Version 1.4
1/5/2004

Securing a Solaris Server - Sources of the Tools

  1. Introduction
  2. History of this Web Page
  3. Overview
  4. Network Topology
  5. System Hardware Configuration
  6. Initial Installation
  7. Minimizing Solaris
  8. Minimizing Network Services
  9. Remove the Solaris Installation Leftovers
  10. Install Necessary Third Party Packages
  11. Close the Doors
  12. Obscure the Tracks
  13. Post the Warnings
  14. Perform System Backups
  15. Watch for Changes
  16. Sources of Tools
  17. Bibliography

---------------

 
Purchase Policies Contact ACCS Aout ACCS Home Papers & Projects Services Products

16. Sources of Tools

Here are some tools that you may find useful in securing your Solaris server. In general, I don't like to use tools to perform this function. The reason is that I like to know what changes were made, so that they can be monitored. Most tools hide the details of their actions, so that you don't know what was changed, and can't monitor the changed files, to determine if an intrusion has occurred.
fix-modes
Fix-modes was created by Casper Dik to adjust the permissions of several files and directories in Solaris, for the purpose of improving security. It is available from ftp://ftp.wins.uva.nl/pub/solaris/fix-modes.tar.gz.

JASS Toolkit
The JASS toolkit was developed by SUN to simplify building secured Solaris systems. It is available from http://www.sun.com/blueprints/tools. There exists good documentation for the current release (0.3) of this toolkit. The best of the documents is the Internals document (11). This document provides fair detail as to what the toolkit actually does.

If you choose to use the JASS toolkit, please be aware that it will be necessary to verify that the changes you made previously are still in place after JASS runs.

Titan
The Titan toolkit was created by Brad Powell to fix or tighten potential security holes in UNIX (Solaris, Linux and FreeBSD). It is available from http://www.trouble.org/titan.

Here is a short list of web sites that you may find useful.

Prev Index Next

If you have any comments or suggestions, please E-mail webmaster@accs.com

© 2004 - Ashford Computer Consulting Service