Security Basics mailing list archives

Re: security in sun solaris

From: Christian <christian () dnet net id>
Date: Fri, 29 Aug 2003 08:34:36 +0700

many thanks to
martin.campbell () ed ac uk
Frank.Branch () GD-NS Com
svawter () zonelabs com
salgak () speakeasy net
lukas76cz () seznam cz

actually, i have worked on inetd before on reducing unneccesary
services, but the problem was in the services that was not in inetd, but
anyway, thanks to the many people above, now i can secure my solaris box.
a very good link that was pointed to me : (and it's really helpfull)
http://security.vt.edu/lockitdown/
http://sabernet.home.comcast.net/papers/Solaris.html
http://www.serverworldmagazine.com/sunserver/2000/11/attack.shtml

btw, i have problem installing lsof 4.68 on my sun solaris box, the
install command was (after make install):
install -m 2755 -g kmem lsof /usr/local/lsof/
and it ends up with message saying
"install: lsof was not found anywhere!"

i have read the faqs and search the web but no uck so far, maybe someonecould enlighten me?


regards,
christian

>
>
> hi, i'm new at solaris, and i want to secure my solaris boxes, i
> recently run nmap on one of my solaris box runing named service under
> SunOS 5.6
> Port       State       Service
> 23/tcp     open        telnet
> 25/tcp     open        smtp
> 53/tcp     open        domain
> 111/tcp    open        sunrpc
> 256/tcp    open        rap
> 257/tcp    filtered    set
> 258/tcp    open        yak-chat
> 264/tcp    open        bgmp
> 265/tcp    open        unknown
> 540/tcp    open        uucp
> 4045/tcp   open        lockd
> 6112/tcp   open        dtspc
> 32771/tcp  open        sometimes-rpc5
> 32773/tcp  open        sometimes-rpc9
> 32774/tcp  open        sometimes-rpc11
> 32775/tcp  open        sometimes-rpc13
> 32776/tcp  open        sometimes-rpc15
>
> anyone know what this services for? and how turned these off? well,
> except for telnet,smtp and domain of course, and how what program runs
> what service in Solaris? like netstat -a -p in linux...
> thanks for the help!
>
> regards,
> chris
>
>

>---------------------------------------------------------------------------> Attend Black Hat Briefings & Training Federal, September 29-30(Training),

> October 1-2 (Briefings) in Tysons Corner, VA; the world's premier

> technical IT security event. Modeled after the famous Black Hatevent in

> Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors.
> Symantec is the Diamond sponsor.  Early-bird registration ends September
> 6.Visit us: www.blackhat.com

>----------------------------------------------------------------------------

>
>




---------------------------------------------------------------------------

Attend Black Hat Briefings & Training Federal, September 29-30 (Training),October 1-2 (Briefings) in Tysons Corner, VA; the world's premiertechnical IT security event. Modeled after the famous Black Hat event inLas Vegas! 6 tracks, 12 training sessions, top speakers and sponsors.Symantec is the Diamond sponsor. Early-bird registration ends September 6.Visit us: www.blackhat.com

----------------------------------------------------------------------------

Current thread:

security in sun solaris Christian (Aug 26)
- Re: security in sun solaris Lukas Sosnovec (Aug 27)
- <Possible follow-ups>
- Re: security in sun solaris salgak (Aug 26)
- Re: security in sun solaris Christian (Aug 29)