Hack Proofing Sun Solaris 8 book cover

Hack Proofing Sun Solaris 8

The only way to stop a hacker is to think like one!Sun Microsystem's venerable and well-respected operating system Solaris is currently in version 8, and runs on both Intel and Sun Hardware. Solaris is one of the most comprehensive and popular UNIX operating systems available. Hundreds of thousands of business enterprises, both small and large, depend on Sun Solaris to keep their business alive - but have they protected themselves against hackers? Hack Proofing Sun Solaris 8 is the latest addition to the popular Hack Proofing series from Syngress Publishing. Providing hands-on information written by both security professionals and self-proclaimed hackers, this book will give system administrators the edge they need to fortify their Sun Solaris operating system against the never-ending threat of hackers.

Paperback, 608 Pages

Published: October 2001

Imprint: Syngress

ISBN: 978-1-928994-44-2

Contents


  • Foreword

    Chapter 1 Introducing Solaris Security: Evaluating Your Risk

    Introduction

    Exposing Default Solaris Security Levels

    Altering Default Permissions

    Making Services Available after Installation

    Working with Default Environmental Settings

    Evaluating Current Solaris Security Configurations

    Evaluating Network Services

    Evaluating Network Processes

    Monitoring Solaris Systems

    Using the sdtprocess and sdtperfmeter Applications

    Monitoring Solaris Logfiles

    Testing Security

    Testing Passwords

    Testing File Permissions

    Securing against Physical Inspections

    Securing OpenBoot

    Documenting Security Procedures and Configurations

    Documenting Security Procedures

    Documenting System Configurations

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Chapter 2 Securing Solaris with the Bundled Security Tools

    Introduction

    The Orange Book

    Choosing Solaris 8 C2 Security

    Configuring Auditing

    Managing the Audit Log

    Understanding Auditing Classifications

    Configuring Auditing

    Extracting and Analyzing Auditing Data

    Choosing Trusted Solaris 8

    Using Trusted Solaris 8’s B1-Level Security

    Understanding the Concept of Mandatory Access Control

    Administrative Labels

    Auditing and Analyzing Trusted Solaris 8

    Solaris 8 Security Enhancements

    Using SunScreen Secure Net

    Utilizing SunScreen SKIP

    Using the Solaris Security Toolkit

    Using OpenSSH

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Chapter 3 Securing Solaris with Freeware Security Tools

    Introduction

    Detecting Vulnerabilities with Portscanning

    Advanced Portscanning

    Discovering Unauthorized Systems Using IP Scanning

    Using the arp Command on Solaris

    Detecting Unusual Traffic with Network Traffic Monitoring

    Using Snoop

    Using Snort

    Using a Dedicated Sniffer

    Using Sudo

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Chapter 4 Securing Your Users

    Introduction

    Creating Secure Group Memberships

    Role-Based Access Control

    Understanding Solaris User Authentication

    Authenticating Users with NIS and NIS+

    Authenticating Users with Kerberos

    Authenticating Users with the Pluggable Authentication Modules

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Chapter 5 Securing Your Files

    Introduction

    Establishing Permissions and Ownership

    Access Control Lists

    Role-Based Access Control

    Changing Default Settings

    Using NFS

    Share and Share Alike

    Locking Down FTP Services

    Using Samba

    Monitoring and Auditing File Systems

    Summary 1

    Solutions Fast Track

    Frequently Asked Questions

    Chapter 6 Securing Your Network

    Introduction

    Configuring Solaris as a DHCP Server

    Using the dhcpmgr GUI Configuration Tool

    Using the dhcpconfig Command-Line Tool

    Securing DNS Services on Solaris

    Using BIND

    Configuring Solaris to Provide Anonymous FTP Services

    Using X-Server Services Securely

    Using Host-Based Authentication

    Using User-Based Authentication

    Using X-Windows Securely with SSH

    Using Remote Commands

    Using Built-In Remote Access Methods

    Using SSH for Remote Access

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Chapter 7 Providing Secure Web and Mail Services

    Introduction

    Configuring the Security Features of an Apache Web Server

    Limiting CGI Threats

    Using Virtual Hosts

    Monitoring Web Page Usage and Activity

    Configuring the Security Features of Sendmail

    Stopping the Relay-Host Threat

    Tracking Attachments

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Chapter 8 Configuring Solaris as a Secure Router and Firewall

    Introduction

    Configuring Solaris as a Secure Router

    Reasoning and Rationale

    Routing Conditions

    Configuring for Routing

    Security Optimization

    Security Implications

    Unconfiguring Solaris Routing

    Routing IP Version 6

    Configuration Files

    IPv6 Programs

    IPv6 Router Procedure

    Stopping IPv6 Routing

    IP Version 6 Hosts

    Automatic Configuration

    Manual Configuration

    Configuring Solaris as a Secure Gateway

    Configuring Solaris as a Firewall

    General Firewall Theory

    General Firewall Design

    SunScreen Lite

    IP Filter

    Using NAT

    Guarding Internet Access with Snort

    Snort Configuration File

    Snort Log Analysis

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Chapter 9 Using Squid on Solaris

    Introduction

    The Default Settings of a Squid Installation

    Configuring Squid

    The http_port Tag

    The cache_dir Tag

    Access Control Lists

    Configuring SNMP

    Configuring the cachemgr.cgi Utility

    New in Squid 2.4-Help for IE Users

    Configuring Access to Squid Services

    The Basics of Basic-Auth

    Access Control for Users

    Access Control Lifetime

    Configuring Proxy Clients

    Excluding Access to Restricted Web Sites

    Filtering Content by URL

    Filtering by Destination Domain

    Filtering by MIME Type

    Filtering by Content-Length Header

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Chapter 10 Dissecting Hacks

    Introduction

    Securing against Denial of Service Hacks

    Ping of Death

    Syn Flood

    E-Mail Flood

    Securing against Buffer Overflow Hacks

    Buffer Overflow against a Web Server

    Buffer Overflow against an FTP Server

    Securing against Brute Force Hacks

    Defending against Password Crackers

    Securing against Trojan Horse Hacks

    Defending against Rootkits

    Defusing Logic Bombs

    Defending against PATH and Command Substitution

    Securing against IP Spoofing

    Securing Your .rhosts File

    MAC Address Spoofing

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Chapter 11 Detecting and Denying Hacks

    Introduction

    Monitoring for Hacker Activity

    Using Tripwire

    Using Shell Scripts to Alert Systems Administrators

    Monitoring Running Processes

    Monitoring CPU Activity

    Putting It All Together

    What to Do Once You’ve Detected a Hack

    What’s a Honeypot

    Monitoring Solaris Log Files

    Solaris Log Files to Review

    Creating Daily Reports

    A State-of-the-System Report

    Summary

    Solutions Fast Track

    Frequently Asked Questions

    Hack Proofing Sun Solaris 8 Fast Track

    Index 381


Advertisement

advert image