Re: Securing Solaris 10
- From: Glenn Brunette <Glenn.Brunette@xxxxxxx>
- Date: Wed, 18 Oct 2006 16:52:26 -0400
Jeff,
Sun has been working with the Center for Internet Security for
nearly four years on their Solaris guides to align them with
Sun's recommended practices and to ensure that the settings
recommended could be supported by Sun. In fact, we are working
with CIS right now to update the Solaris 10 guide to account for
the changes made in the upcoming Solaris 10 11/06 release.
The only other guide which does cover some aspects of Solaris
10 is the current version of the DISA UNIX STIG.
Of course to automate the implementation and/or assessment of the
changes, you can use the Solaris Security Toolkit which is tool
developed and supported by Sun. It can be found at:
http://www.sun.com/security/jass/
I believe that there are a few settings recommended by CIS that
are not accounted for today in the Solaris Security Toolkit, but
the vast majority are.
All of the other documents and/or checklists of which I am aware
have not been updated for Solaris 10.
Glenn
jeffnjillian@xxxxxxxxx wrote:
All,
Has anyone out there found a good checklist or tool for securing Solaris 10? I found the CISecurity benchmark, but I didn't know if there was anything else out there? I'm not very well versed on Solaris, but I have the task of double checking the admins to ensure it was locked down. I haven't seen very many checklists posted for this version of Solaris yet.
Any suggestions?
Thanks in Advance,
Jeff
--
Glenn Brunette
Distinguished Engineer
Director, GSS Security Office
Sun Microsystems, Inc.
- References:
- Securing Solaris 10
- From: jeffnjillian
- Securing Solaris 10
- Prev by Date: RE: Securing Solaris 10
- Next by Date: RE: LDAP in Unix
- Previous by thread: Re: Securing Solaris 10
- Next by thread: RE: Securing Solaris 10
- Index(es):
Relevant Pages
|
|
