For Solaris sysadmins, it's been very difficult to find solid information on Solaris security. Most Solaris books don't cover security well; most security books don't cover Solaris well. Now, there's an outstanding security book focused totally on Solaris environments: The Solaris Security Handbook. Author Peter Gregory has been responsible for securing everything from top-secret AT&T facilities to casinos. Now, he shares his expert insights, offering specific techniques for protecting every element of a Solaris-based network. Start with an up-to-date look at today's security challenges, and a real-world framework for planning system security. Then, walk through standalone system security: PROMs, physical security, boot paths, filesystem security; permissions; auditing tools; user accounts; passwords; startup and shutdown, and more. Next, learn how to secure network interfaces; architect your network for better security; protect E-mail and printing; restrict access over the network; and enhance the security of NIS, NIS+, DNS, and NFS. You'll even find detailed coverage of disaster recovery -- from advance preparation through recovering compromised systems. For all Solaris and UNIX system administrators.

Table of Contents:
I. INTRODUCTION. 1. The Security Problem. Causes of Security Weaknesses. Growth of Network Connectivity. Software Vulnerabilities. Employees and Contractors. Motivated and Resourceful Hackers. Site Policies. 2. The Security Paradigm. Principle 1: The Hacker Who Breaks into Your System Will Probably Be Someone You Know. Principle 2: Trust No One, or Be Careful about Whom You Are Required to Trust. Principle 2a: Don't Trust Yourself, or Verify Everything You Do. Principle 3: Make Would-Be Intruders Believe They Will Be Caught. Principle 4: Protect in Layers. Principle 5: While Planning Your Security Strategy, Presume the Complete Failure of Any Single Security Layer. Principle 6: Make Security a Part of the Initial Design. Principle 7: Disable Unneeded Services, Packages, and Features. Principle 8: Before Connecting, Understand and Secure. Principle 9: Prepare for the Worst. The Nine Principles: A Way of Life. II. THE STANDALONE SYSTEM. 3. The PROM, OpenBoot, and Physical Security. What Is the PROM? What Is OpenBoot? Why Users Must Be Kept Out of OpenBoot. Protecting OpenBoot by Setting Security Parameters. Procedures for Changing OpenBoot Security Levels. All Passwords Lost—Partial Recovery Procedure. Boot Device Recommendations. Change the OpenBoot Banner. Recover a Lost Root Password. Physical Security Considerations. Theft and Access Prevention. Audit PROMs. OpenBoot Passwords. CD-ROM Drives. Backup Media. OS Release Media. Where to Go for Additional Information. 4. The Filesystem. What Is the Filesystem? Some Applications Require Open Permissions. Understanding File and Directory Permissions. Who: User, Group, and Other. Permission Summary: Read, Write, Execute, SetUID, SetGID, Sticky Bit. Putting It All Together: The Who and the What. How to View File and Directory Permissions. Permissions: Numeric Form. Setting File and Directory Permissions—Numeric. Setting File and Directory Permissions—Symbolic. umask and How It Works. Default File Permissions and umask. Root User umask. Default Directory Permissions and umask. How to Find Files with Specific Permission Settings. System Device Access Permissions. Filesystem Auditing Tools. ASET. COPS. Tiger. Tripwire. lsof (list open files). Other Security Tools and Techniques. Check /etc Permissions. Ensure Proper utmp and utmpx Permissions. Use Fix-modes Tool to Enhance Security. Use the fuser Command. Use the ls Command to Show Hidden Files and Hidden Characters in Filenames. Alias the rm Command. Randomize Filesystem Inode Numbers with fsirand. Filesystem Quotas. Filesystem Access Control Lists. Where to Go for Additional Information. 5. User Accounts and Environments. Introduction. User Account Security. The Root Account. Other Administrative Accounts and Groups. User Accounts. When Users Need Root Privileges. PATH and LD_LIBRARY_PATH. The Password, Shadow, and Group Files. Password File. Shadow File. Password Security. UNIX Groups. The /etc/default/passwd File. Root Access. Direct Root Login. The su Command. Shell and Application Security. Forced Application Startup. Include System Name in Root Shell Prompt. Restricted Shell. Default Login Environment. Writing Directly to the Console. Program Buffer Overflow. Additional Process Information. X-Windows Security. X-Windows Screen Lock, Manual. X-Windows Screen Lock, Auto. X-Windows Display Permissions. Auditing Tools. COPS. Crack. Where to Go for Additional Information. 6. System Startup and Shutdown. System Run Levels. Determining Current Run Level. System Startup. PROM. init. Multiuser Mode. The rc Mechanism. System Shutdown. init. uadmin. More Information on rc Files. An Example rc File Examined. Auditing Startup and Shutdown Mechanisms. COPS. Tripwire. Modifying Startup and Shutdown Mechanisms. Adding Startup and Shutdown Scripts. Changing Startup and Shutdown Scripts. Disabling Startup and Shutdown Scripts. More on Linked Startup Files. Where to Go for Additional Information. 7. cron and at. cron. What is cron? How cron Works. How cron Is Configured. cron User Configuration. User Access to cron System. at. What Is at? How at Works. User Access to at System. Common Mistakes to Avoid. Failure to Adequately Conceal Programs Launched by cron. Leaving crontab Files Lying Around for All to See. Unsecure PATH Elements in Scripts Launched by cron. Indeterminate PATH Elements in Scripts Launched by cron. Use of stdin and stdout in cron and at Jobs. Auditing Tools. Tripwire. COPS. Where to Go for Additional Information. 8. System Logs. What Is a System Log. syslog. syslog Facilities and Severity Levels. syslog Message Classification Notation. syslog Configuration. Debugging syslog. loginlog. sulog. Last Log. Volume Manager Log. Install Log. sysidtool Log. Tools to Help with Logging. Logcheck. Where to Go for Additional Information. III. THE NETWORK-CONNECTED SYSTEM. 9. Network Interfaces and Services. Networks. Network Interfaces. Network Interface Characteristics. Network Interface Configuration. ifconfig. ndd. Turn Off IP Forwarding with /etc/notrouter. netstat. /etc/inet/hosts. /etc/inet/netmasks. /etc/defaultrouter. /etc/nodename. /etc/hostname.interface. How Adaptors Are Configured. Promiscuous Mode. Network Services. Unnecessary Services. Network Service Numbers. Network Service Configuration. How Network Services Are Started. Daemon Network Services Not Started with inetd. Routing. Adding Static Routes. Adding Dynamic Routes. Using snoop. Where to Go for Additional Information. 10. Network/System Architecture. What Is an Architecture? Simple vs Complex Architectures. Architecture Principles. Principle 1: Minimize the Number of Failure Points (or Shorten the Critical Path). Principle 2: Keep Services Close to Those Being Served. Principle 3: Vertically Align Services with Their Applications. Principle 4: Prepare for Increasing Network Partitioning. 11. Electronic Mail. Overview of E-Mail. Transport Agent. Delivery Agent. User Agent. Types of E-Mail Security Weaknesses. Auth (or Identd) Protocol. Message Brokering. Message Source Routing. Privacy. Authenticity. Mitigating E-Mail Security Weaknesses. Run Sendmail Only on Mail Servers. Disconnect Inside Mail Server(s) from the Internet. Prevent Message Source Routing. Implement Mail Encryption and Digital Signatures. Replace Sendmail. Remove Unnecessary E-Mail Aliases. Implement Smrsh. Implement ForwardPath. Where to Go for Additional Information. 12. Printing. Printing Architectures. Print Subsystem Directories. Auditing Print Subsystem Directories. Local Printing. Local Print Devices. How to Determine Which Device a Specific Printer Uses. Print Device Permissions. Auditing Print Device Permissions. Restricting Access to Printers and Print Servers. Direct Access to Network Printers. Where to Go for Additional Information. 13. Network Access Control. Network Access Control Principles. Unnecessary Network Access Points Are Security Risks. Unguarded Network Access Points Are Security Risks. Necessary and Unnecessary Services. How to Disable Unnecessary Services. Strengthening Network Access Control. inetd Connection Tracing. TCP Wrappers. Public-Domain rpcbind. .rhosts File—Gateway to the r-Commands. /etc/hosts.equiv File. Auditing .rhosts and hosts.equiv Files 170 Secure Replacement for telnet, rsh, and rlogin. ftp. tftp. X-Windows Is Unsecure. Firewalls. Testing System Accessibility. Satan. ISS. Intrusion Detection. Syn. Klaxon. Courtney. Tocsin. Gabriel. Intrusion Detection: Staying Current. Authentication. System Authentication. DES (Diffie-Hellman) Authentication. Kerberos Authentication. Virtual Private Networks. SKIP. IPsec. Where to Go for Additional Information. 14. Name Services. Domain Name Service (DNS). /etc/nsswitch.conf. /etc/resolv.conf. DNS Security Weaknesses and Solutions. Too Much Information Visible to the Internet. Illicit Zone Transfers from DNS Servers. Differences Between nslookup and Actual DNS Queries. Public-Domain DNS (BIND). DIG Public-Domain Tool. Disable nscd Caching. Know Your BIND Version. NIS. Obtaining and Installing NISKIT. NIS Security Weaknesses and Solutions. Move NIS Maps out of /etc Directory. Protect NIS Maps Directory. Use a Hard-to-Guess NIS Domain Name. Implement /var/yp/securenets. Hide Shadow Fields. Avoid Illicit NIS Servers. Keep Root and Other Administrative Accounts out of NIS. Disable nscd Caching. Other NIS Weaknesses. NIS+. NIS+ Default Access Rights. Access Rights for Principal nobody. NIS+ Security Level. Administering NIS+. Back Up NIS+ Tables. Flush NIS+ Transactions. Keep Root and Other Administrative Accounts Out of NIS+. Disable nscd Caching. Name Service Switch. nscd. Where to Go for Additional Information. 15. NFS and the Automounter. NFS. NFS Operations. Improving Security with NFS Share. Improving Security with NFS Mount. Improving Security by Setting NFS Portmon. NFS Authentication. Servers as NFS Clients. NFS and Access Control Lists. NFS on the Network. Disabling NFS. Automounter. Indirect Automounter Maps. Direct Automounter Maps. Automounter Browsing. Automounter and the Name Service Switch. Disabling Automounter. Where to Go for Additional Information. IV. DISASTER AND RECOVERY. 16. System Recovery Preparation. What Can and Will Go Wrong. Natural Disaster. Man-Made Disaster. Inside Utility Failure. Hardware Failure. UNIX Administrator Error. Documentation Error. Programmer Error. User Error. Sabotage. Preparing for Recovery. Create an Incident Reponse Team. System Filesystem Design. Filesystem Geometry. Tape Backups. System Recovery Testing. Release Media. System Event Logbooks. Solaris and Tool Patches. CD-ROM Drives. Hardware and Software Service Agreements. Keep Hardware Spares. Copies of Critical Server PROMs. Disk Space to Spare. Recovery Documentation. Contacts and Cross-Training. Partner with Inside Suppliers. Partner with Outside Suppliers. Where to Go for Additional Information. V. APPENDICES. A: Online Sources for Security Information. Security Web Sites. Hacker Web Sites. Security Mailing Lists. Patches. B: Online Sources for Public-Domain Security Tools. TCP/IP Security Tools. ISS (Internet security scan). Satan (Security Administrator's Tool for Analyzing Networks). cpm (check promiscuous mode). tcpdump (network monitoring and data acquisition). Access Control Security Tools. TCP Wrappers. rpcbind. Ssh (secure shell). Kerberos. crack (password cracker). fwtk (firewall toolkit). S/Key. Intrusion Detection Tools. Klaxon. Courtney. Tocsin. Gabriel. syn. Filesystem Security Tools. Tiger. Tripwire. COPS. Encryption Tools. PGP. MD5. E-Mail Security Tools. SMAP (sendmail wrapper). sendmail V8 (public-domain sendmail). Postfix (formerly Vmailer). smrsh. DNS Tools. Public-Domain BIND. Dig. Other DNS Tools. Other Tools and Sources. logcheck. lsof (list open files). Patchdiag. fix-modes. perl. Washington University ftpd. Security Tools Sites. CERT Tools. CIAC Tools. COAST Tools. Doug's Tools. LIST (Laboratory for Information Security Technology) Security Tools. Sun Freeware Site. Wietse Venema's UNIX Security Tools Collection. Hacker Tools Sites. C: Obtaining and Applying Solaris Patches. Sources for Patch Information. Understanding Solaris Patches. Understanding Solaris Patch Clusters. Sources for Patches. Patch Installation Strategies. Before Installing Patches. Which Patches to Install. Testing Patches. For Patches Requiring System Reboot. The patchdiag Program. Patch Installation Procedure, Solaris 2.x—2.5.1. Patch Installation Procedures for Solaris 2.6 and Solaris 7. Solaris OS Upgrades. Where to Go for Additional Information. D: Suggested Reading. Books. Publications and Articles Available Online. SunSolve Publications. Periodicals Online. Internet RFCs. E: Solaris Security Products. SunScreen EFS. SunScreen SPF. SunScreen SKIP. Sun Security Manager. SunScreen SecureNet. Trusted Solaris. Where to Go for Additional Information. F: Implementing C2 Security. What Is C2 Security? Implications of C2 Security. Enabling C2 Security. Disabling C2 Security. Managing C2 Security. Configuration of C2 Audit Capture. Management of C2 Logs. Management of Performance. Audit Events. Audit Trail Analysis. Removable Media Management. Device Allocation. Recommendations. Where to Go for Additional Information. G: Verifying the Integrity of Public-Domain Software. Verification Using PGP. Verification Using MD5. Where to Go for Additional Information. H: Glossary of Attacks. I: Secure System Checklist. Index.