{"id":8927,"date":"2025-12-03T07:41:10","date_gmt":"2025-12-03T07:41:10","guid":{"rendered":"https:\/\/aborrego.inscastellbisbal.net\/?p=8927"},"modified":"2025-12-17T07:40:53","modified_gmt":"2025-12-17T07:40:53","slug":"eines-de-seguretat","status":"publish","type":"post","link":"https:\/\/aborrego.inscastellbisbal.net\/en\/2025\/12\/03\/eines-de-seguretat\/","title":{"rendered":"Eines de seguretat"},"content":{"rendered":"<div data-elementor-type=\"wp-post\" data-elementor-id=\"8927\" class=\"elementor elementor-8927\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-a17503a elementor-section-height-min-height elementor-section-items-top elementor-section-boxed elementor-section-height-default wpr-particle-no wpr-jarallax-no wpr-parallax-no wpr-sticky-section-no wpr-equal-height-no elementor-invisible\" data-id=\"a17503a\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;,&quot;animation&quot;:&quot;fadeIn&quot;,&quot;shape_divider_top&quot;:&quot;mountains&quot;}\">\n\t\t\t\t\t\t\t<div class=\"elementor-background-overlay\"><\/div>\n\t\t\t\t\t\t<div class=\"elementor-shape elementor-shape-top\" aria-hidden=\"true\" data-negative=\"false\">\n\t\t\t<svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" viewbox=\"0 0 1000 100\" preserveaspectratio=\"none\">\n\t<path class=\"elementor-shape-fill\" opacity=\"0.33\" d=\"M473,67.3c-203.9,88.3-263.1-34-320.3,0C66,119.1,0,59.7,0,59.7V0h1000v59.7 c0,0-62.1,26.1-94.9,29.3c-32.8,3.3-62.8-12.3-75.8-22.1C806,49.6,745.3,8.7,694.9,4.7S492.4,59,473,67.3z\"\/>\n\t<path class=\"elementor-shape-fill\" opacity=\"0.66\" d=\"M734,67.3c-45.5,0-77.2-23.2-129.1-39.1c-28.6-8.7-150.3-10.1-254,39.1 s-91.7-34.4-149.2,0C115.7,118.3,0,39.8,0,39.8V0h1000v36.5c0,0-28.2-18.5-92.1-18.5C810.2,18.1,775.7,67.3,734,67.3z\"\/>\n\t<path class=\"elementor-shape-fill\" d=\"M766.1,28.9c-200-57.5-266,65.5-395.1,19.5C242,1.8,242,5.4,184.8,20.6C128,35.8,132.3,44.9,89.9,52.5C28.6,63.7,0,0,0,0 h1000c0,0-9.9,40.9-83.6,48.1S829.6,47,766.1,28.9z\"\/>\n<\/svg>\t\t<\/div>\n\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-a863438\" data-id=\"a863438\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-e1f523b elementor-invisible elementor-widget elementor-widget-heading\" data-id=\"e1f523b\" data-element_type=\"widget\" data-e-type=\"widget\" data-settings=\"{&quot;_animation&quot;:&quot;fadeInUp&quot;,&quot;_animation_delay&quot;:500}\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h1 class=\"elementor-heading-title elementor-size-default\">Eines de seguretat<\/h1>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-73d2f30 elementor-widget elementor-widget-spacer\" data-id=\"73d2f30\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-6c9b082 elementor-widget elementor-widget-spacer\" data-id=\"6c9b082\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-951b584\" data-id=\"951b584\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-fd3b265 elementor-align-left elementor-widget elementor-widget-button\" data-id=\"fd3b265\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"button.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<div class=\"elementor-button-wrapper\">\n\t\t\t\t\t<a class=\"elementor-button elementor-button-link elementor-size-sm elementor-animation-float\" href=\"https:\/\/aborrego.inscastellbisbal.net\/en\/repte-2-2-makrosoft\/\">\n\t\t\t\t\t\t<span class=\"elementor-button-content-wrapper\">\n\t\t\t\t\t\t\t\t\t<span class=\"elementor-button-text\">Tornar al repte 2.2<\/span>\n\t\t\t\t\t<\/span>\n\t\t\t\t\t<\/a>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t<div class=\"elementor-element elementor-element-8bf3c14 e-flex e-con-boxed wpr-particle-no wpr-jarallax-no wpr-parallax-no wpr-sticky-section-no wpr-equal-height-no e-con e-parent\" data-id=\"8bf3c14\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-15d87ff elementor-widget elementor-widget-spacer\" data-id=\"15d87ff\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-ecfdeab elementor-widget elementor-widget-text-editor\" data-id=\"ecfdeab\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<h4 dir=\"auto\"><strong>Llista dels cinc tipus de programari malici\u00f3s (malware) m\u00e9s comuns i perillosos per a una empresa<\/strong><\/h4><p dir=\"auto\">Els tipus de malware m\u00e9s prevalents i perillosos per a les empreses inclouen variants sofisticades que combinen robatori de dades, control remot i extorsi\u00f3 financera. Aquests tipus no nom\u00e9s causen p\u00e8rdues econ\u00f2miques directes (com pagaments de rescat o downtime operatiu), sin\u00f3 que tamb\u00e9 comprometen la confidencialitat de dades sensibles i la reputaci\u00f3 corporativa.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-b478e43 e-grid e-con-boxed wpr-particle-no wpr-jarallax-no wpr-parallax-no wpr-sticky-section-no wpr-equal-height-no e-con e-parent\" data-id=\"b478e43\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-535e2e4 elementor-widget elementor-widget-text-editor\" data-id=\"535e2e4\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<h4 dir=\"auto\"><strong>Ransomware<\/strong><\/h4><p dir=\"auto\">Encripta fitxers i sistemes essencials, exigint un pagament (normalment en criptomonedes) per desbloquejar-los. Sovint es combina amb exfiltraci\u00f3 de dades per augmentar la pressi\u00f3.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-15d7877 elementor-widget elementor-widget-text-editor\" data-id=\"15d7877\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<h4 dir=\"auto\"><strong>Troians (incloent RATs &#8211; Remote Access Trojans)<\/strong><\/h4><p dir=\"auto\">Es disfressen com a software leg\u00edtim (ex.: actualitzacions o factures) per obtenir acc\u00e9s remot al sistema, permetent l&#8217;execuci\u00f3 de comandes malicioses.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-67b84e2 elementor-widget elementor-widget-text-editor\" data-id=\"67b84e2\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<h4 dir=\"auto\"><strong>Spyware\/Infostealers<\/strong><\/h4><p dir=\"auto\">Recopila informaci\u00f3 confidencial (credencials, sessions de navegaci\u00f3, dades personals) sense consentiment, sovint via keyloggers o capturadors de pantalla.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-cb10b8c elementor-widget elementor-widget-text-editor\" data-id=\"cb10b8c\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<h4 dir=\"auto\"><strong>Cryptojackers\/Miners<\/strong><\/h4><p dir=\"auto\">Utilitzen la pot\u00e8ncia de processament de l&#8217;ordinador infectat per minar criptomonedes en segon pla, sense que l&#8217;usuari ho noti immediatament.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-70c9de7 elementor-widget elementor-widget-text-editor\" data-id=\"70c9de7\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<h4 dir=\"auto\"><strong>Rootkits<\/strong><\/h4><p dir=\"auto\">S&#8217;amaguen profundament en el sistema operatiu per ocultar altres malware, evitant detecci\u00f3 i mantenint acc\u00e9s privilegiat.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-23b768a e-flex e-con-boxed wpr-particle-no wpr-jarallax-no wpr-parallax-no wpr-sticky-section-no wpr-equal-height-no e-con e-parent\" data-id=\"23b768a\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-6e89ae3 elementor-widget elementor-widget-text-editor\" data-id=\"6e89ae3\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<h4 dir=\"auto\"><strong>Selecci\u00f3 de l&#8217;Eina<\/strong><\/h4><p>Hem de triar una que sigui <strong>oficial i confiable<\/strong> per evitar riscos. Fonts oficials on siguin desc\u00e0rregues directes del fabricant, no de llocs sospitosos que podrien tenir malware.<\/p><p>Criteris per triar:<\/p><ul><li style=\"list-style-type: none;\"><ul dir=\"auto\"><li><strong>Cobertura \u00e0mplia:<\/strong> Ha de protegir contra molts tipus de malware (virus, troians, ransomware, spyware, rootkits, etc.), no nom\u00e9s virus b\u00e0sics.<\/li><li><strong>Actualitzacions autom\u00e0tiques:<\/strong> S&#8217;ha d&#8217;actualitzar sol per detectar amenaces noves (el malware evoluciona r\u00e0pidament!).<\/li><li><strong>F\u00e0cil d&#8217;usar:<\/strong> Per a empreses com Makrosoft, ha de ser integrable en VMs sense complicacions.<\/li><li><strong>Gratu\u00efta o baixa cost:<\/strong> Idealment gratu\u00efta per comen\u00e7ar.<\/li><\/ul><\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-4b5d9c7 e-flex e-con-boxed wpr-particle-no wpr-jarallax-no wpr-parallax-no wpr-sticky-section-no wpr-equal-height-no e-con e-parent\" data-id=\"4b5d9c7\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-20a2a3b elementor-widget elementor-widget-n-accordion\" data-id=\"20a2a3b\" data-element_type=\"widget\" data-e-type=\"widget\" data-settings=\"{&quot;default_state&quot;:&quot;expanded&quot;,&quot;max_items_expended&quot;:&quot;one&quot;,&quot;n_accordion_animation_duration&quot;:{&quot;unit&quot;:&quot;ms&quot;,&quot;size&quot;:400,&quot;sizes&quot;:[]}}\" data-widget_type=\"nested-accordion.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"e-n-accordion\" aria-label=\"Accordion. Open links with Enter or Space, close with Escape, and navigate with Arrow Keys\">\n\t\t\t\t\t\t<details id=\"e-n-accordion-item-3420\" class=\"e-n-accordion-item\" open>\n\t\t\t\t<summary class=\"e-n-accordion-item-title\" data-accordion-index=\"1\" tabindex=\"0\" aria-expanded=\"true\" aria-controls=\"e-n-accordion-item-3420\" >\n\t\t\t\t\t<span class='e-n-accordion-item-title-header'><div class=\"e-n-accordion-item-title-text\"> Seguretat a la pasarel\u00b7la <\/div><\/span>\n\t\t\t\t\t\t\t<span class='e-n-accordion-item-title-icon'>\n\t\t\t<span class='e-opened' ><svg aria-hidden=\"true\" class=\"e-font-icon-svg e-fas-minus\" viewbox=\"0 0 448 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M416 208H32c-17.67 0-32 14.33-32 32v32c0 17.67 14.33 32 32 32h384c17.67 0 32-14.33 32-32v-32c0-17.67-14.33-32-32-32z\"><\/path><\/svg><\/span>\n\t\t\t<span class='e-closed'><svg aria-hidden=\"true\" class=\"e-font-icon-svg e-fas-plus\" viewbox=\"0 0 448 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M416 208H272V64c0-17.67-14.33-32-32-32h-32c-17.67 0-32 14.33-32 32v144H32c-17.67 0-32 14.33-32 32v32c0 17.67 14.33 32 32 32h144v144c0 17.67 14.33 32 32 32h32c17.67 0 32-14.33 32-32V304h144c17.67 0 32-14.33 32-32v-32c0-17.67-14.33-32-32-32z\"><\/path><\/svg><\/span>\n\t\t<\/span>\n\n\t\t\t\t\t\t<\/summary>\n\t\t\t\t<div role=\"region\" aria-labelledby=\"e-n-accordion-item-3420\" class=\"elementor-element elementor-element-1e50a84 e-con-full e-flex wpr-particle-no wpr-jarallax-no wpr-parallax-no wpr-sticky-section-no wpr-equal-height-no e-con e-child\" data-id=\"1e50a84\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t<div role=\"region\" aria-labelledby=\"e-n-accordion-item-3420\" class=\"elementor-element elementor-element-ba10f1f e-flex e-con-boxed wpr-particle-no wpr-jarallax-no wpr-parallax-no wpr-sticky-section-no wpr-equal-height-no e-con e-child\" data-id=\"ba10f1f\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-6ed11a3 elementor-widget elementor-widget-text-editor\" data-id=\"6ed11a3\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<h4 dir=\"auto\"><strong>1: Antivirus &#8211; Recomanaci\u00f3: ClamAV<\/strong><\/h4>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-e09517a elementor-widget elementor-widget-text-editor\" data-id=\"e09517a\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><strong>Instal\u00b7laci\u00f3 i configuraci\u00f3<\/strong><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-93f520d elementor-widget__width-initial elementor-widget elementor-widget-code-block-for-elementor\" data-id=\"93f520d\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"code-block-for-elementor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<pre class='line-numbers theme-okaidia' data-show-toolbar='yes'><code class='language-javascript'>sudo apt install clamav clamav-daemon -y<\/code><\/pre>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-d8e4992 elementor-widget elementor-widget-text-editor\" data-id=\"d8e4992\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p dir=\"auto\"><strong>Actualitza la base de dades de virus (pot trigar una mica la primera vegada).<\/strong><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-6d8fba4 elementor-widget__width-initial elementor-widget elementor-widget-code-block-for-elementor\" data-id=\"6d8fba4\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"code-block-for-elementor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<pre class='line-numbers theme-okaidia' data-show-toolbar='yes'><code class='language-javascript'>sudo freshclam<\/code><\/pre>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-262d981 elementor-widget elementor-widget-text-editor\" data-id=\"262d981\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p dir=\"auto\">Escaneja tot el sistema (escaneja tot, pot trigar hores; afegeix -i per nom\u00e9s mostrar infectats).<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-ddf10ca elementor-widget__width-initial elementor-widget elementor-widget-code-block-for-elementor\" data-id=\"ddf10ca\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"code-block-for-elementor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<pre class='line-numbers theme-okaidia' data-show-toolbar='yes'><code class='language-javascript'>sudo clamscan -r \/<\/code><\/pre>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-6a4dc28 elementor-widget elementor-widget-text-editor\" data-id=\"6a4dc28\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p dir=\"auto\">Solucionar els errors t\u00edpics<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-fbed0ad elementor-widget elementor-widget-code-block-for-elementor\" data-id=\"fbed0ad\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"code-block-for-elementor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<pre class='line-numbers theme-okaidia' data-show-toolbar='yes'><code class='language-javascript'># Crea el directori que li falta\nsudo mkdir -p \/var\/lib\/clamav\nsudo chown clamav:clamav \/var\/lib\/clamav\n\n# Arregla permisos dels logs\nsudo touch \/var\/log\/clamav\/freshclam.log\nsudo chown clamav:clamav \/var\/log\/clamav\/*.log\nsudo chmod 664 \/var\/log\/clamav\/*.log\n\n# Desactiva el log de freshclam per evitar el fam&oacute;s error de &quot;lock&quot;\nsudo sed -i &#039;s\/^UpdateLogFile.*\/#UpdateLogFile\/&#039; \/etc\/clamav\/freshclam.conf<\/code><\/pre>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div role=\"region\" aria-labelledby=\"e-n-accordion-item-3420\" class=\"elementor-element elementor-element-a256060 e-con-full e-flex wpr-particle-no wpr-jarallax-no wpr-parallax-no wpr-sticky-section-no wpr-equal-height-no e-con e-child\" data-id=\"a256060\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-7c53f26 elementor-widget elementor-widget-text-editor\" data-id=\"7c53f26\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<h4 dir=\"auto\"><strong>2. Esc\u00e0ner de Vulnerabilitats &#8211; Recomanaci\u00f3: Lynis<\/strong><\/h4>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-cfce787 elementor-widget elementor-widget-text-editor\" data-id=\"cfce787\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><strong>Instal\u00b7laci\u00f3 i configuraci\u00f3<\/strong><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-7d3a0c4 elementor-widget__width-initial elementor-widget elementor-widget-code-block-for-elementor\" data-id=\"7d3a0c4\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"code-block-for-elementor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<pre class='line-numbers theme-okaidia' data-show-toolbar='yes'><code class='language-javascript'>sudo apt install lynis -y.<\/code><\/pre>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-6f88302 elementor-widget elementor-widget-text-editor\" data-id=\"6f88302\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p dir=\"auto\"><strong>Executa un escaneig<\/strong><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-9a7cf86 elementor-widget__width-initial elementor-widget elementor-widget-code-block-for-elementor\" data-id=\"9a7cf86\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"code-block-for-elementor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<pre class='line-numbers theme-okaidia' data-show-toolbar='yes'><code class='language-javascript'>sudo lynis audit system<\/code><\/pre>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-6c32c55 elementor-widget elementor-widget-text-editor\" data-id=\"6c32c55\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p dir=\"auto\">El Lynis que tenim instal\u00b7lat amb apt install lynis a Ubuntu\/Debian \u00e9s una versi\u00f3 una mica antiga i no t\u00e9 les comandes lynis show \u2026 (van apar\u00e8ixer a partir de la 3.0).<\/p><p dir=\"auto\">Per\u00f2 <strong>no cal reinstal\u00b7lar res<\/strong>. Amb la versi\u00f3 que tenim (la m\u00e9s normal) els resultats es veuen aix\u00ed de f\u00e0cil:<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-7e9cb56 elementor-widget__width-initial elementor-widget elementor-widget-code-block-for-elementor\" data-id=\"7e9cb56\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"code-block-for-elementor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<pre class='line-numbers theme-okaidia' data-show-toolbar='yes'><code class='language-javascript'># Nom&eacute;s les l&iacute;nies amb advert&egrave;ncies greus\ngrep -A2 -B2 &quot;warning&quot; \/var\/log\/lynis.log | grep -v &quot;^--&quot;\n\n# Nom&eacute;s les sugger&egrave;ncies\ngrep -A2 -B2 &quot;suggestion&quot; \/var\/log\/lynis.log | grep -v &quot;^--&quot;<\/code><\/pre>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-96d8a0c elementor-widget elementor-widget-image\" data-id=\"96d8a0c\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img fetchpriority=\"high\" decoding=\"async\" width=\"954\" height=\"121\" src=\"https:\/\/aborrego.inscastellbisbal.net\/wp-content\/uploads\/2025\/12\/Selection_022.png\" class=\"attachment-large size-large wp-image-8978\" alt=\"\" srcset=\"https:\/\/aborrego.inscastellbisbal.net\/wp-content\/uploads\/2025\/12\/Selection_022.png 954w, https:\/\/aborrego.inscastellbisbal.net\/wp-content\/uploads\/2025\/12\/Selection_022-300x38.png 300w, https:\/\/aborrego.inscastellbisbal.net\/wp-content\/uploads\/2025\/12\/Selection_022-768x97.png 768w\" sizes=\"(max-width: 954px) 100vw, 954px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-2fa6863 elementor-widget elementor-widget-text-editor\" data-id=\"2fa6863\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<ul><li>No tenim <strong>cap warning real<\/strong> (l\u2019\u00fanica cosa que surt \u00e9s un test de Docker que s\u2019ha saltat perqu\u00e8 no tens Docker instal\u00b7lat \u2192 \u00e9s normal i no \u00e9s cap problema).<\/li><li>No tenim <strong>cap suggestion<\/strong> tampoc (la segona comanda no ha tret res).<\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/details>\n\t\t\t\t\t\t<details id=\"e-n-accordion-item-3421\" class=\"e-n-accordion-item\" >\n\t\t\t\t<summary class=\"e-n-accordion-item-title\" data-accordion-index=\"2\" tabindex=\"-1\" aria-expanded=\"false\" aria-controls=\"e-n-accordion-item-3421\" >\n\t\t\t\t\t<span class='e-n-accordion-item-title-header'><div class=\"e-n-accordion-item-title-text\"> Seguretat en un servidor Debian com a DNS Master <\/div><\/span>\n\t\t\t\t\t\t\t<span class='e-n-accordion-item-title-icon'>\n\t\t\t<span class='e-opened' ><svg aria-hidden=\"true\" class=\"e-font-icon-svg e-fas-minus\" viewbox=\"0 0 448 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M416 208H32c-17.67 0-32 14.33-32 32v32c0 17.67 14.33 32 32 32h384c17.67 0 32-14.33 32-32v-32c0-17.67-14.33-32-32-32z\"><\/path><\/svg><\/span>\n\t\t\t<span class='e-closed'><svg aria-hidden=\"true\" class=\"e-font-icon-svg e-fas-plus\" viewbox=\"0 0 448 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M416 208H272V64c0-17.67-14.33-32-32-32h-32c-17.67 0-32 14.33-32 32v144H32c-17.67 0-32 14.33-32 32v32c0 17.67 14.33 32 32 32h144v144c0 17.67 14.33 32 32 32h32c17.67 0 32-14.33 32-32V304h144c17.67 0 32-14.33 32-32v-32c0-17.67-14.33-32-32-32z\"><\/path><\/svg><\/span>\n\t\t<\/span>\n\n\t\t\t\t\t\t<\/summary>\n\t\t\t\t<div role=\"region\" aria-labelledby=\"e-n-accordion-item-3421\" class=\"elementor-element elementor-element-63f9100 e-con-full e-flex wpr-particle-no wpr-jarallax-no wpr-parallax-no wpr-sticky-section-no wpr-equal-height-no e-con e-child\" data-id=\"63f9100\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-d25850c elementor-widget elementor-widget-text-editor\" data-id=\"d25850c\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<h4 dir=\"auto\"><strong>Actualitzaci\u00f3 i Eliminaci\u00f3 de Programari Innecessari (Manteniment)<\/strong><\/h4><p>Actualitzar el sistema Eliminar programari no utilitzat<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-f89278c elementor-widget elementor-widget-code-block-for-elementor\" data-id=\"f89278c\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"code-block-for-elementor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<pre class='line-numbers theme-okaidia' data-show-toolbar='yes'><code class='language-javascript'>sudo apt update &amp;&amp; sudo apt upgrade\nsudo apt autoremove<\/code><\/pre>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3cc64be elementor-widget elementor-widget-text-editor\" data-id=\"3cc64be\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<h4><strong>Configuraci\u00f3 del Tallafoc (Firewall) (Protecci\u00f3 de la Xarxa)<\/strong><\/h4><p data-path-to-node=\"13\">El tallafoc \u00e9s l&#8217;eina essencial per filtrar el tr\u00e0nsit de xarxa.<\/p><ul data-path-to-node=\"14\"><li><p data-path-to-node=\"14,0,0\"><b>Debian<\/b> tradicionalment usava <b>iptables<\/b> per\u00f2 \u00e9s com\u00fa utilitzar <b>nftables<\/b> o <b>UFW<\/b> (Uncomplicated Firewall) com a interf\u00edcie simplificada.<\/p><\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-e75d122 elementor-widget elementor-widget-code-block-for-elementor\" data-id=\"e75d122\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"code-block-for-elementor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<pre class='line-numbers theme-okaidia' data-show-toolbar='yes'><code class='language-javascript'># Instal&middot;lar\nsudo apt install ufw\n# Denegar tot per defecte\nsudo ufw default deny incoming\n# Permetre connexions SSH (Port 22)\nsudo ufw allow ssh\n# Activar el firewall\nsudo ufw enable<\/code><\/pre>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-c8958b4 elementor-widget elementor-widget-image\" data-id=\"c8958b4\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" width=\"655\" height=\"274\" src=\"https:\/\/aborrego.inscastellbisbal.net\/wp-content\/uploads\/2025\/12\/Selection_054.png\" class=\"attachment-large size-large wp-image-9086\" alt=\"\" srcset=\"https:\/\/aborrego.inscastellbisbal.net\/wp-content\/uploads\/2025\/12\/Selection_054.png 655w, https:\/\/aborrego.inscastellbisbal.net\/wp-content\/uploads\/2025\/12\/Selection_054-300x125.png 300w\" sizes=\"(max-width: 655px) 100vw, 655px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-493edaf elementor-widget elementor-widget-text-editor\" data-id=\"493edaf\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<h4><strong>Eines d&#8217;Auditoria i Monitoritzaci\u00f3<\/strong><\/h4><p data-path-to-node=\"16\">Aquestes eines ajuden a supervisar i a registrar l&#8217;activitat.<\/p><h5 data-path-to-node=\"17\"><strong>Audit Framework<\/strong><\/h5><p>El <i>Linux Audit Framework<\/i> (amb el dimoni <code>auditd<\/code>) permet registrar un gran detall d&#8217;esdeveniments.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-adb209d elementor-widget elementor-widget-code-block-for-elementor\" data-id=\"adb209d\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"code-block-for-elementor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<pre class='line-numbers theme-okaidia' data-show-toolbar='yes'><code class='language-javascript'>sudo dnf install audit<\/code><\/pre>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-e69057f elementor-widget elementor-widget-text-editor\" data-id=\"e69057f\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Configureu regles a <code>\/etc\/audit\/rules.d\/audit.rules<\/code> per monitoritzar acc\u00e9s a fitxers sensibles, execuci\u00f3 de programes, etc<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-d608587 elementor-widget elementor-widget-image\" data-id=\"d608587\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" width=\"698\" height=\"486\" src=\"https:\/\/aborrego.inscastellbisbal.net\/wp-content\/uploads\/2025\/12\/Selection_057.png\" class=\"attachment-large size-large wp-image-9094\" alt=\"\" srcset=\"https:\/\/aborrego.inscastellbisbal.net\/wp-content\/uploads\/2025\/12\/Selection_057.png 698w, https:\/\/aborrego.inscastellbisbal.net\/wp-content\/uploads\/2025\/12\/Selection_057-300x209.png 300w\" sizes=\"(max-width: 698px) 100vw, 698px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-42e4eba elementor-widget elementor-widget-text-editor\" data-id=\"42e4eba\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<h4><strong>Regles d&#8217;Auditoria Essencials<\/strong><\/h4><p data-path-to-node=\"16\">Crea un fitxer de regles personalitzat;<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-0aeead4 elementor-widget elementor-widget-code-block-for-elementor\" data-id=\"0aeead4\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"code-block-for-elementor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<pre class='line-numbers theme-okaidia' data-show-toolbar='yes'><code class='language-javascript'>sudo vim \/etc\/audit\/rules.d\/custom.rules<\/code><\/pre>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-12e46b8 elementor-widget elementor-widget-text-editor\" data-id=\"12e46b8\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<h5><strong>Regles recomanades per comen\u00e7ar<\/strong><\/h5>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-6549cdb elementor-widget elementor-widget-code-block-for-elementor\" data-id=\"6549cdb\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"code-block-for-elementor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<pre class='line-numbers theme-okaidia' data-show-toolbar='yes'><code class='language-javascript'>2. Monitoritzar canvis en configuraci&oacute; sudo\n-w \/etc\/sudoers -p wa -k sudoers_changes\n-w \/etc\/sudoers.d\/ -p wa -k sudoers_changes\n\n# 3. Monitoritzar canvis en configuraci&oacute; SSH\n-w \/etc\/ssh\/sshd_config -p wa -k sshd_config\n\n# 4. Monitoritzar canvis en configuraci&oacute; de xarxa\n-w \/etc\/network\/ -p wa -k network_changes\n-w \/etc\/sysconfig\/network-scripts\/ -p wa -k network_changes\n\n# 5. Monitoritzar &uacute;s de sudo\n-a always,exit -F arch=b64 -S execve -F euid=0 -F auid&gt;=1000 -F auid!=-1 -k elevated_commands\n-a always,exit -F arch=b32 -S execve -F euid=0 -F auid&gt;=1000 -F auid!=-1 -k elevated_commands\n<\/code><\/pre>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-b71e207 elementor-widget elementor-widget-text-editor\" data-id=\"b71e207\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<h5><strong>Aplicar les Regles<\/strong><\/h5>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-80d9684 elementor-widget elementor-widget-code-block-for-elementor\" data-id=\"80d9684\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"code-block-for-elementor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<pre class='line-numbers theme-okaidia' data-show-toolbar='yes'><code class='language-javascript'># Recarregar regles\nsudo augenrules --load\n\n# Reiniciar el servei\nsudo systemctl restart auditd\n\n# Verificar que les regles s&#039;han carregat\nsudo auditctl -l<\/code><\/pre>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-ebb5543 elementor-widget elementor-widget-text-editor\" data-id=\"ebb5543\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p data-path-to-node=\"16\">Un cop carregades les regles correctament:<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-a2d52ac elementor-widget elementor-widget-code-block-for-elementor\" data-id=\"a2d52ac\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"code-block-for-elementor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<pre class='line-numbers theme-okaidia' data-show-toolbar='yes'><code class='language-javascript'>sudo systemctl restart auditd\n\n# Verificar estat\nsudo systemctl status auditd<\/code><\/pre>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3691294 elementor-widget elementor-widget-image\" data-id=\"3691294\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"689\" height=\"503\" src=\"https:\/\/aborrego.inscastellbisbal.net\/wp-content\/uploads\/2025\/12\/Selection_062.png\" class=\"attachment-large size-large wp-image-9097\" alt=\"\" srcset=\"https:\/\/aborrego.inscastellbisbal.net\/wp-content\/uploads\/2025\/12\/Selection_062.png 689w, https:\/\/aborrego.inscastellbisbal.net\/wp-content\/uploads\/2025\/12\/Selection_062-300x219.png 300w\" sizes=\"(max-width: 689px) 100vw, 689px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/details>\n\t\t\t\t\t\t<details id=\"e-n-accordion-item-3422\" class=\"e-n-accordion-item\" >\n\t\t\t\t<summary class=\"e-n-accordion-item-title\" data-accordion-index=\"3\" tabindex=\"-1\" aria-expanded=\"false\" aria-controls=\"e-n-accordion-item-3422\" >\n\t\t\t\t\t<span class='e-n-accordion-item-title-header'><div class=\"e-n-accordion-item-title-text\"> Seguretat m\u00e0quina Windows 2019 (AD) <\/div><\/span>\n\t\t\t\t\t\t\t<span class='e-n-accordion-item-title-icon'>\n\t\t\t<span class='e-opened' ><svg aria-hidden=\"true\" class=\"e-font-icon-svg e-fas-minus\" viewbox=\"0 0 448 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M416 208H32c-17.67 0-32 14.33-32 32v32c0 17.67 14.33 32 32 32h384c17.67 0 32-14.33 32-32v-32c0-17.67-14.33-32-32-32z\"><\/path><\/svg><\/span>\n\t\t\t<span class='e-closed'><svg aria-hidden=\"true\" class=\"e-font-icon-svg e-fas-plus\" viewbox=\"0 0 448 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M416 208H272V64c0-17.67-14.33-32-32-32h-32c-17.67 0-32 14.33-32 32v144H32c-17.67 0-32 14.33-32 32v32c0 17.67 14.33 32 32 32h144v144c0 17.67 14.33 32 32 32h32c17.67 0 32-14.33 32-32V304h144c17.67 0 32-14.33 32-32v-32c0-17.67-14.33-32-32-32z\"><\/path><\/svg><\/span>\n\t\t<\/span>\n\n\t\t\t\t\t\t<\/summary>\n\t\t\t\t<div role=\"region\" aria-labelledby=\"e-n-accordion-item-3422\" class=\"elementor-element elementor-element-c4c5cc6 e-flex e-con-boxed wpr-particle-no wpr-jarallax-no wpr-parallax-no wpr-sticky-section-no wpr-equal-height-no e-con e-child\" data-id=\"c4c5cc6\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-c031b15 elementor-widget elementor-widget-text-editor\" data-id=\"c031b15\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<h4 dir=\"auto\"><strong>Selecci\u00f3 de l&#8217;Eina<\/strong><\/h4><p dir=\"auto\">Les eines escollides milloren la detecci\u00f3 sense tocar l&#8217;esquema. Evita eines de tercers invasives que puguin requerir agents que interfereixin amb replicacions o autenticacions Kerberos.<\/p><p dir=\"auto\">\u00a0<\/p><p dir=\"auto\">Per\u00f2, <strong>riscos<\/strong>: Eines mal configurades poden generar massa logs (sobrec\u00e0rrega de CPU\/disk), interferir amb replicacions AD o causar inestabilitat si modifiquen components cr\u00edtics com l&#8217;esquema AD. Per aix\u00f2, recomanem eines lleugeres, provar en un entorn de test si possible, i monitorar el rendiment del servidor (usant PerfMon o Task Manager).<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-160c948 elementor-widget elementor-widget-text-editor\" data-id=\"160c948\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<h5 dir=\"auto\"><strong>Utilitzades<\/strong><\/h5><ul><li><strong>Pol\u00edtiques d&#8217;Auditoria Avan\u00e7ada<\/strong>: Built-in en Windows, permet registrar esdeveniments espec\u00edfics sense instal\u00b7lacions addicionals.<\/li><li><strong>Sysmon (System Monitor)<\/strong>: Eina gratu\u00efta de Sysinternals per registrar activitats detallades com creacions de processos, connexions de xarxa i c\u00e0rregues de drivers. \u00c9s lleugera, per\u00f2 requereix configuraci\u00f3 per evitar soroll excessiu.<\/li><li><strong>Visualitzador d&#8217;Esdeveniments (Event Viewer)<\/strong>: Per revisar els logs generats.<\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/details>\n\t\t\t\t\t\t<details id=\"e-n-accordion-item-3423\" class=\"e-n-accordion-item\" >\n\t\t\t\t<summary class=\"e-n-accordion-item-title\" data-accordion-index=\"4\" tabindex=\"-1\" aria-expanded=\"false\" aria-controls=\"e-n-accordion-item-3423\" >\n\t\t\t\t\t<span class='e-n-accordion-item-title-header'><div class=\"e-n-accordion-item-title-text\"> Seguretat a servidor SAMBA <\/div><\/span>\n\t\t\t\t\t\t\t<span class='e-n-accordion-item-title-icon'>\n\t\t\t<span class='e-opened' ><svg aria-hidden=\"true\" class=\"e-font-icon-svg e-fas-minus\" viewbox=\"0 0 448 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M416 208H32c-17.67 0-32 14.33-32 32v32c0 17.67 14.33 32 32 32h384c17.67 0 32-14.33 32-32v-32c0-17.67-14.33-32-32-32z\"><\/path><\/svg><\/span>\n\t\t\t<span class='e-closed'><svg aria-hidden=\"true\" class=\"e-font-icon-svg e-fas-plus\" viewbox=\"0 0 448 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M416 208H272V64c0-17.67-14.33-32-32-32h-32c-17.67 0-32 14.33-32 32v144H32c-17.67 0-32 14.33-32 32v32c0 17.67 14.33 32 32 32h144v144c0 17.67 14.33 32 32 32h32c17.67 0 32-14.33 32-32V304h144c17.67 0 32-14.33 32-32v-32c0-17.67-14.33-32-32-32z\"><\/path><\/svg><\/span>\n\t\t<\/span>\n\n\t\t\t\t\t\t<\/summary>\n\t\t\t\t<div role=\"region\" aria-labelledby=\"e-n-accordion-item-3423\" class=\"elementor-element elementor-element-3a159e9 e-flex e-con-boxed wpr-particle-no wpr-jarallax-no wpr-parallax-no wpr-sticky-section-no wpr-equal-height-no e-con e-child\" data-id=\"3a159e9\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-60cf96e elementor-widget elementor-widget-text-editor\" data-id=\"60cf96e\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<h4 dir=\"auto\"><strong>Configuraci\u00f3 i activaci\u00f3 d&#8217;UFW per Samba<\/strong><\/h4><p dir=\"auto\">Troba el teu rang de xarxa local (per restringir l&#8217;acc\u00e9s nom\u00e9s a la teva LAN, m\u00e9s segur) i permet Samba nom\u00e9s des de la teva xarxa local:<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-672905d elementor-widget elementor-widget-code-block-for-elementor\" data-id=\"672905d\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"code-block-for-elementor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<pre class='line-numbers theme-okaidia' data-show-toolbar='yes'><code class='language-javascript'>ip route | grep default\nsudo ufw allow from 192.168.1.0\/24 to any app Samba<\/code><\/pre>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-4a738c5 elementor-widget elementor-widget-text-editor\" data-id=\"4a738c5\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p dir=\"auto\">Si accedeixes per SSH (per no bloquejar-te):<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-080765b elementor-widget elementor-widget-code-block-for-elementor\" data-id=\"080765b\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"code-block-for-elementor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<pre class='line-numbers theme-okaidia' data-show-toolbar='yes'><code class='language-javascript'>sudo ufw allow OpenSSH<\/code><\/pre>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-dc1484d elementor-widget elementor-widget-text-editor\" data-id=\"dc1484d\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p dir=\"auto\">Activa logging (per veure qu\u00e8 passa si hi ha problemes):<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-b69e969 elementor-widget elementor-widget-code-block-for-elementor\" data-id=\"b69e969\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"code-block-for-elementor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<pre class='line-numbers theme-okaidia' data-show-toolbar='yes'><code class='language-javascript'>sudo ufw logging on<\/code><\/pre>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5d637a8 elementor-widget elementor-widget-text-editor\" data-id=\"5d637a8\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p dir=\"auto\">Activa UFW i comprova l&#8217;estat:<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-86e68ee elementor-widget elementor-widget-code-block-for-elementor\" data-id=\"86e68ee\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"code-block-for-elementor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<pre class='line-numbers theme-okaidia' data-show-toolbar='yes'><code class='language-javascript'>sudo ufw enable\nsudo ufw status verbose<\/code><\/pre>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-6ea6e04 elementor-widget elementor-widget-text-editor\" data-id=\"6ea6e04\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<h4 dir=\"auto\"><strong>Comprovacions que Samba funcioni amb UFW<\/strong><\/h4><p dir=\"auto\">Reinicia els serveis Samba. I des del servidor (local)<\/p><p dir=\"auto\">Hauria de llistar les teves shares.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-76ad3a2 elementor-widget elementor-widget-code-block-for-elementor\" data-id=\"76ad3a2\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"code-block-for-elementor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<pre class='line-numbers theme-okaidia' data-show-toolbar='yes'><code class='language-javascript'>sudo systemctl restart smbd nmbd\nsmbclient -L localhost -U%<\/code><\/pre>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-79df8b6 elementor-widget elementor-widget-image\" data-id=\"79df8b6\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"687\" height=\"709\" src=\"https:\/\/aborrego.inscastellbisbal.net\/wp-content\/uploads\/2025\/12\/Selection_038.png\" class=\"attachment-large size-large wp-image-9032\" alt=\"\" srcset=\"https:\/\/aborrego.inscastellbisbal.net\/wp-content\/uploads\/2025\/12\/Selection_038.png 687w, https:\/\/aborrego.inscastellbisbal.net\/wp-content\/uploads\/2025\/12\/Selection_038-291x300.png 291w\" sizes=\"(max-width: 687px) 100vw, 687px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-f22cd56 elementor-widget elementor-widget-text-editor\" data-id=\"f22cd56\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<h4 dir=\"auto\"><strong>Instal\u00b7lem Fail2Ban<\/strong><\/h4><p dir=\"auto\">Fail2Ban bloqueja IPs que intenten molts logins fallits a Samba (brute force).<\/p><p>\u00a0<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-51f3d74 elementor-widget elementor-widget-text-editor\" data-id=\"51f3d74\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p dir=\"auto\">Instal\u00b7la:<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-40ff277 elementor-widget elementor-widget-code-block-for-elementor\" data-id=\"40ff277\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"code-block-for-elementor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<pre class='line-numbers theme-okaidia' data-show-toolbar='yes'><code class='language-javascript'>sudo apt install fail2ban -y<\/code><\/pre>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-da219ba elementor-widget elementor-widget-text-editor\" data-id=\"da219ba\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p dir=\"auto\">Activa el jail per Samba (crea un fitxer espec\u00edfic per no tocar el principal):<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5380f0c elementor-widget elementor-widget-code-block-for-elementor\" data-id=\"5380f0c\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"code-block-for-elementor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<pre class='line-numbers theme-okaidia' data-show-toolbar='yes'><code class='language-javascript'>sudo nano \/etc\/fail2ban\/jail.d\/samba.local<\/code><\/pre>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-a935b63 elementor-widget elementor-widget-image\" data-id=\"a935b63\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"555\" height=\"222\" src=\"https:\/\/aborrego.inscastellbisbal.net\/wp-content\/uploads\/2025\/12\/Selection_039.png\" class=\"attachment-large size-large wp-image-9033\" alt=\"\" srcset=\"https:\/\/aborrego.inscastellbisbal.net\/wp-content\/uploads\/2025\/12\/Selection_039.png 555w, https:\/\/aborrego.inscastellbisbal.net\/wp-content\/uploads\/2025\/12\/Selection_039-300x120.png 300w\" sizes=\"(max-width: 555px) 100vw, 555px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3738aaf elementor-widget elementor-widget-text-editor\" data-id=\"3738aaf\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p dir=\"auto\">Reinicia Fail2Ban i verifica:<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-dc8390e elementor-widget elementor-widget-code-block-for-elementor\" data-id=\"dc8390e\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"code-block-for-elementor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<pre class='line-numbers theme-okaidia' data-show-toolbar='yes'><code class='language-javascript'>sudo systemctl restart fail2ban\nsudo fail2ban-client status samba<\/code><\/pre>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/details>\n\t\t\t\t\t\t<details id=\"e-n-accordion-item-3424\" class=\"e-n-accordion-item\" >\n\t\t\t\t<summary class=\"e-n-accordion-item-title\" data-accordion-index=\"5\" tabindex=\"-1\" aria-expanded=\"false\" aria-controls=\"e-n-accordion-item-3424\" >\n\t\t\t\t\t<span class='e-n-accordion-item-title-header'><div class=\"e-n-accordion-item-title-text\"> Seguretat al servidor de correu <\/div><\/span>\n\t\t\t\t\t\t\t<span class='e-n-accordion-item-title-icon'>\n\t\t\t<span class='e-opened' ><svg aria-hidden=\"true\" class=\"e-font-icon-svg e-fas-minus\" viewbox=\"0 0 448 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M416 208H32c-17.67 0-32 14.33-32 32v32c0 17.67 14.33 32 32 32h384c17.67 0 32-14.33 32-32v-32c0-17.67-14.33-32-32-32z\"><\/path><\/svg><\/span>\n\t\t\t<span class='e-closed'><svg aria-hidden=\"true\" class=\"e-font-icon-svg e-fas-plus\" viewbox=\"0 0 448 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M416 208H272V64c0-17.67-14.33-32-32-32h-32c-17.67 0-32 14.33-32 32v144H32c-17.67 0-32 14.33-32 32v32c0 17.67 14.33 32 32 32h144v144c0 17.67 14.33 32 32 32h32c17.67 0 32-14.33 32-32V304h144c17.67 0 32-14.33 32-32v-32c0-17.67-14.33-32-32-32z\"><\/path><\/svg><\/span>\n\t\t<\/span>\n\n\t\t\t\t\t\t<\/summary>\n\t\t\t\t<div role=\"region\" aria-labelledby=\"e-n-accordion-item-3424\" class=\"elementor-element elementor-element-d7b38f7 e-flex e-con-boxed wpr-particle-no wpr-jarallax-no wpr-parallax-no wpr-sticky-section-no wpr-equal-height-no e-con e-child\" data-id=\"d7b38f7\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-d29ba98 elementor-widget elementor-widget-text-editor\" data-id=\"d29ba98\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<h4 dir=\"auto\"><strong>Actualitzaci\u00f3 i Eliminaci\u00f3 de Programari Innecessari (Manteniment)<\/strong><\/h4><p>Actualitzar el sistema Eliminar programari no utilitzat<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-a60d09c elementor-widget elementor-widget-code-block-for-elementor\" data-id=\"a60d09c\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"code-block-for-elementor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<pre class='line-numbers theme-okaidia' data-show-toolbar='yes'><code class='language-javascript'>sudo dnf update\nsudo dnf autoremove<\/code><\/pre>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-0b2e1e1 elementor-widget elementor-widget-text-editor\" data-id=\"0b2e1e1\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<h4><strong>Configuraci\u00f3 del Tallafoc (Firewall) (Protecci\u00f3 de la Xarxa)<\/strong><\/h4><p data-path-to-node=\"13\">El tallafoc \u00e9s l&#8217;eina essencial per filtrar el tr\u00e0nsit de xarxa.<\/p><ul data-path-to-node=\"14\"><li><p data-path-to-node=\"14,0,0\"><b>Rocky Linux<\/b> utilitza <b>Firewalld<\/b> per defecte.<\/p><\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-40c0f81 elementor-widget elementor-widget-code-block-for-elementor\" data-id=\"40c0f81\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"code-block-for-elementor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<pre class='line-numbers theme-okaidia' data-show-toolbar='yes'><code class='language-javascript'># Assegurar-se que el servei est&agrave; actiu\nsudo systemctl enable firewalld --now\n# Mostrar l&#039;estat i zones\nsudo firewall-cmd --get-active-zones\n# Permetre el servei SSH permanentment\nsudo firewall-cmd --zone=public --add-service=ssh --permanent\n# Recarregar les regles\nsudo firewall-cmd --reload\n# Opcional: Bloquejar tots els ports excepte els necessaris\n# (Firewalld bloqueja per defecte, nom&eacute;s cal afegir els permesos)<\/code><\/pre>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-0150739 elementor-widget elementor-widget-image\" data-id=\"0150739\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"651\" height=\"221\" src=\"https:\/\/aborrego.inscastellbisbal.net\/wp-content\/uploads\/2025\/12\/Selection_055.png\" class=\"attachment-large size-large wp-image-9088\" alt=\"\" srcset=\"https:\/\/aborrego.inscastellbisbal.net\/wp-content\/uploads\/2025\/12\/Selection_055.png 651w, https:\/\/aborrego.inscastellbisbal.net\/wp-content\/uploads\/2025\/12\/Selection_055-300x102.png 300w\" sizes=\"(max-width: 651px) 100vw, 651px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-f443430 elementor-widget elementor-widget-text-editor\" data-id=\"f443430\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<h4><strong>Eines d&#8217;Auditoria i Monitoritzaci\u00f3<\/strong><\/h4><p data-path-to-node=\"16\">Aquestes eines ajuden a supervisar i a registrar l&#8217;activitat.<\/p><h5 data-path-to-node=\"17\"><strong>Audit Framework<\/strong><\/h5><p>El <i>Linux Audit Framework<\/i> (amb el dimoni <code>auditd<\/code>) permet registrar un gran detall d&#8217;esdeveniments.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-224ff14 elementor-widget elementor-widget-code-block-for-elementor\" data-id=\"224ff14\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"code-block-for-elementor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<pre class='line-numbers theme-okaidia' data-show-toolbar='yes'><code class='language-javascript'>sudo dnf install audit<\/code><\/pre>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-6d6167a elementor-widget elementor-widget-text-editor\" data-id=\"6d6167a\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Configureu regles a <code>\/etc\/audit\/rules.d\/audit.rules<\/code> per monitoritzar acc\u00e9s a fitxers sensibles, execuci\u00f3 de programes, etc<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-a95787e elementor-widget elementor-widget-image\" data-id=\"a95787e\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"677\" height=\"522\" src=\"https:\/\/aborrego.inscastellbisbal.net\/wp-content\/uploads\/2025\/12\/Selection_056.png\" class=\"attachment-large size-large wp-image-9095\" alt=\"\" srcset=\"https:\/\/aborrego.inscastellbisbal.net\/wp-content\/uploads\/2025\/12\/Selection_056.png 677w, https:\/\/aborrego.inscastellbisbal.net\/wp-content\/uploads\/2025\/12\/Selection_056-300x231.png 300w\" sizes=\"(max-width: 677px) 100vw, 677px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-eabec94 elementor-widget elementor-widget-text-editor\" data-id=\"eabec94\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<h4><strong>Regles d&#8217;Auditoria Essencials<\/strong><\/h4><p data-path-to-node=\"16\">Crea un fitxer de regles personalitzat;<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-cf6eb72 elementor-widget elementor-widget-code-block-for-elementor\" data-id=\"cf6eb72\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"code-block-for-elementor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<pre class='line-numbers theme-okaidia' data-show-toolbar='yes'><code class='language-javascript'>sudo vim \/etc\/audit\/rules.d\/custom.rules<\/code><\/pre>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-27c5bd2 elementor-widget elementor-widget-text-editor\" data-id=\"27c5bd2\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<h5><strong>Regles recomanades per comen\u00e7ar<\/strong><\/h5>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-252c6db elementor-widget elementor-widget-code-block-for-elementor\" data-id=\"252c6db\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"code-block-for-elementor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<pre class='line-numbers theme-okaidia' data-show-toolbar='yes'><code class='language-javascript'>2. Monitoritzar canvis en configuraci&oacute; sudo\n-w \/etc\/sudoers -p wa -k sudoers_changes\n-w \/etc\/sudoers.d\/ -p wa -k sudoers_changes\n\n# 3. Monitoritzar canvis en configuraci&oacute; SSH\n-w \/etc\/ssh\/sshd_config -p wa -k sshd_config\n\n# 4. Monitoritzar canvis en configuraci&oacute; de xarxa\n-w \/etc\/network\/ -p wa -k network_changes\n-w \/etc\/sysconfig\/network-scripts\/ -p wa -k network_changes\n\n# 5. Monitoritzar &uacute;s de sudo\n-a always,exit -F arch=b64 -S execve -F euid=0 -F auid&gt;=1000 -F auid!=-1 -k elevated_commands\n-a always,exit -F arch=b32 -S execve -F euid=0 -F auid&gt;=1000 -F auid!=-1 -k elevated_commands\n<\/code><\/pre>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-c03e092 elementor-widget elementor-widget-text-editor\" data-id=\"c03e092\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<h5><strong>Aplicar les Regles<\/strong><\/h5>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-afd5033 elementor-widget elementor-widget-code-block-for-elementor\" data-id=\"afd5033\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"code-block-for-elementor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<pre class='line-numbers theme-okaidia' data-show-toolbar='yes'><code class='language-javascript'># Recarregar regles\nsudo augenrules --load\n\n# Reiniciar el servei\nsudo systemctl restart auditd\n\n# Verificar que les regles s&#039;han carregat\nsudo auditctl -l<\/code><\/pre>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-1cfe73c elementor-widget elementor-widget-image\" data-id=\"1cfe73c\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"708\" height=\"514\" src=\"https:\/\/aborrego.inscastellbisbal.net\/wp-content\/uploads\/2025\/12\/Selection_060.png\" class=\"attachment-large size-large wp-image-9096\" alt=\"\" srcset=\"https:\/\/aborrego.inscastellbisbal.net\/wp-content\/uploads\/2025\/12\/Selection_060.png 708w, https:\/\/aborrego.inscastellbisbal.net\/wp-content\/uploads\/2025\/12\/Selection_060-300x218.png 300w\" sizes=\"(max-width: 708px) 100vw, 708px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-566fa72 elementor-widget elementor-widget-text-editor\" data-id=\"566fa72\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p data-path-to-node=\"16\">Un cop carregades les regles correctament:<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-caec51d elementor-widget elementor-widget-code-block-for-elementor\" data-id=\"caec51d\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"code-block-for-elementor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<pre class='line-numbers theme-okaidia' data-show-toolbar='yes'><code class='language-javascript'>sudo systemctl restart auditd\n\n# Verificar estat\nsudo systemctl status auditd<\/code><\/pre>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-1f1c40c elementor-widget elementor-widget-image\" data-id=\"1f1c40c\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"699\" height=\"509\" src=\"https:\/\/aborrego.inscastellbisbal.net\/wp-content\/uploads\/2025\/12\/Selection_061.png\" class=\"attachment-large size-large wp-image-9098\" alt=\"\" srcset=\"https:\/\/aborrego.inscastellbisbal.net\/wp-content\/uploads\/2025\/12\/Selection_061.png 699w, https:\/\/aborrego.inscastellbisbal.net\/wp-content\/uploads\/2025\/12\/Selection_061-300x218.png 300w\" sizes=\"(max-width: 699px) 100vw, 699px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/details>\n\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-c460005 e-flex e-con-boxed wpr-particle-no wpr-jarallax-no wpr-parallax-no wpr-sticky-section-no wpr-equal-height-no e-con e-parent\" data-id=\"c460005\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>","protected":false},"excerpt":{"rendered":"<p>Eines de seguretat Tornar al repte 2.2 Llista dels cinc tipus de programari malici\u00f3s (malware) m\u00e9s comuns i perillosos per a una empresa Els tipus de malware m\u00e9s prevalents i perillosos per a les empreses inclouen variants sofisticades que combinen robatori de dades, control remot i extorsi\u00f3 financera. Aquests tipus no nom\u00e9s causen p\u00e8rdues econ\u00f2miques directes (com pagaments de rescat o downtime operatiu), sin\u00f3 que tamb\u00e9 comprometen la confidencialitat de dades sensibles i la reputaci\u00f3 corporativa. Ransomware Encripta fitxers i sistemes essencials, exigint un pagament (normalment en criptomonedes) per desbloquejar-los. Sovint es combina amb exfiltraci\u00f3 de dades per augmentar la pressi\u00f3. Troians (incloent RATs &#8211; Remote Access Trojans) Es disfressen com a software leg\u00edtim (ex.: actualitzacions o factures) per obtenir acc\u00e9s remot al sistema, permetent l&#8217;execuci\u00f3 de comandes malicioses. Spyware\/Infostealers Recopila informaci\u00f3 confidencial (credencials, sessions de navegaci\u00f3, dades personals) sense consentiment, sovint via keyloggers o capturadors de pantalla. Cryptojackers\/Miners Utilitzen la pot\u00e8ncia de processament de l&#8217;ordinador infectat per minar criptomonedes en segon pla, sense que l&#8217;usuari ho noti immediatament. Rootkits S&#8217;amaguen profundament en el sistema operatiu per ocultar altres malware, evitant detecci\u00f3 i mantenint acc\u00e9s privilegiat. Selecci\u00f3 de l&#8217;Eina Hem de triar una que sigui oficial i confiable per evitar riscos. Fonts oficials on siguin desc\u00e0rregues directes del fabricant, no de llocs sospitosos que podrien tenir malware. Criteris per triar: Cobertura \u00e0mplia: Ha de protegir contra molts tipus de malware (virus, troians, ransomware, spyware, rootkits, etc.), no nom\u00e9s virus b\u00e0sics. Actualitzacions autom\u00e0tiques: S&#8217;ha d&#8217;actualitzar sol per detectar amenaces noves (el malware evoluciona r\u00e0pidament!). F\u00e0cil d&#8217;usar: Per a empreses com Makrosoft, ha de ser integrable en VMs sense complicacions. Gratu\u00efta o baixa cost: Idealment gratu\u00efta per comen\u00e7ar. Seguretat a la pasarel\u00b7la 1: Antivirus &#8211; Recomanaci\u00f3: ClamAV Instal\u00b7laci\u00f3 i configuraci\u00f3 sudo apt install clamav clamav-daemon -y Actualitza la base de dades de virus (pot trigar una mica la primera vegada). sudo freshclam Escaneja tot el sistema (escaneja tot, pot trigar hores; afegeix -i per nom\u00e9s mostrar infectats). sudo clamscan -r \/ Solucionar els errors t\u00edpics # Crea el directori que li falta sudo mkdir -p \/var\/lib\/clamav sudo chown clamav:clamav \/var\/lib\/clamav # Arregla permisos dels logs sudo touch \/var\/log\/clamav\/freshclam.log sudo chown clamav:clamav \/var\/log\/clamav\/*.log sudo chmod 664 \/var\/log\/clamav\/*.log # Desactiva el log de freshclam per evitar el fam&oacute;s error de &quot;lock&quot; sudo sed -i &#039;s\/^UpdateLogFile.*\/#UpdateLogFile\/&#039; \/etc\/clamav\/freshclam.conf 2. Esc\u00e0ner de Vulnerabilitats &#8211; Recomanaci\u00f3: Lynis Instal\u00b7laci\u00f3 i configuraci\u00f3 sudo apt install lynis -y. Executa un escaneig sudo lynis audit system El Lynis que tenim instal\u00b7lat amb apt install lynis a Ubuntu\/Debian \u00e9s una versi\u00f3 una mica antiga i no t\u00e9 les comandes lynis show \u2026 (van apar\u00e8ixer a partir de la 3.0). Per\u00f2 no cal reinstal\u00b7lar res. Amb la versi\u00f3 que tenim (la m\u00e9s normal) els resultats es veuen aix\u00ed de f\u00e0cil: # Nom&eacute;s les l&iacute;nies amb advert&egrave;ncies greus grep -A2 -B2 &quot;warning&quot; \/var\/log\/lynis.log | grep -v &quot;^&#8211;&quot; # Nom&eacute;s les sugger&egrave;ncies grep -A2 -B2 &quot;suggestion&quot; \/var\/log\/lynis.log | grep -v &quot;^&#8211;&quot; No tenim cap warning real (l\u2019\u00fanica cosa que surt \u00e9s un test de Docker que s\u2019ha saltat perqu\u00e8 no tens Docker instal\u00b7lat \u2192 \u00e9s normal i no \u00e9s cap problema). No tenim cap suggestion tampoc (la segona comanda no ha tret res). Seguretat en un servidor Debian com a DNS Master Actualitzaci\u00f3 i Eliminaci\u00f3 de Programari Innecessari (Manteniment) Actualitzar el sistema Eliminar programari no utilitzat sudo apt update &amp;&amp; sudo apt upgrade sudo apt autoremove Configuraci\u00f3 del Tallafoc (Firewall) (Protecci\u00f3 de la Xarxa) El tallafoc \u00e9s l&#8217;eina essencial per filtrar el tr\u00e0nsit de xarxa. Debian tradicionalment usava iptables per\u00f2 \u00e9s com\u00fa utilitzar nftables o UFW (Uncomplicated Firewall) com a interf\u00edcie simplificada. # Instal&middot;lar sudo apt install ufw # Denegar tot per defecte sudo ufw default deny incoming # Permetre connexions SSH (Port 22) sudo ufw allow ssh # Activar el firewall sudo ufw enable Eines d&#8217;Auditoria i Monitoritzaci\u00f3 Aquestes eines ajuden a supervisar i a registrar l&#8217;activitat. Audit Framework El Linux Audit Framework (amb el dimoni auditd) permet registrar un gran detall d&#8217;esdeveniments. sudo dnf install audit Configureu regles a \/etc\/audit\/rules.d\/audit.rules per monitoritzar acc\u00e9s a fitxers sensibles, execuci\u00f3 de programes, etc Regles d&#8217;Auditoria Essencials Crea un fitxer de regles personalitzat; sudo vim \/etc\/audit\/rules.d\/custom.rules Regles recomanades per comen\u00e7ar 2. Monitoritzar canvis en configuraci&oacute; sudo -w \/etc\/sudoers -p wa -k sudoers_changes -w \/etc\/sudoers.d\/ -p wa -k sudoers_changes # 3. Monitoritzar canvis en configuraci&oacute; SSH -w \/etc\/ssh\/sshd_config -p wa -k sshd_config # 4. Monitoritzar canvis en configuraci&oacute; de xarxa -w \/etc\/network\/ -p wa -k network_changes -w \/etc\/sysconfig\/network-scripts\/ -p wa -k network_changes # 5. Monitoritzar &uacute;s de sudo -a always,exit -F arch=b64 -S execve -F euid=0 -F auid&gt;=1000 -F auid!=-1 -k elevated_commands -a always,exit -F arch=b32 -S execve -F euid=0 -F auid&gt;=1000 -F auid!=-1 -k elevated_commands Aplicar les Regles # Recarregar regles sudo augenrules &#8211;load # Reiniciar el servei sudo systemctl restart auditd # Verificar que les regles s&#039;han carregat sudo auditctl -l Un cop carregades les regles correctament: sudo systemctl restart auditd # Verificar estat sudo systemctl status auditd Seguretat m\u00e0quina Windows 2019 (AD) Selecci\u00f3 de l&#8217;Eina Les eines escollides milloren la detecci\u00f3 sense tocar l&#8217;esquema. Evita eines de tercers invasives que puguin requerir agents que interfereixin amb replicacions o autenticacions Kerberos. \u00a0 Per\u00f2, riscos: Eines mal configurades poden generar massa logs (sobrec\u00e0rrega de CPU\/disk), interferir amb replicacions AD o causar inestabilitat si modifiquen components cr\u00edtics com l&#8217;esquema AD. Per aix\u00f2, recomanem eines lleugeres, provar en un entorn de test si possible, i monitorar el rendiment del servidor (usant PerfMon o Task Manager). Utilitzades Pol\u00edtiques d&#8217;Auditoria Avan\u00e7ada: Built-in en Windows, permet registrar esdeveniments espec\u00edfics sense instal\u00b7lacions addicionals. Sysmon (System Monitor): Eina gratu\u00efta de Sysinternals per registrar activitats detallades com creacions de processos, connexions de xarxa i c\u00e0rregues de drivers. \u00c9s lleugera, per\u00f2 requereix configuraci\u00f3 per evitar soroll excessiu. Visualitzador d&#8217;Esdeveniments (Event Viewer): Per revisar els logs generats. Seguretat a servidor SAMBA Configuraci\u00f3 i activaci\u00f3 d&#8217;UFW per Samba Troba el teu rang de xarxa local (per restringir l&#8217;acc\u00e9s nom\u00e9s a la teva LAN, m\u00e9s segur) i permet Samba nom\u00e9s des de la teva xarxa local: ip route | &#8230; <a title=\"Eines de seguretat\" class=\"read-more\" href=\"https:\/\/aborrego.inscastellbisbal.net\/en\/2025\/12\/03\/eines-de-seguretat\/\" aria-label=\"Read more about Eines de seguretat\">Read more<\/a><\/p>","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-8927","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Eines de seguretat - Ana Borrego Toledo<\/title>\n<meta name=\"robots\" content=\"noindex, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Eines de seguretat - Ana Borrego Toledo\" \/>\n<meta property=\"og:description\" content=\"Eines de seguretat Tornar al repte 2.2 Llista dels cinc tipus de programari malici\u00f3s (malware) m\u00e9s comuns i perillosos per a una empresa Els tipus de malware m\u00e9s prevalents i perillosos per a les empreses inclouen variants sofisticades que combinen robatori de dades, control remot i extorsi\u00f3 financera. Aquests tipus no nom\u00e9s causen p\u00e8rdues econ\u00f2miques directes (com pagaments de rescat o downtime operatiu), sin\u00f3 que tamb\u00e9 comprometen la confidencialitat de dades sensibles i la reputaci\u00f3 corporativa. Ransomware Encripta fitxers i sistemes essencials, exigint un pagament (normalment en criptomonedes) per desbloquejar-los. Sovint es combina amb exfiltraci\u00f3 de dades per augmentar la pressi\u00f3. Troians (incloent RATs &#8211; Remote Access Trojans) Es disfressen com a software leg\u00edtim (ex.: actualitzacions o factures) per obtenir acc\u00e9s remot al sistema, permetent l&#8217;execuci\u00f3 de comandes malicioses. Spyware\/Infostealers Recopila informaci\u00f3 confidencial (credencials, sessions de navegaci\u00f3, dades personals) sense consentiment, sovint via keyloggers o capturadors de pantalla. Cryptojackers\/Miners Utilitzen la pot\u00e8ncia de processament de l&#8217;ordinador infectat per minar criptomonedes en segon pla, sense que l&#8217;usuari ho noti immediatament. Rootkits S&#8217;amaguen profundament en el sistema operatiu per ocultar altres malware, evitant detecci\u00f3 i mantenint acc\u00e9s privilegiat. Selecci\u00f3 de l&#8217;Eina Hem de triar una que sigui oficial i confiable per evitar riscos. Fonts oficials on siguin desc\u00e0rregues directes del fabricant, no de llocs sospitosos que podrien tenir malware. Criteris per triar: Cobertura \u00e0mplia: Ha de protegir contra molts tipus de malware (virus, troians, ransomware, spyware, rootkits, etc.), no nom\u00e9s virus b\u00e0sics. Actualitzacions autom\u00e0tiques: S&#8217;ha d&#8217;actualitzar sol per detectar amenaces noves (el malware evoluciona r\u00e0pidament!). F\u00e0cil d&#8217;usar: Per a empreses com Makrosoft, ha de ser integrable en VMs sense complicacions. Gratu\u00efta o baixa cost: Idealment gratu\u00efta per comen\u00e7ar. Seguretat a la pasarel\u00b7la 1: Antivirus &#8211; Recomanaci\u00f3: ClamAV Instal\u00b7laci\u00f3 i configuraci\u00f3 sudo apt install clamav clamav-daemon -y Actualitza la base de dades de virus (pot trigar una mica la primera vegada). sudo freshclam Escaneja tot el sistema (escaneja tot, pot trigar hores; afegeix -i per nom\u00e9s mostrar infectats). sudo clamscan -r \/ Solucionar els errors t\u00edpics # Crea el directori que li falta sudo mkdir -p \/var\/lib\/clamav sudo chown clamav:clamav \/var\/lib\/clamav # Arregla permisos dels logs sudo touch \/var\/log\/clamav\/freshclam.log sudo chown clamav:clamav \/var\/log\/clamav\/*.log sudo chmod 664 \/var\/log\/clamav\/*.log # Desactiva el log de freshclam per evitar el fam&oacute;s error de &quot;lock&quot; sudo sed -i &#039;s\/^UpdateLogFile.*\/#UpdateLogFile\/&#039; \/etc\/clamav\/freshclam.conf 2. Esc\u00e0ner de Vulnerabilitats &#8211; Recomanaci\u00f3: Lynis Instal\u00b7laci\u00f3 i configuraci\u00f3 sudo apt install lynis -y. Executa un escaneig sudo lynis audit system El Lynis que tenim instal\u00b7lat amb apt install lynis a Ubuntu\/Debian \u00e9s una versi\u00f3 una mica antiga i no t\u00e9 les comandes lynis show \u2026 (van apar\u00e8ixer a partir de la 3.0). Per\u00f2 no cal reinstal\u00b7lar res. Amb la versi\u00f3 que tenim (la m\u00e9s normal) els resultats es veuen aix\u00ed de f\u00e0cil: # Nom&eacute;s les l&iacute;nies amb advert&egrave;ncies greus grep -A2 -B2 &quot;warning&quot; \/var\/log\/lynis.log | grep -v &quot;^--&quot; # Nom&eacute;s les sugger&egrave;ncies grep -A2 -B2 &quot;suggestion&quot; \/var\/log\/lynis.log | grep -v &quot;^--&quot; No tenim cap warning real (l\u2019\u00fanica cosa que surt \u00e9s un test de Docker que s\u2019ha saltat perqu\u00e8 no tens Docker instal\u00b7lat \u2192 \u00e9s normal i no \u00e9s cap problema). No tenim cap suggestion tampoc (la segona comanda no ha tret res). Seguretat en un servidor Debian com a DNS Master Actualitzaci\u00f3 i Eliminaci\u00f3 de Programari Innecessari (Manteniment) Actualitzar el sistema Eliminar programari no utilitzat sudo apt update &amp;&amp; sudo apt upgrade sudo apt autoremove Configuraci\u00f3 del Tallafoc (Firewall) (Protecci\u00f3 de la Xarxa) El tallafoc \u00e9s l&#8217;eina essencial per filtrar el tr\u00e0nsit de xarxa. Debian tradicionalment usava iptables per\u00f2 \u00e9s com\u00fa utilitzar nftables o UFW (Uncomplicated Firewall) com a interf\u00edcie simplificada. # Instal&middot;lar sudo apt install ufw # Denegar tot per defecte sudo ufw default deny incoming # Permetre connexions SSH (Port 22) sudo ufw allow ssh # Activar el firewall sudo ufw enable Eines d&#8217;Auditoria i Monitoritzaci\u00f3 Aquestes eines ajuden a supervisar i a registrar l&#8217;activitat. Audit Framework El Linux Audit Framework (amb el dimoni auditd) permet registrar un gran detall d&#8217;esdeveniments. sudo dnf install audit Configureu regles a \/etc\/audit\/rules.d\/audit.rules per monitoritzar acc\u00e9s a fitxers sensibles, execuci\u00f3 de programes, etc Regles d&#8217;Auditoria Essencials Crea un fitxer de regles personalitzat; sudo vim \/etc\/audit\/rules.d\/custom.rules Regles recomanades per comen\u00e7ar 2. Monitoritzar canvis en configuraci&oacute; sudo -w \/etc\/sudoers -p wa -k sudoers_changes -w \/etc\/sudoers.d\/ -p wa -k sudoers_changes # 3. Monitoritzar canvis en configuraci&oacute; SSH -w \/etc\/ssh\/sshd_config -p wa -k sshd_config # 4. Monitoritzar canvis en configuraci&oacute; de xarxa -w \/etc\/network\/ -p wa -k network_changes -w \/etc\/sysconfig\/network-scripts\/ -p wa -k network_changes # 5. Monitoritzar &uacute;s de sudo -a always,exit -F arch=b64 -S execve -F euid=0 -F auid&gt;=1000 -F auid!=-1 -k elevated_commands -a always,exit -F arch=b32 -S execve -F euid=0 -F auid&gt;=1000 -F auid!=-1 -k elevated_commands Aplicar les Regles # Recarregar regles sudo augenrules --load # Reiniciar el servei sudo systemctl restart auditd # Verificar que les regles s&#039;han carregat sudo auditctl -l Un cop carregades les regles correctament: sudo systemctl restart auditd # Verificar estat sudo systemctl status auditd Seguretat m\u00e0quina Windows 2019 (AD) Selecci\u00f3 de l&#8217;Eina Les eines escollides milloren la detecci\u00f3 sense tocar l&#8217;esquema. Evita eines de tercers invasives que puguin requerir agents que interfereixin amb replicacions o autenticacions Kerberos. \u00a0 Per\u00f2, riscos: Eines mal configurades poden generar massa logs (sobrec\u00e0rrega de CPU\/disk), interferir amb replicacions AD o causar inestabilitat si modifiquen components cr\u00edtics com l&#8217;esquema AD. Per aix\u00f2, recomanem eines lleugeres, provar en un entorn de test si possible, i monitorar el rendiment del servidor (usant PerfMon o Task Manager). Utilitzades Pol\u00edtiques d&#8217;Auditoria Avan\u00e7ada: Built-in en Windows, permet registrar esdeveniments espec\u00edfics sense instal\u00b7lacions addicionals. Sysmon (System Monitor): Eina gratu\u00efta de Sysinternals per registrar activitats detallades com creacions de processos, connexions de xarxa i c\u00e0rregues de drivers. \u00c9s lleugera, per\u00f2 requereix configuraci\u00f3 per evitar soroll excessiu. Visualitzador d&#8217;Esdeveniments (Event Viewer): Per revisar els logs generats. Seguretat a servidor SAMBA Configuraci\u00f3 i activaci\u00f3 d&#8217;UFW per Samba Troba el teu rang de xarxa local (per restringir l&#8217;acc\u00e9s nom\u00e9s a la teva LAN, m\u00e9s segur) i permet Samba nom\u00e9s des de la teva xarxa local: ip route | ... Read more\" \/>\n<meta property=\"og:url\" content=\"https:\/\/aborrego.inscastellbisbal.net\/en\/2025\/12\/03\/eines-de-seguretat\/\" \/>\n<meta property=\"og:site_name\" content=\"Ana Borrego Toledo\" \/>\n<meta property=\"article:published_time\" content=\"2025-12-03T07:41:10+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-12-17T07:40:53+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/aborrego.inscastellbisbal.net\/wp-content\/uploads\/2025\/12\/Selection_022.png\" \/>\n\t<meta property=\"og:image:width\" content=\"954\" \/>\n\t<meta property=\"og:image:height\" content=\"121\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"aborrego\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"aborrego\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"11 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/aborrego.inscastellbisbal.net\\\/2025\\\/12\\\/03\\\/eines-de-seguretat\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/aborrego.inscastellbisbal.net\\\/2025\\\/12\\\/03\\\/eines-de-seguretat\\\/\"},\"author\":{\"name\":\"aborrego\",\"@id\":\"https:\\\/\\\/aborrego.inscastellbisbal.net\\\/#\\\/schema\\\/person\\\/596b5d3dc4735c43cfaafed47741b9d1\"},\"headline\":\"Eines de seguretat\",\"datePublished\":\"2025-12-03T07:41:10+00:00\",\"dateModified\":\"2025-12-17T07:40:53+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/aborrego.inscastellbisbal.net\\\/2025\\\/12\\\/03\\\/eines-de-seguretat\\\/\"},\"wordCount\":1647,\"publisher\":{\"@id\":\"https:\\\/\\\/aborrego.inscastellbisbal.net\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/aborrego.inscastellbisbal.net\\\/2025\\\/12\\\/03\\\/eines-de-seguretat\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/aborrego.inscastellbisbal.net\\\/wp-content\\\/uploads\\\/2025\\\/12\\\/Selection_022.png\",\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/aborrego.inscastellbisbal.net\\\/2025\\\/12\\\/03\\\/eines-de-seguretat\\\/\",\"url\":\"https:\\\/\\\/aborrego.inscastellbisbal.net\\\/2025\\\/12\\\/03\\\/eines-de-seguretat\\\/\",\"name\":\"Eines de seguretat - Ana Borrego Toledo\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/aborrego.inscastellbisbal.net\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/aborrego.inscastellbisbal.net\\\/2025\\\/12\\\/03\\\/eines-de-seguretat\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/aborrego.inscastellbisbal.net\\\/2025\\\/12\\\/03\\\/eines-de-seguretat\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/aborrego.inscastellbisbal.net\\\/wp-content\\\/uploads\\\/2025\\\/12\\\/Selection_022.png\",\"datePublished\":\"2025-12-03T07:41:10+00:00\",\"dateModified\":\"2025-12-17T07:40:53+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/aborrego.inscastellbisbal.net\\\/2025\\\/12\\\/03\\\/eines-de-seguretat\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/aborrego.inscastellbisbal.net\\\/2025\\\/12\\\/03\\\/eines-de-seguretat\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/aborrego.inscastellbisbal.net\\\/2025\\\/12\\\/03\\\/eines-de-seguretat\\\/#primaryimage\",\"url\":\"https:\\\/\\\/aborrego.inscastellbisbal.net\\\/wp-content\\\/uploads\\\/2025\\\/12\\\/Selection_022.png\",\"contentUrl\":\"https:\\\/\\\/aborrego.inscastellbisbal.net\\\/wp-content\\\/uploads\\\/2025\\\/12\\\/Selection_022.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/aborrego.inscastellbisbal.net\\\/2025\\\/12\\\/03\\\/eines-de-seguretat\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/aborrego.inscastellbisbal.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Eines de seguretat\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/aborrego.inscastellbisbal.net\\\/#website\",\"url\":\"https:\\\/\\\/aborrego.inscastellbisbal.net\\\/\",\"name\":\"Ana Borrego Toledo\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/aborrego.inscastellbisbal.net\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/aborrego.inscastellbisbal.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/aborrego.inscastellbisbal.net\\\/#organization\",\"name\":\"Ana Borrego Toledo\",\"url\":\"https:\\\/\\\/aborrego.inscastellbisbal.net\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/aborrego.inscastellbisbal.net\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/aborrego.inscastellbisbal.net\\\/wp-content\\\/uploads\\\/2025\\\/03\\\/cropped-Selection_255.png\",\"contentUrl\":\"https:\\\/\\\/aborrego.inscastellbisbal.net\\\/wp-content\\\/uploads\\\/2025\\\/03\\\/cropped-Selection_255.png\",\"width\":549,\"height\":328,\"caption\":\"Ana Borrego Toledo\"},\"image\":{\"@id\":\"https:\\\/\\\/aborrego.inscastellbisbal.net\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/aborrego.inscastellbisbal.net\\\/#\\\/schema\\\/person\\\/596b5d3dc4735c43cfaafed47741b9d1\",\"name\":\"aborrego\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/e158785622f9364a28d322a7a8711e2ea34ebb67263b57ff915d7b49cb3cf0d1?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/e158785622f9364a28d322a7a8711e2ea34ebb67263b57ff915d7b49cb3cf0d1?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/e158785622f9364a28d322a7a8711e2ea34ebb67263b57ff915d7b49cb3cf0d1?s=96&d=mm&r=g\",\"caption\":\"aborrego\"},\"sameAs\":[\"https:\\\/\\\/aborrego.inscastellbisbal.net\",\"https:\\\/\\\/www.instagram.com\\\/anaaaa.aaaaaaaaaaaaaaaaaaaaa?igsh=MWVqcmx5MXl5eGdxaw==\"],\"url\":\"https:\\\/\\\/aborrego.inscastellbisbal.net\\\/en\\\/author\\\/aborrego\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Eines de seguretat - Ana Borrego Toledo","robots":{"index":"noindex","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"og_locale":"en_US","og_type":"article","og_title":"Eines de seguretat - Ana Borrego Toledo","og_description":"Eines de seguretat Tornar al repte 2.2 Llista dels cinc tipus de programari malici\u00f3s (malware) m\u00e9s comuns i perillosos per a una empresa Els tipus de malware m\u00e9s prevalents i perillosos per a les empreses inclouen variants sofisticades que combinen robatori de dades, control remot i extorsi\u00f3 financera. Aquests tipus no nom\u00e9s causen p\u00e8rdues econ\u00f2miques directes (com pagaments de rescat o downtime operatiu), sin\u00f3 que tamb\u00e9 comprometen la confidencialitat de dades sensibles i la reputaci\u00f3 corporativa. Ransomware Encripta fitxers i sistemes essencials, exigint un pagament (normalment en criptomonedes) per desbloquejar-los. Sovint es combina amb exfiltraci\u00f3 de dades per augmentar la pressi\u00f3. Troians (incloent RATs &#8211; Remote Access Trojans) Es disfressen com a software leg\u00edtim (ex.: actualitzacions o factures) per obtenir acc\u00e9s remot al sistema, permetent l&#8217;execuci\u00f3 de comandes malicioses. Spyware\/Infostealers Recopila informaci\u00f3 confidencial (credencials, sessions de navegaci\u00f3, dades personals) sense consentiment, sovint via keyloggers o capturadors de pantalla. Cryptojackers\/Miners Utilitzen la pot\u00e8ncia de processament de l&#8217;ordinador infectat per minar criptomonedes en segon pla, sense que l&#8217;usuari ho noti immediatament. Rootkits S&#8217;amaguen profundament en el sistema operatiu per ocultar altres malware, evitant detecci\u00f3 i mantenint acc\u00e9s privilegiat. Selecci\u00f3 de l&#8217;Eina Hem de triar una que sigui oficial i confiable per evitar riscos. Fonts oficials on siguin desc\u00e0rregues directes del fabricant, no de llocs sospitosos que podrien tenir malware. Criteris per triar: Cobertura \u00e0mplia: Ha de protegir contra molts tipus de malware (virus, troians, ransomware, spyware, rootkits, etc.), no nom\u00e9s virus b\u00e0sics. Actualitzacions autom\u00e0tiques: S&#8217;ha d&#8217;actualitzar sol per detectar amenaces noves (el malware evoluciona r\u00e0pidament!). F\u00e0cil d&#8217;usar: Per a empreses com Makrosoft, ha de ser integrable en VMs sense complicacions. Gratu\u00efta o baixa cost: Idealment gratu\u00efta per comen\u00e7ar. Seguretat a la pasarel\u00b7la 1: Antivirus &#8211; Recomanaci\u00f3: ClamAV Instal\u00b7laci\u00f3 i configuraci\u00f3 sudo apt install clamav clamav-daemon -y Actualitza la base de dades de virus (pot trigar una mica la primera vegada). sudo freshclam Escaneja tot el sistema (escaneja tot, pot trigar hores; afegeix -i per nom\u00e9s mostrar infectats). sudo clamscan -r \/ Solucionar els errors t\u00edpics # Crea el directori que li falta sudo mkdir -p \/var\/lib\/clamav sudo chown clamav:clamav \/var\/lib\/clamav # Arregla permisos dels logs sudo touch \/var\/log\/clamav\/freshclam.log sudo chown clamav:clamav \/var\/log\/clamav\/*.log sudo chmod 664 \/var\/log\/clamav\/*.log # Desactiva el log de freshclam per evitar el fam&oacute;s error de &quot;lock&quot; sudo sed -i &#039;s\/^UpdateLogFile.*\/#UpdateLogFile\/&#039; \/etc\/clamav\/freshclam.conf 2. Esc\u00e0ner de Vulnerabilitats &#8211; Recomanaci\u00f3: Lynis Instal\u00b7laci\u00f3 i configuraci\u00f3 sudo apt install lynis -y. Executa un escaneig sudo lynis audit system El Lynis que tenim instal\u00b7lat amb apt install lynis a Ubuntu\/Debian \u00e9s una versi\u00f3 una mica antiga i no t\u00e9 les comandes lynis show \u2026 (van apar\u00e8ixer a partir de la 3.0). Per\u00f2 no cal reinstal\u00b7lar res. Amb la versi\u00f3 que tenim (la m\u00e9s normal) els resultats es veuen aix\u00ed de f\u00e0cil: # Nom&eacute;s les l&iacute;nies amb advert&egrave;ncies greus grep -A2 -B2 &quot;warning&quot; \/var\/log\/lynis.log | grep -v &quot;^--&quot; # Nom&eacute;s les sugger&egrave;ncies grep -A2 -B2 &quot;suggestion&quot; \/var\/log\/lynis.log | grep -v &quot;^--&quot; No tenim cap warning real (l\u2019\u00fanica cosa que surt \u00e9s un test de Docker que s\u2019ha saltat perqu\u00e8 no tens Docker instal\u00b7lat \u2192 \u00e9s normal i no \u00e9s cap problema). No tenim cap suggestion tampoc (la segona comanda no ha tret res). Seguretat en un servidor Debian com a DNS Master Actualitzaci\u00f3 i Eliminaci\u00f3 de Programari Innecessari (Manteniment) Actualitzar el sistema Eliminar programari no utilitzat sudo apt update &amp;&amp; sudo apt upgrade sudo apt autoremove Configuraci\u00f3 del Tallafoc (Firewall) (Protecci\u00f3 de la Xarxa) El tallafoc \u00e9s l&#8217;eina essencial per filtrar el tr\u00e0nsit de xarxa. Debian tradicionalment usava iptables per\u00f2 \u00e9s com\u00fa utilitzar nftables o UFW (Uncomplicated Firewall) com a interf\u00edcie simplificada. # Instal&middot;lar sudo apt install ufw # Denegar tot per defecte sudo ufw default deny incoming # Permetre connexions SSH (Port 22) sudo ufw allow ssh # Activar el firewall sudo ufw enable Eines d&#8217;Auditoria i Monitoritzaci\u00f3 Aquestes eines ajuden a supervisar i a registrar l&#8217;activitat. Audit Framework El Linux Audit Framework (amb el dimoni auditd) permet registrar un gran detall d&#8217;esdeveniments. sudo dnf install audit Configureu regles a \/etc\/audit\/rules.d\/audit.rules per monitoritzar acc\u00e9s a fitxers sensibles, execuci\u00f3 de programes, etc Regles d&#8217;Auditoria Essencials Crea un fitxer de regles personalitzat; sudo vim \/etc\/audit\/rules.d\/custom.rules Regles recomanades per comen\u00e7ar 2. Monitoritzar canvis en configuraci&oacute; sudo -w \/etc\/sudoers -p wa -k sudoers_changes -w \/etc\/sudoers.d\/ -p wa -k sudoers_changes # 3. Monitoritzar canvis en configuraci&oacute; SSH -w \/etc\/ssh\/sshd_config -p wa -k sshd_config # 4. Monitoritzar canvis en configuraci&oacute; de xarxa -w \/etc\/network\/ -p wa -k network_changes -w \/etc\/sysconfig\/network-scripts\/ -p wa -k network_changes # 5. Monitoritzar &uacute;s de sudo -a always,exit -F arch=b64 -S execve -F euid=0 -F auid&gt;=1000 -F auid!=-1 -k elevated_commands -a always,exit -F arch=b32 -S execve -F euid=0 -F auid&gt;=1000 -F auid!=-1 -k elevated_commands Aplicar les Regles # Recarregar regles sudo augenrules --load # Reiniciar el servei sudo systemctl restart auditd # Verificar que les regles s&#039;han carregat sudo auditctl -l Un cop carregades les regles correctament: sudo systemctl restart auditd # Verificar estat sudo systemctl status auditd Seguretat m\u00e0quina Windows 2019 (AD) Selecci\u00f3 de l&#8217;Eina Les eines escollides milloren la detecci\u00f3 sense tocar l&#8217;esquema. Evita eines de tercers invasives que puguin requerir agents que interfereixin amb replicacions o autenticacions Kerberos. \u00a0 Per\u00f2, riscos: Eines mal configurades poden generar massa logs (sobrec\u00e0rrega de CPU\/disk), interferir amb replicacions AD o causar inestabilitat si modifiquen components cr\u00edtics com l&#8217;esquema AD. Per aix\u00f2, recomanem eines lleugeres, provar en un entorn de test si possible, i monitorar el rendiment del servidor (usant PerfMon o Task Manager). Utilitzades Pol\u00edtiques d&#8217;Auditoria Avan\u00e7ada: Built-in en Windows, permet registrar esdeveniments espec\u00edfics sense instal\u00b7lacions addicionals. Sysmon (System Monitor): Eina gratu\u00efta de Sysinternals per registrar activitats detallades com creacions de processos, connexions de xarxa i c\u00e0rregues de drivers. \u00c9s lleugera, per\u00f2 requereix configuraci\u00f3 per evitar soroll excessiu. Visualitzador d&#8217;Esdeveniments (Event Viewer): Per revisar els logs generats. Seguretat a servidor SAMBA Configuraci\u00f3 i activaci\u00f3 d&#8217;UFW per Samba Troba el teu rang de xarxa local (per restringir l&#8217;acc\u00e9s nom\u00e9s a la teva LAN, m\u00e9s segur) i permet Samba nom\u00e9s des de la teva xarxa local: ip route | ... Read more","og_url":"https:\/\/aborrego.inscastellbisbal.net\/en\/2025\/12\/03\/eines-de-seguretat\/","og_site_name":"Ana Borrego Toledo","article_published_time":"2025-12-03T07:41:10+00:00","article_modified_time":"2025-12-17T07:40:53+00:00","og_image":[{"width":954,"height":121,"url":"https:\/\/aborrego.inscastellbisbal.net\/wp-content\/uploads\/2025\/12\/Selection_022.png","type":"image\/png"}],"author":"aborrego","twitter_card":"summary_large_image","twitter_misc":{"Written by":"aborrego","Est. reading time":"11 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/aborrego.inscastellbisbal.net\/2025\/12\/03\/eines-de-seguretat\/#article","isPartOf":{"@id":"https:\/\/aborrego.inscastellbisbal.net\/2025\/12\/03\/eines-de-seguretat\/"},"author":{"name":"aborrego","@id":"https:\/\/aborrego.inscastellbisbal.net\/#\/schema\/person\/596b5d3dc4735c43cfaafed47741b9d1"},"headline":"Eines de seguretat","datePublished":"2025-12-03T07:41:10+00:00","dateModified":"2025-12-17T07:40:53+00:00","mainEntityOfPage":{"@id":"https:\/\/aborrego.inscastellbisbal.net\/2025\/12\/03\/eines-de-seguretat\/"},"wordCount":1647,"publisher":{"@id":"https:\/\/aborrego.inscastellbisbal.net\/#organization"},"image":{"@id":"https:\/\/aborrego.inscastellbisbal.net\/2025\/12\/03\/eines-de-seguretat\/#primaryimage"},"thumbnailUrl":"https:\/\/aborrego.inscastellbisbal.net\/wp-content\/uploads\/2025\/12\/Selection_022.png","inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/aborrego.inscastellbisbal.net\/2025\/12\/03\/eines-de-seguretat\/","url":"https:\/\/aborrego.inscastellbisbal.net\/2025\/12\/03\/eines-de-seguretat\/","name":"Eines de seguretat - Ana Borrego Toledo","isPartOf":{"@id":"https:\/\/aborrego.inscastellbisbal.net\/#website"},"primaryImageOfPage":{"@id":"https:\/\/aborrego.inscastellbisbal.net\/2025\/12\/03\/eines-de-seguretat\/#primaryimage"},"image":{"@id":"https:\/\/aborrego.inscastellbisbal.net\/2025\/12\/03\/eines-de-seguretat\/#primaryimage"},"thumbnailUrl":"https:\/\/aborrego.inscastellbisbal.net\/wp-content\/uploads\/2025\/12\/Selection_022.png","datePublished":"2025-12-03T07:41:10+00:00","dateModified":"2025-12-17T07:40:53+00:00","breadcrumb":{"@id":"https:\/\/aborrego.inscastellbisbal.net\/2025\/12\/03\/eines-de-seguretat\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/aborrego.inscastellbisbal.net\/2025\/12\/03\/eines-de-seguretat\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/aborrego.inscastellbisbal.net\/2025\/12\/03\/eines-de-seguretat\/#primaryimage","url":"https:\/\/aborrego.inscastellbisbal.net\/wp-content\/uploads\/2025\/12\/Selection_022.png","contentUrl":"https:\/\/aborrego.inscastellbisbal.net\/wp-content\/uploads\/2025\/12\/Selection_022.png"},{"@type":"BreadcrumbList","@id":"https:\/\/aborrego.inscastellbisbal.net\/2025\/12\/03\/eines-de-seguretat\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/aborrego.inscastellbisbal.net\/"},{"@type":"ListItem","position":2,"name":"Eines de seguretat"}]},{"@type":"WebSite","@id":"https:\/\/aborrego.inscastellbisbal.net\/#website","url":"https:\/\/aborrego.inscastellbisbal.net\/","name":"Ana Borrego Toledo","description":"","publisher":{"@id":"https:\/\/aborrego.inscastellbisbal.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/aborrego.inscastellbisbal.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/aborrego.inscastellbisbal.net\/#organization","name":"Ana Borrego Toledo","url":"https:\/\/aborrego.inscastellbisbal.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/aborrego.inscastellbisbal.net\/#\/schema\/logo\/image\/","url":"https:\/\/aborrego.inscastellbisbal.net\/wp-content\/uploads\/2025\/03\/cropped-Selection_255.png","contentUrl":"https:\/\/aborrego.inscastellbisbal.net\/wp-content\/uploads\/2025\/03\/cropped-Selection_255.png","width":549,"height":328,"caption":"Ana Borrego Toledo"},"image":{"@id":"https:\/\/aborrego.inscastellbisbal.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/aborrego.inscastellbisbal.net\/#\/schema\/person\/596b5d3dc4735c43cfaafed47741b9d1","name":"aborrego","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/e158785622f9364a28d322a7a8711e2ea34ebb67263b57ff915d7b49cb3cf0d1?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/e158785622f9364a28d322a7a8711e2ea34ebb67263b57ff915d7b49cb3cf0d1?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/e158785622f9364a28d322a7a8711e2ea34ebb67263b57ff915d7b49cb3cf0d1?s=96&d=mm&r=g","caption":"aborrego"},"sameAs":["https:\/\/aborrego.inscastellbisbal.net","https:\/\/www.instagram.com\/anaaaa.aaaaaaaaaaaaaaaaaaaaa?igsh=MWVqcmx5MXl5eGdxaw=="],"url":"https:\/\/aborrego.inscastellbisbal.net\/en\/author\/aborrego\/"}]}},"_links":{"self":[{"href":"https:\/\/aborrego.inscastellbisbal.net\/en\/wp-json\/wp\/v2\/posts\/8927","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/aborrego.inscastellbisbal.net\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/aborrego.inscastellbisbal.net\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/aborrego.inscastellbisbal.net\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/aborrego.inscastellbisbal.net\/en\/wp-json\/wp\/v2\/comments?post=8927"}],"version-history":[{"count":46,"href":"https:\/\/aborrego.inscastellbisbal.net\/en\/wp-json\/wp\/v2\/posts\/8927\/revisions"}],"predecessor-version":[{"id":9104,"href":"https:\/\/aborrego.inscastellbisbal.net\/en\/wp-json\/wp\/v2\/posts\/8927\/revisions\/9104"}],"wp:attachment":[{"href":"https:\/\/aborrego.inscastellbisbal.net\/en\/wp-json\/wp\/v2\/media?parent=8927"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/aborrego.inscastellbisbal.net\/en\/wp-json\/wp\/v2\/categories?post=8927"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/aborrego.inscastellbisbal.net\/en\/wp-json\/wp\/v2\/tags?post=8927"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}