Version 1.4
1/5/2004

Securing a Solaris Server - Post the Warnings

  1. Introduction
  2. History of this Web Page
  3. Overview
  4. Network Topology
  5. System Hardware Configuration
  6. Initial Installation
  7. Minimizing Solaris
  8. Minimizing Network Services
  9. Remove the Solaris Installation Leftovers
  10. Install Necessary Third Party Packages
  11. Close the Doors
  12. Obscure the Tracks
  13. Post the Warnings
  14. Perform System Backups
  15. Watch for Changes
  16. Sources of Tools
  17. Bibliography

---------------

 
Purchase Policies Contact ACCS Aout ACCS Home Papers & Projects Services Products

13. Post the Warnings

This section describes how to post warnings so that users will see them. I strongly suggest that your legal department check the exact wording of these messages.
/etc/default/telnetd
Add the following line at the end of this file. If there is another line for BANNER, it should be commented out. This line contains a message that will be displayed when a telnet connection occurs. This should be done, even if telnet is disabled.
BANNER="\r\nWARNING: Authorized use only.  Usage may be monitored.\r\n\r\n"

/etc/default/ftpd
Add the following line at the end of this file. If there is another line for BANNER, it should be commented out. This line contains a message that will be displayed when a FTP connection occurs. This should be done, even if FTP is disabled.
BANNER="\r\nWARNING: Authorized use only.  Usage may be monitored.\r\n\r\n"

/etc/motd
Place the following message (or a similar one) into this file. It contains a message that will be printed after a successful login.
This is a private computer facility.  Access for any reason must be
specifically authorized by the owner.  Unless you are so authorized,
your continued access and any other use may expose you to criminal
and/or civil proceedings.  Usage may be monitored.

/etc/issue
Place the following message (or a similar one) into this file. It contains a message that will be printed during the login process.
This is a private computer facility.  Access for any reason must be
specifically authorized by the owner.  Unless you are so authorized,
your continued access and any other use may expose you to criminal
and/or civil proceedings.  Usage may be monitored.

NOTE: The users may see both the /etc/motd and the /etc/issue messages when they login.

Boot PROM
The SPARC Boot PROM can store a warning message, to be displayed at boot time. This message is stored in the oem-banner environment variable, which should be set as follows:
This system property of ABCD Corp
Please remember to replace the company name (ABCD Corp) with the name of your company.

Prev Index Next

If you have any comments or suggestions, please E-mail webmaster@accs.com

© 2004 - Ashford Computer Consulting Service