[rescue] Solaris security

Chris Byrne rescue at sunhelp.org
Fri Jul 27 20:19:52 CDT 2001


Ok, the best thing you can do is install the minimum distribution, shut off
EVERY single service except those that you are providing, get the latest
binaries for those particular services, with all patches, then apply the
latest RPL, the bigadmin recommended security config fixes, and YASSP.
That'll get rid of 99% or more of your problems. The other 1% can only
really be solved with a 24 hour monitored firewall and intrusion detection
setup, so I wouldnt worry too badly.

Oh, and I'm the CTO of a security company, so I should in theory know at
least a little about this subject ;-)

Chris Byrne
==========================================
Chief Technical Officer, INSL Ireland Ltd.
Unit 36 Beechwood Close, Bray, Co. Wicklow
HTTP://www.INSL.ie
Tel: +353.(0)1.201.4190
Fax: +353.(0)1.286.4328
==========================================

-----Original Message-----
From: rescue-admin at sunhelp.org [mailto:rescue-admin at sunhelp.org]On
Behalf Of Mike Nicewonger
Sent: 27 July 2001 22:51
To: 'rescue at sunhelp.org'
Subject: [rescue] Solaris security


Hi Gang,

I am thinking of putting an Ultra 1 up for some tasks connected directly to
the
Internet. I was wondering about the security of Solaris. I know it needs to
be
patched and all that, turn off un-needed stuff etc. Any other big glaring
holes
in it or is it a fairly secure enough OS?

And no, I am not in the mood for an OS holy war either!!

-Mike N
_______________________________________________
rescue maillist  -  rescue at sunhelp.org
http://www.sunhelp.org/mailman/listinfo/rescue




More information about the rescue mailing list