Security Basics mailing list archives
Re: security in sun solaris
From: salgak () speakeasy net
Date: Tue, 26 Aug 2003 16:56:55 +0000
-----Original Message----- From: Christian [mailto:christian () dnet net id] Sent: Tuesday, August 26, 2003 02:17 AM To: security-basics () securityfocus com Subject: security in sun solaris hi, i'm new at solaris, and i want to secure my solaris boxes, i recently run nmap on one of my solaris box runing named service under SunOS 5.6 Port State Service 23/tcp open telnet 25/tcp open smtp 53/tcp open domain 111/tcp open sunrpc 256/tcp open rap 257/tcp filtered set 258/tcp open yak-chat 264/tcp open bgmp 265/tcp open unknown 540/tcp open uucp 4045/tcp open lockd 6112/tcp open dtspc 32771/tcp open sometimes-rpc5 32773/tcp open sometimes-rpc9 32774/tcp open sometimes-rpc11 32775/tcp open sometimes-rpc13 32776/tcp open sometimes-rpc15
anyone know what this services for? and how turned these off? well, except for telnet,smtp and domain of course, and how what program runs what service in Solaris? like netstat -a -p in linux... thanks for the help!
Well, first, read a good page on Solaris Security: http://security.vt.edu/lockitdown/ has guides for Solaris, Windows, and others. . . Most services in Solaris are controlled via /etc/inetd.conf Start there, commenting out every service you don't plan on using. Move from there to /etc/rc2.d: disable startup scripts for services you don't want by changing the starting capital "S" to a lowercase one, and prefixing it with "disabled". (I do the former myself). If you're not running databases, RPC can be disabled. In fact, the SAFEST rule is this: if you don't know what it is, disable it, you can ALWAYS re-enable it later. I'd also look at your /etc/shadow file, and also ensure the PHYSICAL security of the box: anyone with physical access can Stop-A and boot from CD, and then mount your hard drives and edit /etc/shadow. . . --------------------------------------------------------------------------- Attend Black Hat Briefings & Training Federal, September 29-30 (Training), October 1-2 (Briefings) in Tysons Corner, VA; the world's premier technical IT security event. Modeled after the famous Black Hat event in Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors. Symantec is the Diamond sponsor. Early-bird registration ends September 6.Visit us: www.blackhat.com ----------------------------------------------------------------------------
Current thread:
- security in sun solaris Christian (Aug 26)
- Re: security in sun solaris Lukas Sosnovec (Aug 27)
- <Possible follow-ups>
- Re: security in sun solaris salgak (Aug 26)
- Re: security in sun solaris Christian (Aug 29)