[rescue] Solaris security (best way to approach)
BSD Bob the old greybeard BSD freak
rescue at sunhelp.org
Wed Aug 1 09:23:02 CDT 2001
> Rip Loomis
> Senior Systems Security Engineer, SAIC CIST
> Brainbench MVP for Internet Security
> http://www.brainbench.com [Transcript 1923411]
Rip, or anyone else on the list that might have suggestions:
I am a bit of a solaris dummy, but am quite comfy on any of the
BSD's.
I did a new sol8 install on an SS5 in the office a few weeks back,
and about a week after installation, I was sitting at root on the
cmdline console, and happened to notice errormessages floating by
indicating that I was being hacked (the recent sadmind thing).
I promptly yanked the box and reloaded one of my BSD's on it,
and have been happy and unexploited ever since.
But, I do need to get some more detailed experience building a
hardened sol8 box. So, I am back to reinstalling sol8.
For the sake of rescueing the box again, on sol8, and protecting
it from excessive hacking, what does it actually take to add or
patch into a stock sol8 install (01/01 bin) beyond the usual
install everything off the disk1 cd? What do I need to add in,
what url(s) do I follow, and what tricks/settings/switches do
I need to be aware of to minimize the usual script kiddie hacks
that I thought a stock sol8 install ought to be more immune to.
Thanks
Dummy Bob.....(Oh, well, gotta learn it sometime, and it might
as well be now.....(:+}}...)
More information about the rescue
mailing list