Using the Solaris Security Toolkit
Many of the changes described in this article can be implemented during installation by the Solaris Security Toolkit. The goal of the Solaris Security Toolkit is to automate and simplify building secured Solaris OE systems based on the recommendations contained in this and the other security-related Sun BluePrints articles.
The Solaris_ Security Toolkit focuses on Solaris OE security modifications to harden and minimize a system. Hardening is the modification of Solaris OE configurations to improve the security of the system. Minimizing is the removal of unnecessary Solaris OE packages from the system, which reduces the number of components that have to be patched and made secure. Reducing the number of components can potentially reduce entry points to an intruder.
Configuration modifications for performance enhancements and software configuration are not addressed by the Solaris Security Toolkit.
The Solaris Security Toolkit was designed to harden systems during installationthis is achieved by using the JumpStart_ technology as a mechanism for running Solaris Security Toolkit scripts.
Additionally, the Solaris Security Toolkit can be run outside the JumpStart framework in a standalone mode. The standalone mode allows the Solaris Security Toolkit to be used on systems that require security modifications or updates but cannot be taken out of service to reinstall the OS from scratch.
The Solaris Security Toolkit is available from:
Sun BluePrints articles describing the Solaris Security Toolkit are available from: