Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- (npc*vlice)+((((npc*vlice)/100)*pjman)*año1)=A
- npc*hrs1*vins=B
- hrs2*vinst*npc*año1=C
- [TCO] = A+B+C
- [ARO] = npc=A
- [SLE] = vpc+vinf=B
- [ALE] = [ARO*SLE] A*B=C
- #!----------------------------------------------------------------
- #!----------------------------------------------------------------
- [root@localhost ~]# cat ***.txt
- Nombre: ***
- Fecha: ***/***/***
- Seccion: ***
- [root@localhost ~]#
- [root@localhost ~]# ## ------------------------------------------ 01
- [root@localhost ~]# rm -rf /etc/udev/rules.d/70-persistent-net.rules
- [root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0 #OUT
- DEVICE=eth0
- BOOTPROTO=dhcp
- BROADCAST=192.168.16.255
- IPADDR=192.168.16.134
- NETMASK=255.255.255.0
- ONBOOT=yes
- #HWADDR=
- [root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth1 #DMZ
- DEVICE=eth1
- BOOTPROTO=static
- BROADCAST=172.17.25.255
- IPADDR=172.17.25.1
- NETMASK=255.255.255.0
- ONBOOT=yes
- #HWADDR=
- [root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth2 #IN
- DEVICE=eth2
- BOOTPROTO=static
- BROADCAST=10.10.4.255
- IPADDR=10.10.4.1
- NETMASK=255.255.255.0
- ONBOOT=yes
- #HWADDR=
- [root@localhost ~]# service network restart
- [root@localhost ~]#
- [root@localhost ~]# ## ------------------------------------------ 03
- [root@localhost ~]# sysctl -p /etc/sysctl.conf
- net.ipv4.ip_forward = 1
- net.ipv4.conf.default.rp_filter = 1
- net.ipv4.conf.default.accept_source_route = 0
- kernel.sysrq = 0
- kernel.core_uses_pid = 1
- net.ipv4.tcp_syncookies = 1
- error: "net.bridge.bridge-nf-call-ip6tables" is an unknown key
- error: "net.bridge.bridge-nf-call-iptables" is an unknown key
- error: "net.bridge.bridge-nf-call-arptables" is an unknown key
- kernel.msgmnb = 65536
- kernel.msgmax = 65536
- kernel.shmmax = 68719476736
- kernel.shmall = 4294967296
- [root@localhost ~]#
- [root@localhost ~]# ## ------------------------------------------ 02,04-10
- [root@localhost ~]# iptables -F -t filter
- [root@localhost ~]# iptables -S -t filter
- # Drop
- -P INPUT DROP
- -P FORWARD DROP
- -P OUTPUT DROP
- # FW Ping A
- -A INPUT -p icmp -m icmp --icmp-type 0 -j ACCEPT
- # Denegar WEBs
- -A FORWARD -p tcp -m string --string "lun.com" --algo kmp --to 65535 -j DROP
- -A FORWARD -p tcp -m string --string "facebook.com" --algo kmp --to 65535 -j DROP
- # IN->OUT
- -A FORWARD -s 10.10.4.0/24 -i eth2 -o eth0 -j ACCEPT
- -A FORWARD -d 10.10.4.0/24 -i eth0 -o eth2 -j ACCEPT
- # IN->DMZ
- -A FORWARD -s 10.10.4.0/24 -d 172.17.25.0/24 -i eth2 -o eth1 -j ACCEPT
- -A FORWARD -s 172.17.25.0/24 -d 10.10.4.0/24 -i eth1 -o eth2 -j ACCEPT
- -A FORWARD -d 172.17.25.0/24 -i eth0 -o eth1 -j ACCEPT
- -A FORWARD -s 172.17.25.0/24 -i eth1 -o eth0 -j ACCEPT
- # FW Ping B
- -A OUTPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
- -A OUTPUT -d 185.60.216.35/32 -p tcp -m tcp --dport 80 -j REJECT --reject-with icmp-port-unreachable
- -A OUTPUT -d 185.60.216.35/32 -p tcp -m tcp --dport 443 -j REJECT --reject-with icmp-port-unreachable
- -A OUTPUT -d 190.96.78.8/32 -p tcp -m tcp --dport 80 -j REJECT --reject-with icmp-port-unreachable
- -A OUTPUT -d 190.96.78.8/32 -p tcp -m tcp --dport 443 -j REJECT --reject-with icmp-port-unreachable
- [root@localhost ~]# iptables -F -t nat
- [root@localhost ~]# iptables -S -t nat
- -P PREROUTING ACCEPT
- -P POSTROUTING ACCEPT
- -P OUTPUT ACCEPT
- # OUT->SRV
- -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j NAT --to-destination 172.17.25.3:80
- # NAT Dina
- -A POSTROUTING -s 10.10.4.0/24 -o eth0 -j MASQUERADE
- -A POSTROUTING -s 172.17.25.0/24 -o eth0 -j MASQUERADE
- [root@localhost ~]#
- [root@localhost ~]# reboot
- # NAT Esta
- #-t nat -A POSTROUTING -o eth0 -s 10.10.4.0/24 -j SNAT --to-source 192.168.16.134
- #-t nat -A POSTROUTING -o eth0 -s 172.17.25.0/24 -j SNAT --to-source 192.168.16.134
- #!----------------------------------------------------------------
- #!----------------------------------------------------------------
- [root@localhost ~]# nano /etc/snort/rules/mi.rules
- alert tcp any any -> any 21 (msg:”hola detecto trafico FTP”; sid:1000000; rev:1;)
- #
- alert tcp $EXTERNAL_NET any -> $HOME_NET any / (msg:”Escaneo ping con nmap”;flag:A;ack:0;Reference:arachnids,28;classtype:attempt-recon;sid:628;rev:1;)
- #
- alert tcp any any -> $HOME_NET $PORT_HTTP (msg: "SQL Injection Attempt - and 1=1"; content: "GET"; http_method; uricontent: "and 1=1"; nocase; classtype:web-application-attack; sid:3000001; rev:1;)
- #
- alert tcp any 110 -> any any (msg:”Virus – Possible gusano pif”; content: “.pif”; nocase;sid:721; classtype:misc-activity; rev:3;)
- #
- alert tcp any 110 -> any any (msg:”Virus – Possible NAVIDAD Worm”; content:“NAVIDAD.EXE”; nocase; sid:722; classtype:misc-activity; rev:3;)
- #
- alert tcp any 110 -> any any (msg:”Virus – Possible MyRomeo Worm”; content:“myromeo.exe”; nocase; sid:723; classtype:misc-activity; rev:3;)
- alert tcp any 110 -> any any (msg:”Virus – Possible MyRomeo Worm”; content:“myjuliet.chm”; nocase; sid:724; classtype:misc-activity; rev:3;)
- alert tcp any 110 -> any any (msg:”Virus – Possible MyRomeo Worm”; content: “ble bla”; nocase; sid:725; classtype:misc-activity; rev:3;)
- [root@localhost ~]# nano /etc/snort/snort.conf
- include $RULE_PATH/mi.rules
- #Snort RuleSets
- #!----------------------------------------------------------------
- #!----------------------------------------------------------------
- Software para cifrar discos.
- Para 1000 equipos
- 100 usd * licencia (+ mantencion anual 20%)
- Instalacion demora 4 horas, 50 usd * hora
- Requiere mantencion 3hrs/año
- en 3 años ?
- (1000*100)+((((1000*100)/100)*20)*3)=160000
- 1000*4*50=200000
- 3*50*1000*3=450000
- [TCO] 160000+200000+450000=810000
- [TCO] en 1 año ?
- 810000/3=270000
- [TCO] en 6 meses ?
- 135000
- #!----------------------------------------------------------------
- 11 robos de pc * año
- 2500 usd * pc
- 25000 usd * info en pc
- [ARO] = 11
- [SLE] = 2500+25000=27500
- [ALE] = [ARO*SLE] 11*27500=302500
- .
- .
- .
- 100% = 11
- 75% = 9
- [ARO] = 9
- [SLE] = 2500+25000=27500
- [ALE] = [ARO*SLE] 9*27500=247500
- #!---------------------------------------------------------------
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement