[geeks] Solaris host-based security audit/hardening packages?
velociraptor
velociraptor at gmail.com
Tue Jul 5 11:51:18 CDT 2005
On 7/5/05, geeks at litfire.com <geeks at litfire.com> wrote:
> I'm just wondering what people are using for host-based security scanners
> for Solaris 9. I'm looking for something free or cheap, and preferably
> easily extensible for adding specific requirements for various partner
> relationship audits.
>
>
>
> In looking over Solaris Security Toolkit, it seems somewhat obtuse, and I
> was wondering if there was a great tool I'm missing because I'm not putting
> the right things in when searching various places.
Are you just looking for something to flag issues, or something beyond
that?
The CIS scanning tool is very thorough and updated pretty regularly.
It's a package consisting of a perl script and a few adjunct files. The
nice thing about it is that there are versions for various OSes besides
Solaris. It only flags and reports an aggregate score. Picking it
apart and/or adding to it should be fairly straight-forward.
http://www.cisecurity.org/
Some people don't like the "philosophy" behind some of the
recommendations, so YMMV. (It kinda assumes that your server
will be hanging out there alone on the internet without anything in
front of it.) It does no remediation, just flags things. There is an
accompanying document (w/references) that describes the things
flagged and suggested remediations.
And, it's an OS scanner--it doesn't get into the apps: web server,
dns, etc.
=Nadine=
More information about the geeks
mailing list