Current Solaris security infodocs

From: Matt Collins (
Date: 10/23/02

Date: Wed, 23 Oct 2002 14:46:59 +0100
From: Matt Collins <>

Hi folks,

I'm going through a review of a clients Solaris build and, beyond the normal
best practices I apply, I'm looking to collate as many third party and Sun
documents on hardening configurations, permissions, utilities, etc, as possible,
to consider and define pro's and con's for.

A quick check of the sunsolve
site reveals many infodocs from solaris 2.3, 2001, etc and while I shall now
resort to advanced search and the mighty google I'd appreciate any pointers
you all have to good, current solaris configuration guidelines.

In addition to the usual "Unix" advice (no cleartext, kill berkely R commands,
NFS rw bad, etc) I am particularly interested in Solaris specific configuration
such as that that can be obtained via ndd , /etc/system, /etc/default, bsm,
aset, etc.

Soo... any pointers?

I will of course share any replies with the list once collated (should you not
want to send them direct).



Relevant Pages

  • Re: Jumpstart failed Solaris 10 9/10 release
    ... Provide Solaris Auto Registration Info: ... Oracle Solaris communicates configuration ... To send the configuration data anonymously, ... If using a proxy server, ...
  • Re: ISC DHCP cant find SUNW info for jumpstart
    ... one Solaris 9 machine, to find it's sysidcfg file correctly. ... using the RARP method to boot these machines for ages. ... server: Sun Fire V240 ... Using DHCP for network configuration information. ...
  • Problem in /etc/inetd.conf for SOlaris 10...
    ... Need to remove and re-create service in solaris 10 but it is giving following ... inetconv: Notice: Service manifest for MQ-IXPR1 already generated as ... # Legacy configuration file for inetd. ... Provided only as a basis for conversion by inetconv. ...
  • Re: sendmail on a sol9 workstation?
    ... > Managing Mail Delivery by Using an Alternate Configuration ... I have configured two Redhat machines ... However, from my Solaris machine, it appears to come from ... It appears to not realize the correct local hostname instead of localhost. ...
  • Re: OpenSolaris Release is NEXT WEEK!
    ... I am drooling, waiting for OpenSolaris, and also a Sunfire ... a Solaris box is a bit like throwing a non-swimmer into ... the user can ignore networking configuration, ... Will have many books writing about it, ...