Current Solaris security infodocs

From: Matt Collins (matt@clues.com)
Date: 10/23/02


Date: Wed, 23 Oct 2002 14:46:59 +0100
From: Matt Collins <matt@clues.com>
To: focus-sun@securityfocus.com

Hi folks,

I'm going through a review of a clients Solaris build and, beyond the normal
best practices I apply, I'm looking to collate as many third party and Sun
documents on hardening configurations, permissions, utilities, etc, as possible,
to consider and define pro's and con's for.

A quick check of the sunsolve
site reveals many infodocs from solaris 2.3, 2001, etc and while I shall now
resort to advanced search and the mighty google I'd appreciate any pointers
you all have to good, current solaris configuration guidelines.

In addition to the usual "Unix" advice (no cleartext, kill berkely R commands,
NFS rw bad, etc) I am particularly interested in Solaris specific configuration
such as that that can be obtained via ndd , /etc/system, /etc/default, bsm,
aset, etc.

Soo... any pointers?

I will of course share any replies with the list once collated (should you not
want to send them direct).

Thanks,

Matt