Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

solaris...

  • 06-04-2001 7:55am
    #1
    spod
    Registered Users, Registered Users 2 Posts: 332 ✭✭


    Should be getting a whopping great sun box next week so..

    Any good pointers for solaris info.

    It will be a multi user box, possible internet connected, haven't decided yet.

    So, I guess, assuming it's an out of the box solaris install, what should I do next?

    Lock down. Audit. Policies. Etc.

    Any good/required docs I should stick on palm?
    Any good sites that are solaris specific.
    Any solaris hardening projects worth looking at?

    About to dig up lspitz's solaris hardening docs, and I believe solar designer is involved in some sort of solaris lock down script which I'm gonna look into..

    I'm used to mainly open/freeBsd and linux systems, haven't used solaris except as a workstation in quite a while so I'm rusty.

    cheers



Comments

  • #2
    deRanged
    Registered Users, Registered Users 2 Posts: 3,744 ✭✭✭deRanged


    good security faq here:
    http://packetstorm.securify.com/docs/infosec/solaris.security.faq.html

    and for solaris binaries and packages:
    http://www.sunfreeware.com


  • #3
    ecksor
    Moderators, Social & Fun Moderators Posts: 10,501 Mod ✭✭✭✭ecksor


    Some links I dredged up ...
    The Solaris Security FAQ
    Solaris hardening and Security
    Install/configure Solaris
    Armoring Solaris

    [This message has been edited by X_OR (edited 08-04-2001).]


  • #4
    spod
    Registered Users, Registered Users 2 Posts: 332 ✭✭spod


    cheers for the links.

    All good reading material, now just to find time to read it.

    Another interesting project I came accross was:

    http://www.yassp.org/
    <font face="Verdana, Arial" size="2">
    YASSP is "Yet Another Solaris Security package" and this is a short "how to" article for those responsible for host security on Solaris 2.6, 2.7 and Solaris 8, intel or sparc architecture. The goal is to help you install a version of Solaris with good host security without having you spend a great deal of time hardening the sytem by hand -- the manual steps which you should perform have been automated.
    </font>

    Also discovered trusted solaris which looks v. interesting.

    Might also look into argus pitball.

    Thanks again.


  • #5
    spod
    Registered Users, Registered Users 2 Posts: 332 ✭✭spod


    Just reading through the YASSP stuff atm.

    Came across this very comprehensive solaris hardening list:

    http://www.yassp.org/after.html#[2]

    much to read.


  • #6
    ecksor
    Moderators, Social & Fun Moderators Posts: 10,501 Mod ✭✭✭✭ecksor


    Eeek!!! I doubt that lpd will be installed on that box.

    There are all sorts of packages that can/should be removed, even from the core install.

    I remember hardening a complete install a while back, 700+ packages or something. Ended up writing a script that would force package deletion based on keywords (CDE, OpenLook etc.)


  • Advertisement
  • #7
    ecksor
    Moderators, Social & Fun Moderators Posts: 10,501 Mod ✭✭✭✭ecksor


    Pity he's not running Linux ...


  • #8
    spod
    Registered Users, Registered Users 2 Posts: 332 ✭✭spod


    Won't be running lpd either wink.gif


Advertisement