide-Preface.html" title="Prefacio" /></head><body class=""><p id="title"><a class="left" href="http://www.fedoraproject.org"><img src="Common_Content/images/image_left.png" alt="Product Site" /></a><a class="right" href="http://docs.fedoraproject.org"><img src="Common_Content/images/image_right.png" alt="Documentation Site" /></a></p><ul class="docnav"><li class="previous"></li><li class="next"><a accesskey="n" href="pref-Security_Guide-Preface.html"><strong>Siguiente</strong></a></li></ul><div class="book" lang="es-ES" xml:lang="es-ES"><div class="titlepage"><div><div class="producttitle"><span class="productname">fedora</span> <span class="productnumber">11</span></div><div><h1 id="id605009" class="title">security-guide</h1></div><div><h2 class="subtitle">A Guide to Securing Fedora Linux</h2></div><p class="edition">Edición 1.0</p><div><h3 class="corpauthor">
<span class="inlinemediaobject"><object data="Common_Content/images/title_logo.svg" type="image/svg+xml"> Logo</object></span>
- </h3></div><div><div class="authorgroup"><div class="author"><h3 class="author"><span class="firstname">Johnray</span> <span class="surname">Fuller</span></h3><div class="affiliation"><span class="orgname">Red Hat</span></div><code class="email"><a class="email" href="mailto:jrfuller at redhat.com">jrfuller at redhat.com</a></code></div><div class="author"><h3 class="author"><span class="firstname">John</span> <span class="surname">Ha</span></h3><div class="affiliation"><span class="orgname">Red Hat</span></div><code class="email"><a class="email" href="mailto:jha at redhat.com">jha at redhat.com</a></code></div><div class="author"><h3 class="author"><span class="firstname">David</span> <span class="surname">O'Brien</span></h3><div class="affiliation"><span class="orgname">Red Hat</span></div><code class="email"><a class="email" href="mailto:daobrien at redhat.com">daobrien at redhat.com</a></code></div><div class="author"><h3 class="author"><span class="firstname">Scott</span> <span class
="surname">Radvan</span></h3><div class="affiliation"><span class="orgname">Red Hat</span></div><code class="email"><a class="email" href="mailto:sradvan at redhat.com">sradvan at redhat.com</a></code></div><div class="author"><h3 class="author"><span class="firstname">Eric</span> <span class="surname">Christensen</span></h3><div class="affiliation"><span class="orgname">Fedora Project</span> <span class="orgdiv">Documentation Team</span></div><code class="email"><a class="email" href="mailto:sparks at fedoraproject.org">sparks at fedoraproject.org</a></code></div></div></div><hr /><div><div id="id2863429" class="legalnotice"><h1 class="legalnotice">aviso legal</h1><div class="para">
+ </h3></div><div><div class="authorgroup"><div class="author"><h3 class="author"><span class="firstname">Johnray</span> <span class="surname">Fuller</span></h3><div class="affiliation"><span class="orgname">Red Hat</span></div><code class="email"><a class="email" href="mailto:jrfuller at redhat.com">jrfuller at redhat.com</a></code></div><div class="author"><h3 class="author"><span class="firstname">John</span> <span class="surname">Ha</span></h3><div class="affiliation"><span class="orgname">Red Hat</span></div><code class="email"><a class="email" href="mailto:jha at redhat.com">jha at redhat.com</a></code></div><div class="author"><h3 class="author"><span class="firstname">David</span> <span class="surname">O'Brien</span></h3><div class="affiliation"><span class="orgname">Red Hat</span></div><code class="email"><a class="email" href="mailto:daobrien at redhat.com">daobrien at redhat.com</a></code></div><div class="author"><h3 class="author"><span class="firstname">Scott</span> <span class
="surname">Radvan</span></h3><div class="affiliation"><span class="orgname">Red Hat</span></div><code class="email"><a class="email" href="mailto:sradvan at redhat.com">sradvan at redhat.com</a></code></div><div class="author"><h3 class="author"><span class="firstname">Eric</span> <span class="surname">Christensen</span></h3><div class="affiliation"><span class="orgname">Fedora Project</span> <span class="orgdiv">Documentation Team</span></div><code class="email"><a class="email" href="mailto:sparks at fedoraproject.org">sparks at fedoraproject.org</a></code></div></div></div><hr /><div><div id="id735787" class="legalnotice"><h1 class="legalnotice">aviso legal</h1><div class="para">
Copyright <span class="trademark"></span>© 2008 Red Hat, Inc. This material may only be distributed subject to the terms and conditions set forth in the Open Publication License, V1.0, (the latest version is presently available at <a href="http://www.opencontent.org/openpub/">http://www.opencontent.org/openpub/</a>).
</div><div class="para">
Fedora and the Fedora Infinity Design logo are trademarks or registered trademarks of Red Hat, Inc., in the U.S. and other countries.
@@ -20,4 +20,4 @@
for the data center, workplace, and home. With proper
administrative knowledge, vigilance, and tools, systems running
Linux can be both fully functional and secured from most common
-intrusion and exploit methods.</div></div></div></div><hr /></div><div class="toc"><dl><dt><span class="preface"><a href="pref-Security_Guide-Preface.html">Prefacio</a></span></dt><dd><dl><dt><span class="section"><a href="pref-Security_Guide-Preface.html#id2955917">1. Convenciones del documento</a></span></dt><dd><dl><dt><span class="section"><a href="pref-Security_Guide-Preface.html#id2921728">1.1. Convenciones tipográficas</a></span></dt><dt><span class="section"><a href="pref-Security_Guide-Preface.html#id2875062">1.2. Convenciones del documento</a></span></dt><dt><span class="section"><a href="pref-Security_Guide-Preface.html#id2870552">1.3. Notas y advertencias</a></span></dt></dl></dd><dt><span class="section"><a href="We_Need_Feedback.html">2. ¡Se necesita retroalimentación!</a></span></dt></dl></dd><dt><span class="chapter"><a href="chap-Security_Guide-Security_Overview.html">1. Security Overview</a></span></dt><dd><dl><dt><span class="section"><a href="chap-Secu
rity_Guide-Security_Overview.html#sect-Security_Guide-Introduction_to_Security">1.1. Introduction to Security</a></span></dt><dd><dl><dt><span class="section"><a href="chap-Security_Guide-Security_Overview.html#sect-Security_Guide-Introduction_to_Security-What_is_Computer_Security">1.1.1. What is Computer Security?</a></span></dt><dt><span class="section"><a href="chap-Security_Guide-Security_Overview.html#sect-Security_Guide-Introduction_to_Security-SELinux">1.1.2. SELinux</a></span></dt><dt><span class="section"><a href="chap-Security_Guide-Security_Overview.html#sect-Security_Guide-Introduction_to_Security-Security_Controls">1.1.3. Security Controls</a></span></dt><dt><span class="section"><a href="chap-Security_Guide-Security_Overview.html#sect-Security_Guide-Introduction_to_Security-Conclusion">1.1.4. Conclusión</a></span></dt></dl></dd><dt><span class="section"><a href="sect-Security_Guide-Vulnerability_Assessment.html">1.2. Vulnerability Assessment</a></span></dt><dd
><dl><dt><span class="section"><a href="sect-Security_Guide-Vulnerability_Assessment.html#sect-Security_Guide-Vulnerability_Assessment-Thinking_Like_the_Enemy">1.2.1. Pensado como el Enemigo</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Vulnerability_Assessment-Defining_Assessment_and_Testing.html">1.2.2. Definiendo Evaluación y Pruebas</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Vulnerability_Assessment-Evaluating_the_Tools.html">1.2.3. Herramientas de Evaluación</a></span></dt></dl></dd><dt><span class="section"><a href="sect-Security_Guide-Attackers_and_Vulnerabilities.html">1.3. Attackers and Vulnerabilities</a></span></dt><dd><dl><dt><span class="section"><a href="sect-Security_Guide-Attackers_and_Vulnerabilities.html#sect-Security_Guide-Attackers_and_Vulnerabilities-A_Quick_History_of_Hackers">1.3.1. A Quick History of Hackers</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Attackers_and_Vulnerab
ilities-Threats_to_Network_Security.html">1.3.2. Threats to Network Security</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Attackers_and_Vulnerabilities-Threats_to_Server_Security.html">1.3.3. Threats to Server Security</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Attackers_and_Vulnerabilities-Threats_to_Workstation_and_Home_PC_Security.html">1.3.4. Threats to Workstation and Home PC Security</a></span></dt></dl></dd><dt><span class="section"><a href="sect-Security_Guide-Common_Exploits_and_Attacks.html">1.4. Ataques y Aprovechadas Comúnes</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Security_Updates.html">1.5. Actualizaciones de Seguridad</a></span></dt><dd><dl><dt><span class="section"><a href="sect-Security_Guide-Security_Updates.html#sect-Security_Guide-Security_Updates-Updating_Packages">1.5.1. Updating Packages</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Updating_Packag
es-Verifying_Signed_Packages.html">1.5.2. Verifying Signed Packages</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Updating_Packages-Installing_Signed_Packages.html">1.5.3. Installing Signed Packages</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Updating_Packages-Applying_the_Changes.html">1.5.4. Applying the Changes</a></span></dt></dl></dd></dl></dd><dt><span class="chapter"><a href="chap-Security_Guide-Securing_Your_Network.html">2. Securing Your Network</a></span></dt><dd><dl><dt><span class="section"><a href="chap-Security_Guide-Securing_Your_Network.html#sect-Security_Guide-Workstation_Security">2.1. Workstation Security</a></span></dt><dd><dl><dt><span class="section"><a href="chap-Security_Guide-Securing_Your_Network.html#sect-Security_Guide-Workstation_Security-Evaluating_Workstation_Security">2.1.1. Evaluating Workstation Security</a></span></dt><dt><span class="section"><a href="chap-Security_Guide-Securing_Your_Netwo
rk.html#sect-Security_Guide-Workstation_Security-BIOS_and_Boot_Loader_Security">2.1.2. BIOS and Boot Loader Security</a></span></dt><dt><span class="section"><a href="chap-Security_Guide-Securing_Your_Network.html#sect-Security_Guide-Workstation_Security-Password_Security">2.1.3. Password Security</a></span></dt><dt><span class="section"><a href="chap-Security_Guide-Securing_Your_Network.html#sect-Security_Guide-Workstation_Security-Administrative_Controls">2.1.4. Administrative Controls</a></span></dt><dt><span class="section"><a href="chap-Security_Guide-Securing_Your_Network.html#sect-Security_Guide-Workstation_Security-Available_Network_Services">2.1.5. Servicios de Red Disponibles</a></span></dt><dt><span class="section"><a href="chap-Security_Guide-Securing_Your_Network.html#sect-Security_Guide-Workstation_Security-Personal_Firewalls">2.1.6. Cortafuegos Personal:</a></span></dt><dt><span class="section"><a href="chap-Security_Guide-Securing_Your_Network.html#sect-Secur
ity_Guide-Workstation_Security-Security_Enhanced_Communication_Tools">2.1.7. Security Enhanced Communication Tools</a></span></dt></dl></dd><dt><span class="section"><a href="sect-Security_Guide-Server_Security.html">2.2. Server Security</a></span></dt><dd><dl><dt><span class="section"><a href="sect-Security_Guide-Server_Security.html#sect-Security_Guide-Server_Security-Securing_Services_With_TCP_Wrappers_and_xinetd">2.2.1. Securing Services With TCP Wrappers and xinetd</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Server_Security-Securing_Portmap.html">2.2.2. Securing Portmap</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Server_Security-Securing_NIS.html">2.2.3. Securing NIS</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Server_Security-Securing_NFS.html">2.2.4. Securing NFS</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Server_Security-Securing_the_Apache_HTTP_Server.html">2.2.5.
Securing the Apache HTTP Server</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Server_Security-Securing_FTP.html">2.2.6. Securing FTP</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Server_Security-Securing_Sendmail.html">2.2.7. Securing Sendmail</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Server_Security-Verifying_Which_Ports_Are_Listening.html">2.2.8. Verifying Which Ports Are Listening</a></span></dt></dl></dd><dt><span class="section"><a href="sect-Security_Guide-Single_Sign_on_SSO.html">2.3. Single Sign-on (SSO)</a></span></dt><dd><dl><dt><span class="section"><a href="sect-Security_Guide-Single_Sign_on_SSO.html#sect-Security_Guide-Single_Sign_on_SSO-Introduction">2.3.1. Introducción</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Single_Sign_on_SSO-Getting_Started_with_your_new_Smart_Card.html">2.3.2. Getting Started with your new Smart Card</a></span></dt><dt><span class="sec
tion"><a href="sect-Security_Guide-Single_Sign_on_SSO-How_Smart_Card_Enrollment_Works.html">2.3.3. How Smart Card Enrollment Works</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Single_Sign_on_SSO-How_Smart_Card_Login_Works.html">2.3.4. How Smart Card Login Works</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Single_Sign_on_SSO-Configuring_Firefox_to_use_Kerberos_for_SSO.html">2.3.5. Configuring Firefox to use Kerberos for SSO</a></span></dt></dl></dd><dt><span class="section"><a href="sect-Security_Guide-Pluggable_Authentication_Modules_PAM.html">2.4. Pluggable Authentication Modules (PAM)</a></span></dt><dd><dl><dt><span class="section"><a href="sect-Security_Guide-Pluggable_Authentication_Modules_PAM.html#sect-Security_Guide-Pluggable_Authentication_Modules_PAM-Advantages_of_PAM">2.4.1. Advantages of PAM</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Pluggable_Authentication_Modules_PAM-PAM_Configuration
_Files.html">2.4.2. PAM Configuration Files</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Pluggable_Authentication_Modules_PAM-PAM_Configuration_File_Format.html">2.4.3. PAM Configuration File Format</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Pluggable_Authentication_Modules_PAM-Sample_PAM_Configuration_Files.html">2.4.4. Sample PAM Configuration Files</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Pluggable_Authentication_Modules_PAM-Creating_PAM_Modules.html">2.4.5. Creating PAM Modules</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Pluggable_Authentication_Modules_PAM-PAM_and_Administrative_Credential_Caching.html">2.4.6. PAM and Administrative Credential Caching</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Pluggable_Authentication_Modules_PAM-PAM_and_Device_Ownership.html">2.4.7. PAM and Device Ownership</a></span></dt><dt><span class="section"><a hre
f="sect-Security_Guide-Pluggable_Authentication_Modules_PAM-Additional_Resources.html">2.4.8. Additional Resources</a></span></dt></dl></dd><dt><span class="section"><a href="sect-Security_Guide-TCP_Wrappers_and_xinetd.html">2.5. TCP Wrappers and xinetd</a></span></dt><dd><dl><dt><span class="section"><a href="sect-Security_Guide-TCP_Wrappers_and_xinetd.html#sect-Security_Guide-TCP_Wrappers_and_xinetd-TCP_Wrappers">2.5.1. TCP Wrappers</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-TCP_Wrappers_and_xinetd-TCP_Wrappers_Configuration_Files.html">2.5.2. TCP Wrappers Configuration Files</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-TCP_Wrappers_and_xinetd-xinetd.html">2.5.3. xinetd</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-TCP_Wrappers_and_xinetd-xinetd_Configuration_Files.html">2.5.4. xinetd Configuration Files</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-TCP_Wrappers_and_xinetd-A
dditional_Resources.html">2.5.5. Additional Resources</a></span></dt></dl></dd><dt><span class="section"><a href="sect-Security_Guide-Kerberos.html">2.6. Kerberos</a></span></dt><dd><dl><dt><span class="section"><a href="sect-Security_Guide-Kerberos.html#sect-Security_Guide-Kerberos-What_is_Kerberos">2.6.1. ¿Qué es Kerberos?</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Kerberos-Kerberos_Terminology.html">2.6.2. Kerberos Terminology</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Kerberos-How_Kerberos_Works.html">2.6.3. How Kerberos Works</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Kerberos-Kerberos_and_PAM.html">2.6.4. Kerberos y PAM</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Kerberos-Configuring_a_Kerberos_5_Server.html">2.6.5. Configuring a Kerberos 5 Server</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Kerberos-Configuring_a_Kerberos_5_Client.html"
>2.6.6. Configuring a Kerberos 5 Client</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Kerberos-Domain_to_Realm_Mapping.html">2.6.7. Domain-to-Realm Mapping</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Kerberos-Setting_Up_Secondary_KDCs.html">2.6.8. Setting Up Secondary KDCs</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Kerberos-Setting_Up_Cross_Realm_Authentication.html">2.6.9. Configurando la Autenticación Cruzada de Reinados</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Kerberos-Additional_Resources.html">2.6.10. Additional Resources</a></span></dt></dl></dd><dt><span class="section"><a href="sect-Security_Guide-Virtual_Private_Networks_VPNs.html">2.7. Virtual Private Networks (VPNs)</a></span></dt><dd><dl><dt><span class="section"><a href="sect-Security_Guide-Virtual_Private_Networks_VPNs.html#sect-Security_Guide-Virtual_Private_Networks_VPNs-How_Does_a_VPN_Work">2.7.1. How D
oes a VPN Work?</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Virtual_Private_Networks_VPNs-VPNs_and_PROD.html">2.7.2. VPNs and Fedora</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Virtual_Private_Networks_VPNs-IPsec.html">2.7.3. IPsec</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Virtual_Private_Networks_VPNs-Creating_an_IPsec_Connection.html">2.7.4. Creating an IPsec Connection</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Virtual_Private_Networks_VPNs-IPsec_Installation.html">2.7.5. IPsec Installation</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Virtual_Private_Networks_VPNs-IPsec_Host_to_Host_Configuration.html">2.7.6. IPsec Host-to-Host Configuration</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Virtual_Private_Networks_VPNs-IPsec_Network_to_Network_Configuration.html">2.7.7. IPsec Network-to-Network Configuration</a></span></d
t><dt><span class="section"><a href="sect-Security_Guide-Virtual_Private_Networks_VPNs-Starting_and_Stopping_an_IPsec_Connection.html">2.7.8. Starting and Stopping an IPsec Connection</a></span></dt></dl></dd><dt><span class="section"><a href="sect-Security_Guide-Firewalls.html">2.8. Firewalls</a></span></dt><dd><dl><dt><span class="section"><a href="sect-Security_Guide-Firewalls.html#sect-Security_Guide-Firewalls-Netfilter_and_IPTables">2.8.1. Netfilter e IPTables</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Firewalls-Basic_Firewall_Configuration.html">2.8.2. Configuración Básica del Cortafuego</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Firewalls-Using_IPTables.html">2.8.3. Uso de IPTables</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Firewalls-Common_IPTables_Filtering.html">2.8.4. Filtrado Común de IPTalbes</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Firewalls-FORWARD_
and_NAT_Rules.html">2.8.5. Reglas FORWARD y NAT</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Firewalls-Malicious_Software_and_Spoofed_IP_Addresses.html">2.8.6. Software Malicioso y Suplantación de Direcciones IP </a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Firewalls-IPTables_and_Connection_Tracking.html">2.8.7. IPTables y el Seguimiento de Conexión</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Firewalls-IPv6.html">2.8.8. IPv6</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Firewalls-Additional_Resources.html">2.8.9. Additional Resources</a></span></dt></dl></dd><dt><span class="section"><a href="sect-Security_Guide-IPTables.html">2.9. IPTables</a></span></dt><dd><dl><dt><span class="section"><a href="sect-Security_Guide-IPTables.html#sect-Security_Guide-IPTables-Packet_Filtering">2.9.1. Filtrado de Paquete</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-IP
Tables-Differences_Between_IPTables_and_IPChains.html">2.9.2. Differences Between IPTables and IPChains</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-IPTables-Command_Options_for_IPTables.html">2.9.3. Command Options for IPTables</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-IPTables-Saving_IPTables_Rules.html">2.9.4. Saving IPTables Rules</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-IPTables-IPTables_Control_Scripts.html">2.9.5. IPTables Control Scripts</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-IPTables-IPTables_and_IPv6.html">2.9.6. IPTables y IPv6</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-IPTables-Additional_Resources.html">2.9.7. Additional Resources</a></span></dt></dl></dd></dl></dd><dt><span class="chapter"><a href="chap-Security_Guide-Encryption.html">3. Encryption</a></span></dt><dd><dl><dt><span class="section"><a href="chap-Security_Guid
e-Encryption.html#sect-Security_Guide-Encryption-Data_at_Rest">3.1. Datos en Descanso</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Encryption-Protecting_Data_at_Rest-Full_Disk_Encryption.html">3.2. Encriptación Completa de Disco</a></span></dt><dt><span class="section"><a href="Security_Guide-Encryption-Protecting_Data_at_Rest-File_Based_Encryption.html">3.3. Encriptación Basada en Archivo</a></span></dt><dt><span class="section"><a href="Security_Guide-Encryption-Data_in_Motion.html">3.4. Datos en Movimiento</a></span></dt><dt><span class="section"><a href="Security_Guide-Encryption-Data_in_Motion-Virtual_Private_Networks.html">3.5. Virtual Private Networks</a></span></dt><dt><span class="section"><a href="Security_Guide-Encryption-Data_in_Motion-Secure_Shell.html">3.6. Shell Seguro</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-LUKS_Disk_Encryption.html">3.7. LUKS Disk Encryption</a></span></dt><dd><dl><dt><span class="sect
ion"><a href="sect-Security_Guide-LUKS_Disk_Encryption.html#sect-Security_Guide-LUKS_Disk_Encryption-LUKS_Implementation_in_Fedora">3.7.1. LUKS Implementation in Fedora</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-LUKS_Disk_Encryption-Manually_Encrypting_Directories.html">3.7.2. Manually Encrypting Directories</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-LUKS_Disk_Encryption-Manually_Encrypting_Directories-Step_by_Step_Instructions.html">3.7.3. Step-by-Step Instructions</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-LUKS_Disk_Encryption-Manually_Encrypting_Directories-What_you_have_just_accomplished.html">3.7.4. What you have just accomplished.</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-LUKS_Disk_Encryption-Links_of_Interest.html">3.7.5. Links of Interest</a></span></dt></dl></dd><dt><span class="section"><a href="sect-Security_Guide-Encryption-7_Zip_Encrypted_Archives.html">3
.8. 7-Zip Encrypted Archives</a></span></dt><dd><dl><dt><span class="section"><a href="sect-Security_Guide-Encryption-7_Zip_Encrypted_Archives.html#sect-Security_Guide-Encryption-7_Zip_Encrypted_Archives-Installation">3.8.1. 7-Zip Installation in Fedora</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Encryption-7_Zip_Encrypted_Archives-Installation-Instructions.html">3.8.2. Step-by-Step Installation Instructions</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Encryption-7_Zip_Encrypted_Archives-Usage_Instructions.html">3.8.3. Step-by-Step Usage Instructions</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Encryption-7_Zip_Encrypted_Archives-Things_of_note.html">3.8.4. Things of note</a></span></dt></dl></dd><dt><span class="section"><a href="sect-Security_Guide-Encryption-Using_GPG.html">3.9. Using GNU Privacy Guard (GnuPG)</a></span></dt><dd><dl><dt><span class="section"><a href="sect-Security_Guide-Encryption
-Using_GPG.html#sect-Security_Guide-Encryption-Using_GPG-Keys_in_GNOME">3.9.1. Creating GPG Keys in GNOME</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Encryption-Using_GPG-Creating_GPG_Keys_in_KDE1.html">3.9.2. Creating GPG Keys in KDE</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Encryption-Using_GPG-Creating_GPG_Keys_in_KDE.html">3.9.3. Creating GPG Keys Using the Command Line</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Encryption-Using_GPG-About_Public_Key_Encryption.html">3.9.4. About Public Key Encryption</a></span></dt></dl></dd></dl></dd><dt><span class="chapter"><a href="chap-Security_Guide-General_Principles_of_Information_Security.html">4. Principios Generales sobre la Seguridad de la Información</a></span></dt><dd><dl><dt><span class="section"><a href="chap-Security_Guide-General_Principles_of_Information_Security.html#sect-Security_Guide-General_Principles_of_Information_Security-Tips_Gui
des_and_Tools">4.1. Consejos, GuÃas y Herramientas</a></span></dt></dl></dd><dt><span class="chapter"><a href="chap-Security_Guide-Secure_Installation.html">5. Secure Installation</a></span></dt><dd><dl><dt><span class="section"><a href="chap-Security_Guide-Secure_Installation.html#sect-Security_Guide-Secure_Installation-Disk_Partitions">5.1. Disk Partitions</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Secure_Installation-Utilize_LUKS_Partition_Encryption.html">5.2. Utilize LUKS Partition Encryption</a></span></dt></dl></dd><dt><span class="chapter"><a href="chap-Security_Guide-Software_Maintenance.html">6. Mantenimiento de Software</a></span></dt><dd><dl><dt><span class="section"><a href="chap-Security_Guide-Software_Maintenance.html#sect-Security_Guide-Software_Maintenance-Install_Minimal_Software">6.1. Install Minimal Software</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Software_Maintenance-Plan_and_Configure_Security_Up
dates.html">6.2. Plan and Configure Security Updates</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Software_Maintenance-Plan_and_Configure_Security_Updates-Adjusting_Automatic_Updates.html">6.3. Ajustando Actualizaciones Automáticas</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Software_Maintenance-Install_Signed_Packages_from_Well_Known_Repositories.html">6.4. Install Signed Packages from Well Known Repositories</a></span></dt></dl></dd><dt><span class="chapter"><a href="chap-Security_Guide-References.html">7. Referencias</a></span></dt></dl></div></div><ul class="docnav"><li class="previous"></li><li class="next"><a accesskey="n" href="pref-Security_Guide-Preface.html"><strong>Siguiente</strong>Prefacio</a></li></ul></body></html>
+intrusion and exploit methods.</div></div></div></div><hr /></div><div class="toc"><dl><dt><span class="preface"><a href="pref-Security_Guide-Preface.html">Prefacio</a></span></dt><dd><dl><dt><span class="section"><a href="pref-Security_Guide-Preface.html#id726757">1. Convenciones del documento</a></span></dt><dd><dl><dt><span class="section"><a href="pref-Security_Guide-Preface.html#id776354">1.1. Convenciones tipográficas</a></span></dt><dt><span class="section"><a href="pref-Security_Guide-Preface.html#id728590">1.2. Convenciones del documento</a></span></dt><dt><span class="section"><a href="pref-Security_Guide-Preface.html#id774950">1.3. Notas y advertencias</a></span></dt></dl></dd><dt><span class="section"><a href="We_Need_Feedback.html">2. ¡Se necesita retroalimentación!</a></span></dt></dl></dd><dt><span class="chapter"><a href="chap-Security_Guide-Security_Overview.html">1. Security Overview</a></span></dt><dd><dl><dt><span class="section"><a href="chap-Security
_Guide-Security_Overview.html#sect-Security_Guide-Introduction_to_Security">1.1. Introduction to Security</a></span></dt><dd><dl><dt><span class="section"><a href="chap-Security_Guide-Security_Overview.html#sect-Security_Guide-Introduction_to_Security-What_is_Computer_Security">1.1.1. What is Computer Security?</a></span></dt><dt><span class="section"><a href="chap-Security_Guide-Security_Overview.html#sect-Security_Guide-Introduction_to_Security-SELinux">1.1.2. SELinux</a></span></dt><dt><span class="section"><a href="chap-Security_Guide-Security_Overview.html#sect-Security_Guide-Introduction_to_Security-Security_Controls">1.1.3. Security Controls</a></span></dt><dt><span class="section"><a href="chap-Security_Guide-Security_Overview.html#sect-Security_Guide-Introduction_to_Security-Conclusion">1.1.4. Conclusión</a></span></dt></dl></dd><dt><span class="section"><a href="sect-Security_Guide-Vulnerability_Assessment.html">1.2. Vulnerability Assessment</a></span></dt><dd><dl
><dt><span class="section"><a href="sect-Security_Guide-Vulnerability_Assessment.html#sect-Security_Guide-Vulnerability_Assessment-Thinking_Like_the_Enemy">1.2.1. Pensado como el Enemigo</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Vulnerability_Assessment-Defining_Assessment_and_Testing.html">1.2.2. Definiendo Evaluación y Pruebas</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Vulnerability_Assessment-Evaluating_the_Tools.html">1.2.3. Herramientas de Evaluación</a></span></dt></dl></dd><dt><span class="section"><a href="sect-Security_Guide-Attackers_and_Vulnerabilities.html">1.3. Attackers and Vulnerabilities</a></span></dt><dd><dl><dt><span class="section"><a href="sect-Security_Guide-Attackers_and_Vulnerabilities.html#sect-Security_Guide-Attackers_and_Vulnerabilities-A_Quick_History_of_Hackers">1.3.1. A Quick History of Hackers</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Attackers_and_Vulnerabilit
ies-Threats_to_Network_Security.html">1.3.2. Threats to Network Security</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Attackers_and_Vulnerabilities-Threats_to_Server_Security.html">1.3.3. Threats to Server Security</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Attackers_and_Vulnerabilities-Threats_to_Workstation_and_Home_PC_Security.html">1.3.4. Threats to Workstation and Home PC Security</a></span></dt></dl></dd><dt><span class="section"><a href="sect-Security_Guide-Common_Exploits_and_Attacks.html">1.4. Ataques y Aprovechadas Comúnes</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Security_Updates.html">1.5. Actualizaciones de Seguridad</a></span></dt><dd><dl><dt><span class="section"><a href="sect-Security_Guide-Security_Updates.html#sect-Security_Guide-Security_Updates-Updating_Packages">1.5.1. Updating Packages</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Updating_Packages-V
erifying_Signed_Packages.html">1.5.2. Verifying Signed Packages</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Updating_Packages-Installing_Signed_Packages.html">1.5.3. Installing Signed Packages</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Updating_Packages-Applying_the_Changes.html">1.5.4. Applying the Changes</a></span></dt></dl></dd></dl></dd><dt><span class="chapter"><a href="chap-Security_Guide-Securing_Your_Network.html">2. Securing Your Network</a></span></dt><dd><dl><dt><span class="section"><a href="chap-Security_Guide-Securing_Your_Network.html#sect-Security_Guide-Workstation_Security">2.1. Workstation Security</a></span></dt><dd><dl><dt><span class="section"><a href="chap-Security_Guide-Securing_Your_Network.html#sect-Security_Guide-Workstation_Security-Evaluating_Workstation_Security">2.1.1. Evaluating Workstation Security</a></span></dt><dt><span class="section"><a href="chap-Security_Guide-Securing_Your_Network.h
tml#sect-Security_Guide-Workstation_Security-BIOS_and_Boot_Loader_Security">2.1.2. BIOS and Boot Loader Security</a></span></dt><dt><span class="section"><a href="chap-Security_Guide-Securing_Your_Network.html#sect-Security_Guide-Workstation_Security-Password_Security">2.1.3. Password Security</a></span></dt><dt><span class="section"><a href="chap-Security_Guide-Securing_Your_Network.html#sect-Security_Guide-Workstation_Security-Administrative_Controls">2.1.4. Administrative Controls</a></span></dt><dt><span class="section"><a href="chap-Security_Guide-Securing_Your_Network.html#sect-Security_Guide-Workstation_Security-Available_Network_Services">2.1.5. Servicios de Red Disponibles</a></span></dt><dt><span class="section"><a href="chap-Security_Guide-Securing_Your_Network.html#sect-Security_Guide-Workstation_Security-Personal_Firewalls">2.1.6. Cortafuegos Personal:</a></span></dt><dt><span class="section"><a href="chap-Security_Guide-Securing_Your_Network.html#sect-Security_
Guide-Workstation_Security-Security_Enhanced_Communication_Tools">2.1.7. Security Enhanced Communication Tools</a></span></dt></dl></dd><dt><span class="section"><a href="sect-Security_Guide-Server_Security.html">2.2. Server Security</a></span></dt><dd><dl><dt><span class="section"><a href="sect-Security_Guide-Server_Security.html#sect-Security_Guide-Server_Security-Securing_Services_With_TCP_Wrappers_and_xinetd">2.2.1. Securing Services With TCP Wrappers and xinetd</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Server_Security-Securing_Portmap.html">2.2.2. Securing Portmap</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Server_Security-Securing_NIS.html">2.2.3. Securing NIS</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Server_Security-Securing_NFS.html">2.2.4. Securing NFS</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Server_Security-Securing_the_Apache_HTTP_Server.html">2.2.5. Secu
ring the Apache HTTP Server</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Server_Security-Securing_FTP.html">2.2.6. Securing FTP</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Server_Security-Securing_Sendmail.html">2.2.7. Securing Sendmail</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Server_Security-Verifying_Which_Ports_Are_Listening.html">2.2.8. Verifying Which Ports Are Listening</a></span></dt></dl></dd><dt><span class="section"><a href="sect-Security_Guide-Single_Sign_on_SSO.html">2.3. Single Sign-on (SSO)</a></span></dt><dd><dl><dt><span class="section"><a href="sect-Security_Guide-Single_Sign_on_SSO.html#sect-Security_Guide-Single_Sign_on_SSO-Introduction">2.3.1. Introducción</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Single_Sign_on_SSO-Getting_Started_with_your_new_Smart_Card.html">2.3.2. Getting Started with your new Smart Card</a></span></dt><dt><span class="section
"><a href="sect-Security_Guide-Single_Sign_on_SSO-How_Smart_Card_Enrollment_Works.html">2.3.3. How Smart Card Enrollment Works</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Single_Sign_on_SSO-How_Smart_Card_Login_Works.html">2.3.4. How Smart Card Login Works</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Single_Sign_on_SSO-Configuring_Firefox_to_use_Kerberos_for_SSO.html">2.3.5. Configuring Firefox to use Kerberos for SSO</a></span></dt></dl></dd><dt><span class="section"><a href="sect-Security_Guide-Pluggable_Authentication_Modules_PAM.html">2.4. Pluggable Authentication Modules (PAM)</a></span></dt><dd><dl><dt><span class="section"><a href="sect-Security_Guide-Pluggable_Authentication_Modules_PAM.html#sect-Security_Guide-Pluggable_Authentication_Modules_PAM-Advantages_of_PAM">2.4.1. Advantages of PAM</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Pluggable_Authentication_Modules_PAM-PAM_Configuration_Fil
es.html">2.4.2. PAM Configuration Files</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Pluggable_Authentication_Modules_PAM-PAM_Configuration_File_Format.html">2.4.3. PAM Configuration File Format</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Pluggable_Authentication_Modules_PAM-Sample_PAM_Configuration_Files.html">2.4.4. Sample PAM Configuration Files</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Pluggable_Authentication_Modules_PAM-Creating_PAM_Modules.html">2.4.5. Creating PAM Modules</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Pluggable_Authentication_Modules_PAM-PAM_and_Administrative_Credential_Caching.html">2.4.6. PAM and Administrative Credential Caching</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Pluggable_Authentication_Modules_PAM-PAM_and_Device_Ownership.html">2.4.7. PAM and Device Ownership</a></span></dt><dt><span class="section"><a href="s
ect-Security_Guide-Pluggable_Authentication_Modules_PAM-Additional_Resources.html">2.4.8. Additional Resources</a></span></dt></dl></dd><dt><span class="section"><a href="sect-Security_Guide-TCP_Wrappers_and_xinetd.html">2.5. TCP Wrappers and xinetd</a></span></dt><dd><dl><dt><span class="section"><a href="sect-Security_Guide-TCP_Wrappers_and_xinetd.html#sect-Security_Guide-TCP_Wrappers_and_xinetd-TCP_Wrappers">2.5.1. TCP Wrappers</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-TCP_Wrappers_and_xinetd-TCP_Wrappers_Configuration_Files.html">2.5.2. TCP Wrappers Configuration Files</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-TCP_Wrappers_and_xinetd-xinetd.html">2.5.3. xinetd</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-TCP_Wrappers_and_xinetd-xinetd_Configuration_Files.html">2.5.4. xinetd Configuration Files</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-TCP_Wrappers_and_xinetd-Addit
ional_Resources.html">2.5.5. Additional Resources</a></span></dt></dl></dd><dt><span class="section"><a href="sect-Security_Guide-Kerberos.html">2.6. Kerberos</a></span></dt><dd><dl><dt><span class="section"><a href="sect-Security_Guide-Kerberos.html#sect-Security_Guide-Kerberos-What_is_Kerberos">2.6.1. ¿Qué es Kerberos?</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Kerberos-Kerberos_Terminology.html">2.6.2. Kerberos Terminology</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Kerberos-How_Kerberos_Works.html">2.6.3. How Kerberos Works</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Kerberos-Kerberos_and_PAM.html">2.6.4. Kerberos y PAM</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Kerberos-Configuring_a_Kerberos_5_Server.html">2.6.5. Configuring a Kerberos 5 Server</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Kerberos-Configuring_a_Kerberos_5_Client.html">2.6
.6. Configuring a Kerberos 5 Client</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Kerberos-Domain_to_Realm_Mapping.html">2.6.7. Domain-to-Realm Mapping</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Kerberos-Setting_Up_Secondary_KDCs.html">2.6.8. Setting Up Secondary KDCs</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Kerberos-Setting_Up_Cross_Realm_Authentication.html">2.6.9. Configurando la Autenticación Cruzada de Reinados</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Kerberos-Additional_Resources.html">2.6.10. Additional Resources</a></span></dt></dl></dd><dt><span class="section"><a href="sect-Security_Guide-Virtual_Private_Networks_VPNs.html">2.7. Virtual Private Networks (VPNs)</a></span></dt><dd><dl><dt><span class="section"><a href="sect-Security_Guide-Virtual_Private_Networks_VPNs.html#sect-Security_Guide-Virtual_Private_Networks_VPNs-How_Does_a_VPN_Work">2.7.1. How Does
a VPN Work?</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Virtual_Private_Networks_VPNs-VPNs_and_PROD.html">2.7.2. VPNs and Fedora</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Virtual_Private_Networks_VPNs-IPsec.html">2.7.3. IPsec</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Virtual_Private_Networks_VPNs-Creating_an_IPsec_Connection.html">2.7.4. Creating an IPsec Connection</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Virtual_Private_Networks_VPNs-IPsec_Installation.html">2.7.5. IPsec Installation</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Virtual_Private_Networks_VPNs-IPsec_Host_to_Host_Configuration.html">2.7.6. IPsec Host-to-Host Configuration</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Virtual_Private_Networks_VPNs-IPsec_Network_to_Network_Configuration.html">2.7.7. IPsec Network-to-Network Configuration</a></span></dt><d
t><span class="section"><a href="sect-Security_Guide-Virtual_Private_Networks_VPNs-Starting_and_Stopping_an_IPsec_Connection.html">2.7.8. Starting and Stopping an IPsec Connection</a></span></dt></dl></dd><dt><span class="section"><a href="sect-Security_Guide-Firewalls.html">2.8. Firewalls</a></span></dt><dd><dl><dt><span class="section"><a href="sect-Security_Guide-Firewalls.html#sect-Security_Guide-Firewalls-Netfilter_and_IPTables">2.8.1. Netfilter e IPTables</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Firewalls-Basic_Firewall_Configuration.html">2.8.2. Configuración Básica del Cortafuego</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Firewalls-Using_IPTables.html">2.8.3. Uso de IPTables</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Firewalls-Common_IPTables_Filtering.html">2.8.4. Filtrado Común de IPTalbes</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Firewalls-FORWARD_and_
NAT_Rules.html">2.8.5. Reglas FORWARD y NAT</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Firewalls-Malicious_Software_and_Spoofed_IP_Addresses.html">2.8.6. Software Malicioso y Suplantación de Direcciones IP </a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Firewalls-IPTables_and_Connection_Tracking.html">2.8.7. IPTables y el Seguimiento de Conexión</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Firewalls-IPv6.html">2.8.8. IPv6</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Firewalls-Additional_Resources.html">2.8.9. Additional Resources</a></span></dt></dl></dd><dt><span class="section"><a href="sect-Security_Guide-IPTables.html">2.9. IPTables</a></span></dt><dd><dl><dt><span class="section"><a href="sect-Security_Guide-IPTables.html#sect-Security_Guide-IPTables-Packet_Filtering">2.9.1. Filtrado de Paquete</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-IPTabl
es-Differences_Between_IPTables_and_IPChains.html">2.9.2. Differences Between IPTables and IPChains</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-IPTables-Command_Options_for_IPTables.html">2.9.3. Command Options for IPTables</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-IPTables-Saving_IPTables_Rules.html">2.9.4. Saving IPTables Rules</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-IPTables-IPTables_Control_Scripts.html">2.9.5. IPTables Control Scripts</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-IPTables-IPTables_and_IPv6.html">2.9.6. IPTables y IPv6</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-IPTables-Additional_Resources.html">2.9.7. Additional Resources</a></span></dt></dl></dd></dl></dd><dt><span class="chapter"><a href="chap-Security_Guide-Encryption.html">3. Encryption</a></span></dt><dd><dl><dt><span class="section"><a href="chap-Security_Guide-En
cryption.html#sect-Security_Guide-Encryption-Data_at_Rest">3.1. Datos en Descanso</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Encryption-Protecting_Data_at_Rest-Full_Disk_Encryption.html">3.2. Encriptación Completa de Disco</a></span></dt><dt><span class="section"><a href="Security_Guide-Encryption-Protecting_Data_at_Rest-File_Based_Encryption.html">3.3. Encriptación Basada en Archivo</a></span></dt><dt><span class="section"><a href="Security_Guide-Encryption-Data_in_Motion.html">3.4. Datos en Movimiento</a></span></dt><dt><span class="section"><a href="Security_Guide-Encryption-Data_in_Motion-Virtual_Private_Networks.html">3.5. Virtual Private Networks</a></span></dt><dt><span class="section"><a href="Security_Guide-Encryption-Data_in_Motion-Secure_Shell.html">3.6. Shell Seguro</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-LUKS_Disk_Encryption.html">3.7. LUKS Disk Encryption</a></span></dt><dd><dl><dt><span class="section"
><a href="sect-Security_Guide-LUKS_Disk_Encryption.html#sect-Security_Guide-LUKS_Disk_Encryption-LUKS_Implementation_in_Fedora">3.7.1. LUKS Implementation in Fedora</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-LUKS_Disk_Encryption-Manually_Encrypting_Directories.html">3.7.2. Manually Encrypting Directories</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-LUKS_Disk_Encryption-Manually_Encrypting_Directories-Step_by_Step_Instructions.html">3.7.3. Step-by-Step Instructions</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-LUKS_Disk_Encryption-Manually_Encrypting_Directories-What_you_have_just_accomplished.html">3.7.4. What you have just accomplished.</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-LUKS_Disk_Encryption-Links_of_Interest.html">3.7.5. Links of Interest</a></span></dt></dl></dd><dt><span class="section"><a href="sect-Security_Guide-Encryption-7_Zip_Encrypted_Archives.html">3.8.
7-Zip Encrypted Archives</a></span></dt><dd><dl><dt><span class="section"><a href="sect-Security_Guide-Encryption-7_Zip_Encrypted_Archives.html#sect-Security_Guide-Encryption-7_Zip_Encrypted_Archives-Installation">3.8.1. 7-Zip Installation in Fedora</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Encryption-7_Zip_Encrypted_Archives-Installation-Instructions.html">3.8.2. Step-by-Step Installation Instructions</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Encryption-7_Zip_Encrypted_Archives-Usage_Instructions.html">3.8.3. Step-by-Step Usage Instructions</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Encryption-7_Zip_Encrypted_Archives-Things_of_note.html">3.8.4. Things of note</a></span></dt></dl></dd><dt><span class="section"><a href="sect-Security_Guide-Encryption-Using_GPG.html">3.9. Using GNU Privacy Guard (GnuPG)</a></span></dt><dd><dl><dt><span class="section"><a href="sect-Security_Guide-Encryption-Usi
ng_GPG.html#sect-Security_Guide-Encryption-Using_GPG-Keys_in_GNOME">3.9.1. Creating GPG Keys in GNOME</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Encryption-Using_GPG-Creating_GPG_Keys_in_KDE1.html">3.9.2. Creating GPG Keys in KDE</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Encryption-Using_GPG-Creating_GPG_Keys_in_KDE.html">3.9.3. Creating GPG Keys Using the Command Line</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Encryption-Using_GPG-About_Public_Key_Encryption.html">3.9.4. About Public Key Encryption</a></span></dt></dl></dd></dl></dd><dt><span class="chapter"><a href="chap-Security_Guide-General_Principles_of_Information_Security.html">4. Principios Generales sobre la Seguridad de la Información</a></span></dt><dd><dl><dt><span class="section"><a href="chap-Security_Guide-General_Principles_of_Information_Security.html#sect-Security_Guide-General_Principles_of_Information_Security-Tips_Guides_
and_Tools">4.1. Consejos, GuÃas y Herramientas</a></span></dt></dl></dd><dt><span class="chapter"><a href="chap-Security_Guide-Secure_Installation.html">5. Secure Installation</a></span></dt><dd><dl><dt><span class="section"><a href="chap-Security_Guide-Secure_Installation.html#sect-Security_Guide-Secure_Installation-Disk_Partitions">5.1. Disk Partitions</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Secure_Installation-Utilize_LUKS_Partition_Encryption.html">5.2. Utilize LUKS Partition Encryption</a></span></dt></dl></dd><dt><span class="chapter"><a href="chap-Security_Guide-Software_Maintenance.html">6. Mantenimiento de Software</a></span></dt><dd><dl><dt><span class="section"><a href="chap-Security_Guide-Software_Maintenance.html#sect-Security_Guide-Software_Maintenance-Install_Minimal_Software">6.1. Install Minimal Software</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Software_Maintenance-Plan_and_Configure_Security_Update
s.html">6.2. Plan and Configure Security Updates</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Software_Maintenance-Plan_and_Configure_Security_Updates-Adjusting_Automatic_Updates.html">6.3. Ajustando Actualizaciones Automáticas</a></span></dt><dt><span class="section"><a href="sect-Security_Guide-Software_Maintenance-Install_Signed_Packages_from_Well_Known_Repositories.html">6.4. Install Signed Packages from Well Known Repositories</a></span></dt></dl></dd><dt><span class="chapter"><a href="chap-Security_Guide-References.html">7. Referencias</a></span></dt></dl></div></div><ul class="docnav"><li class="previous"></li><li class="next"><a accesskey="n" href="pref-Security_Guide-Preface.html"><strong>Siguiente</strong>Prefacio</a></li></ul></body></html>
Index: pref-Security_Guide-Preface.html
===================================================================
RCS file: /cvs/fedora/web/html/docs/security-guide/es_ES/pref-Security_Guide-Preface.html,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- pref-Security_Guide-Preface.html 19 Jul 2009 23:53:13 -0000 1.1
+++ pref-Security_Guide-Preface.html 28 Jul 2009 21:37:43 -0000 1.2
@@ -1,10 +1,10 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Prefacio</title><link rel="stylesheet" href="./Common_Content/css/default.css" type="text/css" /><meta name="generator" content="publican" /><meta name="package" content="fedora-security-guide-es-ES-1.0-Security Guide" /><link rel="home" href="index.html" title="security-guide" /><link rel="up" href="index.html" title="security-guide" /><link rel="prev" href="index.html" title="security-guide" /><link rel="next" href="We_Need_Feedback.html" title="2. ¡Se necesita retroalimentación!" /></head><body class=""><p id="title"><a class="left" href="http://www.fedoraproject.org"><img src="Common_Content/images/image_left.png" alt="Product Site" /></a><a class="right" href="http://docs.fedoraproject.org"><img src="Common_Content/images/image_right.png" alt="Documentation Site" /></a></p><ul class="docnav"><li class="previous"><a accesskey="p" href="index.html
"><strong>Anterior</strong></a></li><li class="next"><a accesskey="n" href="We_Need_Feedback.html"><strong>Siguiente</strong></a></li></ul><div class="preface" lang="es-ES" xml:lang="es-ES"><div class="titlepage"><div><div><h1 id="pref-Security_Guide-Preface" class="title">Prefacio</h1></div></div></div><div class="section" lang="es-ES" xml:lang="es-ES"><div class="titlepage"><div><div><h2 class="title" id="id2955917">1. Convenciones del documento</h2></div></div></div><div class="para">
+<html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Prefacio</title><link rel="stylesheet" href="./Common_Content/css/default.css" type="text/css" /><meta name="generator" content="publican" /><meta name="package" content="fedora-security-guide-es-ES-1.0-Security Guide" /><link rel="home" href="index.html" title="security-guide" /><link rel="up" href="index.html" title="security-guide" /><link rel="prev" href="index.html" title="security-guide" /><link rel="next" href="We_Need_Feedback.html" title="2. ¡Se necesita retroalimentación!" /></head><body class=""><p id="title"><a class="left" href="http://www.fedoraproject.org"><img src="Common_Content/images/image_left.png" alt="Product Site" /></a><a class="right" href="http://docs.fedoraproject.org"><img src="Common_Content/images/image_right.png" alt="Documentation Site" /></a></p><ul class="docnav"><li class="previous"><a accesskey="p" href="index.html
"><strong>Anterior</strong></a></li><li class="next"><a accesskey="n" href="We_Need_Feedback.html"><strong>Siguiente</strong></a></li></ul><div class="preface" lang="es-ES" xml:lang="es-ES"><div class="titlepage"><div><div><h1 id="pref-Security_Guide-Preface" class="title">Prefacio</h1></div></div></div><div class="section" lang="es-ES" xml:lang="es-ES"><div class="titlepage"><div><div><h2 class="title" id="id726757">1. Convenciones del documento</h2></div></div></div><div class="para">
Este manual utiliza varias convenciones para resaltar algunas palabras y frases y llamar la atención sobre ciertas partes especÃficas de información.
</div><div class="para">
En ediciones PDF y de papel, este manual utiliza tipos de letra procedentes de <a href="https://fedorahosted.org/liberation-fonts/">Liberation Fonts</a>. Liberation Fonts también se utilizan en ediciones de HTML si están instalados en su sistema. Si no, se muestran tipografÃas alternativas pero equivalentes. Nota: Red Hat Enterprise Linux 5 y siguientes incluyen Liberation Fonts predeterminadas.
- </div><div class="section" lang="es-ES" xml:lang="es-ES"><div class="titlepage"><div><div><h3 class="title" id="id2921728">1.1. Convenciones tipográficas</h3></div></div></div><div class="para">
+ </div><div class="section" lang="es-ES" xml:lang="es-ES"><div class="titlepage"><div><div><h3 class="title" id="id776354">1.1. Convenciones tipográficas</h3></div></div></div><div class="para">
Se utilizan cuatro convenciones tipográficas para llamar la atención sobre palabras o frases especÃficas. Dichas convenciones y las circunstancias en que se aplican son las siguientes:
</div><div class="para">
<code class="literal">Negrita monoespaciado</code>
@@ -54,7 +54,7 @@
Aside from standard usage for presenting the title of a work, italics denotes the first use of a new and important term. For example:
</div><div class="blockquote"><blockquote class="blockquote"><div class="para">
When the Apache HTTP Server accepts requests, it dispatches child processes or threads to handle them. This group of child processes or threads is known as a <em class="firstterm">server-pool</em>. Under Apache HTTP Server 2.0, the responsibility for creating and maintaining these server-pools has been abstracted to a group of modules called <em class="firstterm">Multi-Processing Modules</em> (<em class="firstterm">MPMs</em>). Unlike other modules, only one module from the MPM group can be loaded by the Apache HTTP Server.
- </div></blockquote></div></div><div class="section" lang="es-ES" xml:lang="es-ES"><div class="titlepage"><div><div><h3 class="title" id="id2875062">1.2. Convenciones del documento</h3></div></div></div><div class="para">
+ </div></blockquote></div></div><div class="section" lang="es-ES" xml:lang="es-ES"><div class="titlepage"><div><div><h3 class="title" id="id728590">1.2. Convenciones del documento</h3></div></div></div><div class="para">
Dos, usualmente de varias lÃneas, los tipos de datos se distinguen visualmente del texto circundante.
</div><div class="para">
Salida enviada a una terminal está establecida en tipo <code class="computeroutput">romano monoespaciado</code> y presentada asÃ:
@@ -82,7 +82,7 @@
}
}
-</pre></div><div class="section" lang="es-ES" xml:lang="es-ES"><div class="titlepage"><div><div><h3 class="title" id="id2870552">1.3. Notas y advertencias</h3></div></div></div><div class="para">
+</pre></div><div class="section" lang="es-ES" xml:lang="es-ES"><div class="titlepage"><div><div><h3 class="title" id="id774950">1.3. Notas y advertencias</h3></div></div></div><div class="para">
Finalmente, utilizamos tres estilos visuales para llamar la atención sobre la información que de otro modo se podrÃa pasar por alto.
</div><div class="note"><h2>Nota</h2><div class="para">
Una nota es una sugerencia, atajo o enfoque alternativo que se tiene a mano para la tarea. Ignorar una nota no deberÃa tener consecuencias negativas, pero podrÃa perderse de algunos trucos que pueden facilitarle las cosas.
Index: sect-Security_Guide-Kerberos.html
===================================================================
RCS file: /cvs/fedora/web/html/docs/security-guide/es_ES/sect-Security_Guide-Kerberos.html,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- sect-Security_Guide-Kerberos.html 19 Jul 2009 23:53:14 -0000 1.1
+++ sect-Security_Guide-Kerberos.html 28 Jul 2009 21:37:43 -0000 1.2
@@ -7,7 +7,7 @@
</div><div class="para">
Kerberos es una forma de eliminar la necesidad de protocolos que permitan métodos inseguros de autenticación, por lo que mejora la seguridad general de la red.
</div><div class="section" lang="es-ES" xml:lang="es-ES"><div class="titlepage"><div><div><h3 class="title" id="sect-Security_Guide-Kerberos-What_is_Kerberos">2.6.1. ¿Qué es Kerberos?</h3></div></div></div><div class="para">
- Kerberos es un protocolo de autenticación de red creado por MIT, y utiliza una criptografÃa de llave simétrica <sup>[<a id="id2972072" href="#ftn.id2972072" class="footnote">14</a>]</sup> para autenticar a los usuarios de los servicios de red, lo que en pocas palabras significa que las contraseñas nunca son enviadas a través de la red.
+ Kerberos es un protocolo de autenticación de red creado por MIT, y utiliza una criptografÃa de llave simétrica <sup>[<a id="id804149" href="#ftn.id804149" class="footnote">14</a>]</sup> para autenticar a los usuarios de los servicios de red, lo que en pocas palabras significa que las contraseñas nunca son enviadas a través de la red.
</div><div class="para">
Consecuentemente, cuando los usuarios se autentican con servicios de red usando Kerberos, los usuarios no autorizados que intenten averiguar las contraseñas monitoreando el tráfico de red son efectivamente bloqueados.
</div><div class="section" lang="es-ES" xml:lang="es-ES"><div class="titlepage"><div><div><h4 class="title" id="sect-Security_Guide-What_is_Kerberos-Advantages_of_Kerberos">2.6.1.1. Advantages of Kerberos</h4></div></div></div><div class="para">
@@ -30,6 +30,6 @@
Para que una aplicación utilice Kerberos, su origen debe ser modificado para que puede realizar las llamadas apropiadas a las librerÃas de Kerberos. Las aplicaciones asà modificadas son consideradas como <em class="firstterm">atentas a Kerberos</em>, o <em class="firstterm">kerberizadas</em>. Para algunas, esto puede ser bastante problemático debido al tamaño de la aplicación o debido a su diseño. Para otras aplicaciones incompatibles, los cambios deben ser hechos de manera tal de permitir que el cliente y el servidor puedan comunicarse. De nuevo, esto puede necesitar una programación extensa. Las aplicaciones de código propietario que no tienen soporte para Kerberos por defecto, son por lo general las más problemáticas.
</div></li><li><div class="para">
Kerberos es una herramienta de tipo "todo o nada". Si Kerberos es utilizado en la red, cualquier contraseña no encriptada transferida a un servicio no atento a Kerberos (o no Kerberizado), se encuentra en riesgo. Por lo tanto, la red no obtiene beneficio alguno al utilizarlo. Para asegurar una red con Kerberos, se debe utilizar verisiones kerberizadas de <span class="emphasis"><em>todas</em></span> las aplicaciones de tipo servidor/cliente que transmitan contraseñas no encriptadas, o que no utilicen <span class="emphasis"><em>ninguna</em></span> de este tipo de aplicaciones.
- </div></li></ul></div></div></div><div class="footnotes"><br /><hr /><div class="footnote"><p><sup>[<a id="ftn.id2972072" href="#id2972072" class="para">14</a>] </sup>
+ </div></li></ul></div></div></div><div class="footnotes"><br /><hr /><div class="footnote"><p><sup>[<a id="ftn.id804149" href="#id804149" class="para">14</a>] </sup>
Un sistema donde tanto el cliente como el servidor comparten una clave común que es utilizada para encriptar y decriptar comunicaciones a través de una red.
</p></div></div></div><ul class="docnav"><li class="previous"><a accesskey="p" href="sect-Security_Guide-Additional_Resources-Related_Books.html"><strong>Anterior</strong>2.5.5.3. Related Books</a></li><li class="up"><a accesskey="u" href="#"><strong>Subir</strong></a></li><li class="home"><a accesskey="h" href="index.html"><strong>Inicio</strong></a></li><li class="next"><a accesskey="n" href="sect-Security_Guide-Kerberos-Kerberos_Terminology.html"><strong>Siguiente</strong>2.6.2. Kerberos Terminology</a></li></ul></body></html>
Index: sect-Security_Guide-Threats_to_Server_Security-Inattentive_Administration.html
===================================================================
RCS file: /cvs/fedora/web/html/docs/security-guide/es_ES/sect-Security_Guide-Threats_to_Server_Security-Inattentive_Administration.html,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- sect-Security_Guide-Threats_to_Server_Security-Inattentive_Administration.html 19 Jul 2009 23:53:15 -0000 1.1
+++ sect-Security_Guide-Threats_to_Server_Security-Inattentive_Administration.html 28 Jul 2009 21:37:43 -0000 1.2
@@ -1,9 +1,9 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>1.3.3.3. Inattentive Administration</title><link rel="stylesheet" href="./Common_Content/css/default.css" type="text/css" /><meta name="generator" content="publican" /><meta name="package" content="fedora-security-guide-es-ES-1.0-Security Guide" /><link rel="home" href="index.html" title="security-guide" /><link rel="up" href="sect-Security_Guide-Attackers_and_Vulnerabilities-Threats_to_Server_Security.html" title="1.3.3. Threats to Server Security" /><link rel="prev" href="sect-Security_Guide-Threats_to_Server_Security-Unpatched_Services.html" title="1.3.3.2. Unpatched Services" /><link rel="next" href="sect-Security_Guide-Threats_to_Server_Security-Inherently_Insecure_Services.html" title="1.3.3.4. Inherently Insecure Services" /></head><body class=""><p id="title"><a class="left" href="http://www.fedoraproject.org"><img src="Common_Content/images/im
age_left.png" alt="Product Site" /></a><a class="right" href="http://docs.fedoraproject.org"><img src="Common_Content/images/image_right.png" alt="Documentation Site" /></a></p><ul class="docnav"><li class="previous"><a accesskey="p" href="sect-Security_Guide-Threats_to_Server_Security-Unpatched_Services.html"><strong>Anterior</strong></a></li><li class="next"><a accesskey="n" href="sect-Security_Guide-Threats_to_Server_Security-Inherently_Insecure_Services.html"><strong>Siguiente</strong></a></li></ul><div class="section" lang="es-ES" xml:lang="es-ES"><div class="titlepage"><div><div><h4 class="title" id="sect-Security_Guide-Threats_to_Server_Security-Inattentive_Administration">1.3.3.3. Inattentive Administration</h4></div></div></div><div class="para">
- Administrators who fail to patch their systems are one of the greatest threats to server security. According to the <em class="firstterm">SysAdmin, Audit, Network, Security Institute</em> (<em class="firstterm">SANS</em>), the primary cause of computer security vulnerability is to "assign untrained people to maintain security and provide neither the training nor the time to make it possible to do the job."<sup>[<a id="id2897327" href="#ftn.id2897327" class="footnote">10</a>]</sup> This applies as much to inexperienced administrators as it does to overconfident or amotivated administrators.
+ Administrators who fail to patch their systems are one of the greatest threats to server security. According to the <em class="firstterm">SysAdmin, Audit, Network, Security Institute</em> (<em class="firstterm">SANS</em>), the primary cause of computer security vulnerability is to "assign untrained people to maintain security and provide neither the training nor the time to make it possible to do the job."<sup>[<a id="id775347" href="#ftn.id775347" class="footnote">10</a>]</sup> This applies as much to inexperienced administrators as it does to overconfident or amotivated administrators.
</div><div class="para">
Some administrators fail to patch their servers and workstations, while others fail to watch log messages from the system kernel or network traffic. Another common error is when default passwords or keys to services are left unchanged. For example, some databases have default administration passwords because the database developers assume that the system administrator changes these passwords immediately after installation. If a database administrator fails to change this password, even an inexperienced cracker can use a widely-known default password to gain administrative privileges to the database. These are only a few examples of how inattentive administration can lead to compromised servers.
- </div><div class="footnotes"><br /><hr /><div class="footnote"><p><sup>[<a id="ftn.id2897327" href="#id2897327" class="para">10</a>] </sup>
+ </div><div class="footnotes"><br /><hr /><div class="footnote"><p><sup>[<a id="ftn.id775347" href="#id775347" class="para">10</a>] </sup>
http://www.sans.org/resources/errors.php
</p></div></div></div><ul class="docnav"><li class="previous"><a accesskey="p" href="sect-Security_Guide-Threats_to_Server_Security-Unpatched_Services.html"><strong>Anterior</strong>1.3.3.2. Unpatched Services</a></li><li class="up"><a accesskey="u" href="#"><strong>Subir</strong></a></li><li class="home"><a accesskey="h" href="index.html"><strong>Inicio</strong></a></li><li class="next"><a accesskey="n" href="sect-Security_Guide-Threats_to_Server_Security-Inherently_Insecure_Services.html"><strong>Siguiente</strong>1.3.3.4. Inherently Insecure Services</a></li></ul></body></html>
More information about the Fedora-docs-commits
mailing list