Hack Proofing Sun Solaris 8
The only way to stop a hacker is to think like one!\ Sun Microsystem's venerable and well-respected operating system Solaris is currently in version 8, and runs on both Intel and Sun Hardware. Solaris is one of the most comprehensive and popular UNIX operating systems available. Hundreds of thousands of business enterprises, both small and large, depend on Sun Solaris to keep their business alive - but have they protected themselves against hackers?\ Hack Proofing Sun Solaris 8 is the latest...
Search in google:
As a child, my father and I tried to design a birdfeeder that was easily accessible by birds but impossible to reach by squirrels. Our birdfeeders ranged from the simple to the absurd. Each design worked temporarily, but eventually the squirrels would figure out a way around our defenses. Our efforts were helping breed a smarter, craftier squirrel. The "Ultimate Squirrel-Proof Birdfeeder" scenario is similar to the challenges we face in computer security. How can we provide easy access to resources by the authorized user and still deny unauthorized access? Luckily, as Solaris System Administrators, we have excellent tools available to us. Sun Microsystems has designed Solaris to be both stable and secure. This book is your reference guide for not only securing your Solaris systems, but also for securing the environment in which they operate.
ForewordxxiChapter 1Introducing Solaris Security: Evaluating Your Risk1Introduction2Exposing Default Solaris Security Levels2Altering Default Permissions2Making Services Available after Installation4Working with Default Environmental Settings7Evaluating Current Solaris Security Configurations9Evaluating Network Services9Evaluating Network Processes11Monitoring Solaris Systems14Using the sdtprocess and sdtperfmeter Applications14Monitoring Solaris Logfiles16Testing Security18Testing Passwords18Testing File Permissions20Securing against Physical Inspections21Securing OpenBoot21Documenting Security Procedures and Configurations22Documenting Security Procedures22Documenting System Configurations24Chapter 2Securing Solaris with the Bundled Security Tools33Introduction34The Orange Book35Choosing Solaris 8 C2 Security38Configuring Auditing40Managing the Audit Log42Understanding Auditing Classifications43Configuring Auditing44Extracting and Analyzing Auditing Data45Choosing Trusted Solaris 847Using Trusted Solaris 8's B1-Level Security48Understanding the Concept of Mandatory Access Control50Administrative Labels53Auditing and Analyzing Trusted Solaris 854Solaris 8 Security Enhancements55Using SunScreen Secure Net55Utilizing SunScreen SKIP56Using the Solaris Security Toolkit Working with the Solaris Security58Using OpenSSH59Chapter 3Securing Solaris with Freeware Security Tools67Introduction68Detecting Vulnerabilities with Portscanning71Advanced Portscanning76Discovering Unauthorized Systems Using IP Scanning77Using the arp Command on Solaris79Detecting Unusual Traffic with Network Traffic Monitoring81Using Snoop82Using Snort83Using a Dedicated Sniffer86Using Sudo88Chapter 4Securing Your Users99Introduction100Creating Secure Group Memberships101Role-Based Access Control103Understanding Solaris User Authentication104Authenticating Users with NIS and NIS+107Authenticating Users with Kerberos109Authenticating Users with the Pluggable Authentication Modules115Chapter 5Securing Your Files127Introduction128Establishing Permissions and Ownership129Access Control Lists132Role-Based Access Control135Changing Default Settings138Using NFS142Locking Down FTP Services145Using Samba147Monitoring and Auditing File Systems151Chapter 6Securing Your Network159Introduction160Configuring Solaris as a DHCP Server160Using the dhcpmgr GUI Configuration Tool161Using the dhcpconfig Command-Line Tool170Securing DNS Services on Solaris173Using BIND174Configuring Solaris to Provide Anonymous FTP Services181Using X-Server Services Securely182Using Host-Based Authentication183Using User-Based Authentication183Using X-Windows Securely with SSH186Using Remote Commands187Using Built-In Remote Access Methods187Using SSH for Remote Access Enabling Password Free Logins with189Chapter 7Providing Secure Web and Mail Services199Introduction200Configuring the Security Features of an Apache Web Server201Limiting CGI Threats203Using Virtual Hosts206Monitoring Web Page Usage and Activity206Configuring the Security Features of Sendmail209Stopping the Relay-Host Threat213Tracking Attachments215Chapter 8Configuring Solaris as a Secure Router and Firewall223Introduction224Configuring Solaris as a Secure Router224Reasoning and Rationale225Routing Conditions225Configuring for Routing229Security Optimization233Security Implications233Unconfiguring Solaris Routing236Routing IP Version 6237Configuration Files238IPv6 Programs242IPv6 Router Procedure245Stopping IPv6 Routing246IP Version 6 Hosts247Automatic Configuration247Manual Configuration248Configuring Solaris as a Secure Gateway250Configuring Solaris as a Firewall250General Firewall Theory251General Firewall Design252SunScreen Lite253IP Filter254Using NAT254Guarding Internet Access with Snort255Snort Configuration File256Snort Log Analysis257Chapter 9Using Squid on Solaris265Introduction266The Default Settings of a Squid Installation266Configuring Squid266The http_port Tag267The cache_dir Tag267Access Control Lists269Configuring SNMP271Configuring the cachemgr.cgi Utility272New in Squid 2.4--Help for IE Users!274Configuring Access to Squid Services274The Basics of Basic-Auth274Access Control for Users275Access Control Lifetime276Configuring Proxy Clients277Excluding Access to Restricted Web Sites281Filtering Content by URL281Filtering by Destination Domain282Filtering by MIME Type282Filtering by Content-Length Header283Chapter 10Dissecting Hacks287Introduction288Securing against Denial of Service Hacks288Ping of Death289Syn Flood290E-Mail Flood294Securing against Buffer Overflow Hacks295Buffer Overflow against a Web Server302Buffer Overflow against an FTP Server305Securing against Brute Force Hacks306Defending against Password Crackers308Securing against Trojan Horse Hacks309Defending against Rootkits309Defusing Logic Bombs311Defending against PATH and Command Substitution313Securing against IP Spoofing314Securing Your rhosts File316MAC Address Spoofing316Chapter 11Detecting and Denying Hacks325Introduction326Monitoring for Hacker Activity326Using Tripwire326Using Shell Scripts to Alert Systems Administrators335What to Do Once You've Detected a Hack340What's a Honeypot?340Monitoring Solaris Log Files346Solaris Log Files to Review347Creating Daily Reports350A State-of-the-System Report350Hack Proofing Sun Solaris 8 Fast Track361Index381
