|
Server : Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 DAV/2 PHP/5.2.17 System : Linux localhost 2.6.18-419.el5 #1 SMP Fri Feb 24 22:47:42 UTC 2017 x86_64 User : nobody ( 99) PHP Version : 5.2.17 Disable Function : NONE Directory : /usr/share/locale/ko/LC_MESSAGES/ |
Upload File : |
ޕ����[���
���ô�����Ì������È��)���É��!��ó��Œ��� ��í���¢ ��Û��
����l
����X
��}��+��Ð���©��h��z��)��ã��U��
��â���c��>���F����…��‹���š��.��&��x���U��J��Î��N�����(���h��¶���‘�����H
��)���Q
�����{
��)���‹
��,���µ
�� ���â
�����
����
��½���
�����Ì
�����j �����| ��)���• ��2���¿ �� ���ò �����ü ����� �����( �����1 �����K �����e �� ���m �����w �����{ �����„ ��"���› �����¾ �� ���Õ ��E���ß �����%!��
���9!��
���E!��-���P!�����~!�����ƒ!�����ˆ!�����‹!��
���Ž!��
���š!��0���¥!�����Ö!�� ���ß!��9���é!�����#"�����+"�����<"�����@"�����F"��)��Y"��
���ƒ#����� #�����¼#�����Ì#�����Ó#�����Û#�����ì#��
���þ#��
���
$����($�����8%�����
&�����
&�����&&�����;&��D���K&��
���&�����ž&��
���¯&��C��Ì&��Y���(����j(��r���…)��Ò���ø)��9��Ë*����-��=��
.��É��[0��Ý���%2��æ��3��É��ê4��’��´6��÷���G8��7���?9��H��w9��‰���À:��j��J;��€���µ<��r��6=��O���©>��0���ù>����*?��
���=@��;���K@�����‡@��.���œ@��3���Ë@�� ���ÿ@����� A��S��&A��õ���zB��©���pC�����D�����)D��9���?D��3���yD�����D��
���¾D�� ���ÛD��
���üD����� E�����#E�� ���=E�����GE�����NE�� ���RE�����\E��#���mE�����‘E��
���¬E��v���·E�����.F��
���IF�����WF��;���kF�����§F�����¬F�����³F�����ºF�����ÁF�����ÓF��2���ÚF�����
G��
���G��5���#G�����YG�����aG�����pG��
���tG�����‚G��~��•G�����I�����)I�����EI�����TI�����[I�����bI�����wI�� ���I��
���¯I��ž��ºI��ê���YK�����DL�����YL�����bL�����sL��R���‡L�����ÚL�����ëL��"���üL�����!���Z�������:���&���N������B���#���M���E���L���
���[��������������(���)����������3�������H�������T���,���A���S�������6���
������� ����������� ������%���.���5���=����������
��� �������7����������������8������
�������Q�����������������-�����������+���?�������K������1���
���G�������Y�����������R���>���9���
������������������
���J�������U����������'�������/����������<���W���V���������������������O���F������C���*������P���X���0��������������D���@������"���2���$���;�������I���4��������
ERROR - You must be root to run lokkit.
�
Firewall Configuration
A firewall sits between your computer and the network,
and determines which resources on your computer remote
users on the network are able to access. A
properly configured firewall can greatly increase
the out-of-the-box security of your system.
�
Firewall Customization
Choose which trusted devices and incoming services
should be allowed for your network security
settings.
� * FTP -- FTP is a protocol used for remote file
transfer. If you plan on making your FTP
server publicly available, enable this option.
You need the vsftpd package installed for this
option to be useful.
� * Mail (SMTP) -- This allows incoming SMTP mail
delivery. If you need to allow remote hosts to
connect directly to your machine to deliver
mail, enable this option. You do not need to
enable this if you collect your mail from your
ISP's server by POP3 or IMAP, or if you use a
tool such as fetchmail. Note that an
improperly configured SMTP server can allow
remote machines to use your server to send
spam.
� * NFSv4 -- This allowed you to use the NFS
version 4 protocol via TCP to share files. You will
need to have the NFS tools installed and properly
configure your NFS server for this option to be
useful.
� * Other ports -- You can specify that other
ports not listed here be allowed through the
firewall. The format to use is
'port:protocol'. For example, if you wanted to
allow IMAP access through your firewall, you
can specify 'imap:tcp'. You can also specify
numeric ports explicitly; to allow UDP packets
on port 1234 through, specify '1234:udp'. To
specify multiple ports, separate them by
commas.
� * SSH -- Secure Shell (SSH) is a protocol for
logging into and executing commands on remote
machines. It provides secure encrypted
communications. If you plan on accessing your
machine remotely via SSH over a firewalled
interface, enable this option. You need the
openssh-server package installed for this
option to be useful.
� * Samba Browsing -- This allows you to access
access and participate in Windows file and printer
sharing networks. You need the Samba package
installed for this option to be useful
� * Secure WWW (HTTPS) -- HTTPS is a modified HTTP
used to serve Web pages when security is
important. Examples are sites that require logins
like stores or web mail. This option is not
required for viewing pages locally or
developing Web pages. You need the httpd
package installed for this option to be useful
� * Telnet -- Telnet is a protocol for logging
into remote machines. It is unencrypted, and
provides little security from network snooping
attacks. Enabling telnet is not recommended.
You need the telnet-server package installed
for this option to be useful.
� * WWW (HTTP) -- HTTP is the protocol used
to serve Web pages. If you plan on
making your Web server publicly available,
enable this option. This option is not
required for viewing pages locally or
developing Web pages. You need the httpd
package installed for this option to be
useful.
� Allow Incoming -- Enabling these options allows the
specified services to pass through the firewall.
Note, during a workstation-class installation, the
majority of these services are not present on the
system.
� Choose the appropriate security level for your
system.
� Disabled -- Disabling the firewall allows complete
access and does no security checking. It is recommended
that this only be selected if you are running on a
trusted network (not the Internet), or if you plan
to do more detailed firewall configuration later.
� Enabled -- By choosing enabled, your system will
not accept connections from the outside that are
not explicitly defined by you.
� If you are connecting your system to the Internet,
but do not plan to run a server, this is the
safest choice. If additional services are needed,
you can choose Customize to allow specific
services through the firewall, or to implicitly
trust traffic coming over certain interfaces.
� It is not recommended to enable this for devices
that are connected to public networks, such as the
Internet.
� Trusted Devices -- Checking these for any of your
devices allows all traffic coming from that device
to be allowed. For example, if you are running a
local network, but are connecting to the Internet
via a PPP dialup, you could check that eth0 is
trusted to allow any traffic coming from your
local network.
� <Tab>/<Alt-Tab> between elements | <Space> selects | <F12> next screen�'enforcing', 'permissive', or 'disabled'�A firewall protects against unauthorized network intrusions. Enabling a firewall blocks all incoming connections. Disabling a firewall allows all connections and is not recommended. �Add Port�Allow all traffic on the specified device�Allow incoming:�Allow specific ports through the firewall�Backwards compatibilty, aliased to --enabled�Backwards compatiblity, ignored�Cancel�Changing this SELinux setting requires rebooting the system so the entire file system may be relabeled. Relabeling takes a long time depending on the file system. Would you like to continue with this setting and reboot the system after firstboot is complete?�Changing to SELinux enabled will cause a relabel of the entire file system on the next boot. Relabeling takes a long time depending on the size of the file system. Do you wish to continue?�Clicking the 'Yes' button will set the security level of the system and override any existing firewall configuration. Are you sure that you want to do this?�Configure SELinux�Configure SELinux Policy�Configure firewall but do not activate it�Configure system security level and firewall rules�Customize�Disable an iptables module�Disable firewall�Disabled�Enable an iptables module�Enable firewall (default)�Enabled�Enforcing�FTP�Firewall�Firewall Configuration�Firewall Configuration - Customize�Firewall Customization�Firewall:�Invalid port given: '%s'. Please give a port number or service name.�MASQUERADE Devices:�Mail (SMTP)�Masquerade�Masquerades traffic from the specified device�NFS4�Name�OK�Ok�Other ports�Permissive�Please choose the security level for the system.�Port(s):�Protocol:�Run noninteractively; process only command-line arguments�SELinux�SELinux Setting:�SSH�Samba�Secure WWW (HTTPS)�Security Enhanced Linux (SELinux) provides finer-grained security controls than those available in a traditional Linux system. It can be set up in a disabled state, a state which only warns about things which would be denied, or a fully active state. Most people should keep the default setting.�Security Level Configuration�Security Level and Firewall�Security Level:�Telnet�Trusted�Trusted Devices:�Trusted services:�Usually 'targeted' or 'strict'�WWW (HTTP)�You can customize your firewall in two ways. First, you can select to allow all traffic from certain network interfaces. Second, you can allow certain protocols explicitly through the firewall. Specify additional ports in the form 'service:protocol', such as 'imap:tcp'. �You can use a firewall to allow access to specific services on your computer from other computers and prevent unauthorized access from the outside world. Which services, if any, do you wish to allow access to?�_Firewall Options�_SELinux�device to masquerade�device to trust�ignore settings stored in /etc/sysconfig/system-config-securitylevel�module to add�module to remove�port:protocol (e.g, ssh:tcp)�Project-Id-Version: ko
Report-Msgid-Bugs-To:
POT-Creation-Date: 2006-11-28 10:51-0500
PO-Revision-Date: 2006-10-17 13:54+1000
Last-Translator: Eunju Kim <eukim@redhat.com>
Language-Team: Korean <ko@li.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Generator: KBabel 1.9.1
�
오류 - lokkitì„ ì‹¤í–‰í•˜ì‹œë ¤ë©´ 루트 사용ìžë¡œ 로그ì¸í•˜ì…”야 합니다.
�
방화벽 ì„¤ì •
ë°©í™”ë²½ì€ ì—¬ëŸ¬ë¶„ì˜ ì»´í“¨í„°ì™€ ë„¤íŠ¸ì›Œí¬ ì‚¬ì´ì— 위치하여,
ì›ê²© 사용ìžë¡œë¶€í„° 여러분 ì»´í“¨í„°ì˜ ìžì›ì„ 보호해ì¤ë‹ˆë‹¤.
ë°©í™”ë²½ì„ ì ì ˆí•˜ê²Œ ì„¤ì •í•˜ë©´ 여러분 ì»´í“¨í„°ì˜ ë³´ì•ˆì„±ì´
높아집니다.
�
방화벽 ì‚¬ìš©ìž ì„¤ì •
ë°©í™”ë²½ì„ í†µê³¼í• ìˆ˜ 있는 장치나 서비스를
ì„ íƒí•˜ì‹ì‹œì˜¤.
� * FTP -- FTP는 ì›ê²© 파ì¼ì„ ì „ì†¡í•˜ëŠ”ë° ì‚¬ìš©ë˜ëŠ”
í”„ë¡œí† ì½œìž…ë‹ˆë‹¤. FTP서버를 ìš´ì˜í•˜ë ¤ë©´, ì´ í•ëª©ì„
ì„ íƒí•˜ê³ vsftpd 패키지를 설치하셔야 합니다.
� * Mail (SMTP) -- SMTP ë©”ì¼ ìˆ˜ì‹ ì„ í—ˆìš©í•©ë‹ˆë‹¤. ì›ê²©ì˜
컴퓨터로부터 ì—¬ëŸ¬ë¶„ì˜ ì»´í“¨í„°ë¡œ ì§ì ‘ ë©”ì¼ ì†¡ì‹ ì„
í—ˆìš©í•˜ë ¤ë©´ ì´ í•ëª©ì„ ì„ íƒí•˜ì‹ì‹œì˜¤. 만약 ISPì—…ì²´ê°€
ì œê³µí•˜ëŠ” POP3나 IMAPì„ í†µí•´ ë©”ì¼ì„ ê°€ì ¸ì˜¤ê±°ë‚˜
fetchmailê³¼ ê°™ì€ ë„구를 ì‚¬ìš©í•˜ì‹ ë‹¤ë©´, ì´ í•ëª©ì„
ì„ íƒí• 필요가 없습니다. ì£¼ì˜ - 잘못 ì„¤ì •ëœ SMTP 서버는
ì›ê²©ì˜ 컴퓨터가 ì—¬ëŸ¬ë¶„ì˜ ì„œë²„ë¥¼ 통해 스팸 ë©”ì¼ì„ 보내게 í• ìˆ˜
있습니다.
� * NFSv4 -- ì´ëŠ” TCP를 통해 NFS ë²„ì „ 4 í”„ë¡œí† ì½œì„
ê³µìœ íŒŒì¼ì— 사용하는 ê²ƒì„ í—ˆìš©í•©ë‹ˆë‹¤.
NFS ë„구를 설치하셔야 하며
ì´ëŸ¬í•œ ì˜µì…˜ì„ ìœ ìš©í•˜ê²Œ 사용하기 위해 NFS 서버를
ì„¤ì •í•˜ì…”ì•¼ 합니다.
� * ê·¸ ì™¸ì˜ í¬íŠ¸ -- 목ë¡ì— 없는 í¬íŠ¸ë¥¼ ì§€ì •í•˜ì—¬
방화벽 통과를 í—ˆìš©í• ìˆ˜ 있습니다. 'í¬íŠ¸:í”„ë¡œí† ì½œ'
형ì‹ì„ 사용합니다. 예를 들어, ë°©í™”ë²½ì„ í†µí•´ IMAP
ì ‘ê·¼ì„ í—ˆìš©í•˜ë ¤ë©´ 'imap:tcp'ë¼ê³ ì§€ì •í•©ë‹ˆë‹¤. ê·¸ë¦¬ê³ ,
숫ìžë¡œ í¬íŠ¸ 번호를 ì§€ì •í• ìˆ˜ë„ ìžˆìŠµë‹ˆë‹¤. 1234번
í¬íŠ¸ì— UDP íŒ¨í‚·ì„ í—ˆìš©í•˜ë ¤ë©´ '1234:udp'ë¼ê³ ìž…ë ¥
합니다. 여러 ê°œì˜ í¬íŠ¸ë¥¼ ì§€ì •í•˜ê¸° 위해서는 ê°
í¬íŠ¸ë¥¼ 콤마로 구분하시면 ë©ë‹ˆë‹¤.
� * SSH -- Secure Sehll (SSH)ì€ ì›ê²© 컴퓨터ì—
로그ì¸í•˜ì—¬ ëª…ë ¹ì„ ì‹¤í–‰í• ìˆ˜ 있는 í”„ë¡œí† ì½œ
입니다. ì´ í”„ë¡œí† ì½œì€ ì•ˆì „í•˜ê³ ì•”í˜¸í™”ëœ í†µì‹ ì„
수행합니다. 만약 SSH를 ì´ìš©í•˜ì—¬ 방화벽 ì¸í„°íŽ˜ì´ìŠ¤ë¥¼
지나 ì›ê²©ìœ¼ë¡œ ì—¬ëŸ¬ë¶„ì˜ ì»´í“¨í„°ì— ì ‘ì†í•˜ê¸° 위해서는
ì´ í•ëª©ì„ ì„ íƒí•˜ê³ openssh-server 패키지를
설치하셔야 합니다.
� * Samba 브ë¼ìš°ì§• -- 네트워í¬ë¥¼ ê³µìœ í•˜ëŠ” Windows 파ì¼ì´ë‚˜
í”„ë¦°í„°ì— ì•¡ì„¸ìŠ¤ 가능하게 í•´ì¤ë‹ˆë‹¤. ì´ ì˜µì…˜ì„ ì‚¬ìš©í•˜ì‹œë ¤ë©´
Samba 패키지를 설치하셔야 합니다
� * 보안 WWW (HTTPS) -- HTTPS는 ìˆ˜ì •ëœ HTTP로서
ë³´ì•ˆì´ ì¤‘ìš”ì‹œë˜ëŠ” 웹 페ì´ì§€ë¥¼ 서비스 í• ìˆ˜ 있ë„ë¡ í•©ë‹ˆë‹¤.
예를 들면, ìƒì—… 웹사ì´íŠ¸ë‚˜ 웹 ë©”ì¼ê³¼ ê°™ì€ ë¡œê·¸ì¸ì„ 필요로하는
웹사ì´íŠ¸ë¥¼ 들 수 있습니다. 웹 페ì´ì§€ë¥¼ 보시거나 개발하기 위해서ë¼ë©´, ì´ í•ëª©ì„ ì„ íƒí•
필요가 없습니다. ì´ í•ëª©ì„ ì„ íƒí•˜ì…¨ë‹¤ë©´, httpd
패키지를 설치하ì‹ì‹œì˜¤.
� * Telnet -- Telnetì€ ì›ê²© ì»´í“¨í„°ì— ë¡œê·¸ì¸í•˜ê¸° 위한
í”„ë¡œí† ì½œìž…ë‹ˆë‹¤. ì´ í”„ë¡œí† ì½œì€ ì•”í˜¸í™”ë˜ì§€ ì•Šì€
í†µì‹ ì„ ìˆ˜í–‰í•˜ë©°, ë„¤íŠ¸ì›Œí¬ ì¹¨ìž…ì„ ë§‰ê¸° 위한 아무런
보안 ìˆ˜ë‹¨ì„ ì œê³µí•˜ì§€ 않습니다. ì´ í•ëª©ì„ ì„ íƒí•˜ëŠ”
ê²ƒì€ ë°”ëžŒì§í•˜ì§€ 않습니다. 그래ë„, ì´ í•ëª© ì„ íƒì„
ì›í•˜ì‹ 다면 telnet-server 패키지를 설치하셔야 합니다.
� * WWW (HTTP) -- HTTP는 ì—¬ëŸ¬ë¶„ì˜ ì»´í“¨í„°ì—ì„œ
웹 페ì´ì§€ë¥¼ 서비스 í• ìˆ˜ 있ë„ë¡ í•©ë‹ˆë‹¤. 웹 서버를
ìš´ì˜í•˜ì‹œë ¤ë©´ ì´ í•ëª©ì„ ì„ íƒí•˜ì‹ì‹œì˜¤. 웹 페ì´ì§€ë¥¼
보시거나 개발하기 위해서ë¼ë©´, ì´ í•ëª©ì„ ì„ íƒí•
필요가 없습니다. ì´ í•ëª©ì„ ì„ íƒí•˜ì…¨ë‹¤ë©´, httpd
패키지를 설치하ì‹ì‹œì˜¤.
� í—ˆìš©í• ì„œë¹„ìŠ¤ -- 해당 서비스가 ë°©í™”ë²½ì„ í†µê³¼í• ìˆ˜
있ë„ë¡ í•©ë‹ˆë‹¤. ì£¼ì˜ - 워í¬ìŠ¤í…Œì´ì…˜ 급 설치 ê³¼ì •
중ì´ë¼ë©´ ì´ ì„œë¹„ìŠ¤ë“¤ ì¤‘ì— ë§Žì€ ë¶€ë¶„ì´ ì‹œìŠ¤í…œì—
나타나지 않습니다.
� 시스템 보안 ìˆ˜ì¤€ì„ ì„ íƒí•´ 주ì‹ì‹œì˜¤.
� 비활성화 -- ë°©í™”ë²½ì„ ë¹„í™œì„±í™”í•˜ì—¬ ì™¸ë¶€ë¡œë¶€í„°ì˜ ëª¨ë“ ì ‘ê·¼ì„ í—ˆìš©í•˜ê³ ë³´ì•ˆ 사í•ì„ 확ì¸í•˜ì§€ 않습니다. 여러분ì˜
컴퓨터가 (ì¸í„°ë„·ì´ ì•„ë‹Œ) ì‹ ë¢°í•˜ëŠ” ë„¤íŠ¸ì›Œí¬ ìƒì— 있거나
방화벽 ì„¤ì •ì„ ë‚˜ì¤‘ì— í• ê²½ìš°ì—만 ì´ í•ëª©ì„ ì„ íƒí•˜ì‹ì‹œì˜¤.
� 활성화 -- ì´ í•ëª©ì„ ì„ íƒí•˜ë©´ ì—¬ëŸ¬ë¶„ì´ ì§€ì •í•˜ì§€
ì•Šì€ ì™¸ë¶€ë¡œë¶€í„°ì˜ ì ‘ì†ì€ 허용하지 않습니다.
� 만약 ì—¬ëŸ¬ë¶„ì˜ ì‹œìŠ¤í…œì´ ì¸í„°ë„·ì—는 ì—°ê²°ë˜ì§€ë§Œ
서버로 ìš´ì˜í•˜ì§€ ì•Šìœ¼ë ¤ë©´, ì´ í•ëª©ì„ ì„ íƒí•˜ëŠ”
ê²ƒì´ ì•ˆì „í•©ë‹ˆë‹¤. 추가 서비스가 í•„ìš”í• ê²½ìš°,
ì‚¬ìš©ìž ì„¤ì •ì„ ì„ íƒí•˜ë©´ ë°©í™”ë²½ì„ í†µí•œ íŠ¹ì •
서비스나 íŠ¹ì • ì¸í„°íŽ˜ì´ìŠ¤ë¥¼ 통한 íŠ¸ëž˜í”½ì„ í—ˆìš©í• ìˆ˜
있습니다.
� ì¸í„°ë„·ê³¼ ê°™ì´ ì™¸ë¶€ë¡œ 통하는 네트워í¬ì— ì—°ê²°ëœ
장치ì—는 ì´ í•ëª©ì„ ì„ íƒí•˜ì§€ 마ì‹ì‹œì˜¤.
� ì‹ ë¢°í•˜ëŠ” 장치 -- ì„ íƒëœ 장치를 통해 들어오는
ëª¨ë“ íŠ¸ëž˜í”½ì„ í—ˆìš©í•©ë‹ˆë‹¤. 예들 들어, 지ì—
네트워í¬ë¥¼ ìš´ì˜í•˜ê³ 있지만 PPP를 통해 ì¸í„°ë„·ì—
ì—°ê²°ë˜ì–´ 있다면, eth0를 ì‹ ë¢°í•˜ëŠ” 장치로
ì„ íƒí•˜ì—¬ ì§€ì— ë„¤íŠ¸ì›Œí¬ë¡œë¶€í„° 들어오는 모ë“
íŠ¸ëž˜í”½ì„ í—ˆìš©í• ìˆ˜ 있습니다.
� <Tab>/<Alt-Tab> í•ëª© ì´ë™ | <Space> ì„ íƒ | <F12> ë‹¤ìŒ í™”ë©´ �'ê°•ì œ', '허용', ë˜ëŠ” '사용하지 ì•ŠìŒ'�ë°©í™”ë²½ì€ í—ˆê°€ê°€ 없는 사용ìžê°€ 네트워í¬ë¥¼ 통하여 침입하는 ê²ƒì„ ë°©ì§€í•©ë‹ˆë‹¤. ë°©í™”ë²½ì„ ì‚¬ìš©í•˜ì‹œë©´ 들어오는 ëª¨ë“ ì ‘ì†ì„ 막습니다. ë°©í™”ë²½ì„ ì‚¬ìš©í•˜ì§€ 않으면 ëª¨ë“ ì ‘ì†ì„ 허용하므로 권장ë˜ì§€ 않습니다.�í¬íŠ¸ 추가�íŠ¹ì • 장치ì—ì„œ 들어오는 ëª¨ë“ íŠ¸ëž˜í”½ì„ í—ˆìš©�í—ˆìš©í• ì„œë¹„ìŠ¤:�íŠ¹ì • í¬íŠ¸ì˜ 방화벽 통과를 허용함�ì´ì „ ë²„ì „ 호환성, --enabledë¡œ ë³„ì¹ ì§€ì •�ì´ì „ ë²„ì „ 호환성, 무시�취소�SELinux ì„¤ì •ì„ ë³€ê²½í•˜ì‹œë©´ ì‹œìŠ¤í…œì„ ìž¬ë¶€íŒ…í•˜ì…”ì•¼ 합니다. 재부팅시 ì „ì²´ íŒŒì¼ ì‹œìŠ¤í…œì˜ ë ˆì´ë¸”ì´ ìƒˆë¡œ 변경ë©ë‹ˆë‹¤. ë ˆì´ë¸” 변경 ìž‘ì—…ì€ íŒŒì¼ ì‹œìŠ¤í…œì— ë”°ë¼ ì˜¤ëž˜ 걸릴 수 있습니다. ê·¸ëž˜ë„ firstbootê°€ 완료ë˜ë©´ ì´ ì„¤ì •ê³¼ 함께 ì‹œìŠ¤í…œì„ ìž¬ë¶€íŒ… í•˜ì‹œê² ìŠµë‹ˆê¹Œ?�SELinux를 변경하시면 재부팅시 ì „ì²´ íŒŒì¼ ì‹œìŠ¤í…œì˜ ë ˆì´ë¸”ì´ ìƒˆë¡œ 변경(relabel)ë©ë‹ˆë‹¤. ë ˆì´ë¸” 변경 ìž‘ì—…ì€ íŒŒì¼ ì‹œìŠ¤í…œ ìš©ëŸ‰ì— ë”°ë¼ ì˜¤ëž˜ 걸릴 수 ë„ ìžˆìŠµë‹ˆë‹¤. ê·¸ëž˜ë„ ê³„ì†í•˜ì‹œê² 습니까?�'Yes' ë²„íŠ¼ì„ í´ë¦í•˜ì‹œë©´ 새로운 ì‹œìŠ¤í…œì˜ ë³´ì•ˆ ìˆ˜ì¤€ì´ ì„¤ì •ë˜ì–´ 기존 방화벽 ì„¤ì •ì„ ë®ì–´ì“°ê²Œ ë©ë‹ˆë‹¤. ê³„ì† ì§„í–‰í•˜ì‹œê² ìŠµë‹ˆê¹Œ?�SELinux ì„¤ì •�SELinux ì •ì±… ì„¤ì •�방화벽 ì„¤ì •, 그러나 ì‚¬ìš©ì„ ì‹œìž‘í•˜ì§€ ì•ŠìŒ�시스템 보안 수준 ë° ë°©í™”ë²½ 규칙 ì„¤ì •�ì‚¬ìš©ìž ì„¤ì •�iptables 모듈 비활성화�ë°©í™”ë²½ì„ ì‚¬ìš©í•˜ì§€ ì•ŠìŒ�비활성화�iptables 모듈 활성화�방화벽 사용 (기본)�활성화�ê°•ì œ�FTP�방화벽�방화벽 ì„¤ì •�방화벽 ì„¤ì • - ì‚¬ìš©ìž ì„¤ì •�방화벽 ì‚¬ìš©ìž ì„¤ì •�방화벽:�ìž˜ëª»ëœ í¬íŠ¸ë¥¼ ìž…ë ¥í•˜ì…¨ìŠµë‹ˆë‹¤: '%s'. í¬íŠ¸ 번호나 서비스 ì´ë¦„ì„ ìž…ë ¥í•´ì£¼ì‹œê¸° ë°”ëžë‹ˆë‹¤.�위장(MASQUERADE) 장치:�ë©”ì¼ (SMTP)�위장 (Masquerade)�íŠ¹ì • 장치ì—ì„œ 들어오는 ëª¨ë“ íŠ¸ëž˜í”½ì„ ìœ„ìž¥�NFS4�ì´ë¦„�확ì¸�확ì¸�ê·¸ ì™¸ì˜ í¬íŠ¸�허용�시스템 보안 ìˆ˜ì¤€ì„ ì„ íƒí•´ 주ì‹ì‹œì˜¤.�í¬íŠ¸:�í”„ë¡œí† ì½œ:�비대화ì‹ìœ¼ë¡œ 실행; ëª…ë ¹í–‰ ì¸ìžë§Œ 처리�SELinux�SELinux ì„¤ì •�SSH�삼바(Samba)�보안 WWW (HTTPS)�SELinux (Security Enhanced Linux)는 기본 리눅스 시스템 보다 ì •êµí•œ 보안 ì œì–´ ê¸°ëŠ¥ì„ ì œê³µí•©ë‹ˆë‹¤. SELinux는 세가지 모드 - 비활성화 ìƒíƒœ ë˜ëŠ” ê±°ë¶€í• ì„œë¹„ìŠ¤ì— ëŒ€í•œ ê²½ê³ ë§Œ 보여주는 ìƒíƒœ ë˜ëŠ” ì™„ì „ 활성화 ìƒíƒœë¡œ ì„¤ì • 가능합니다. ëŒ€ë¶€ë¶„ì˜ ê²½ìš° 기본 ì„¤ì •ì„ ê·¸ëŒ€ë¡œ 사용하시는 ê²ƒì´ ì¢‹ìŠµë‹ˆë‹¤.�보안 수준 ì„¤ì •�보안 수준 ë° ë°©í™”ë²½�보안 수준:�Telnet�ì‹ ë¢°�ì‹ ë¢°í•˜ëŠ” 장치:�ì‹ ë¢°í•˜ëŠ” 서비스:�보통 '목표' í˜¹ì€ '엄격'�WWW (HTTP)�ë°©í™”ë²½ì„ ë‘가지 ë°©ì‹ìœ¼ë¡œ ì‚¬ìš©ìž ì„¤ì •í•˜ì‹¤ 수 있습니다. 첫번째 ë°©ë²•ì€ íŠ¹ì • ë„¤íŠ¸ì›Œí¬ ì¸í„°íŽ˜ì´ìŠ¤ì—ì„œ 들어오는 ëª¨ë“ íŠ¸ëž˜í”½ì„ í—ˆìš©í•˜ëŠ” 것입니다. ë‘번째 ë°©ë²•ì€ ë°©í™”ë²½ì„ í†µê³¼í• ìˆ˜ 있는 íŠ¹ì • í”„ë¡œí† ì½œì„ ì§€ì •í•˜ì‹œëŠ” 것입니다. 추가 í¬íŠ¸ë¥¼ ì§€ì •í•˜ì‹œë ¤ë©´ 'imap:tcp'와 ê°™ì´ '서비스:í”„ë¡œí† ì½œ' 형ì‹ìœ¼ë¡œ 하ì‹ì‹œì˜¤.�ë°©í™”ë²½ì„ ì´ìš©í•˜ì—¬ 다른 컴퓨터ì—ì„œ ê³ ê° ì»´í“¨í„°ì˜ íŠ¹ì • 서비스 ì´ìš©ì„ ê¸ˆí•˜ê³ ì™¸ë¶€ì—ì„œ 허가 ì—†ì´ ì ‘ê·¼í•˜ëŠ” ê²ƒì„ ë°©ì§€í• ìˆ˜ 있습니다. ì–´ë–¤ 서비스를 ì ‘ê·¼ í—ˆìš©í•˜ì‹œê² ìŠµë‹ˆê¹Œ?�방화벽 옵션(_F)�_SELinux�ìœ„ìž¥í• ìž¥ì¹˜�ì‹ ë¢°í•˜ëŠ” 장치�/etc/sysconfig/system-config-securitylevel 파ì¼ì— ì €ìž¥ëœ ì„¤ì •ì„ ë¬´ì‹œí•¨�ì¶”ê°€í• ëª¨ë“ˆ�ì‚ì œí• ëª¨ë“ˆ�í¬íŠ¸:í”„ë¡œí† ì½œ (예, ssh:tcp)�