Solaris security tutorials

Solaris: create ssh keys for quick server logins

Contributed by mcdsco on November 20, 2006 under Solaris security

To make access to both servers easier, I created keys for ssh, so I can shell server to server with no password. Following the steps in this Tech-Recipe will make it possible to login to one system from another painless.

Comments
 

Prevent Solaris users from changing file ownership (chown)

Contributed by qmchenry on July 5, 2004 under Solaris security

Users are typically able to change the owner of a file that they own. If you consider this a security risk or would like to prevent users from doing this for other reasons, follow the instructions in this recipe.

Comments
 

Adding BANNER information in Solaris ……

Contributed by indianboy on November 17, 2003 under Solaris security

Many tools on the net help to find the OS and the version of the OS that is used and a widely used strategy is first to open a connection to the server and there u have it .

This strategy can be used only to defend against tools which uses the banner grabbing strategy to identify systems and will not help against tools such as NMAP etc which uses more advanced schemes for the same …..

Comments
 

Configuring C-2 Level Security in Solaris

Contributed by indianboy on November 12, 2003 under Solaris security

According to the Orange Book , the operating system security is evaluated and categorised into different levels such as D, C1, C2, B1 etc …

Normally all operating systems in the market tend to have the C1 level of security while Trusted Solaris 8 is B-level certified .While Solaris OE comes with C1 certification , It can be converted to C2 level certification with minimal effort …….

Comments
 

To log all Telnet , FTP Connections to a Solaris Machine

Contributed by indianboy on October 10, 2003 under Solaris security

By default , the solaris inetd deamon does not log the IP address of the machines that are connecting to Solaris Server . To enable the logging of all the IP addresses of machines connecting to the server and the connection time ………..

Comments
 

RBAC: Solaris Role Based Access Control basics

Contributed by qmchenry on October 3, 2003 under Solaris security

Solaris 8 and 9 have a powerful, integrated mechanism originally available only in trusted environments. Role based access control (RBAC) implements an authorization system based on least privilege. In this model, multiple administrative roles can be created and associated with users such that an individual has only the access necessary to perform their delegated tasks such as restarting privileged services, rebooting the system, or managing the print queue. RBAC allows finer grain control of implementing security policies. This recipe is the first of a series about RBAC and provides an introduction to its components.

Comments
 

Change the Solaris telnet banner

Contributed by qmchenry on September 15, 2003 under Solaris security

The default banner displayed during a telnet login contains the Solaris version which can be useful to a potential attacker.

Comments