Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Hardening Suse11 sp1
Operating Systems Linux SuSE Hardening Suse11 sp1 Post 302550094 by mark54g on Wednesday 24th of August 2011 03:34:59 PM
Old 08-24-2011
apparmor or selinux would possibly be your best bet.
 

7 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Any leads to hardening UNIX

Hi! I am trying to get info/best practices/how-to harden unix, especially solaris! Appreciate any leads please..................... (3 Replies)
Discussion started by: sdharmap
3 Replies

2. Solaris

Hardening Solaris 10

So I've just done my first install of Solaris. I installed it on an x86 system and am now in the processing of figuring out what I need to do to 'harden' it. I've got the Security kit downloaded (jass) but I am not sure what to do with the .tar file. I can't seem to find any easy steps to... (6 Replies)
Discussion started by: flood
6 Replies

3. Solaris

Hardening Solaris

What do we need to do to harden a freshly installed solaris OS? like disable telnet, no ftp for root etc...What all services you need to stop? How to check what ports are open? etc etc....please provide all tips that come to your mind...thanks:) (5 Replies)
Discussion started by: rcmrulzz
5 Replies

4. Solaris

Solaris Hardening - SunJass

Hi guys, Is there any script or program which i can use to verify that my hardening setting is all correct ? Recently i am given a task to make sure my Sun servers are all harden properly though sunjass was already introduced. I need to generate a report to convince my manager that the settings... (0 Replies)
Discussion started by: ahlude
0 Replies

5. UNIX for Dummies Questions & Answers

GCC on suse 10 SP1

hi guys I use rpm -qa to find installed packages in red hat centos.... but how to do it in Suse 10 SP1 for instance? specifically I need to find if gcc installed thanks a lot (1 Reply)
Discussion started by: karlochacon
1 Replies

6. UNIX for Advanced & Expert Users

SuSe Linux Hardening

We've got a FTP server that's open to the public network and its running on Suse SUSE Linux Enterprise Server 11 (x86_64) SP2 Now, since it's an FTP server I can't disable that service, but how else do I harden this server from attacks from outside? I am thinking of disabling the firewall and... (3 Replies)
Discussion started by: hedkandi
3 Replies

7. Cybersecurity

C-ICAP Hardening

Does anyone have any experience hardening the c-icap.conf file? Here is the default config file, it has a lot of options; sorry about how long it is. I have removed some entries that were not needed as well, but it is still so long :D. Any help is much appreciated as I have never dealt with ICAP. ... (0 Replies)
Discussion started by: savigabi
0 Replies

LEARN ABOUT OPENSOLARIS

bsmunconv

bsmconv(1M)						  System Administration Commands					       bsmconv(1M)

NAME

       bsmconv, bsmunconv - enable or disable Solaris Auditing

SYNOPSIS

       /etc/security/bsmconv [rootdir]...

       /etc/security/bsmunconv [rootdir]...

DESCRIPTION

       The  bsmconv  and  bsmunconv scripts are used to enable or disable the BSM features on a Solaris system. The optional argument rootdir is a
       list of one or more root directories of diskless clients that have already been configured. See smdiskless(1M).

       To enable or disable BSM on a diskless client, a server, or a stand-alone system, logon as super-user to the system being converted and use
       the bsmconv or bsmunconv commands without any options.

       To  enable or disable BSM on a diskless client from that client's server, logon to the server as super-user and use bsmconv, specifying the
       root directory of each diskless client you wish to affect. For example, the command:

	 myhost# bsmconv /export/root/client1 /export/root/client2

       enables BSM on the two machines named client1 and client2. While the command:

	 myhost# bsmconv

       enables BSM only on the machine called myhost. It is no longer necessary to enable BSM on both the server and its diskless clients.

       After running bsmconv the system can be configured by editing the files in /etc/security. Each diskless client has its own copy of configu-
       ration files in its root directory. You might want to edit these files before rebooting each client.

       Following  the  completion  of either script, the affected system(s) should be rebooted to allow the auditing subsystem to come up properly
       initialized.

FILES

       The following files are created by bsmconv:

       /etc/security/device_maps

	   Administrative file defining the mapping of device special files to allocatable device names.

       /etc/security/device_allocate

	   Administrative file defining parameters for device allocation.

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWcsr			   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Obsolete Committed	   |
       +-----------------------------+-----------------------------+

SEE ALSO

       auditconfig(1M), auditd(1M), audit_startup(1M), audit.log(4), audit_control(4), attributes(5)

       See the section on Solaris Auditing in System Administration Guide: Security Services.

NOTES

       bsmconv and bsmunconv are not valid in a non-global zone.

       These commands are Obsolete and may be removed and replaced with equivalent functionality in a future release of Solaris.

SunOS 5.11							    20 Jan 2009 						       bsmconv(1M)
All times are GMT -4. The time now is 06:38 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy