Seguridad Informática: Seguridad en los Sistemas y Autenticación

El término hardening se refiere al proceso de configurar el software de forma que se minimicen los riesgos potenciales de seguridad. Esto cobra vital importancia respecto al Sistema Operativo de las máquinas que mantienen servicios visibles desde Internet.

Microsoft	http://www.windowsupdate.microsoft.com Actualización de productos Microsoft http://www.microsoft.com/security/ Es el portal genérico de Microsoft para la seguridad de sus productos http://www.microsoft.com/technet/treeview/default.asp?url=/technet/itsolutions/security/default.asp Es la nueva cara de TECHNET de Microsoft. http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/tools/content.aspGuías, actualizaciones y herramientas http://www.sans.org/newlook/digests/toolkit.htmOctubre 2001: Microsoft Security Toolkit http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/tools/content.aspOctubre 2001: Microsoft Security Toolkit Microsoft Baseline Security Analyzer http://support.microsoft.com/default.aspx?scid=kb;en-us;q320454 y en castellano Michael Howard es uno de los ingenieros de Diseño de Windows 2003, que escribe diversos artículos sobre la seguridad de los sistemas Windows, como por ejemplo Development Impacts of Security Changes in Windows Server 2003
Microsoft Windows NT Server	La página principal de NT Server es http://www.microsoft.com/ntserver/ProductInfo/default.asp, donde se indican requerimientos del sistema y la lista de compatibilidad de hardware. En http://www.microsoft.com/ntserver/techresources/security/default.asp pueden encontrarse whitepapers del año 1997 sobre el hardening de Windows NT; entre ellos Securing NT Installation y documentación acerca de cómo implementar passwords fuertes, hardening del servidor Internet Information Server, y el Microsoft Security Configuration Tool Set (subconjunto del Microsoft Managent Console). Los Service Packs y parches críticos pueden encontrase en http://www.microsoft.com/ntserver/nts/downloads/default.asp Microsoft Network Security Hotfix Checker (Hfnetchk.exe) es una herramienta que comprueba a través de Internet cuales son los Service Packs instalados y cuales son los que faltan. http://support.microsoft.com/support/kb/articles/q303/2/15.asp La última versión disponible del Microsoft Network Security Hotfix Checker (Hfnetchk.exe) http://www.microsoft.com/Downloads/Release.asp?ReleaseID=31154 La última versión a principios de Agosto es el Service Pack 6a http://www.microsoft.com/ntserver/nts/downloads/recommended/sp6/default.asp y los parches acumulativos hasta el 26 de Julio http://www.microsoft.com/ntserver/nts/downloads/critical/q299444/default.asp Definitivamente no saldrá al mercado el Service Pack 7 http://www.microsoft.com/ntserver/sp7.asp, sin embargo ya está disponible el Post-Windows NT 4.0 Service Pack 6a Security Rollup Package (SRP) con todos los parches de seguridad posteriores al Service Pack 6a http://support.microsoft.com/support/kb/articles/q299/4/44.asp?ID=299444. Nótese que SRP en realidad es un nombre de marketing para el último parche acumulativo. Los parches de la versión española se encuentran en ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/spa/nt40/ Dentro de los checklists y utilidades de seguridad http://www.microsoft.com/technet/treeview/default.asp?url=/technet/itsolutions/security/tools/tools.asp, son muy interesantes los checklist de NT Server, NT workstation, C2 e IIS; además de la utilidad Qfix que permite añadir varios parches con un único reinicio. Microsoft Personal Security Advidor es un escaneador on-line para comprobar la seguridad de Windows NT y 2000 http://www.microsoft.com/TechNet/mpsa/start.asp Securing a Windows NT Server http://www-nt.stanford.edu/ServerSetup/Security.html Building a Windows NT bastion host in practice v1.3http://people.hp.se/stnor Armoring NT http://www.enteract.com/~lspitz/nt.html http://www.ntfaq.com/security.html Windows 2000 Magazine network ---> Security http://www.systemexperts.com/win2k.shtml Windows 2000 Magazine Security HandBook Security Patchs http://www.microsoft.com/technet/security/current.asp NT Recommended Updates and Service Packs http://www.microsoft.com/ntserver/nts/downloads/default.asp Utilidades del libro Securing Windows NT/2000 Servers for the Internet OpenSSH, Network Time Protocol, Virtual Network Computing, NTSyslog y enlaces a Cygwin, Perl for Cygwin, TCP Wrappers, OpenSSL y OpenSSH. http://examples.oreilly.com/securwinserv/readme.html Windows 95/98 Computer Security Information http://www.cert.org/tech_tips/win-95-info.html Windows NT Configuration Guidelines http://www.cert.org/tech_tips/win_configuration_guidelines.html Windows NT Security and Configuration Resourceshttp://www.cert.org/tech_tips/win-resources.html Windows NT Intruder Detection Checklisthttp://www.cert.org/tech_tips/win_intruder_detection_checklist.html Steps for Recovering from a UNIX or NT System Compromise http://www.cert.org/tech_tips/win-UNIX-system_compromise.html Errores del Event Viewer http://www.megerle.de/tips/nt_err.htm
Aplicaciones para Microsoft Windows	Internet Explorer http://www.microsoft.com/windows/ie/downloads/critical/Q313675/default.asp Internet Information Server 4.0 http://www.microsoft.com/Downloads/Release.asp?ReleaseID=32061 Internet Information Server 5.0 http://www.microsoft.com/Downloads/Release.asp?ReleaseID=32011 Exchange Server Service Pack http://www.microsoft.com/downloads/release.asp?releaseid=30973 SQL Server 2000 Service Pack http://www.microsoft.com/sql/downloads/2000/sp1.asp Securit-e-PortControl es una herramienta gratuita que permite cambiar la MAC y el tráfico permitido por los interfaces
Microsoft Windows 2000	Windows 2000 Service Pack 2 http://www.microsoft.com/windows2000/downloads/servicepacks/sp2/sp2lang.asp Windows 2000 Security Rollup Package, January, 2002 http://www.microsoft.com/windows2000/downloads/critical/q311401/ 2000 Recommended Updates and Service Packs http://www.microsoft.com/windows2000/downloads/default.asp Windows 2000 Security Recommendation Guides http://nsa1.www.conxion.com/win2k/download.htm
Microsoft Windows XP	Windows XP PnP Vulnerability http://www.microsoft.com/technet/security/bulletin/MS01-059.asp
Microsoft Windows Milennium Edition	Un dispositivo Universal Plug and Play anuncia su presencia en la red a otros dispositivos y puntos de control a través del Protocolo Simple Service Discovery Protocol (SSDP). Esa es la razón de que los Windows ME tengan abierto el puerto 5000/tcp. http://support.microsoft.com/support/kb/articles/q262/4/58.asp Efectivamente; no ha tardado mucho en descubrirse una vulnerabilidad. Invalid Universal Plug and Play Request can Disrupt System Operation http://www.microsoft.com/technet/security/bulletin/MS01-054.asp
Solaris	El artículo The Unix Auditor's Practical Handbook es una buena guía paso a paso de securización de sistemas Solaris The Sun BluePrints program is Sun's leading source for in-depth technical information on best practices using Sun[tm] solutions. Sun BluePrints OnLine is a Web-based, monthly magazine containing current articles on the latest best practices. http://www.sun.com/security/blueprints/ SunFreeware, software GNU http://www.sun.com/bigadmin/downloads/indexFree.html SolarisHelp http://www.solarishelp.com SunHelp http://www.sunhelp.org SunWorld http://www.sunworld.com SunGuru http://www.sunguru.com/ Recommended and Security Solaris Patch Clusters http://sunsolve.sun.com/pub-cgi/show.pl?target=patches/patch-access Solaris Package Archive http://sunsite.cnlab-switch.ch/www/mirror/solaris-binaries/sparc/ The Solaris Security FAQ http://www.sunworld.com/sunworldonline/common/security-faq.html Armoring Solaris http://www.enteract.com/~lspitz/armoring.html How to install Solaris and have a good host security http://yassp.parc.xerox.com/ Solaris Security Guide http://www.sabernet.net/papers/Solaris.html The Solaris[tm] Security Toolkit, informally known as the JumpStart[tm] Architecture and Security Scripts (JASS) toolkit, provides a flexible and extensible mechanism to minimize, harden, and secure Solaris Operating Environment systems. The primary goal behind the development of this toolkit is to simplify and automate the process of securing Solaris systems.http://www.sun.com/security/jass/ Solaris 9 http://www.sun.com/solaris/programs/solaris9ea/ Securing a Solaris Systemhttp://www.accs.com/p_and_p/SolSec/ Unix Security CheckList http://www.cert.org/tech_tips/AUSCERT_checklist2.0.html Building a Solaris Host http://secinf.net/info/unix/solaris_hardening.html Minimum Solaris 8 (64 bit) packages: install Solaris 8 Core flavor; install Mandatory Packages (SUNWlibC, SUNWlibCx, SUNWter, SUNWadmc, SUNWadmfw, SUNWscpr,SUNWscpu,SUNWscpux, SUNWsra, SUNWsrh, SUNWmdb, SUNWmdbx, SUNWtoo); install SUN recommended patch cluster 108528-14, install 109326-07 (libresolv.so.2 and in.named patch), 110723-04 (/kernel/drv/sparcv9/eri patch), 108434-01 (32-Bit Shared library patch for C++), 108435-01 (64-Bit Shared library patch for C++); the following packages can be removed ( SUNWadmr, SUNWatfsr, SUNWatfsu, SUNWauda, SUNWaudd, SUNWauddx, SUNWcg6, SUNWcg6x, SUNWdfb, SUNWdtcor, SUNWfcip, SUNWfcipx, SUNWfcp, SUNWfcpx, SUNWfctl, SUNWfctlx, SUNWftpr, SUNWftpu, SUNWi15cs, SUNWi1cs, SUNWkey, SUNWluxdx, SUNWluxop, SUNWluxox, SUNWm64, SUNWm64x, SUNWmdi, SUNWmdix, SUNWnamow, SUNWnisr, SUNWnisu, SUNWpcelx, SUNWpcmci, SUNWpcmcu, SUNWpcmcx, SUNWpcmem, SUNWpcser, SUNWpl5u, SUNWpsdpr, SUNWrmodu, SUNWses, SUNWsesx, SUNWsndmr, SUNWsndmu, SUNWsolnm, SUNWssad, SUNWssadx, SUNWtleux, SUNWudf, SUNWudfr, SUNWudfrx, SUNWusb, SUNWusbx, SUNWwsr2, SUNWxwdv, SUNWxwdvx, SUNWxwmod, SUNWxwmox).
Solaris on Intel	Solaris On Intel Platforms http://www.geocities.com/~gregl Solaris On Intel - X86 http://sun.pmbc.com/
Linux	Linux was invented here! http://www.cs.helsinki.fi/linux/ Linux Documentation Project http://www.linux.org/docs/index.html OpenBSD Manual Pages http://www.openbsd.org/cgi-bin/man.cgi Linux Certification http://www.linuxcertification.com/quizzes/3X0-102/ http://www.lpi.org/ Linux Administrator's Security Guide http://www.securityportal.com/lasg/ Linux Administrator's Security Guide http://www.oninet.es/usuarios/fidonet/gsal.html Linux Administrator's Security Guide http://segurinet.com/gsal Linux Administrator's Security Guide http://www.seifried.org/lasg/ GARLS2: Guía de Administración de Redes con Linux http://lucas.hispalinux.es/Manuales-LuCAS/GARL2// Linux Inside Bitmaps http://www.heise.de/ct/motive/01/01/ http://www.trinux.org http://www.linux-howto.com/ http://lucas.hispalinux.es/htmls/comos.html Seguridad en Linux http://www.enteract.com/~lspitz/linux.html Armoring Linux Linux Security http://www.linuxsecurity.com Errata: Security Alerts, Bugfixes, and Enhancements https://www.redhat.com/apps/support/errata/index.html Red Hat BugZilla http://bugzilla.redhat.com/bugzilla/query.cgi
HP Unix	Building a Bastion Host Using HP-UX 10 http://people.hp.se/stevesk/bastion.html The HP NonStop Technical Library HP Security Product
IBM AIX	Parches de Seguridad para AIX ftp://aix.software.ibm.com/aix/efixes/security/
Cisco	SANS Security Policy Project: Router Security Policy http://www.sans.org/newlook/resources/policies/Router_Security_Policy.doc National Security Agency Cisco Router Security Recommendation Guides http://nsa1.www.conxion.com/cisco/index.html Portal de Seguridad de Cisco Systems http://www.cisco.com/warp/public/707/ Cisco Systems: Internet Security Advisories http://www.cisco.com/warp/public/707/advisory.html Improving Security on Cisco Routers http://www.cisco.com/warp/public/707/21.html Characterizing and Tracing Packet Floods using Cisco Routers http://www.cisco.com/warp/public/707/22.html Strategies to Protect against Distributed Denial of Service (DDOS) Attacks http://www.cisco.com/warp/public/707/newsflash.html Increasing Security on IP Networks http://www.cisco.com/univercd/cc/td/doc/cisintwk/ics/cs003.htm White Paper: Security Best Practices for Cisco Unity 3.0 http://www.cisco.com/univercd/cc/td/doc/product/voice/c_unity/whitpapr/security.htm Building a Perimeter Security Solution with the Cisco Secure Integrated Software http://www.cisco.com/warp/public/cc/pd/iosw/ioft/iofwft/tech/firew_wp.htm Techniques for blocking Nimda http://www.cisco.com/warp/public/63/nimda.shtml Essential IOS Features every network manager should consider http://www.cisco.com/public/cons/isp/documents/IOSEssentialsPDF.zip Demystifying Cisco Access Control Lists http://www.nwc.com/907/907ws1.html SANS GIAC: Auditing Cisco Perimeter Routers; por Marvin Yee http://www.giac.org/GSNA.php Hardening Cisco Routers Book. Sample Chapter 10: NTP http://www.oreilly.com/catalog/hardcisco/chapter/ch10.html Phrack Magazine #55, artículo10: Building Bastion Routers with IOS http://www.phrack.org/show.php?p=55&a=10 BlackHat Briefings: Protecting your IP network infrastructure (how to secure Cisco routers and (multi-layer) switches running IOS, CatOS, CatIOS and the networks they interconnect) http://www.securite.org/presentations/secip/ BlackHat Briefings: Routers and Switches Security http://www.blackhat.com/presentations/bh-asia-00/jeremy-dave/jeremy-dave-asia-00-network.ppt En Auditnet pueden encontrarse dos documentos interesantes http://www.auditnet.org/docs/ROUTER%20SECURITY.DOC y http://www.auditnet.org/docs/Cisco%20Router%20Audit%20Program.doc
Varios	National Security Agency Security Recommendation Guides: Windows 2000 Guides, Windows NT Guides, Cisco Router Guides, E-mail and Executable Content Guides. http://nsa1.www.conxion.com/ O'Reilly Hardening books
Sincronización	El Real Observatorio de la Armana es la referencia Nacional en sincronización horaria es un cliente NTP para Windows http://www.armada.mde.es/enlaces/observat/content05.htm About Time es un cliente NTP para Windows http://www.arachnoid.com/abouttime/index.html SNTP en Windows 2000 es un cliente NTP para Windows http://www.microsoft.com/technet/treeview/default.asp?url=/TechNet/prodtechnol/windows2000serv/maintain/optimize/wintime.asp

Rafael Ausejo Prieto
$Date: 2001/09/02 23:30:00 $