Re: Solaris Configuration List (the improv version)

["Bayard G. Bell" <bbell01 () emory edu>]

I have been reminded of an oversight and thought of another.

Oversight (props to foo): I didn't mention anything about keeping the
box off the air before it is locked down.  Even if subsequent
reconfiguration is required, it is preferable to have all the networking
components installed so that you can get the data on them that you need
for system integrity checks.  It never hurts to have notes on what
changes on both your standard system configuration files and your
firewall configuration files when the interfaces addresses are changed. 
My preference would be to do the initial configuration and validation on
an isolated network and then move the box onto the production network
once it's gained my confidence.

Addition: I would probably also want to review the Titan logs, make
appropriate configuration changes to the Titan shell scripts themselves,
run Titan again, and perhaps back up Tripwire with periodic verification
runs of Titan.  At the very least Titan should be moved to the read-only
media (the Tripwire CD-ROM you've burned will do nicely), with the logs
located elsewhere so that it can be re-used later with confidence in its
integrity.  Particularly given the flexibility of Titan, it doesn't hurt
to tweak it so that you get the final results you want from it.

-Bayard