Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

basics logo Security Basics mailing list archives

Re: Hardening Solaris 10
From: "Dr. Death" <drdeath4ever () hotmail com>
Date: Wed, 03 Aug 2005 07:04:35 +0000
hi dude,
try this package from sun, it will auto harden ur system.

http://www.sun.com/download/products.xml?id=42e6becd

Regards,
Dr.Death


From: Robert Escue <roescue () cox net>
To: James McEachern <james.mceachern.qa5a () statefarm com>
CC: security-basics () securityfocus com
Subject: Re: Hardening Solaris 10
Date: Fri, 29 Jul 2005 12:53:27 -0400

James McEachern wrote:


Hello

I am looking to upgrade my Solaris box from 9 to 10. I have yet to find
a comprehensive "Hardening" white paper on the subject. All kinds for 8,
9 but none for comprehensive 10. I have the BigAdmin portal page and the
numerous docs on containers/zones in Solaris 10 and was wondering if
anyone knew of a good document out there to act as a starting point fro
Solaris 10 Hardening. The box is used as an NIDS and a squid proxy that
sits behind a hardware based firewall. Running it on x86 and not sparc
code.

Any suggestions or ideas are most appreciated.

Thanks

James McEachern
State Farm Insurance
Patch Management
309.763.2773





James,
One of the reasons why you haven't found a document on Solaris 10 is because of all of the changes Sun has made to Solaris 10. A breakdown of the new features would take a small book. As one of the External Beta Testers for Solaris 10 I can give you this advice:
1. Use the SUNWrnet (Reduced Networking) install cluster (this is new to Solaris 10), this cluster installs the minimum footprint necessary to run Solaris in CLI mode with only RPC and syslog ports open. If you have a JumpStart server it will be easier to install Solaris with the support for SSH than it will be to install what is needed on top of the Reduced Networking cluster.
2. Use Role Based Access control to set up roles for the squid user and if you like, make root a role as well.
3. For maximum control you could use Zones along with Projects and Resource Controls to limit resource utilization of the machine.
4. Additionally you might want to consider enabling auditing and having the audit events sent to a remote syslog server (another new feature of Solaris 10). 

Hope this helps.


Robert Escue
System Administrator



_________________________________________________________________
Your opinion counts..for your chance to win a Mini Cooper click here http://www.qualifiedopinions.com/joinup.php?source=hotmail

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]