Securing a Solaris Server
This web page is a merging of the published security suggestions of several people. These people include Lance Spitzner, Keith Watson and Alex Noordergraaf, among others. It combines, and extends, their ideas using the paranoia I've learned through 22 years of working in the computer field. More information on the source papers can be found in the bibliography.
In addition, several people at the San Diego Supercomputer Center (SDSC) assisted me with this web page. That help included: a) Pointing me to additional reference papers, b) Helping with some of the more esoteric technical issues, and c) Proofreading to find glaring technical errors.
Finally, Stephanie Gates of The Scripps Research Institute (TSRI) was of enormous assistance in the final editing.
This web page was written specifically for the initial release of Solaris 8. Most of the functions performed here will also work on other versions of Solaris, but the exact procedure (file names and variables) may change. Additionally, many of the topics covered in this web page are applicable to other versions of UNIX, and to non-Server systems.
Table of Contents:
I've been employed by Cray, Inc. as a Customer Engineer for the San Diego Supercomputer Center (SDSC). I previously worked for the Atlantic Research Corporation (now a part of Computer Sciences Corporation) and Logicon (now a part of Northrop-Grumman).
I was first introduced to the concept of computer security in 1980, when I worked for the government as a computer operator. In 1983, I worked for Logicon developing a Multilevel Secure Operating System. In 1987, I worked for Atlantic Research Corporation developing a B1 secure DBMS command and data filtering system (TruData).
From 1990 to 2001, I worked for Cray. The average Cray customer pays quite a bit for their computer, and they expect to get the full capabilities of what they bought. They do not expect to have it stolen by a resource thief. As part of my job, I've been asked, on occasion, to help ensure that the systems I worked on were appropriately secure.
If you have any comments or suggestions, please E-mail firstname.lastname@example.org
© 2004 - Ashford Computer Consulting Service