Attachment #74280 for bug #114832

View | Details | Raw Unified | Return to bug 114832
Collapse All | Expand All

Lines 1-5 Link Here

(-)index.xml (-6 / +9 lines)
1	<?xml version='1.0' encoding="UTF-8"?>	1	<?xml version='1.0' encoding="UTF-8"?>
2	<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/index.xml,v 1.1 2005/08/08 15:41:00 neysx Exp $ -->	2	<!-- $Header: /cvsroot/vnoss/docs/gentoo-hb/security/index.xml,v 1.5 2005/12/08 06:49:32 pclouds Exp $ -->
3	<!-- $OldHeader: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/index.xml,v 1.1 2005/06/01 15:43:47 neysx Exp $ -->	3	<!-- $OldHeader: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/index.xml,v 1.1 2005/06/01 15:43:47 neysx Exp $ -->
4	<!DOCTYPE guide SYSTEM "/dtd/guide.dtd">	4	<!DOCTYPE guide SYSTEM "/dtd/guide.dtd">
5		5
Lines 7-13 Link Here
7	<title>Hướng dẫn Bảo mật Gentoo</title>	7	<title>Hướng dẫn Bảo mật Gentoo</title>
8		8
9	<author title="Author">	9	<author title="Author">
10	<mail link="curtis119@yahoo.com">M. Curtis Napier</mail>	10	<mail link="curtis119@gentoo.org">M. Curtis Napier</mail>
11	</author>	11	</author>
12	<author title="Editor">	12	<author title="Editor">
13	<mail link="neysx@gentoo.org">Xavier Neys</mail>	13	<mail link="neysx@gentoo.org">Xavier Neys</mail>
Lines 17-26 Link Here
17	Đây là hướng dẫn từng bước một để bảo vệ Gentoo Linux.	17	Đây là hướng dẫn từng bước một để bảo vệ Gentoo Linux.
18	</abstract>	18	</abstract>
19		19
		20	<!-- The content of this document is licensed under the CC-BY-SA license -->
		21	<!-- See http://creativecommons.org/licenses/by-sa/2.5 -->
20	<license/>	22	<license/>
21		23
22	<version>1.0</version>	24	<version>1.1</version>
23	<date>2005-07-05</date>	25	<date>2005-07-06</date>
24		26
25	<chapter>	27	<chapter>
26	<title>Giới thiệu</title>	28	<title>Giới thiệu</title>
Lines 33-40 Link Here
33	</p>	35	</p>
34		36
35	<note>	37	<note>
36	Nếu bạn vẫn quan tâm đến tính an toàn trong Gentoo sau khi đọc tài liệu này,	38	Nếu bạn vẫn quan tâm đến tính an toàn trong Gentoo sau khi đọc tài
37	hãy xem <uri link="/proj/en/hardened/">Hardened Gentoo Project</uri>	39	liệu này, hãy xem <uri
		40	link="/proj/en/hardened/">Hardened Gentoo Project</uri>
38	</note>	41	</note>
39		42
40	</body>	43	</body>

Lines 1-5 Link Here

(-)security-handbook.xml (-1 / +1 lines)
1	<?xml version='1.0' encoding='UTF-8'?>	1	<?xml version='1.0' encoding='UTF-8'?>
2	<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/security-handbook.xml,v 1.1 2005/08/08 15:41:00 neysx Exp $ -->	2	<!-- $Header: /cvsroot/vnoss/docs/gentoo-hb/security/security-handbook.xml,v 1.3 2005/08/15 04:21:46 pclouds Exp $ -->
3	<!-- $OldHeader: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/security-handbook.xml,v 1.1 2005/06/01 15:43:47 neysx Exp $ -->	3	<!-- $OldHeader: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/security-handbook.xml,v 1.1 2005/06/01 15:43:47 neysx Exp $ -->
4	<!DOCTYPE book SYSTEM "/dtd/book.dtd">	4	<!DOCTYPE book SYSTEM "/dtd/book.dtd">
5		5

Lines 1-5 Link Here

(-)shb-chroot.xml (-1 / +1 lines)
1	<?xml version='1.0' encoding='UTF-8'?>	1	<?xml version='1.0' encoding='UTF-8'?>
2	<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/shb-chroot.xml,v 1.1 2005/08/08 15:41:00 neysx Exp $ -->	2	<!-- $Header: /cvsroot/vnoss/docs/gentoo-hb/security/shb-chroot.xml,v 1.3 2005/07/24 13:51:13 pclouds Exp $ -->
3	<!-- $OldHeader: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/shb-chroot.xml,v 1.1 2005/06/01 15:43:47 neysx Exp $ -->	3	<!-- $OldHeader: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/shb-chroot.xml,v 1.1 2005/06/01 15:43:47 neysx Exp $ -->
4	<!DOCTYPE sections SYSTEM "/dtd/book.dtd">	4	<!DOCTYPE sections SYSTEM "/dtd/book.dtd">
5		5




<?xml version='1.0' encoding='UTF-8'?>
<!-- $Header: /cvsroot/vnoss/docs/gentoo-hb/security/shb-firewalls.xml,v 1.5 2005/12/08 06:41:39 pclouds Exp $ -->
<!-- $OldHeader: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/shb-firewalls.xml,v 1.2 2005/06/01 15:43:47 neysx Exp $ -->
<!DOCTYPE sections SYSTEM "/dtd/book.dtd">

<!-- The content of this document is licensed under the CC-BY-SA license -->


<sections>

<version>1.1</version>
<date>2005-10-16</date>

<section>
<title>Firewall</title>
<body>

<p>

kernel, nếu bạn định tắt tính năng Loadable Kernel Modules như đã thảo
luận ở trên). Thông tin chi tiết cách cấu hình kernel cho iptables có
ở <uri
link="http://iptables-tutorial.frozentux.net/iptables-tutorial.html#PREPARATIONS">Iptables
Tutorial Chapter 5: Preparations</uri>. Sau khi bạn biên dịch kernel
mới (hoặc trong khi biên dịch kernel), bạn phải thêm lệnh
<c>iptables</c>. Chỉ cần <c>emerge iptables</c> là nó sẽ chạy.
</p>

Lines 1-15 Link Here

(-)shb-intrusion.xml (-32 / +12 lines)
1	<?xml version='1.0' encoding='UTF-8'?>	1	<?xml version='1.0' encoding='UTF-8'?>
2	<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/shb-intrusion.xml,v 1.1 2005/08/08 15:41:00 neysx Exp $ -->	2	<!-- $Header: /cvsroot/vnoss/docs/gentoo-hb/security/shb-intrusion.xml,v 1.4 2005/12/08 06:47:41 pclouds Exp $ -->
3	<!-- $OldHeader: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/shb-intrusion.xml,v 1.1 2005/06/01 15:43:47 neysx Exp $ -->	3	<!-- $OldHeader: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/shb-intrusion.xml,v 1.2 2005/06/01 15:43:47 neysx Exp $ -->
4	<!DOCTYPE sections SYSTEM "/dtd/book.dtd">	4	<!DOCTYPE sections SYSTEM "/dtd/book.dtd">
5		5
6	<!-- The content of this document is licensed under the CC-BY-SA license -->	6	<!-- The content of this document is licensed under the CC-BY-SA license -->
7	<!-- See http://creativecommons.org/licenses/by-sa/1.0 -->	7	<!-- See http://creativecommons.org/licenses/by-sa/2.5 -->
8		8
9	<sections>	9	<sections>
10		10
11	<version>1.0</version>	11	<version>1.1</version>
12	<date>2005-05-31</date>	12	<date>2005-11-23</date>
13		13
14	<section>	14	<section>
15	<title>AIDE (Advanced Intrusion Detection Environment)</title>	15	<title>AIDE (Advanced Intrusion Detection Environment)</title>
Lines 284-294 Link Here
284	</p>	284	</p>
285		285
286	<p>	286	<p>
287	Sau khi sửa tập tin cấu hình, bạn nên tạo tập tin db bằng lệnh	287	AIDE ebuild giờ cài đặt một tập tin cấu hìh mặc định, bao gồm helper
288	<c>aide -i</c> và sau đó chép tập tin	288	script và crontab script. Helper script thực hiện dùm bạn một số việc,
289	<path>/etc/aide/aide.db.new</path> thành	289	cung cấp một giao diện thân thiện hơn. Để biết các tuỳ chọn, dùng
290	<path>/etc/aide/aide.db</path> rồi thêm kiểm tra trong cron bằng	290	<c>aideinit --help</c>. Để bắt đầu, chỉ cần gọi <c>aideinit -i</c> và
291	<c>crontab -e</c> trong root.	291	crontab script sẽ dò tìm database và gửi mail mỗi ngày. Bạn nên xem
		292	qua <path>/etc/aide/aide.conf</path> để bảo đảm tập tin cấu hình phản
		293	ánh đúng hệ thống của mình.
292	</p>	294	</p>
293		295
294	<note>	296	<note>
Lines 296-320 Link Here
296	gian ít nhiều.	298	gian ít nhiều.
297	</note>	299	</note>
298		300
299	<pre caption="Lập lịch aide trong cronjob">
300	0 3 * * * /usr/bin/aide -u
301	</pre>
302
303	<note>	301	<note>
304	Nhớ đặt alias để bạn nhận root mail. Nếu không bạn sẽ không biết AIDE	302	Nhớ đặt alias để bạn nhận root mail. Nếu không bạn sẽ không biết AIDE
305	báo cáo gì.	303	báo cáo gì.
306	</note>	304	</note>
307		305
308	<p>	306	<p>
309	Trong trường hợp này, nó chạy một lần lúc 3am. Tôi làm thế vì không
310	muốn làm phiền người dùng. Chú ý, tôi dùng tùy chọn <c>-u</c> (Update)
311	thay vì <c>-C</c> (Check). Vì <c>-u</c> cũng kiểm tra tập tin và không
312	ghi đè tập tin gốc, nó tiết kiệm thời gian vì cái bạn cần là chép tập
313	tin khi nó phát hiện thay đổi. Chỉ cần kiểm tra thay đổi để xem có
314	phải bạn thay đổi hay kẻ khác, trước khi bạn chép nó!
315	</p>
316
317	<p>
318	Việc lưu tập tin db cục bộ có thể có rủi ro, vì kẻ tấn công se (nếu	307	Việc lưu tập tin db cục bộ có thể có rủi ro, vì kẻ tấn công se (nếu
319	hắn biết có cài đặt AIDE) cố thay đổi tập tin db, cập nhật tập tin db	308	hắn biết có cài đặt AIDE) cố thay đổi tập tin db, cập nhật tập tin db
320	hoặc thay đổi <path>/usr/bin/aide</path>. Vậy bạn nên tạo CD hoặc	309	hoặc thay đổi <path>/usr/bin/aide</path>. Vậy bạn nên tạo CD hoặc
Lines 338-348 Link Here
338	nó, dùng ví dụ sau.	327	nó, dùng ví dụ sau.
339	</p>	328	</p>
340		329
341	<pre caption="Thêm user snort vào hệ thống">
342	# useradd snort -d /var/log/snort -s /dev/null
343	# chown -R snort /var/log/snort
344	</pre>
345
346	<pre caption="/etc/conf.d/snort">	330	<pre caption="/etc/conf.d/snort">
347	PIDFILE=/var/run/snort_eth0.pid	331	PIDFILE=/var/run/snort_eth0.pid
348	MODE="full"	332	MODE="full"
Lines 455-464 Link Here
455		439
456	</body>	440	</body>
457	</section>	441	</section>
458
459	<section>	442	<section>
460	<title>Dò tìm malware bằng chkrootkit</title>	443	<title>Dò tìm malware bằng chkrootkit</title>
461
462	<body>	444	<body>
463		445
464	<p>	446	<p>
Lines 486-491 Link Here
486		468
487	</body>	469	</body>
488	</section>	470	</section>
489
490
491	</sections>	471	</sections>

Lines 1-5 Link Here

(-)shb-kernel.xml (-1 / +1 lines)
1	<?xml version='1.0' encoding='UTF-8'?>	1	<?xml version='1.0' encoding='UTF-8'?>
2	<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/shb-kernel.xml,v 1.1 2005/08/08 15:41:00 neysx Exp $ -->	2	<!-- $Header: /cvsroot/vnoss/docs/gentoo-hb/security/shb-kernel.xml,v 1.2 2005/07/05 12:55:40 pclouds Exp $ -->
3	<!-- $OldHeader: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/shb-kernel.xml,v 1.1 2005/06/01 15:43:47 neysx Exp $ -->	3	<!-- $OldHeader: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/shb-kernel.xml,v 1.1 2005/06/01 15:43:47 neysx Exp $ -->
4	<!DOCTYPE sections SYSTEM "/dtd/book.dtd">	4	<!DOCTYPE sections SYSTEM "/dtd/book.dtd">
5		5

Lines 1-5 Link Here

(-)shb-limits.xml (-1 / +1 lines)
1	<?xml version='1.0' encoding='UTF-8'?>	1	<?xml version='1.0' encoding='UTF-8'?>
2	<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/shb-limits.xml,v 1.1 2005/08/08 15:41:00 neysx Exp $ -->	2	<!-- $Header: /cvsroot/vnoss/docs/gentoo-hb/security/shb-limits.xml,v 1.2 2005/07/05 12:55:40 pclouds Exp $ -->
3	<!-- $OldHeader: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/shb-limits.xml,v 1.2 2005/06/01 17:42:46 neysx Exp $ -->	3	<!-- $OldHeader: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/shb-limits.xml,v 1.2 2005/06/01 17:42:46 neysx Exp $ -->
4	<!DOCTYPE sections SYSTEM "/dtd/book.dtd">	4	<!DOCTYPE sections SYSTEM "/dtd/book.dtd">
5		5




<?xml version='1.0' encoding='UTF-8'?>
<!-- $Header: /cvsroot/vnoss/docs/gentoo-hb/security/shb-logging.xml,v 1.3 2005/12/08 06:38:49 pclouds Exp $ -->
<!-- $OldHeader: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/shb-logging.xml,v 1.3 2005/06/08 14:00:26 swift Exp $ -->
<!DOCTYPE sections SYSTEM "/dtd/book.dtd">

<!-- The content of this document is licensed under the CC-BY-SA license -->


<sections>

<version>1.2</version>
<date>2005-11-25</date>

<section>
<title>Log</title>

</p>

<pre caption="/etc/syslog-ng/syslog-ng.conf">
options { chain_hostnames(off); sync(0); };

#source where to read log
source src { unix-stream("/dev/log"); internal(); };

Lines 1-5 Link Here

(-)shb-mounting.xml (-1 / +1 lines)
1	<?xml version='1.0' encoding='UTF-8'?>	1	<?xml version='1.0' encoding='UTF-8'?>
2	<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/shb-mounting.xml,v 1.1 2005/08/08 15:41:00 neysx Exp $ -->	2	<!-- $Header: /cvsroot/vnoss/docs/gentoo-hb/security/shb-mounting.xml,v 1.2 2005/07/05 12:55:40 pclouds Exp $ -->
3	<!-- $OldHeader: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/shb-mounting.xml,v 1.2 2005/06/01 17:42:46 neysx Exp $ -->	3	<!-- $OldHeader: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/shb-mounting.xml,v 1.2 2005/06/01 17:42:46 neysx Exp $ -->
4	<!DOCTYPE sections SYSTEM "/dtd/book.dtd">	4	<!DOCTYPE sections SYSTEM "/dtd/book.dtd">
5		5

Lines 1-5 Link Here

(-)shb-pam.xml (-1 / +1 lines)
1	<?xml version='1.0' encoding='UTF-8'?>	1	<?xml version='1.0' encoding='UTF-8'?>
2	<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/shb-pam.xml,v 1.1 2005/08/08 15:41:00 neysx Exp $ -->	2	<!-- $Header: /cvsroot/vnoss/docs/gentoo-hb/security/shb-pam.xml,v 1.2 2005/07/05 12:55:40 pclouds Exp $ -->
3	<!-- $OldHeader: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/shb-pam.xml,v 1.2 2005/06/01 17:42:46 neysx Exp $ -->	3	<!-- $OldHeader: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/shb-pam.xml,v 1.2 2005/06/01 17:42:46 neysx Exp $ -->
4	<!DOCTYPE sections SYSTEM "/dtd/book.dtd">	4	<!DOCTYPE sections SYSTEM "/dtd/book.dtd">
5		5

Lines 1-5 Link Here

(-)shb-perms.xml (-1 / +1 lines)
1	<?xml version='1.0' encoding='UTF-8'?>	1	<?xml version='1.0' encoding='UTF-8'?>
2	<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/shb-perms.xml,v 1.1 2005/08/08 15:41:00 neysx Exp $ -->	2	<!-- $Header: /cvsroot/vnoss/docs/gentoo-hb/security/shb-perms.xml,v 1.2 2005/07/05 12:55:40 pclouds Exp $ -->
3	<!-- $OldHeader: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/shb-perms.xml,v 1.1 2005/06/01 15:43:47 neysx Exp $ -->	3	<!-- $OldHeader: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/shb-perms.xml,v 1.1 2005/06/01 15:43:47 neysx Exp $ -->
4	<!DOCTYPE sections SYSTEM "/dtd/book.dtd">	4	<!DOCTYPE sections SYSTEM "/dtd/book.dtd">
5		5

Lines 1-5 Link Here

(-)shb-pre.xml (-1 / +1 lines)
1	<?xml version='1.0' encoding='UTF-8'?>	1	<?xml version='1.0' encoding='UTF-8'?>
2	<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/shb-pre.xml,v 1.1 2005/08/08 15:41:00 neysx Exp $ -->	2	<!-- $Header: /cvsroot/vnoss/docs/gentoo-hb/security/shb-pre.xml,v 1.2 2005/07/05 12:55:40 pclouds Exp $ -->
3	<!-- $OldHeader: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/shb-pre.xml,v 1.2 2005/06/01 17:42:46 neysx Exp $ -->	3	<!-- $OldHeader: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/shb-pre.xml,v 1.2 2005/06/01 17:42:46 neysx Exp $ -->
4	<!DOCTYPE sections SYSTEM "/dtd/book.dtd">	4	<!DOCTYPE sections SYSTEM "/dtd/book.dtd">
5		5

Lines 1-5 Link Here

(-)shb-services.xml (-1 / +1 lines)
1	<?xml version='1.0' encoding='UTF-8'?>	1	<?xml version='1.0' encoding='UTF-8'?>
2	<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/shb-services.xml,v 1.1 2005/08/08 15:41:00 neysx Exp $ -->	2	<!-- $Header: /cvsroot/vnoss/docs/gentoo-hb/security/shb-services.xml,v 1.3 2005/08/01 16:31:02 pclouds Exp $ -->
3	<!-- $OldHeader: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/shb-services.xml,v 1.2 2005/06/01 17:42:46 neysx Exp $ -->	3	<!-- $OldHeader: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/shb-services.xml,v 1.2 2005/06/01 17:42:46 neysx Exp $ -->
4	<!DOCTYPE sections SYSTEM "/dtd/book.dtd">	4	<!DOCTYPE sections SYSTEM "/dtd/book.dtd">
5		5

Lines 1-5 Link Here

(-)shb-tcp.xml (-1 / +1 lines)
1	<?xml version='1.0' encoding='UTF-8'?>	1	<?xml version='1.0' encoding='UTF-8'?>
2	<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/shb-tcp.xml,v 1.1 2005/08/08 15:41:00 neysx Exp $ -->	2	<!-- $Header: /cvsroot/vnoss/docs/gentoo-hb/security/shb-tcp.xml,v 1.2 2005/07/05 12:55:40 pclouds Exp $ -->
3	<!-- $OldHeader: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/shb-tcp.xml,v 1.1 2005/06/01 15:43:47 neysx Exp $ -->	3	<!-- $OldHeader: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/shb-tcp.xml,v 1.1 2005/06/01 15:43:47 neysx Exp $ -->
4	<!DOCTYPE sections SYSTEM "/dtd/book.dtd">	4	<!DOCTYPE sections SYSTEM "/dtd/book.dtd">
5		5

Lines 1-5 Link Here

(-)shb-tight.xml (-1 / +1 lines)
1	<?xml version='1.0' encoding='UTF-8'?>	1	<?xml version='1.0' encoding='UTF-8'?>
2	<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/shb-tight.xml,v 1.1 2005/08/08 15:41:00 neysx Exp $ -->	2	<!-- $Header: /cvsroot/vnoss/docs/gentoo-hb/security/shb-tight.xml,v 1.2 2005/07/05 12:55:40 pclouds Exp $ -->
3	<!-- $OldHeader: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/shb-tight.xml,v 1.1 2005/06/01 15:43:47 neysx Exp $ -->	3	<!-- $OldHeader: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/shb-tight.xml,v 1.1 2005/06/01 15:43:47 neysx Exp $ -->
4	<!DOCTYPE sections SYSTEM "/dtd/book.dtd">	4	<!DOCTYPE sections SYSTEM "/dtd/book.dtd">
5		5




<?xml version='1.0' encoding='UTF-8'?>
<!-- $Header: /cvsroot/vnoss/docs/gentoo-hb/security/shb-uptodate.xml,v 1.4 2005/12/08 05:40:38 pclouds Exp $ -->
<!-- $OldHeader: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/shb-uptodate.xml,v 1.2 2005/06/01 15:43:47 neysx Exp $ -->
<!DOCTYPE sections SYSTEM "/dtd/book.dtd">

<!-- The content of this document is licensed under the CC-BY-SA license -->


<sections>

<version>1.1</version>
<date>2005-10-13</date>

<section>
<title>Bảo đảm luôn cập nhật</title>

chịu tác động bởi GLSA này.
</p>

<impo>
Chú ý rằng <c>emerge -vpuD world</c> sẽ không cập nhật mọi gói.
Bạn cần dùng <c>glsa-check</c> để bảo đảm cập nhật tất cả các GLSA cho
hệ thống.
</impo>

<pre caption="Kiểm tra mọi GLSA">
<comment>(Kiểm tra xem hệ thống có chịu tác động bởi GLSA hay không)</comment>
# <i>glsa-check -t all</i>
WARNING: This tool is completely new and not very tested, so it should not be
used on production systems. It's mainly a test tool for the new GLSA release
and distribution system, it's functionality will later be merged into emerge
and equery.
Please read http://www.gentoo.org/proj/en/portage/glsa-integration.xml
before using this tool AND before reporting a bug.

[A] means this GLSA was already applied,
[U] means the system is not affected and
[N] indicates that the system might be affected.

200406-03 [N] sitecopy: Multiple vulnerabilities in included libneon ( net-misc/sitecopy )
200406-04 [U] Mailman: Member password disclosure vulnerability ( net-mail/mailman )
.......
</pre>

<p>
Nếu bạn nâng cấp một dịch vụ đang khởi động, đừng quên khởi động lại
dịch vụ đó.
</p>

<p>
Vài người thích dùng <c>emerge packagename</c> thay vì <c>glsa-check
-f</c> để mọi GLSA được liệt kê dạng <c>[N]</c>.

Return to bug 114832

Lines 1-6 Link Here

(-)shb-firewalls.xml (-7 / +7 lines)
1	<?xml version='1.0' encoding='UTF-8'?>	1	<?xml version='1.0' encoding='UTF-8'?>
2	<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/shb-firewalls.xml,v 1.1 2005/08/08 15:41:00 neysx Exp $ -->	2	<!-- $Header: /cvsroot/vnoss/docs/gentoo-hb/security/shb-firewalls.xml,v 1.5 2005/12/08 06:41:39 pclouds Exp $ -->
3	<!-- $OldHeader: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/shb-firewalls.xml,v 1.1 2005/06/01 15:43:47 neysx Exp $ -->	3	<!-- $OldHeader: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/shb-firewalls.xml,v 1.2 2005/06/01 15:43:47 neysx Exp $ -->
4	<!DOCTYPE sections SYSTEM "/dtd/book.dtd">	4	<!DOCTYPE sections SYSTEM "/dtd/book.dtd">
5		5
6	<!-- The content of this document is licensed under the CC-BY-SA license -->	6	<!-- The content of this document is licensed under the CC-BY-SA license -->
Lines 8-18 Link Here
8		8
9	<sections>	9	<sections>
10		10
11	<version>1.0</version>	11	<version>1.1</version>
12	<date>2005-05-31</date>	12	<date>2005-10-16</date>
13		13
14	<section>	14	<section>
15	<title>A firewall</title>	15	<title>Firewall</title>
16	<body>	16	<body>
17		17
18	<p>	18	<p>
Lines 232-239 Link Here
232	kernel, nếu bạn định tắt tính năng Loadable Kernel Modules như đã thảo	232	kernel, nếu bạn định tắt tính năng Loadable Kernel Modules như đã thảo
233	luận ở trên). Thông tin chi tiết cách cấu hình kernel cho iptables có	233	luận ở trên). Thông tin chi tiết cách cấu hình kernel cho iptables có
234	ở <uri	234	ở <uri
235	link="http://iptables-tutorial.frozentux.net/chunkyhtml/kernelsetup.html">Iptables	235	link="http://iptables-tutorial.frozentux.net/iptables-tutorial.html#PREPARATIONS">Iptables
236	Tutorial Chapter 2: Preparations</uri>. Sau khi bạn biên dịch kernel	236	Tutorial Chapter 5: Preparations</uri>. Sau khi bạn biên dịch kernel
237	mới (hoặc trong khi biên dịch kernel), bạn phải thêm lệnh	237	mới (hoặc trong khi biên dịch kernel), bạn phải thêm lệnh
238	<c>iptables</c>. Chỉ cần <c>emerge iptables</c> là nó sẽ chạy.	238	<c>iptables</c>. Chỉ cần <c>emerge iptables</c> là nó sẽ chạy.
239	</p>	239	</p>

Lines 1-6 Link Here

(-)shb-logging.xml (-5 / +5 lines)
1	<?xml version='1.0' encoding='UTF-8'?>	1	<?xml version='1.0' encoding='UTF-8'?>
2	<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/shb-logging.xml,v 1.1 2005/08/08 15:41:00 neysx Exp $ -->	2	<!-- $Header: /cvsroot/vnoss/docs/gentoo-hb/security/shb-logging.xml,v 1.3 2005/12/08 06:38:49 pclouds Exp $ -->
3	<!-- $OldHeader: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/shb-logging.xml,v 1.2 2005/06/08 14:00:26 swift Exp $ -->	3	<!-- $OldHeader: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/shb-logging.xml,v 1.3 2005/06/08 14:00:26 swift Exp $ -->
4	<!DOCTYPE sections SYSTEM "/dtd/book.dtd">	4	<!DOCTYPE sections SYSTEM "/dtd/book.dtd">
5		5
6	<!-- The content of this document is licensed under the CC-BY-SA license -->	6	<!-- The content of this document is licensed under the CC-BY-SA license -->
Lines 8-15 Link Here
8		8
9	<sections>	9	<sections>
10		10
11	<version>1.1</version>	11	<version>1.2</version>
12	<date>2005-06-08</date>	12	<date>2005-11-25</date>
13		13
14	<section>	14	<section>
15	<title>Log</title>	15	<title>Log</title>
Lines 211-217 Link Here
211	</p>	211	</p>
212		212
213	<pre caption="/etc/syslog-ng/syslog-ng.conf">	213	<pre caption="/etc/syslog-ng/syslog-ng.conf">
214	options { long_hostnames(off); sync(0); };	214	options { chain_hostnames(off); sync(0); };
215		215
216	#source where to read log	216	#source where to read log
217	source src { unix-stream("/dev/log"); internal(); };	217	source src { unix-stream("/dev/log"); internal(); };

Lines 1-6 Link Here

(-)shb-uptodate.xml (-4 / +34 lines)
1	<?xml version='1.0' encoding='UTF-8'?>	1	<?xml version='1.0' encoding='UTF-8'?>
2	<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/shb-uptodate.xml,v 1.1 2005/08/08 15:41:00 neysx Exp $ -->	2	<!-- $Header: /cvsroot/vnoss/docs/gentoo-hb/security/shb-uptodate.xml,v 1.4 2005/12/08 05:40:38 pclouds Exp $ -->
3	<!-- $OldHeader: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/shb-uptodate.xml,v 1.1 2005/06/01 15:43:47 neysx Exp $ -->	3	<!-- $OldHeader: /var/cvsroot/gentoo/xml/htdocs/doc/vi/security/shb-uptodate.xml,v 1.2 2005/06/01 15:43:47 neysx Exp $ -->
4	<!DOCTYPE sections SYSTEM "/dtd/book.dtd">	4	<!DOCTYPE sections SYSTEM "/dtd/book.dtd">
5		5
6	<!-- The content of this document is licensed under the CC-BY-SA license -->	6	<!-- The content of this document is licensed under the CC-BY-SA license -->
Lines 8-15 Link Here
8		8
9	<sections>	9	<sections>
10		10
11	<version>1.0</version>	11	<version>1.1</version>
12	<date>2005-05-31</date>	12	<date>2005-10-13</date>
13		13
14	<section>	14	<section>
15	<title>Bảo đảm luôn cập nhật</title>	15	<title>Bảo đảm luôn cập nhật</title>
Lines 59-64 Link Here
59	chịu tác động bởi GLSA này.	59	chịu tác động bởi GLSA này.
60	</p>	60	</p>
61		61
		62	<impo>
		63	Chú ý rằng <c>emerge -vpuD world</c> sẽ không cập nhật mọi gói.
		64	Bạn cần dùng <c>glsa-check</c> để bảo đảm cập nhật tất cả các GLSA cho
		65	hệ thống.
		66	</impo>
		67
		68	<pre caption="Kiểm tra mọi GLSA">
		69	<comment>(Kiểm tra xem hệ thống có chịu tác động bởi GLSA hay không)</comment>
		70	# <i>glsa-check -t all</i>
		71	WARNING: This tool is completely new and not very tested, so it should not be
		72	used on production systems. It's mainly a test tool for the new GLSA release
		73	and distribution system, it's functionality will later be merged into emerge
		74	and equery.
		75	Please read http://www.gentoo.org/proj/en/portage/glsa-integration.xml
		76	before using this tool AND before reporting a bug.
		77
		78	[A] means this GLSA was already applied,
		79	[U] means the system is not affected and
		80	[N] indicates that the system might be affected.
		81
		82	200406-03 [N] sitecopy: Multiple vulnerabilities in included libneon ( net-misc/sitecopy )
		83	200406-04 [U] Mailman: Member password disclosure vulnerability ( net-mail/mailman )
		84	.......
		85	</pre>
		86
		87	<p>
		88	Nếu bạn nâng cấp một dịch vụ đang khởi động, đừng quên khởi động lại
		89	dịch vụ đó.
		90	</p>
		91
62	<p>	92	<p>
63	Vài người thích dùng <c>emerge packagename</c> thay vì <c>glsa-check	93	Vài người thích dùng <c>emerge packagename</c> thay vì <c>glsa-check
64	-f</c> để mọi GLSA được liệt kê dạng <c>[N]</c>.	94	-f</c> để mọi GLSA được liệt kê dạng <c>[N]</c>.