Trabajo de Seguridad en Redes

7/24/2019 Trabajo de Seguridad en Redes

1/40

REPBLICA BOLIVARIANA DE VENEZUELAMINISTERIO DEL PODER POPULAR PARA LA DEFENSA

U.N.E.F.AUNEFA NCLEO CARABOBOEXTENSIN GUACARA

SEGURIDAD EN REDES

Prof.: Inter!nte":In. #!t$%"&! S'n&(e) C$f%ente" M!r*e+$" C.I.: ,-,,-/0

Do12n%e) Ane+ C.I: 334--35E"&!+on! 6e""$&! C.I.: 3,47583

M!rt2ne) 9e"" C.I.: 3,/7333Ont$;ero" R$t)on C.I.: 34-8-80

Torre" M$%e+ C.I.: 3,3/3,/

G%!&!r!< O&t%*re 3,4


2/40

INDICE

INDICE DE CUADROS...................................................................................../INDICE DE FIGURAS......................................................................................./

INTRODUCCIN..............................................................................................4

,. SEGURIDAD EN REDES.............................................................................0

,.,. CONCEPTO DE SEGURIDAD EN LAS REDES.......................................0

,.3. TIPOS DE SEGURIDAD......................................................................0

,.3.,. SEGURIDAD F=SICA...............................................................5

,.3.3. SEGURIDAD LGICA.............................................................7

,.8. TIPOS DE DESASTRES.....................................................................-

,./. SEGURIDAD DEL E>UIPAMIENTO.................................................,

,.4. CONTROLES DE ACCESO..............................................................,

,.0. MODALIDAD DE ACCESO................................................................,,

,.5. CONTROL DE ACCESO INTERNO..................................................,,

,.5.,. PALABRAS CLAVE. ?PASS@ORDS....................................,,

,.5.3. SINCRONIZACIN DE PASS@ORDS..................................,3

,.5.8. ENCRIPTACIN....................................................................,3

,.5./. LISTAS DE CONTROL DE ACCESOS..................................,3

,.7. CONTROL DE ACCESO EXTERNO.................................................,8

,.7.,. D$"o"$t$;o" De Contro+ De P%erto"......................................,8

,.-. NIVELES DE SEGURIDAD INFORMTICA.....................................,8

,.-.,. N$;e+ D....................................................................................,8

,.-.3. N$;e+ C,: Prote&&$n D$"&re&$on!+..........................................,/

,.-.8. N$;e+ C3: Prote&&$n De A&&e"o Contro+!o.........................,/,.-./. N$;e+ B,: Se%r$! Et$%et!!.............................................,4

,.-.4. N$;e+ B3: Prote&&$n E"tr%&t%r!!.........................................,4

,.-.0. N$;e+ B8: Do1$n$o" De Se%r$!.........................................,0

,.-.5. N$;e+ A: Prote&&$n Ver$f$&!!................................................,0


3/40

,.,. AMENAZAS DE SEGURIDAD.........................................................,0

,.,,. CATEGOR=AS DE AMENAZAS A LA SEGURIDAD DE RED.........,7

,.,3. VIRUS< GUSANOS 6 CABALLOS DE TRO6A...............................,-

,.,8. TIPOS DE VULNERABILIDADES DE SEGURIDAD......................3

,.,/. ATA>UES........................................................................................38

,.,/.,. At!%e" De Re&ono&$1$ento................................................38

,.,/.3. At!%e" Con A&&e"o............................................................3/

,.,/.8. At!%e" En DoS ?Dene!&$n De Ser;$&$o........................34

,.,4. SOLUCIONES DE SEGURIDAD.....................................................34

,.,0. COPIAS DE SEGURIDAD< ACTUALIZACIONES 6 PARCES.....35

,.,5. AUTENTICACIN< AUTORIZACIN 6 CONTABILIDAD...............37

,.,5.,. A%tent$&!&$n........................................................................37

,.,5.3. A%tor$)!&$n..........................................................................3-

,.,5.8. Cont!*$+$!.........................................................................3-

,.,7. FIRE@ALLS.....................................................................................8

,.,-. SEGURIDAD DE TERMINALES.....................................................8,

GLOSARIO DE TERMINOS...........................................................................88CONCLUSION................................................................................................84

BIBLIOGRAFIA...............................................................................................85

ANEXOSH......................................................................................................85


4/40

INDICE DE CUADROS

T!*+! , T$o De Se%r$!................................................................................0

INDICE DE FIGURAS

I+%"tr!&$n ,.......................................................................................................0I+%"tr!&$n 3.......................................................................................................7I+%"tr!&$n 8.....................................................................................................,7I+%"tr!&$n /.....................................................................................................,-

I+%"tr!&$n 4.....................................................................................................3,I+%"tr!&$n 0.....................................................................................................33I+%"tr!&$n 5.....................................................................................................33I+%"tr!&$n 7.....................................................................................................38I+%"tr!&$n -.....................................................................................................3/I+%"tr!&$n ,...................................................................................................34

4


5/40

INTRODUCCIN

En +! ;$! "$e1re (! e$"t$o +! e;o+%&$n< one e++! (! "er;$o Je*e "er;$r !r! 1eKor!r e+ n$;e+ e ;$! e +! (%1!n$!< t!nto e"$r$t%!+%e +! $nfor1!&$n re&$*$! "e! +! 1$"1! %e (! "$o tr!n"1$t$!.0. >%e e$"t!n "$"te1!" !+tern!t$;o" "e&%n!r$o" e tr!n"1$"$n entre

$ferente" %nto".5. >%e "e $"on! e !"o" !+tern!t$;o" e e1eren&$! !r! +!

tr!n"1$"$ne $nfor1!&$n.

1.. TIPOS DE DESASTRES

E"t' enfo&!o ! &%*r$r +!" !1en!)!" o&!"$on!!" t!nto or e+ (o1*re&o1o or +! n!t%r!+e)! e+ 1e$o f2"$&o en %e "e en&%entr! %*$&!o e+&entro.

L!" r$n&$!+e" !1en!)!" %e "e re;n en +! "e%r$! f2"$&! "on:

,. De"!"tre" n!t%r!+e"< $n&en$o" !&&$ent!+e" tor1ent!" e$n%n!&$one"


10/40

1.. SEGURIDAD DEL E3UIPA4IENTO.

E" ne&e"!r$o roteer +o" e%$o" e &1%to $n"t!+'no+o" en 're!"en +!" &%!+e" e+ !&&e"o ! +o" 1$"1o" "o+o "e! !r! e+ er"on!+ !%tor$)!o.

Ae1'"< e" ne&e"!r$o %e e"t!" 're!" &%enten &on +o" 1e&!n$"1o" e;ent$+!&$n J ete&&$n e $n&en$o" !e&%!o".

P!r! roteer+o" "e e*e tener en &%ent! %e:

L! te1er!t%r! no e*e "o*re!"!r +o" ,7 C J e+ +21$te e (%1e!

no e*e "%er!r e+ 04 !r! e;$t!r e+ eter$oro.

L! re e*e e"t!r ro;$"to e e%$o e !r! +! et$n&$n e $n&en$o"

en re+!&$n !+ r!o e r$e"o J +! &+!"e e f%eo %e "e! o"$*+e ene"e '1*$to.

De*en $n"t!+!r"e et$ntore" 1!n%!+e" ?ort't$+e" Jo !%to1't$&o"

?ro&$!ore".

1.5. CONTROLES DE ACCESO.

E"to" %een $1+e1ent!r"e en e+ "$"te1! oer!t$;o< "o*re +o""$"te1!" e !+$&!&$n< en *!"e" e !to"< en %n !%ete e"e&2f$&o e"e%r$! o en &%!+%$er otro %t$+$t!r$o.

Con"t$t%Jen %n! $1ort!nte !J%! !r! roteer !+ "$"te1! oer!t$;oe +! re< !+ "$"te1! e !+$&!&$n J e1'" "oft!re e +! %t$+$)!&$n o1o$f$&!&$one" no !%tor$)!!" !r! 1!ntener +! $nter$! e +! $nfor1!&$n?re"tr$n$eno +! &!nt$! e %"%!r$o" J ro&e"o" &on !&&e"o er1$t$o J!r! re"%!r!r +! $nfor1!&$n &onf$en&$!+ e !&&e"o" no !%tor$)!o". A"2

1$"1o< e" &on;en$ente tener en &%ent! otr!" &on"$er!&$one" refer$!" ! +!"e%r$! +$&!< &o1o or eKe1+o +!" re+!&$on!!" !+ ro&e$1$ento %e "e++e;! ! &!*o !r! eter1$n!r "$ &orre"one %n er1$"o e !&&e"o ?"o+$&$t!oor %n %"%!r$o ! %n eter1$n!o re&%r"o.

10


11/40

1.6. 4ODALIDAD DE ACCESO

Se ref$ere !+ 1oo e !&&e"o %e "e er1$te !+ %"%!r$o "o*re +o"re&%r"o" J ! +! $nfor1!&$n. E"t! 1o!+$! %ee "er:

Lectura' e+ %"%!r$o %ee n$&!1ente +eer o ;$"%!+$)!r +! $nfor1!&$n

ero no %ee !+ter!r+!. De*e &on"$er!r"e %e +! $nfor1!&$n %ee"er &o$!! o $1re"!.

Escr%tura.: e"te t$o e !&&e"o er1$te !re!r !to"< 1o$f$&!r o

*orr!r $nfor1!&$n.

E,ecuc%0!: e"te !&&e"o otor! !+ %"%!r$o e+ r$;$+e$o e eKe&%t!r

ror!1!". 7orrado: er1$te !+ %"%!r$o e+$1$n!r re&%r"o" e+ "$"te1! ?&o1o

ror!1!"< &!1o" e !to" o !r&($;o". E+ *orr!o e" &on"$er!o%n! for1! e 1o$f$&!&$n.

Ae1'" e$"ten otr!" 1o!+$!e" e !&&e"o e"e&$!+e"< %eener!+1ente "e $n&+%Jen en +o" "$"te1!" e !+$&!&$n:

Creac%0!: er1$te !+ %"%!r$o &re!r n%e;o" !r&($;o"< re$"tro" o

&!1o".

78sueda: er1$te +$"t!r +o" !r&($;o" e %n $re&tor$o eter1$n!o.

1.9. CONTROL DE ACCESO INTERNO.

1.9.1. PALA7RAS CLA:E. ;PASS


12/40

Se or'< or !o"< "e%$r &re!no "$"te1!" !+t!1ente "e%ro"< eroen +t$1! $n"t!n&$! &!! %no e e++o" "e ro1er' or e"te e"+!*n: +!

e+e&&$n e !""or" *$+e".

1.9.2. SINCRONI>ACIN DE PASS


13/40


14/40

1..2. N%-el C1' Protecc%0! D%screc%o!al.

Se re%$ere $ent$f$&!&$n e %"%!r$o" %e er1$te e+ !&&e"o ! $"t$nt!$nfor1!&$n. C!! %"%!r$o %ee 1!neK!r "% $nfor1!&$n r$;!! J "e (!&e+! $"t$n&$n entre +o" %"%!r$o" J e+ !1$n$"tr!or e+ "$"te1!< %$en t$ene&ontro+ tot!+ e !&&e"o. M%&(!" e +!" t!re!" &ot$$!n!" e !1$n$"tr!&$ne+ "$"te1! "+o %een "er re!+$)!!" or e"te W"%er %"%!r$oW %$en t$ener!n re"on"!*$+$! en +! "e%r$! e+ 1$"1o. Con +! !&t%!+e"&entr!+$)!&$n e +o" "$"te1!" e &1%to"< no e" r!ro %e en %n!or!n$)!&$n en&ontre1o" o" o tre" er"on!" &%1+$eno e"te ro+. E"to e"%n ro*+e1!< %e" no (!J for1! e $"t$n%$r entre +o" &!1*$o" %e ($)o&!! %"%!r$o.

Re%er$1$ento" 12n$1o" %e e*e &%1+$r +! &+!"e C,:

A&&e"o e &ontro+ $"&re&$on!+: $"t$n&$n entre %"%!r$o" J re&%r"o".

Se or'n ef$n$r r%o" e %"%!r$o" ?&on +o" 1$"1o" r$;$+e$o" Jr%o" e o*Keto" ?!r&($;o"< $re&tor$o"< $"&o "o*re +o" &%!+e"or'n !&t%!r %"%!r$o" o r%o" e e++o".

Ient$f$&!&$n J A%tent$f$&!&$n: "e re%$ere %e %n %"%!r$o "e

$ent$f$%e !nte" e &o1en)!r ! eKe&%t!r !&&$one" "o*re e+ "$"te1!. E+!to e %n %"%!r$o no or' "er !&&e$o or %n %"%!r$o "$n

!%tor$)!&$n o $ent$f$&!&$n.

1... N%-el C2' Protecc%0! De Acceso Co!trolado.

E"te "%*n$;e+ f%e $"e!o !r! "o+%&$on!r +!" e*$+$!e" e+ C,.C%ent! &on &!r!&ter2"t$&!" !$&$on!+e" %e &re!n %n !1*$ente e !&&e"o&ontro+!o. Se e*e ++e;!r %n! !%$tor$! e !&&e"o" e $ntento" f!++$o" e!&&e"o ! o*Keto". T$ene +! &!!&$! e re"tr$n$r !n 1'" e+ %e +o"%"%!r$o" eKe&%ten &$erto" &o1!no" o ten!n !&&e"o ! &$erto" !r&($;o"

E" e+ n$;e+ 1'" e+e;!o< $n&+%Je %n ro&e"o e $"eo< &ontro+ J;er$f$&!&$n< 1e$!nte 1too" for1!+e" ?1!te1't$&o" !r! !"e%r!r too"+o" ro&e"o" %e re!+$)! %n %"%!r$o "o*re e+ "$"te1!.P!r! ++e!r ! e"te n$;e+e "e%r$!< too" +o" &o1onente" e +o" n$;e+e" $nfer$ore" e*en$n&+%$r"e. E+ $"eo re%$ere "er ;er$f$&!o e for1! 1!te1't$&! J t!1*$n "ee*en re!+$)!r !n'+$"$" e &!n!+e" en&%*$erto" J e $"tr$*%&$n &onf$!*+e. E+"oft!re J e+ (!r!re "on rote$o" !r! e;$t!r $nf$+tr!&$one" !nte tr!"+!o"o 1o;$1$ento" e+ e%$!1$ento.

1.1. A4ENA>AS DE SEGURIDAD

L! "e%r$! e ree" e" %n! !rte $nter!+ e +!" ree" e&o1%t!or!"< $neen$ente1ente e "$ +! re e"t' +$1$t!! ! %n entornoo1"t$&o &on %n! n$&! &one$n ! Internet o "$ e" t!n eten"! &o1o %n!e1re"! &on 1$+e" e %"%!r$o". L! "e%r$! e re $1+e1ent!! e*e

to1!r en &%ent! e+ entorno< !"2 &o1o +!" (err!1$ent!" J +o" re%$"$to" e +!re. De*e oer roteer +o" !to" J< !+ 1$"1o t$e1o< 1!ntener +! &!+$!e "er;$&$o %e "e e"er! e +! re.

L! rote&&$n e +! re $n&+%Je roto&o+o"< te&no+o2!"< $"o"$t$;o"

1.12. :IRUS GUSANOS CA7ALLOS DE TROA

Lo" !t!%e" e &$o 1!+$nten&$on!o $n&+%Jen $;er"o" t$o" eror!1!" e PC %e "e &re!ron &on +! $nten&$n e &!%"!r r$! e !to"o !o" ! e"to". Lo" tre" t$o" r$n&$!+e" e !t!%e" e &$o1!+$nten&$on!o "on +o" ;$r%"< +o" &!*!++o" e TroJ! J +o" %"!no". Un ;$r%"e" %n t$o e "oft!re 1!+$nten&$on!o %e "e !"o&$! ! otro ror!1! !r!eKe&%t!r %n! f%n&$n no e"e!! e"e&2f$&! en %n! e"t!&$n e tr!*!Ko. UneKe1+o e" %n ror!1! %e "e !"o&$! ! &o11!n.&o1 ?e+ $ntrreter$n&$!+ !r! +o" "$"te1!" @$no"< e+$1$n! eter1$n!o" !r&($;o" e$nfe&t! &%!+%$er otr! ;er"$n e &o11!n.&o1 %e %e! en&ontr!r.

Un &!*!++o e TroJ! "o+o "e $feren&$! en %e to! +! !+$&!&$n "e&re &on e+ f$n e %e !!rente "er otr! &o"!< &%!no en re!+$! e" %n!(err!1$ent! e !t!%e. Un eKe1+o e %n &!*!++o e TroJ! e" %n! !+$&!&$ne "oft!re %e eKe&%t! %n K%eo "$1+e en %n! e"t!&$n e tr!*!Ko. M$entr!"e+ %"%!r$o "e entret$ene &on e+ K%eo< e+ &!*!++o e TroJ! en;2! %n! &o$! e"2 1$"1o or &orreo e+e&trn$&o ! &!! $re&&$n e +! +$*ret! e $re&&$one"e+ %"%!r$o. Lo" e1'" %"%!r$o" re&$*en e+ K%eo J +o %t$+$)!n< or +o %e e+&!*!++o e TroJ! "e ro!! ! +!" $re&&$one" e &!! +$*ret! e $re&&$one".En ener!+< +o" ;$r%" re%$eren %n 1e&!n$"1o e entre!< %n ;e&tor< &o1o %n!r&($;o )$ o !+n otro !r&($;o eKe&%t!*+e !K%nto ! %n &orreo e+e&trn$&o

19


20/40

%e $"t$n%e ! %n %"!no e PC e %n ;$r%" e &o1%t!or! e" %e "ere%$ere $nter!&&$n (%1!n! !r! f!&$+$t!r +! ro!!&$n e %n ;$r%".

Lo" %"!no" "on ror!1!" !%tno1o" %e !t!&!n %n "$"te1! e$ntent!n e+ot!r %n! ;%+ner!*$+$! e"e&2f$&! e+ o*Ket$;o. Un! ;e) %e+or! e+ot!r $&(! ;%+ner!*$+$!< e+ %"!no &o$! "% ror!1! e+ (o"t!t!&!nte !+ "$"te1! !t!&!o re&$ente1ente !r! ;o+;er ! $n$&$!r e+ &$&+o. L!!n!to12! e %n !t!%e e %"!no e" +! "$%$ente:

Vulnerabilidad !abilitadora: e+ %"!no "e $n"t!+! 1e$!nte +!e+ot!&$n e +!" ;%+ner!*$+$!e" &ono&$!" e +o" "$"te1!"< &o1o%"%!r$o" f$n!+e" $nen%o" %e !*ren !r&($;o" !K%nto" eKe&%t!*+e" "$n;er$f$&!r en +o" &orreo" e+e&trn$&o".

(ecanismo de propagacin: e"%" e o*tener !&&e"o ! %n (o"t< e+%"!no "e &o$! ! $&(o (o"t J +%eo "e+e&&$on! n%e;o" o*Ket$;o".

)ontenido: %n! ;e) %e "e $nfe&t %n (o"t &on e+ %"!no< e+ !t!&!ntet$ene !&&e"o !+ (o"t< ! 1en%o &o1o %"%!r$o r$;$+e$!o. Lo"!t!&!nte" %een %t$+$)!r %n! ;%+ner!*$+$! +o&!+ !r! e+e;!r "% n$;e+e r$;$+e$o !+ e !1$n$"tr!or.

1.1. TIPOS DE :ULNERA7ILIDADES DE SEGURIDAD

Tre" f!&tore" e "e%r$! e re "on +! ;%+ner!*$+$!< +!" !1en!)!"J +o" !t!%e".

L! ;%+ner!*$+$! e" e+ r!o e e*$+$! $n(erente ! &!! re J$"o"$t$;o. E"to $n&+%Je ro%ter"< "$t&(e"< &o1%t!or!" e e"&r$tor$oACIONES PARCES

Lo" "oft!re" !nt$;$r%" %een ete&t!r +! 1!Jor2! e +o" ;$r%" J

1%&(!" !+$&!&$one" e &!*!++o e TroJ!< J e;$t!r %e "e ro!%en en +!re. Lo" "oft!re" !nt$;$r%" "e %een $1+e1ent!r en e+ n$;e+ e %"%!r$o Jen e+ n$;e+ e re.

M!ntener"e !&t%!+$)!o &on +o" +t$1o" !;!n&e" en e"to" t$o" e!t!%e" t!1*$n %ee &ontr$*%$r ! %n! efen"! 1'" ef$&!) &ontr! e++o". A1e$! %e "e %*+$&!n n%e;!" !+$&!&$one" e ;$r%" J troJ!no"< +!"e1re"!" e*en 1!ntener"e !+ 2! &on !&t%!+$)!&$one" ! +!" ;er"$one" 1'"re&$ente" e +o" "oft!re" !nt$;$r%".

L! 1$t$!&$n e !t!%e" e %"!no" re%$ere +! $+$en&$! e+ er"on!+e !1$n$"tr!&$n e ree" J "$"te1!". Lo" "$%$ente" "on +o" !"o"re&o1en!o" !r! 1$t$!r !t!%e" e %"!no":

)ontencin: &onten! +! ro!!&$n e+ %"!no entro e +! re.

D$;$! en "e&&$one" +!" !rte" no $nfe&t!!" e +! re.

Inoculacin: &o1$en&e ! !+$&!r !r&(e" ! too" +o" "$"te1!" J< "$ e"

o"$*+e< e!1$ne en *%"&! e "$"te1!" ;%+ner!*+e".

)uarentena: re!+$&e %n "e%$1$ento e to!" +!" 1'%$n!" $nfe&t!!"

entro e +! re. De"&one&te o %$te +!" 1'%$n!" $nfe&t!!" e +!re o *+o%e+!".

Tratamiento: +$1$e too" +o" "$"te1!" $nfe&t!o" J !+2%e+e"

!r&(e". E" o"$*+e %e !+%no" %"!no" re%$er!n +! re$n"t!+!&$n&o1+et! e+ "$"te1! &entr!+ !r! +$1$!r e+ "$"te1!.

27


28/40

L! 1!ner! 1'" ef$&!) e 1$t$!r %n !t!%e e %"!no" &on"$"te ene"&!r!r +!" !&t%!+$)!&$one" e "e%r$! e+ ro;eeor e+ "$"te1!

oer!t$;o J !+$&!r !r&(e" ! too" +o" "$"te1!" ;%+ner!*+e". E"to re"%+t!$f2&$+ &on +o" "$"te1!" e %"%!r$o no &ontro+!o" en +! re +o&!+. L!!1$n$"tr!&$n e n%1ero"o" "$"te1!" $1+$&! +! &re!&$n e %n! $1!en e"oft!re e"t'n!r ?"$"te1! oer!t$;o J !+$&!&$one" !&re$t!!" &%Jo %"oe"t !%tor$)!o en +o" "$"te1!" &+$ente %e "e $1+e1ent! en +o" "$"te1!"n%e;o" o !&t%!+$)!o". S$n e1*!ro< +o" re%$"$to" e "e%r$! &!1*$!n< Je" o"$*+e %e "e e*!n $n"t!+!r !r&(e" e "e%r$! !&t%!+$)!o" en +o""$"te1!" %e J! e"t'n $1+e1ent!o".

Un! "o+%&$n !r! +! !1$n$"tr!&$n e !r&(e" &r2t$&o" e "e%r$! e"

&re!r %n "er;$or &entr!+ e !r&(e" &on e+ %e e*!n &o1%n$&!r"e too" +o""$"te1!" e"%" e %n er2oo e"t!*+e&$o< &o1o e+ %e "e 1%e"tr! en +!$+%"tr!&$n. Too !r&(e %e no e"t !+$&!o en %n (o"t "e e"&!r!!%to1't$&!1ente e+ "er;$or e !r&(e" J "e $n"t!+! "$n %e $nter;en! e+%"%!r$o.

1.19. AUTENTICACIN AUTORI>ACIN CONTA7ILIDAD

Lo" "er;$&$o" e "e%r$! e re e !%tent$&!&$n< !%tor$)!&$n J&ont!*$+$! ?AAA o tr$+e A roor&$on!n e+ 1!r&o r$n&$!+ !r! &onf$%r!re+ &ontro+ e !&&e"o en $"o"$t$;o" e re. AAA e" %n 1oo e &ontro+!r%$n t$ene er1$t$o !&&eer ! %n! re ?!%tent$&!r< &ontro+!r +o %e +!"er"on!" %een (!&er 1$entr!" "e en&%entr!n !++2 ?!%tor$)!r J o*"er;!r +!"!&&$one" %e re!+$)!n 1$entr!" !&&een ! +! re ?&ont!*$+$)!r. AAAroor&$on! %n 1!Jor r!o e e"&!+!*$+$! %e +o" &o1!no" e!%tent$&!&$n e EXEC r$;$+e$!o< &on"o+!< %erto" !%$+$!re" J VT6.

1.19.1. Aute!t%cac%0!

Lo" %"%!r$o" J !1$n$"tr!ore" e*en ro*!r %e "on %$ene" $&en"er. L! !%tent$&!&$n "e %ee e"t!*+e&er %t$+$)!no &o1*$n!&$one" eno1*re e %"%!r$o J &ontr!"e!< re%nt!" e e"!f2o J re"%e"t!< t!rKet!"toQen J otro" 1too". Por eKe1+o: SoJ e+ %"%!r$o e"t%$!nteY. Cono)&o +!&ontr!"e! !r! ro*!r %e "oJ e+ %"%!r$o e"t%$!nteY.

28


29/40

En ree" e%e!"< "e "%e+e %t$+$)!r +! !%tent$&!&$n +o&!+. Con +!

!%tent$&!&$n +o&!+< &!! $"o"$t$;o 1!nt$ene "% ro$! *!"e e !to" e&o1*$n!&$one" e no1*re e %"%!r$o J &ontr!"e!.S$n e1*!ro< &%!no (!J1'" e %n!" o&!" &%ent!" e %"%!r$o en +! *!"e e !to" e %n $"o"$t$;o+o&!+< !1$n$"tr!r $&(!" &%ent!" %ee re"%+t!r &o1+eKo. Ae1'"< ! 1e$!%e +! re &re&e J "e +e !re!n 1'" $"o"$t$;o"< +! !%tent$&!&$n +o&!+ "e(!&e $f2&$+ e 1!ntener J no "e %ee e"&!+!r. Por eKe1+o< "$ (!J ,$"o"$t$;o" e re< "e e*en !re!r to!" +!" &%ent!" e %"%!r$o ! +o" ,$"o"$t$;o".

En e+ &!"o e ree" 1'" r!ne"< %n! "o+%&$n 1'" e"&!+!*+e e" +!

!%tent$&!&$n etern!. L! !%tent$&!&$n etern! er1$te !%tent$&!r ! too" +o"%"%!r$o" ! tr!;" e %n "er;$or e re eterno. L!" o" o&$one" 1'"o%+!re" !r! +! !%tent$&!&$n etern! e %"%!r$o" "on RADIUS JTACACS:

RADIUS e" %n e"t'n!r !*$erto &on o&o %"o e 1e1or$! J re&%r"o"

e +! CPU. Lo %t$+$)!n %n! ;!r$e! e $"o"$t$;o" e re< &o1o"$t&(e"< ro%ter" J $"o"$t$;o" $n!+'1*r$&o".

TACACS e" %n 1e&!n$"1o e "e%r$! %e (!*$+$t! "er;$&$o"

1o%+!re" e !%tent$&!&$n< !%tor$)!&$n J &ont!*$+$!. Ut$+$)! %ne1on$o TACACS %e "e eKe&%t! en %n "er;$or e "e%r$!.

1.19.2. Autor%"ac%0!

Un! ;e) !%tent$&!o e+ %"%!r$o< +o" "er;$&$o" e !%tor$)!&$neter1$n!n ! % re&%r"o" %ee !&&eer e+ %"%!r$o J % oer!&$one" e"t'(!*$+$t!o !r! re!+$)!r. Un eKe1+o e" E+ %"%!r$o e"t%$!nteY %ee !&&eer!+ "er;$or (o"t X6Z 1e$!nte Te+net n$&!1ente.

1.19.. Co!ta*%l%dad

L! &ont!*$+$! re$"tr! +o %e (!&e e+ %"%!r$o< $n&+%$o" +o" e+e1ento"! +o" %e !&&ee< +! &!nt$! e t$e1o %e !&&ee !+ re&%r"o J too" +o"

29


30/40

&!1*$o" %e "e re!+$)!ron. L! &ont!*$+$! re!+$)! %n "e%$1$ento e +!for1! en %e "e %t$+$)!n +o" re&%r"o" e re. Un eKe1+o e" E+ %"%!r$o

e"t%$!nteW !&&e$ !+ "er;$or (o"t X6Z 1e$!nte Te+net %r!nte ,41$n%to".

E+ &on&eto e AAA e" "$1$+!r !+ %"o e %n! t!rKet! e &r$to. L!t!rKet! e &r$to $ent$f$&! %$n +! %ee %t$+$)!r J &%'nto %ee !"t!r e"e%"%!r$o< J ++e;! %n re$"tro e +o" e+e1ento" en +o" %e e+ %"%!r$o !"t$nero< &o1o "e 1%e"tr! en +! $+%"tr!&$n.

1.1?. FIRE


31/40

Lo" ro%&to" e f$re!++ %een !1$t$r %n! o 1'" e e"t!"&!!&$!e" e f$+tr!o. Ae1'"< +o" f$re!++" "%e+en ++e;!r ! &!*o +!

tr!%&&$n e $re&&$one" e re ?NAT. L! NAT tr!%&e %n! $re&&$n o %nr%o e $re&&$one" IP $ntern!" ! %n! $re&&$n IP *+$&! J etern! %e "een;2! ! tr!;" e +! re. E"to er1$te o&%+t!r +!" $re&&$one" IP $ntern!" e+o" %"%!r$o" eterno".

F$re!++" *!"!o" en !+$&!&$one": %n f$re!++ *!"!o en %n!

!+$&!&$n e" %n f$re!++ $n&oror!o en %n $"o"$t$;o e (!r!ree$&!o< &ono&$o &o1o %n! !+$&!&$n e "e%r$!.

F$re!++" *!"!o" en "er;$or: %n f$re!++ *!"!o en "er;$or &on"t!

e %n! !+$&!&$n e f$re!++ %e "e eKe&%t! en %n "$"te1! oer!t$;oe re ?NOS< &o1o UNIX o @$no".

F$re!++" $nter!o": %n f$re!++ $nter!o "e $1+e1ent! 1e$!nte +!

!$&$n e f%n&$on!+$!e" e f$re!++ ! %n $"o"$t$;o e$"tente< &o1o%n ro%ter.

F$re!++" er"on!+e": +o" f$re!++" er"on!+e" re"$en en +!"

&o1%t!or!" (o"t J no e"t'n $"e!o" !r! $1+e1ent!&$one"LAN. P%een e"t!r $"on$*+e" e 1!ner! reeter1$n!! en e+ OS o%een ro;en$r e %n ro;eeor eterno

1.1. SEGURIDAD DE TER4INALES

Un! re e" !en!" t!n "e%r! &o1o "% en+!&e 1'" *$+. L!"!1en!)!" e"t!&!!" %e 1'" "e !n!+$)!n en +o" 1e$o" e &o1%n$&!&$n"on +!" !1en!)!" etern!"< &o1o +o" %"!no" e Internet J +o" !t!%e"DoS. Pero +! rote&&$n e +! re $ntern! e" t!n $1ort!nte &o1o +!rote&&$n e+ er21etro e %n! re. L! re $ntern! &on"t! e ter1$n!+e" ere< !+%n!" e +!" &%!+e" "e 1%e"tr!n en +! $+%"tr!&$n. Un! ter1$n!+< o %n(o"t< e" %n "$"te1! e &o1%t!&$n o %n $"o"$t$;o $n$;$%!+ %e !&t!

&o1o &+$ente e re. L!" ter1$n!+e" &o1%ne" "on &o1%t!or!" ort't$+e"

Documents

Trabajo de Seguridad en Redes