Sponsored Content
Full Discussion: Hardening Solaris 10
Operating Systems Solaris Hardening Solaris 10 Post 302203725 by reborg on Monday 9th of June 2008 04:14:47 PM
Old 06-09-2008
Untar the file, there should be a package inside. Then as root:

Code:
pkgadd -d . SUNWjass

 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Any leads to hardening UNIX

Hi! I am trying to get info/best practices/how-to harden unix, especially solaris! Appreciate any leads please..................... (3 Replies)
Discussion started by: sdharmap
3 Replies

2. Solaris

Hardening Solaris

What do we need to do to harden a freshly installed solaris OS? like disable telnet, no ftp for root etc...What all services you need to stop? How to check what ports are open? etc etc....please provide all tips that come to your mind...thanks:) (5 Replies)
Discussion started by: rcmrulzz
5 Replies

3. UNIX for Dummies Questions & Answers

sysctl help needed.(Server Hardening).

As per Hardening guide for the server. ICMP Broadcast Response: The kernel parameter icmp_echo_ignore_broadcasts must match to 1 However when i check the value of icmp_echo_ignore_broadcasts it thrown an error as unkonwn key. # sysctl icmp_echo_ignore_broadcasts error:... (2 Replies)
Discussion started by: pinga123
2 Replies

4. Solaris

Solaris Hardening - SunJass

Hi guys, Is there any script or program which i can use to verify that my hardening setting is all correct ? Recently i am given a task to make sure my Sun servers are all harden properly though sunjass was already introduced. I need to generate a report to convince my manager that the settings... (0 Replies)
Discussion started by: ahlude
0 Replies

5. SuSE

Hardening Suse11 sp1

Currently we are hardening our Solaris server using the Sun provided Jass Security tool kit. How Can I implement the same security level on SUSE11 SP1? Are there any tools similar/equivalent to Jass for SUSE11 SP1? Tanks and Regards (1 Reply)
Discussion started by: vcfko
1 Replies

6. UNIX for Advanced & Expert Users

SuSe Linux Hardening

We've got a FTP server that's open to the public network and its running on Suse SUSE Linux Enterprise Server 11 (x86_64) SP2 Now, since it's an FTP server I can't disable that service, but how else do I harden this server from attacks from outside? I am thinking of disabling the firewall and... (3 Replies)
Discussion started by: hedkandi
3 Replies

7. Solaris

Need jass hardening documentation

Hi, Where I could find information about "Jass hardening" for Solaris10? Because, I change the /opt/SUNWjass/Files/etc/syslog.conf file. But yet I don't know if I must restart the jass (and how?) or I must to copy /opt/SUNWjass/Files/etc/syslog.conf to /etc/syslog.conf? Thanks for your... (2 Replies)
Discussion started by: hiddenshadow
2 Replies

8. Cybersecurity

C-ICAP Hardening

Does anyone have any experience hardening the c-icap.conf file? Here is the default config file, it has a lot of options; sorry about how long it is. I have removed some entries that were not needed as well, but it is still so long :D. Any help is much appreciated as I have never dealt with ICAP. ... (0 Replies)
Discussion started by: savigabi
0 Replies

9. Linux

Password hardening using pam

Hi We have a requirement to vary the minimum password criteria by the group to which a user belongs. For example a standard user should have a password with a minimum length of 12 and containing a mix of characters whereas an administrator should have a password with a minimum length of 14... (1 Reply)
Discussion started by: gregsih
1 Replies

10. HP-UX

Security hardening for standard HP-UX users

Hi, The standard accounts that are created during the HP-UX installation, eg, bin,adm,daemon,uucp,lp,hpdb and nobody have their own shell. Will there be any impact if we change these user's shell to /bin/false? Like processes get interrupted, files cannot be generated, etc. Regards (3 Replies)
Discussion started by: anaigini45
3 Replies
pkgask(1M)                                                                                                                              pkgask(1M)

NAME
pkgask - stores answers to a request script SYNOPSIS
pkgask [-d device] [-R root_path] -r response pkginst... pkgask allows the administrator to store answers to an interactive package (one with a request script, that is, a user-created file that must be named request). Invoking this command generates a response file that is then used as input at installation time. The use of this response file prevents any interaction from occurring during installation since the file already contains all of the information the pack- age needs. The following options are supported -d device Run the request script for a package on device. device can be a directory pathname or the identifiers for tape, floppy disk or removable disk (for example, /var/tmp, /dev/diskette, and /dev/dsk/c1d0s0). The default device is the installation spool directory. -R root_path Define the full path name of a directory to use as the root_path. All files, including package system information files, are relocated to a directory tree starting in the specified root_path. Note - The root file system of any non-global zones must not be referenced with the -R option. Doing so might damage the global zone's file system, might compromise the security of the global zone, and might damage the non-global zone's file system. See zones(5). -r response Identify a file or directory which should be created to contain the responses to interaction with the package. The name must be a full pathname. The file, or directory of files, can later be used as input to the pkgadd(1M) command. The following operands are supported: pkginst Specify the package instance, or list of instances for which request scripts will be created. The token all may be used to refer to all packages available on the source medium. 0 Successful completion. >0 An error occurred. See attributes(5) for descriptions of the following attributes: +-----------------------------+-----------------------------+ | ATTRIBUTE TYPE | ATTRIBUTE VALUE | +-----------------------------+-----------------------------+ |Availability |SUNWcsu | +-----------------------------+-----------------------------+ pkginfo(1), pkgmk(1), pkgparam(1), pkgproto(1), pkgtrans(1), installf(1M), pkgadd(1M), pkgchk(1M), pkgrm(1M), removef(1M), admin(4),attributes(5) The -r option can be used to indicate a directory name as well as a filename. The directory name is used to create numerous response files, each sharing the name of the package with which it should be associated. This would be used, for example, when you will be adding multiple interactive packages with one invocation of pkgadd(1M). Each package would need a response file. To create multiple response files with the same name as the package instance, name the directory in which the files should be created and supply multiple instance names with the pkgask command. When installing the packages, you will be able to identify this directory to the pkgadd(1M) command. If the default admin file is too restrictive, the administration file may need to be modified to allow for total non-interaction during a package installation. Seeadmin(4) for details. 6 Apr 2005 pkgask(1M)
All times are GMT -4. The time now is 08:10 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy