Remote services during Solaris installation | Unix Linux Forums | Solaris

  Go Back    


Solaris The Solaris Operating System, usually known simply as Solaris, is a Unix-based operating system introduced by Sun Microsystems. The Solaris OS is now owned by Oracle.

Remote services during Solaris installation

Solaris


Closed Thread    
 
Thread Tools Search this Thread Display Modes
    #1  
Old 10-31-2008
soliberus soliberus is offline
Registered User
 
Join Date: Oct 2004
Last Activity: 29 November 2011, 11:25 AM EST
Posts: 117
Thanks: 0
Thanked 1 Time in 1 Post
Remote services during Solaris installation

I've installed Solaris 10 (05-08) on a SPARC platform

During the installation I was prompted with the question below. I selected yes to enable remote services.

Does anyone know what services this option enables?

- Enabling remote services ----------------------------------------
Would you like to enable network services for use by remote clients?
Selecting "No" provides a more secure configuration in
which Secure Shell is the only network service provided to
remote clients. Selecting "Yes" enables a larger set of
services as in previous Solaris releases. If in doubt, it is
safe to select "No" as any services can be individually enabled
after installation.
Note: This choice only affects initial installs. It doesn't affect upgrades.
Remote services enabled
-----------------------
[X] Yes
[ ] No
-------------------------------------------------------------------
F2_Continue F6_Help
Sponsored Links
    #2  
Old 10-31-2008
DukeNuke2's Avatar
DukeNuke2 DukeNuke2 is offline Forum Staff  
Soulman
 
Join Date: Jul 2006
Last Activity: 19 April 2014, 11:46 AM EDT
Location: Berlin, Germany
Posts: 5,327
Thanks: 52
Thanked 223 Times in 217 Posts
have a look with:


Code:
# svcs -a | grep -i network

for all enabled services.
Sponsored Links
    #3  
Old 10-31-2008
Chains Chains is offline
Registered User
 
Join Date: Sep 2008
Last Activity: 14 September 2012, 6:13 PM EDT
Posts: 20
Thanks: 0
Thanked 0 Times in 0 Posts
I believe this will enable services such as rlogin & telnet etc.
    #4  
Old 10-31-2008
pressy's Avatar
pressy pressy is offline Forum Advisor  
solaris cultist
 
Join Date: Aug 2003
Last Activity: 12 March 2014, 9:56 AM EDT
Location: Vienna / Austria (Europe) [EARTH]
Posts: 732
Thanks: 1
Thanked 2 Times in 2 Posts
looking into the script /usr/sbin/netservices (1M) it is:

svc:/system/system-log
svc:/network/rpc/cde-calendar-manager
svc:/network/rpc/bind
svc:/application/x11/x11-server
svc:/network/smtp:sendmail
svc:/application/print/server
svc:/application/print/rfc1179
svc:/application/print/ipp-listener
svc:/network/rpc/cde-ttdbserver
svc:/application/graphical-login/cde-login
svc:/system/webconsole
svc:/application/management/wbem

and for the inetd and services you could have a look into:

/var/svc/profile/generic_open.xml
/var/svc/profile/generic_limited_net.xml

regards
- PRESSY
Sponsored Links
    #5  
Old 10-31-2008
jlliagre jlliagre is offline Forum Advisor  
ɹǝsn sıɹɐlos
 
Join Date: Dec 2007
Last Activity: 19 April 2014, 2:34 PM EDT
Location: Paris
Posts: 4,364
Thanks: 15
Thanked 443 Times in 406 Posts
You can find the specs and presentation here:
Secure By Default at OpenSolaris.org
Sponsored Links
    #6  
Old 11-10-2008
soliberus soliberus is offline
Registered User
 
Join Date: Oct 2004
Last Activity: 29 November 2011, 11:25 AM EST
Posts: 117
Thanks: 0
Thanked 1 Time in 1 Post
# svcs -a | grep -i network

The following services are "online"

online Nov_05 svc:/network/pfil:default
online Nov_05 svc:/network/tnctl:default
online Nov_05 svc:/network/loopback:default
online Nov_05 svc:/network/physical:default
online Nov_05 svc:/milestone/network:default
online Nov_05 svc:/network/initial:default
online Nov_05 svc:/network/service:default
online Nov_05 svc:/network/ntp:default
online Nov_05 svc:/network/routing-setup:default
online Nov_05 svc:/network/rpc/bind:default
online Nov_05 svc:/network/nfs/mapid:default
online Nov_05 svc:/network/nfs/cbd:default
online Nov_05 svc:/network/nfs/status:default
online Nov_05 svc:/network/nfs/nlockmgr:default
online Nov_05 svc:/network/inetd:default
online Nov_05 svc:/network/rpc/gss:default
online Nov_05 svc:/network/rpc/meta:default
online Nov_05 svc:/network/nfs/client:default
online Nov_05 svc:/network/rpc/rstat:default
online Nov_05 svc:/network/rpc/cde-calendar-manager:default
online Nov_05 svc:/network/rpc/cde-ttdbserver:tcp
online Nov_05 svc:/network/rpc/mdcomm:default
online Nov_05 svc:/network/rpc/metamed:default
online Nov_05 svc:/network/rpc/metamh:default
online Nov_05 svc:/network/rpc/smserver:default
online Nov_05 svc:/network/rpc/rusers:default
online Nov_05 svc:/network/cde-spc:default
online Nov_05 svc:/network/security/ktkt_warn:default
online Nov_05 svc:/network/telnet:default
online Nov_05 svc:/network/nfs/rquota:default
online Nov_05 svc:/network/ftp:default
online Nov_05 svc:/network/finger:default
online Nov_05 svc:/network/login:rlogin
online Nov_05 svc:/network/shell:default
online Nov_05 svc:/network/stdiscover:default
online Nov_05 svc:/network/stlisten:default
online Nov_05 svc:/network/rpc-100235_1/rpc_ticotsord:default
online Nov_05 svc:/network/nfs/server:default
online Nov_05 svc:/network/smtp:sendmail
online Nov_05 svc:/network/ssh:default

Which of these would be a good idea to disable in order to tighten security?
Sponsored Links
    #7  
Old 11-10-2008
jlliagre jlliagre is offline Forum Advisor  
ɹǝsn sıɹɐlos
 
Join Date: Dec 2007
Last Activity: 19 April 2014, 2:34 PM EDT
Location: Paris
Posts: 4,364
Thanks: 15
Thanked 443 Times in 406 Posts
netservices will disable most of them. Why not relying on it ?
Sponsored Links
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

More UNIX and Linux Forum Topics You Might Find Helpful
Thread Thread Starter Forum Replies Last Post
Remote installation of solaris 9 naw_deepak Solaris 5 02-10-2010 01:08 AM
installation entirely remote - Solaris marcmc Solaris 2 10-10-2008 10:23 AM
installation entirely remote - Solaris vbe UNIX for Advanced & Expert Users 0 10-09-2008 01:26 PM



All times are GMT -4. The time now is 03:40 PM.