Login or Register to Ask a Question and Join Our Community


Solaris

Solaris 9 security

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems Solaris Solaris 9 security
# 1  
Old 02-11-2005
Solaris 9 security
Hi all,

I have some questions for you about Solaris 9 security (if you also know the answers for Red Hat enterprise linux 3 et HP UX 11i, this would help too). I have already found many documents about general UNIX security, but some points are still obscure.

Please take time to try to help me, I would be very grateful. Don't hesitate to explain things even if they seem obvious to you, my knowledge in UNIX's world being very limited...

1) My first question is about the single user mode. I would like to disallow anybody to boot as single user without prompting a password. Do you know how to do that ?

2) How can we close any connection after a certain period of inactivity ?

3) How can I limit the amount of information given to the user when he is establishing a connection to a server ? (typically not giving the version of OS, etc.)

4) How to make a password respect a predefined policy ? (complexity, aging). I have seen the PAM cracklib module, but is it possible to do the same things without PAM

5) General question : if you had to make a solaris system very secure, which services would you allow and which one would you make unavailable ?

Thank you for your help. Please answer even if you only know the answer to one question. It will help. And forgive me for my english (I am french).

Bye,

Aaclof
# 2  
Old 02-12-2005
Aaclof,

If you plan hardening your solaris platform, I recommend that you consider using Solaris Security Toolkit (JASS) utility from Sun. Please, read docummentation and FAQs (perhaps explore some scripts in this toolkit) before trying it on your system, as it may dissable some services that could be necessary on your system.
Even if you don't use this tool as is, you can learn a great deal of how to harden your system by just looking at scripts.

The tool can be obtained from http://www.sun.com/software/security/jass
# 3  
Old 10-09-2006
After downloading the security tool package

how do I intstall the toolkit ?
# 4  
Old 10-17-2006
If you don't want to use Jass from sun you can check it by your self with this guideline file

http://www.nsa.gov/snac/os/sunsol_9/I331-007R-2004.pdf


Smilie
Login or Register to Ask a Question

Previous Thread | Next Thread

6 More Discussions You Might Find Interesting

1. Solaris

Unix/Solaris security?

Hello Admins, I just have a curious question on unix passwords... As unix passwords are encrypted, so any hacker can took those passwds from etc/shadow and decrypt them using any algorithms....and using decryption, he can get the passwd and easily get into the system..... so how can... (4 Replies)
Discussion started by: snchaudhari2
4 Replies

2. Shell Programming and Scripting

Solaris Security toolkit to mysql

Hi every body! Any one ever tried to inject the output of JASS into mysql or know of a method or script to do this Thk Dan (0 Replies)
Discussion started by: Ex-Capsa
0 Replies

3. Solaris

Solaris user Security implementation

Hi gurus, Need you help here: How we can implement I have edited /etc/default/login as TIMEOUT=60 But user is not Logged out after 60 sec inactivity. How we can implement this? e.g 3 bad passwords and the user is locked. And it is locked for certain period e.g 20 min. (1 Reply)
Discussion started by: Asteroid
1 Replies

4. Solaris

Security vulnerability on my sun solaris 9 box

We are running security scans on our machines. I am concerned with my solaris 9 box running on a 280r. got the following message. The remote host accepts loose source routed IP packets. The feature was designed for testing purpose. An attacker may use it to circumvent poorly designed IP... (1 Reply)
Discussion started by: BG_JrAdmin
1 Replies

5. Solaris

Solaris 8 security log issue

Hi all, I'm using Solaris 8 right now. Recently I've a task that needs to log down all unsuccessful login to a log for auditing purpose. What steps do I have to take to log down all login failure logs? Do I've to edit a certain file for it or done by the X-window mode? BTW, do I have to... (2 Replies)
Discussion started by: heero
2 Replies

6. News, Links, Events and Announcements

Solaris vs Linux Security

have a look: http://www.softpanorama.org/Solaris/Whitepaper/index.shtml#Executive_Summary gP (4 Replies)
Discussion started by: pressy
4 Replies
Login or Register to Ask a Question