Hack Proofing Sun Solaris 8 - 1st Edition - ISBN: 9781928994442, 9780080478128

Hack Proofing Sun Solaris 8

1st Edition

Authors: Syngress
Paperback ISBN: 9781928994442
eBook ISBN: 9780080478128
Imprint: Syngress
Published Date: 31st October 2001
Page Count: 608
Tax/VAT will be calculated at check-out
Compatible Not compatible
VitalSource PC, Mac, iPhone & iPad Amazon Kindle eReader
ePub & PDF Apple & PC desktop. Mobile devices (Apple & Android) Amazon Kindle eReader
Mobi Amazon Kindle eReader Anything else

Institutional Access


The only way to stop a hacker is to think like one!

Sun Microsystem's venerable and well-respected operating system Solaris is currently in version 8, and runs on both Intel and Sun Hardware. Solaris is one of the most comprehensive and popular UNIX operating systems available. Hundreds of thousands of business enterprises, both small and large, depend on Sun Solaris to keep their business alive - but have they protected themselves against hackers?

Hack Proofing Sun Solaris 8 is the latest addition to the popular Hack Proofing series from Syngress Publishing. Providing hands-on information written by both security professionals and self-proclaimed hackers, this book will give system administrators the edge they need to fortify their Sun Solaris operating system against the never-ending threat of hackers.

Key Features

The fifth title in the popular series that brought us the bestseller Hack Proofing Your Network Teaches strategy and techniques using forensic-based analysis Up to the minute Web-based support with solutions@syngress.com

Table of Contents


Chapter 1 Introducing Solaris Security: Evaluating Your Risk


Exposing Default Solaris Security Levels

Altering Default Permissions

Making Services Available after Installation

Working with Default Environmental Settings

Evaluating Current Solaris Security Configurations

Evaluating Network Services

Evaluating Network Processes

Monitoring Solaris Systems

Using the sdtprocess and sdtperfmeter Applications

Monitoring Solaris Logfiles

Testing Security

Testing Passwords

Testing File Permissions

Securing against Physical Inspections

Securing OpenBoot

Documenting Security Procedures and Configurations

Documenting Security Procedures

Documenting System Configurations


Solutions Fast Track

Frequently Asked Questions

Chapter 2 Securing Solaris with the Bundled Security Tools


The Orange Book

Choosing Solaris 8 C2 Security

Configuring Auditing

Managing the Audit Log

Understanding Auditing Classifications

Configuring Auditing

Extracting and Analyzing Auditing Data

Choosing Trusted Solaris 8

Using Trusted Solaris 8’s B1-Level Security

Understanding the Concept of Mandatory Access Control

Administrative Labels

Auditing and Analyzing Trusted Solaris 8

Solaris 8 Security Enhancements

Using SunScreen Secure Net

Utilizing SunScreen SKIP

Using the Solaris Security Toolkit

Using OpenSSH


Solutions Fast Track

Frequently Asked Questions

Chapter 3 Securing Solaris with Freeware Security Tools


Detecting Vulnerabilities with Portscanning

Advanced Portscanning

Discovering Unauthorized Systems Using IP Scanning

Using the arp Command on Solaris

Detecting Unusual Traffic with Network Traffic Monitoring

Using Snoop

Using Snort

Using a Dedicated Sniffer

Using Sudo


Solutions Fast Track

Frequently Asked Questions

Chapter 4 Securing Your Users


Creating Secure Group Memberships

Role-Based Access Control

Understanding Solaris User Authentication

Authenticating Users with NIS and NIS+

Authenticating Users with Kerberos

Authenticating Users with the Pluggable Authentication Modules


Solutions Fast Track

Frequently Asked Questions

Chapter 5 Securing Your Files


Establishing Permissions and Ownership

Access Control Lists

Role-Based Access Control

Changing Default Settings

Using NFS

Share and Share Alike

Locking Down FTP Services

Using Samba

Monitoring and Auditing File Systems

Summary 1

Solutions Fast Track

Frequently Asked Questions

Chapter 6 Securing Your Network


Configuring Solaris as a DHCP Server

Using the dhcpmgr GUI Configuration Tool

Using the dhcpconfig Command-Line Tool

Securing DNS Services on Solaris

Using BIND

Configuring Solaris to Provide Anonymous FTP Services

Using X-Server Services Securely

Using Host-Based Authentication

Using User-Based Authentication

Using X-Windows Securely with SSH

Using Remote Commands

Using Built-In Remote Access Methods

Using SSH for Remote Access


Solutions Fast Track

Frequently Asked Questions

Chapter 7 Providing Secure Web and Mail Services


Configuring the Security Features of an Apache Web Server

Limiting CGI Threats

Using Virtual Hosts

Monitoring Web Page Usage and Activity

Configuring the Security Features of Sendmail

Stopping the Relay-Host Threat

Tracking Attachments


Solutions Fast Track

Frequently Asked Questions

Chapter 8 Configuring Solaris as a Secure Router and Firewall


Configuring Solaris as a Secure Router

Reasoning and Rationale

Routing Conditions

Configuring for Routing

Security Optimization

Security Implications

Unconfiguring Solaris Routing

Routing IP Version 6

Configuration Files

IPv6 Programs

IPv6 Router Procedure

Stopping IPv6 Routing

IP Version 6 Hosts

Automatic Configuration

Manual Configuration

Configuring Solaris as a Secure Gateway

Configuring Solaris as a Firewall

General Firewall Theory

General Firewall Design

SunScreen Lite

IP Filter

Using NAT

Guarding Internet Access with Snort

Snort Configuration File

Snort Log Analysis


Solutions Fast Track

Frequently Asked Questions

Chapter 9 Using Squid on Solaris


The Default Settings of a Squid Installation

Configuring Squid

The http_port Tag

The cache_dir Tag

Access Control Lists

Configuring SNMP

Configuring the cachemgr.cgi Utility

New in Squid 2.4—Help for IE Users

Configuring Access to Squid Services

The Basics of Basic-Auth

Access Control for Users

Access Control Lifetime

Configuring Proxy Clients

Excluding Access to Restricted Web Sites

Filtering Content by URL

Filtering by Destination Domain

Filtering by MIME Type

Filtering by Content-Length Header


Solutions Fast Track

Frequently Asked Questions

Chapter 10 Dissecting Hacks


Securing against Denial of Service Hacks

Ping of Death

Syn Flood

E-Mail Flood

Securing against Buffer Overflow Hacks

Buffer Overflow against a Web Server

Buffer Overflow against an FTP Server

Securing against Brute Force Hacks

Defending against Password Crackers

Securing against Trojan Horse Hacks

Defending against Rootkits

Defusing Logic Bombs

Defending against PATH and Command Substitution

Securing against IP Spoofing

Securing Your .rhosts File

MAC Address Spoofing


Solutions Fast Track

Frequently Asked Questions

Chapter 11 Detecting and Denying Hacks


Monitoring for Hacker Activity

Using Tripwire

Using Shell Scripts to Alert Systems Administrators

Monitoring Running Processes

Monitoring CPU Activity

Putting It All Together

What to Do Once You’ve Detected a Hack

What’s a Honeypot

Monitoring Solaris Log Files

Solaris Log Files to Review

Creating Daily Reports

A State-of-the-System Report


Solutions Fast Track

Frequently Asked Questions

Hack Proofing Sun Solaris 8 Fast Track

Index 381


No. of pages:
© Syngress 2001
eBook ISBN:
Paperback ISBN:

About the Author