Domain Solaris OE Modifications
Once all of the software is installed, you can secure the Solaris OE image running on the Sun Fire 15K domain.
Before implementing the security recommendations in the following sections, note that all non-encrypted access mechanisms to the domain (for example, TELNET and RSH) will be disabled. The hardening steps will not disable console serial access from the Sun Fire 15K SC using the console command.
Executing the Solaris Security Toolkit Software
The Solaris Security Toolkit software provides specific drivers that automate the hardening of a Sun Fire 15K domain. This section explains the process of using the Solaris Security Toolkit software to harden a Sun Fire 15K domain.
In this example, the toolkit is used in standalone mode for clarity and simplicity. All of the tasks performed in standalone mode can also be implemented in JumpStart mode. For additional information about integrating the toolkit with the JumpStart technology, refer to the Sun BluePrints OnLine article "The Solaris_ Security Toolkit - Installation, Configuration, and Usage Guide: Updated for version 0.3."
Execute the toolkit as follows:
# cd /opt/SUNWjass # ./jass-execute -d sunfire_15k_domain-secure.driver ./jass-execute: NOTICE: Executing driver, sunfire_15k_domain-secure.driver ============================================================ sunfire_15k_domain-secure.driver: Driver started. ============================================================ [...]
By executing the sunfire_15k_domain-secure.driver script, all of the security modifications included in the script are made on the system. The current release of this script includes over 100 security modifications to the domain.
The sunfire_15k_domain-secure.driver script automatically installs the FixModes software and the MD5 software, if they are available. In addition, if the FixModes software is installed, the toolkit also executes it to tighten the file system permissions on the system.
In addition to displaying the output to the console, the toolkit creates a log file in the /var/opt/SUNWjass/run directory. Each execution of the Solaris Security Toolkit software creates an additional directory in /var/opt/SUNWjass/run. The names of these directories are based on the date and time the run began.
The contents of the /var/opt/SUNWjass/run directories should not be modified under any circumstances. User modification of the files contained in these directories may corrupt the contents and cause unexpected errors when using Solaris Security Toolkit software features such as undo.
The files stored in the /var/opt/SUNWjass/run directory are not only used to track the modifications that were performed on the system, but are also used for the jass-execute undo functionality. A run, or series of runs, can be undone with the jass-execute -u command. For example, on a system where seven separate toolkit runs were performed, they could all be undone with the following command:
# pwd /opt/SUNWjass # ./jass-execute -u Please select from one of these backups to restore to 1. December 10, 2001 at 19:45:15 (//var/opt/SUNWjass/run/20011210194515) 2. December 10, 2001 at 19:25:22 (//var/opt/SUNWjass/run/20011210192522) 3. December 10, 2001 at 19:07:32 (//var/opt/SUNWjass/run/20011210190732) 4. December 10, 2001 at 19:04:36 (//var/opt/SUNWjass/run/20011210190436) 5. December 10, 2001 at 18:30:35 (//var/opt/SUNWjass/run/20011210183035) 6. December 10, 2001 at 18:29:48 (//var/opt/SUNWjass/run/20011210182948) 7. December 10, 2001 at 18:27:44 (//var/opt/SUNWjass/run/20011210182744) 8. Restore from all of them Choice? 8 ./jass-execute: NOTICE: Restoring to previous run //var/opt/SUNWjass/run/20011210194515 =============================================================== undo.driver: Driver started. =============================================================== [...]
For more information about the Solaris Security Toolkit software, refer to the /opt/SUNWjass/Documentation directory or access the documentation that is available online at http://www.sun.com/security/jass
Software installations and actions performed by those software packages are not undone by the toolkit undo feature. This includes the installation of OpenSSH, FixModes, and MD5. In addition, the modifications performed by FixModes are not automatically undone by jass-execute -u.
Verifying Domain Hardening
Once the hardening process has been completed and a domain has been hardened, reboot the domain and verify its configuration by having it perform the tasks it should be capable of. At a minimum, this verification process should assure that each of the services to be provided by the hardened domain are running and functioning properly. Any additional software installed on the domain should also be verified and validated for correctness. Ideally, existing quality assurance or acceptance testing and scripts should be used to verify the operation of the hardened domain to assure that the hardening process has not adversely impacted any required features.