C2 security standards

From: Juan Ignacio Trentalance (TRENTALANCE@crm.com.ar)
Date: 05/20/02

• Previous message: Holger van Lengerich (mediaWays): "RE: Locking down a network connection to a single machine."
• Next in thread: Gian Fabio Palmerini: "Re: C2 security standards"
• Reply: Gian Fabio Palmerini: "Re: C2 security standards"
• Reply: Alex Noordergraaf: "Re: C2 security standards"
• Reply: Fetter, David (ETW): "RE: C2 security standards"
• Reply: Zuska, John: "RE: C2 security standards"
• Reply: Juan Ignacio Trentalance: "RE: C2 security standards"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

From: Juan Ignacio Trentalance <TRENTALANCE@crm.com.ar>
To: "'focus-sun@securityfocus.com'" <focus-sun@securityfocus.com>
Date: Mon, 20 May 2002 12:20:59 -0300

Hi,

Recently, I have been assigned the task of cheking that a group of sun
solaris machines meet the C2 security standard.

I have searched the focus lists and other security sites for something like
a "C2 security checklist for solaris" whithout any luck.

I wanted to know if you could give any pointer about this, as well as your
opinion about the C2 standard. Specially any help about how to interpret the
meaning of "a server meeting the C2 security standard", to begin with. The
thing that confuses me most is that (IMHO) since the C2 standard is
discretionary, any out-of-the-box solaris server complies with the standard
because it provides the capability of meeting certain conditions, without
making them mandatory. Needless to say that I fell asleep several times
while reading the C2 standard.

Thanks in advance,

Juan

---

• Previous message: Holger van Lengerich (mediaWays): "RE: Locking down a network connection to a single machine."
• Next in thread: Gian Fabio Palmerini: "Re: C2 security standards"
• Reply: Gian Fabio Palmerini: "Re: C2 security standards"
• Reply: Alex Noordergraaf: "Re: C2 security standards"
• Reply: Fetter, David (ETW): "RE: C2 security standards"
• Reply: Zuska, John: "RE: C2 security standards"
• Reply: Juan Ignacio Trentalance: "RE: C2 security standards"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages RE: C2 security standards ... Sun has plenty of good documents online. ... solaris machines meet the C2 security standard. ... a "C2 security checklist for solaris" whithout any luck. ... meaning of "a server meeting the C2 security standard", ... (Focus-SUN) ISO17799 Announcement ... Another move forward for the ISO17799 security standard has this week ... been announced in the form of The ISO17799 Toolkit. ... This comprises both parts of the ISO17799 standard itself, ... (comp.security.misc) Re: Wireless Security ... here you can find some good info about authetication methods used ... with wireless equipment: ... The latest security standard is WPA. ... (Security-Basics) Re: ZFS - having inodes + log on seperate disk ? ... Also, several systems count index blocks in st_blocks, which means ... Unix-related standard that I know of, ... I can't find even a hint in the Solaris documentation. ... >This is true and this is why POSIX is unclear at this point. ... (comp.unix.solaris) Re: CC compiler error with solaris 5.8 ... but this is what the standard requires.) ... the only version of "abs" available was the ... traditional "int" version. ... Recent updates of Solaris headers and libraries now comply with the C++ standard ... (comp.unix.solaris)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > focus-sun  > 2002-05