[geeks] Securing Solaris - opinions...
Ido Dubrawsky
idubraws at dubrawsky.org
Thu Mar 18 07:30:08 CST 2004
On Wed, Mar 17, 2004 at 03:39:27PM -0600, geeks-request at sunhelp.org wrote:
> From: adh at an.bradford.ma.us (Sandwich Maker)
> Subject: Re: [geeks] Securing Solaris - opinions...
> To: geeks at sunhelp.org
> Message-ID: <200403171916.OAA01517 at an.bradford.ma.us>
>
> "From: Lionel Peterson <lionel4287 at verizon.net>
> "
> "I stumbled across this page: http://www.accs.com/p_and_p/SolSec/index.html
> "
> "Anyone have opinions on what they profess, and/or any alternative guides for
> "hardening Solaris? I want to make a public Solaris server at home, but need
> "guidance on best practices...
>
> seen cisecurity.org? they have a hardness scoring tool which leans
> toward the aggressive side. sans.org has mountains of good stuff to
> wade through...
>
See the following:
http://www.sun.com/solutions/blueprints/browsesubject.html#security
They're pretty authoratative. I once built a firewall using a Sun SPARCstation
10 with Solaris 7 and IPfilter...the entire footprint of Solaris was around 36
MB (and that included OpenSSH, and an apache server)...it passed muster with
our Security Advisor who came from the NSA. And all I did was follow the
blueprints at Sun's website.
I've also used the cisecurity.org scanner. It's quite nice.
Ido
--
===============================================================================
Ido Dubrawsky, CISSP E-mail: ido at dubrawsky.org
Network Security Architect
dubrawsky.org
500 Hermleigh Rd
Silver Spring, MD. 20902
(301) 651-5441 (cell)
===============================================================================
More information about the geeks
mailing list