Security Basics mailing list archives
Re: Hardening Solaris 10
From: "Dr. Death" <drdeath4ever () hotmail com>
Date: Wed, 03 Aug 2005 07:04:35 +0000
hi dude, try this package from sun, it will auto harden ur system. http://www.sun.com/download/products.xml?id=42e6becd Regards, Dr.Death
From: Robert Escue <roescue () cox net> To: James McEachern <james.mceachern.qa5a () statefarm com> CC: security-basics () securityfocus com Subject: Re: Hardening Solaris 10 Date: Fri, 29 Jul 2005 12:53:27 -0400 James McEachern wrote:Hello I am looking to upgrade my Solaris box from 9 to 10. I have yet to find a comprehensive "Hardening" white paper on the subject. All kinds for 8, 9 but none for comprehensive 10. I have the BigAdmin portal page and the numerous docs on containers/zones in Solaris 10 and was wondering if anyone knew of a good document out there to act as a starting point fro Solaris 10 Hardening. The box is used as an NIDS and a squid proxy that sits behind a hardware based firewall. Running it on x86 and not sparc code. Any suggestions or ideas are most appreciated. Thanks James McEachern State Farm Insurance Patch Management 309.763.2773James,One of the reasons why you haven't found a document on Solaris 10 is because of all of the changes Sun has made to Solaris 10. A breakdown of the new features would take a small book. As one of the External Beta Testers for Solaris 10 I can give you this advice:1. Use the SUNWrnet (Reduced Networking) install cluster (this is new to Solaris 10), this cluster installs the minimum footprint necessary to run Solaris in CLI mode with only RPC and syslog ports open. If you have a JumpStart server it will be easier to install Solaris with the support for SSH than it will be to install what is needed on top of the Reduced Networking cluster.2. Use Role Based Access control to set up roles for the squid user and if you like, make root a role as well.3. For maximum control you could use Zones along with Projects and Resource Controls to limit resource utilization of the machine.4. Additionally you might want to consider enabling auditing and having the audit events sent to a remote syslog server (another new feature of Solaris 10).Hope this helps. Robert Escue System Administrator
_________________________________________________________________Your opinion counts..for your chance to win a Mini Cooper click here http://www.qualifiedopinions.com/joinup.php?source=hotmail
Current thread:
- Re: Hardening Solaris 10 Robert Escue (Aug 01)
- Re: Hardening Solaris 10 Dr. Death (Aug 03)
- <Possible follow-ups>
- Re: Hardening Solaris 10 Tom Rhodes (Aug 02)
- RE: Hardening Solaris 10 Josh Monson (Aug 02)