General discussion

Locked

UNIX/SOLARIS Security

By iriejam8 ·
Can anyone send me a "top ten" list of UNIX/SOLARIS security measures that should be implemented?

This conversation is currently closed to new comments.

7 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

UNIX/SOLARIS Security

by cpfeiffe In reply to UNIX/SOLARIS Security

Here's 15 - the list comes from the Security/High Availability section of Solaris Administration book I have.

1) use the hidden password file /etc/shadow
2) make passwords combinations of letters, numbers and special characters
3) install secure shell if you will be connecting remotely
4) ensure /etc/default/login has an entry that reads CONSOLE=/dev/console so root must be at the terminal to log in
5) remove all .rhosts and hosts.equiv files in all home directories
6) remove unnecessary entries from /etc/inetd.conf so any unused network daemons aren't active from bootup
7) remove any unnecessary services from /etc/services so unused ports aren't accessible
remove any unnecessary entries from /etc/rpc
9) for all services you do use, like FTP use special deny/allow files to only allow the necessary people/machines access via the specified protocol.
10) tighten up sendmail security or turn it off if you aren't using it
11) if you use DNS get the latest version of bind and its patches
12) remove all .rhosts and hosts.equiv files
13) only keep NFS live when necessary
14) install secure shell if you will be connecting remotely
15) Avoid FTP at all costs if possible

Collapse -

UNIX/SOLARIS Security

by iriejam8 In reply to UNIX/SOLARIS Security

Poster rated this answer

Collapse -

UNIX/SOLARIS Security

by RodPerd In reply to UNIX/SOLARIS Security

Security of any system requires detail answer of 3 questions: what it will run, who will use, how it will be connected. So I think there is not a "top ten" list that ensure a high level of security.

But you will find some light reading this good article:

http://www.enteract.com/~lspitz/armoring.html

and on Sun site read "Solaris Environment Security" (security.pdf):

http://www.sun.com/blueprints

Hope this helps

Collapse -

UNIX/SOLARIS Security

by iriejam8 In reply to UNIX/SOLARIS Security

Poster rated this answer

Collapse -

UNIX/SOLARIS Security

by insatiable In reply to UNIX/SOLARIS Security

The SANS Institute is dedicated to System Administration, Networking and Security. It is THE best place to check for security measures, especially with UNIX/SOLARIS.
They have conferences and training.
They work directly with the developing technologies.
They list the most common vulnerabilities, and they also list the most common fixes.
This url will get you to the website:

http://www.sans.org

This url is to the page for Hardening Solaris Systems:

http://www.sans.org/newlook/resources/hard_solaris.htm

Good luck!
Melissa

Collapse -

UNIX/SOLARIS Security

by iriejam8 In reply to UNIX/SOLARIS Security

Thanks Melissa. This really helped.

Collapse -

UNIX/SOLARIS Security

by iriejam8 In reply to UNIX/SOLARIS Security

This question was closed by the author

Back to Linux Forum
7 total posts (Page 1 of 1)  

Related Discussions

Related Forums