We have recently been through an audit of our solaris servers.
All our solaris servers are running version 10.
We have been told to close down all the services and we have closed what we could by using svcadm disable
We only wish to let ssh and the ftp service to run.
Below is a list of the services that are still running.
.
Can someone please help and explain what these services are, and which ones should be closed?
Why so many rpc services are needed?
Is the login service needed?
I assume we can close the ibm-db2 service as there are no ibm products installed
Please help.
Thank you so much, much appreciated.
Solly
Last edited by pludi; 01-20-2010 at 04:07 AM..
Reason: code tags, please...
Thanks for that, I am a bit worried the execution of closing the rpc process down?.
Do i just run a svcs -a | grep rpc and then use svcadm disable rpc....
Yes , you would do that. However, anyone one with admin priviledges can still turn them on using svcadm enable. If you do not wish that to happen, I suppose you check the /etc/services file and comment the relevant services that you don't need
hi,
I enabled bsm modules (/etc/security/bsmconv) and rebooted Solaris 10. But service is going into maintenance state. I rebooted server and I see one error saying "sys/c2audit:audit_kssl() not defined properly". I am not sure, what it is indicating and how it should be fixed. Please suggest, how... (5 Replies)
Linux audits in syslog, any time a user is deleted or added. However, I'm running a Solaris11 VM, and find no such entries. How can I enable auditing for useradd and userdel? Oracle's documentation on managing the auditing service, has been of no assistance. Thanks.
Customizing What Is... (7 Replies)
Dear All,
I have one of my Servers, running Solaris 9. I wanna enable the Audit log enabling, the way I did in Solaris 10 Servers.
After running, the bsmconv script, giving the reboots, modifying all the audit files in /etc/security, the audit is enabled, but the audit file which shall be... (3 Replies)
Looking for some way of running a script on one machine, giving it a list of IP addresses and it goes away and gets info from them.
Things such as server type, memory, processors etc.
Does such a thing exist? (3 Replies)
Hi
we have one function which is used to append data the file in exclusive lock mode in aperl script.
This script is executed by multiple threads at the same time.
accessing the same file.this script runs throught the day.
sometimes the file2.txt size is getting reduced.
for eg from 10 M... (1 Reply)
Hi Friends
I am a Solaries newbie and I am looking out for a software or command or config that can capture all commands run by all users on a server on a daily basis. I believe that this Audit is being done in almost all enterprises and would like to know how the same is done there.
Any... (3 Replies)
Hi All,
Any one has, sun solaris audit program which covers everything one need to check as a security auditor.
Audit Program will help.
Thanks,
Ghanshyam
Emails not allowed - see the Rules (4 Replies)