Securing a Solaris Server - Sources of the Tools

Version 1.4
1/5/2004

Securing a Solaris Server - Sources of the Tools

16. Sources of Tools

Here are some tools that you may find useful in securing your Solaris server. In general, I don't like to use tools to perform this function. The reason is that I like to know what changes were made, so that they can be monitored. Most tools hide the details of their actions, so that you don't know what was changed, and can't monitor the changed files, to determine if an intrusion has occurred.

fix-modes

Fix-modes was created by Casper Dik to adjust the permissions of several files and directories in Solaris, for the purpose of improving security. It is available from ftp://ftp.wins.uva.nl/pub/solaris/fix-modes.tar.gz.

JASS Toolkit

The JASS toolkit was developed by SUN to simplify building secured Solaris systems. It is available from http://www.sun.com/blueprints/tools. There exists good documentation for the current release (0.3) of this toolkit. The best of the documents is the Internals document (11). This document provides fair detail as to what the toolkit actually does.

If you choose to use the JASS toolkit, please be aware that it will be necessary to verify that the changes you made previously are still in place after JASS runs.

Titan

The Titan toolkit was created by Brad Powell to fix or tighten potential security holes in UNIX (Solaris, Linux and FreeBSD). It is available from http://www.trouble.org/titan.

Here is a short list of web sites that you may find useful.

sunsolve.Sun.COM/pub-cgi/show.pl?target=home - SUN Recommended & Security Patches
web.mit.edu/kerberos/www - Kerberos home page
www.auscert.org.au - Australian Computer Emergency Response Team
www.cert.org - CERT Coordination Center
www.cisecurity.com - The Center for Internet Security
www.fish.com - Dan Farmer's web site with lots of computer security related stuff
www.ibiblio.org/pub/solaris/sparc - Solaris Package Archive (SUNSite)
www.infrastructures.org/cfengine - Cfengine
www.rootprompt.org - Root Prompt -- Nothing but Unix
www.sabernet.net/papers/Solaris.html - Solaris Security Guide
www.sans.org - SANS Institute
www.securityfocus.com - SecurityFocus
www.solarisguide.com - SolarisGuide.com
www.sun.com/bigadmin - Sun Large System Administration
www.sun.com/blueprints - SUN Blueprints
www.sun.com/security/blueprints - SUN Security Blueprints
www.sun.com/security/jass - Additional information on the SUN JASS toolkit
www.sunfreeware.com - Sunfreeware

Prev Index Next

If you have any comments or suggestions, please E-mail webmaster@accs.com

© 2004 - Ashford Computer Consulting Service