|
|
Sponsored Content
Operating Systems
Solaris
Need jass hardening documentation
Post 302773117 by hiddenshadow on Wednesday 27th of February 2013 10:53:22 AM
02-27-2013
|
|
9 More Discussions You Might Find Interesting
1. Solaris
After I run Jass , I can bring up the SMC GUI, but it wont let me log in as root. It works without Jass being run. Does anyone know what in Jass disables this. I have tried removing some things from jass like remote-root-login to no avail.
Any hints would be greatly appreciated.
I ram running... (0 Replies)
Discussion started by: garydeena
0 Replies
2. Solaris
So I've just done my first install of Solaris. I installed it on an x86 system and am now in the processing of figuring out what I need to do to 'harden' it. I've got the Security kit downloaded (jass) but I am not sure what to do with the .tar file.
I can't seem to find any easy steps to... (6 Replies)
Discussion started by: flood
6 Replies
3. Solaris
What do we need to do to harden a freshly installed solaris OS? like disable telnet, no ftp for root etc...What all services you need to stop? How to check what ports are open? etc etc....please provide all tips that come to your mind...thanks:) (5 Replies)
Discussion started by: rcmrulzz
5 Replies
4. Solaris
I have Jass Toolkit 4.2 for Solaris 10.
If I run #jass-execute -d secure.driver
and then enable certain services which were disabled by jass, such as ssh,
how do I incorporate those changes to jass so that when i rerun jass-execute secure-driver, it does not complain.
Any suggestions please,... (1 Reply)
Discussion started by: Tirmazi
1 Replies
5. UNIX for Dummies Questions & Answers
with regard to JASS, some time ago (1.5 years) I took it's 4.2 version and dig it quite much and created customized and more tight (although still 100% usefull) version of the framework to be used in company i worked for (I think they never used it after I left, however).
I also found that some... (0 Replies)
Discussion started by: togr
0 Replies
6. Solaris
Hi guys,
Is there any script or program which i can use to verify that my hardening setting is all correct ? Recently i am given a task to make sure my Sun servers are all harden properly though sunjass was already introduced. I need to generate a report to convince my manager that the settings... (0 Replies)
Discussion started by: ahlude
0 Replies
7. SuSE
Currently we are hardening our Solaris server using the Sun provided Jass Security tool kit.
How Can I implement the same security level on SUSE11 SP1?
Are there any tools similar/equivalent to Jass for SUSE11 SP1?
Tanks and Regards (1 Reply)
Discussion started by: vcfko
1 Replies
8. UNIX for Advanced & Expert Users
We've got a FTP server that's open to the public network and its running on Suse SUSE Linux Enterprise Server 11 (x86_64) SP2
Now, since it's an FTP server I can't disable that service, but how else do I harden this server from attacks from outside?
I am thinking of disabling the firewall and... (3 Replies)
Discussion started by: hedkandi
3 Replies
9. Cybersecurity
Does anyone have any experience hardening the c-icap.conf file? Here is the default config file, it has a lot of options; sorry about how long it is. I have removed some entries that were not needed as well, but it is still so long :D. Any help is much appreciated as I have never dealt with ICAP.
... (0 Replies)
Discussion started by: savigabi
0 Replies
LEARN ABOUT X11R4
warn.conf
warn.conf(4) File Formats warn.conf(4) NAME
warn.conf - Kerberos warning configuration file SYNOPSIS
/etc/krb5/warn.conf DESCRIPTION
The warn.conf file contains configuration information specifying how users will be warned by the ktkt_warnd daemon about ticket expiration on a Kerberos client. Credential expiration warnings are sent, by means of syslog, to auth.notice. All other warning messages are sent to daemon.notice. Each Kerberos client host must have a warn.conf file in order for users on that host to get Kerberos warnings from the client. Entries in the warn.conf file must have the following format: principal syslog | terminal | mail time [email_address] principal Specifies the principal name to be warned. The asterisk (*) wildcard can be used to specify groups of principals. syslog Sends the warnings to the system's syslog. Depending on the /etc/syslog.conf file, syslog entries are written to the /var/adm/messages file and/or displayed on the terminal. terminal Sends the warnings to display on the terminal. mail Sends the warnings as email to the address specified by email_address. time Specifies how much time before the TGT expires when a warning should be sent. The default time value is seconds, but you can specify h (hours) and m (minutes) after the number to specify other time values. email_address Specifies the email address at which to send the warnings. This field must be specified only with the mail field. EXAMPLES
Example 1: Specifying warnings The following warn.conf entry * syslog 5m specifies that warnings will be sent to the syslog five minutes before the expiration of the TGT for all principals. The form of the mes- sage is: jdb@ACME.COM: your kerberos credentials expire in 5 minutes FILES
/usr/lib/krb5/ktkt_warnd Kerberos warning daemon SEE ALSO
ktkt_warnd(1M), syslog.conf(4), SEAM(5) SunOS 5.10 22 Apr 2003 warn.conf(4)