Solaris security tutorials
Prevent Solaris users from changing file ownership (chown)
contributed by qmchenry on July 5, 2004 under Solaris securityUsers are typically able to change the owner of a file that they own. If you consider this a security risk or would like to prevent users from doing this for other reasons, follow the instructions in this recipe.
Add BANNER information in Solaris
contributed by indianboy on November 17, 2003 under Solaris securityMany tools on the net help to find the OS and the version of the OS that is used. This is a widely used strategy to open a connection to the server and have add it. This strategy can be used to defend against tools which use the banner grabbing strategy to identify systems. Obviously, this will not help against tools such as NMAP which uses more advanced schemes for identification.
Configuring C-2 Level Security in Solaris
contributed by indianboy on November 12, 2003 under Solaris securityAccording to the Orange Book , the operating system security is evaluated and categorised into different levels such as D, C1, C2, B1 etc. Normally all operating systems in the market tend to have the C1 level of security while Trusted Solaris 8 is B-level certified. While Solaris OE comes with C1 certification, It can be converted to C2 level certification with minimal effort.
Log all Telnet and FTP Connections to a Solaris Machine
contributed by indianboy on October 10, 2003 under Solaris securityBy default, the solaris inetd deamon does not log the IP address of the machines that are connecting to Solaris Server. To enable the logging of all the IP addresses of machines connecting to the server and the connection time, the following script can be used.
RBAC: Solaris Role Based Access Control basics
contributed by qmchenry on October 3, 2003 under Solaris securitySolaris 8 and 9 have a powerful, integrated mechanism originally available only in trusted environments. Role based access control (RBAC) implements an authorization system based on least privilege. In this model, multiple administrative roles can be created and associated with users such that an individual has only the access necessary to perform their delegated tasks such as restarting privileged services, rebooting the system, or managing the print queue. RBAC allows finer grain control of implementing security policies. This recipe is the first of a series about RBAC and provides an introduction to its components.
Change the Solaris telnet banner
contributed by qmchenry on September 15, 2003 under Solaris securityThe default banner displayed during a telnet login contains the Solaris version which can be useful to a potential attacker.
RECENT POPULAR RECIPES
- Solaris: create ssh keys for quick server logins
- Log all Telnet and FTP Connections to a Solaris Machine
- RBAC: Solaris Role Based Access Control basics
- Change the Solaris telnet banner
- Configuring C-2 Level Security in Solaris
- Prevent Solaris users from changing file ownership (chown)
- Add BANNER information in Solaris
- View our Top Tens
TECH-RECIPES BLOGS
- Symfony Propel 1.4: New Project Workflow
- quickie: video on adding 3G modem to a Thinkpad Tablet
- modding: adding 3G to my Lenovo Thinkpad Tablet
- quick look: Lenovo Thinkpad Tablet (Honeycomb) and Pen (pics)
- design: my geek lair
- How to Delete Your Twitter Account
- Flash Error May Slow Down OS X Lion
- Mass Effect: Cannot See Mouse Pointer