Key Benefits This guide provides the reader with best practices from Sun Microsystems for architecting multi-tiered datacenter environments. Key Topics This Sun Microsystems Blue Print features documented, automated, and supported security best practices for high-end servers and cluster software. Written for experienced developers and system administrators it includes tricks, tools, and techniques that hackers use to break into systems. The author details best practices and tools for sniffing out "trojaned" system files and binaries and describes Solaris security features, network settings, and minimization. Market This book is targeted at developers and system administrators.
  Acknowledgements.  
 Preface.  
I. SOLARIS OPERATING ENVIRONMENT SECURITY.
 1. Solaris Operating Environment Security.  
 File Systems and Local Security. Initial Installation. Minimization. Console Security. File System. Accounts. The init System. Kernel Adjustments. Log Files. Miscellaneous Configuration. Network Service Security. Network Service Issues. Available Tools. Telnet. Remote Access Services (rsh, rlogin, and rcp). Remote Execution Service (rexec). FTP. Trivial FTP. inetd Managed Services. RPC Services. NFS Server. Automount. sendmail Daemon. Name Service Caching (nscd). Print Services. IP Forwarding. Network Routing. Multicast Routing. Reducing inetsvc. Network Service Banners. Related Resources.  
 2. Network Settings for Security.  
 The ndd Command. Notes on Parameter Changes. Address Resolution Protocol (ARP). ARP Attacks. ARP Defenses. Internet Control Message Protocol (ICMP). Broadcasts. Redirect Errors. Internet Protocol (IP). IP Forwarding. Strict Destination Multihoming. Forwarding Directed Broadcasts. Routing. Forwarding Source Routed Packets. Transmission Control Protocol (TCP). SYN Flood Attacks. Connection Exhaustion Attacks. IP Spoofing Attacks. Common TCP and UDP Parameters. Adding Privileged Ports. Changing the Ephemeral Port Range. Script for Implementing ndd Commands. Related Resources.  
 3. Minimization.  
 Installation Clusters. Test Environment. Methodology Overview. Verifying JumpStart Software. Installing Core Solaris OE Cluster. Installing Patches. Removing Unnecessary Packages. Using JumpStart Software to Configure the OS. Installing and Configuring Software Packages. Checking For Errors. Testing Software Installation. Final Configuration of iPlanet Web Server 4.1. Solaris 8 OE. Solaris 7 OE. Solaris 2.6 OE. Related Resources. Publications. Web Sites.  
 4. Auditing.  
 Sun SHIELD Basic Security Module (BSM). Auditing Principles. Auditing Goals. Enabling Auditing. Definition of Terms. Audit Flag. Audit Preselection Mask. Audit Trail. Audit User ID (AUID). audit_class. audit_control. audit_event. audit_user. Audit Trails. Audit Classes and Events. Login or Logout (lo). Nonattribute (na). Administrative (ad). Additional Audit Events. Application Audit Class. Excluded Audit Classes. Audit Trail Analysis. audit_control, audit_class, and audit_event Files. audit_control File. Modified audit_class File. Modified audit_event File. audit_event Modifications. Solaris OE Upgrades. Related Resources.  
II. ARCHITECTURE SECURITY.
 5. Building Secure N-Tier Environments.  
 Is There a Silver Bullet? N-Tier Description. Web Server Tier. Application Server Tier. Database Server Tier. Storage Area Network Tier. Backup Tier. ExtraNet/Service Provider Tier. Management Tier. Defense-In-Depth. Segmentation. System Build Requirements. Dedicated Functionality. Hardening. Host-Based Firewall. Minimization. Communication and IP Forwarding. Network Flow. System Configuration. Network Segmentation. Internet-Web Server Tier. Web Server-Application Server Tier. Application Server Tier-Database Tier. ExtraNet Tier-Database Tier. Backup Tier-Systems Being Backed Up. SAN Tier-Systems Using SAN. Management Tier-All Servers. Build Process. Encryption. Backups. Centralized Logging. Intrusion Detection. Related Resources.  
III. JUSTIFICATION FOR SECURITY. 6. How Hackers Do It: Tricks, Tools, and Techniques.
 Tricks. Finding Access Vulnerabilities. Finding Operating System Vulnerabilities. Attacking Solaris OE Vulnerabilities. Tools. Port Scanners. Vulnerability Scanners. Rootkits. Sniffers. Techniques. Attacks From the Internet. Attacks From Employees. How to Use the Tools. Using Port Scanners. Using Vulnerability Scanners. Using Rootkits. Using Sniffers. References. Related Resources. Publications. Web Sites.  
IV. TOOLS SECURITY.
 7. Solaris Fingerprint Database.  
 How Does the sfpDB Work? sfpDB Scope. Limitations. Downloading and Installing MD5. Creating an MD5 Digital Fingerprint. Testing an MD5 Digital Fingerprint. Real-World Results. Additional sfpDB Tools. Solaris FingerPrint Database Companion (sfpC). Solaris Fingerprint Database Sidekick (sfpS). Frequently Asked Questions. Related Resources.  
V. HARDWARE AND SOFTWARE SECURITY.
 8. Securing the Sun Fire 15K System Controller.  
 Introduction to Sun Fire 15K SC. Assumptions and Limitations. Understanding the SC Functions. Redundant SCs. System Management Services (SMS). Software. Securing the Sun Fire 15K SC. Solaris Security Toolkit Software. Obtaining Support. Default SC SMS Software Configuration. SC Solaris OE SMS Packages. SC SMS Accounts and Security. SC SMS Daemons. SC Network Interfaces. Main SC Network Interfaces. Spare SC Network Interfaces. Secured SC Solaris OE Configuration. Security Recommendations. Implementing the Recommendations. Software Installation. Securing the SC with the Solaris Security Toolkit Software. Related Resources.  
 9. Securing Sun Fire 15K Domains.  
 Disclaimer. Obtaining Support. Assumptions and Limitations. Solaris 8 OE. SMS. Solaris OE Packages. Solaris Security Toolkit Software. Network Cards. Minimization. Domain Solaris OE Configuration. Sun Fire 15K Domain Hardening. Standalone Versus JumpStart Modes. Solaris Security Toolkit Software. Security Modifications. Installing Security Software. Installing the Solaris Security Toolkit Software. Installing the Recommended and Security Patch Clusters. Installing the FixModes Software. Installing the OpenSSH Software. Installing the MD5 Software. Domain Solaris OE Modifications. Executing the Solaris Security Toolkit Software. Verifying Domain Hardening. Secured Domain Solaris OE Configuration. Solaris Security Toolkit Scripts. Related Resources.  
 10. Securing Sun Enterprise 10000 System Service Processors.  
 Background Information. Assumptions and Limitations. Qualified Software Versions. Obtaining Support. Sun Enterprise 10000 System Features and Security. System Service Processor (SSP). Solaris OE Defaults and Modifications. Building a Secure Sun Enterprise 10000 System. Modifying Network Topology. Installing Main SSP Detection Script. Adding Security Software. Creating Domain Administrator Accounts. Adding Host-Based Firewalls. Verifying SSP Hardening. Testing the Main SSP. Testing the Spare SSP. Sample SunScreen Software Configuration File. Related Resources.  
 11. Sun Cluster 3.0 (12/01) Security with the Apache and iPlanet Web and Messaging Agents.  
 Software Versions. Obtaining Support. Assumptions and Limitations. Solaris 8 OE. Sun Cluster 3.0 (12/01) Software. iPlanet Web and Messaging Servers and Apache Web Server Supported. Solaris OE Packages and Installation. Cluster Interconnect Links. Solaris Security Toolkit Software. Security Modification Scope. Minimization. Solaris OE Service Restriction. Hardening Modifications. Hardening Results. Sun Cluster 3.0 Daemons. Terminal Server Usage. Node Authentication. Securing Sun Cluster 3.0 Software. Installing Security Software. Sun Cluster 3.0 Node Solaris OE Modifications. Verifying Node Hardening. Maintaining a Secure System. Solaris Security Toolkit Software Backout Capabilities. Related Resources.  
 12. Securing the Sun Fire Midframe System Controller.  
 System Controller (SC) Overview. Midframe Service Processor. Hardware Requirements. Mapping of MSP to SC. Network Topology. Terminal Servers. Control-A and Control-X Commands. MSP Fault Tolerance. MSP Security. MSP Hardening. Solaris Security Toolkit Installation. Recommended and Security Patch Installation. Solaris Security Toolkit Execution. MSP SYSLOG Configuration. SC Application Security Settings. Platform Administrator. Domain Administrator. Domain Security Settings. The setkeyswitch Command. Other System Controller Security Issues. Engineering Mode. dumpconfig and restoreconfig. Flashupdate. Recovering a Platform Administrator's Lost Password. Related Resources. Publications.Web Sites.  
VI. SOLARIS SECURITY TOOLKIT DOCUMENTATION.
 13. Quick Start.  
 Installation. Compressed Tar Archive. Package Format. Configuration and Usage. Standalone Mode. JumpStart Mode. Undo. Frequently Asked Questions. Related Resources.  
 14. Installation, Configuration, and User Guide.  
 Problem. Solution. Standalone Mode. JumpStart Technology Mode. Supported Versions. Obtaining Support. Architecture. Installation and Basic Configuration. Advanced Configuration. driver.init Configuration File. JASS_FILES_DIR. finish.init Configuration File. user.init Configuration File. Using the Solaris Security Toolkit. JumpStart Mode. Standalone Mode. Building Custom Packages. Related Resources.  
 15. Internals.  
 Supported Solaris OE Versions. Architecture. Documentation Directory. Drivers Directory. Driver Script Creation. Driver Script Listing. Files Directory. The JASS_FILES Environment Variable and Files Directory Setup. Files Directory Listing. Finish Directory. Finish Script Creation. Finish Script Listing. Install Finish Scripts. Minimize Finish Script. Print Finish Scripts. Remove Finish Script. Set Finish Scripts. Update Finish Scripts. OS Directory. Packages Directory. Patches Directory. Profiles Directory. Profile Creation. Profile Configuration Files. Sysidcfg Directory. Version Control. Related Resources.  
 16. Release Notes.  
 New Undo Feature. Updated Framework. driver.run Script. JASS_CONFIG_DIR Variable Renamed. SCRIPTS* and FILES* Prefix Conventions. SUNWjass. New Data Repository. copy_files Function Enhanced. New Configuration File finish.init. Changes to Profiles. New Driver Scripts. Changes to Driver Scripts. New Finish Scripts. Changes to Finish Scripts. Disabled Accounts. Increased Partition Size Default. Modified disable-system-accounts.fin. Renamed disable-rlogin-rhosts.fin. Updated install-strong-permissions.fin. Removed EvilList Parameter Duplicates. Improved Output Format for print-jass-environment.fin. Symbolic Links Changed in set-system-umask.fin. Improved Finish Scripts. Preventing kill Scripts from Being Disabled. New File Templates. Miscellaneous Changes. Logging Changes to System Files. Symbolic Links to Files and Directories. Formatting Leading Slashes (/). Processing User Variables-Bug Fixed. Removed add-client Directory Dependency. Changed Default le0 Entry. New Variable JASS_HOSTNAME.  
 Index.  
This book is one of an ongoing series of books collectively known as the SunBluePrints program. This book provides a compilation of best practices andrecommendations, previously published as Sun BluePrints Online articles, forsecuring Solaris Operating Environment (Solaris OE).
This book applies to Solaris OE Versions 2.5.1, 2.6, 7, and 8.
Securing computer systems against unauthorized access is one of the most pressingissues facing today's datacenter administrators. Recent studies suggest that thenumber of unauthorized access continues to rise, as do the monetary lossesassociated with these security breaches.
As with any security decisions, a balance must be attained between systemmanageability and security.
Many attacks have preventative solutions available; however, every day, hackerscompromise systems using well-known attack methods. Being aware of how theseattacks are performed, you can raise awareness within your organization for theimportance of building and maintaining secure systems. Many organizations makethe mistake of addressing security only during installation, then never revisit it.Maintaining security is an ongoing process and is something that must be reviewedand revisited periodically.
The mission of the Sun BluePrints Program is to empower Sun's customers with thetechnical knowledge required to implement reliable, extensible, and secureinformation systems within the datacenter using Sun products. This programprovides a framework to identify, develop, and distribute best practices informationthat applies across the Sun product lines. Experts in technical subjects in variousareas contribute to the program and focus on the scope and usefulness of theinformation.
The Sun BluePrints Program includes books, guides, and online articles. Throughthese vehicles, Sun can provide guidance, installation and implementationexperiences, real-life scenarios, and late-breaking technical information.
The monthly electronic magazine, Sun BluePrints OnLine, is located on the Web at:
http://www.sun.com/blueprints
To be notified about updates to the Sun BluePrints Program, please register yourselfon this site.
This book is primarily intended for the busy system administrator (SA) who needshelp handling nonsecure systems. Secondary audiences include individuals whoarchitect and implement systemsfor example, architects, consultants, andengineers.
You should be familiar with the basic administration and maintenance functions ofthe Solaris OE. You should also have an understanding of standard networkprotocols and topologies.
Because this book is designed to be useful to people with varying degrees ofexperience or knowledge of security, your experience and knowledge are thedetermining factors of the path you choose through this book.
This book is organized into six parts that organize security best practices andrecommendations as follows:
Chapter 1 "Solaris Operating Environment Security" by Alex Noordergraaf and KeithWatson describes the Solaris OE subsystems and the security issues surroundingthose subsystems. This chapter provides recommendations on how to secure SolarisOE subsystems.
Chapter 2 "Network Settings for Security" by Keith Watson and Alex Noordergraafdescribes known attack methods so that administrators become aware of the need toset or change network settings. The application of most of these network securitysettings requires planning and testing and should be applicable to most computingenvironments.
Chapter 3 "Minimization" by Alex Noordergraaf focuses on practices andmethodology (processes) that improve overall system security by minimizing andautomating Solaris OE installation.
Chapter 4 "Auditing" by Will Osser and Alex Noordergraaf was derived from anauditing case study and includes a set of audit events and classes usable on Solaris 8OE.
Chapter 5 "Building Secure N-Tier Environments" by Alex Noordergraaf providesrecommendations for architecting and securing N-Tier environments.
Chapter 6 "How Hackers Do It: Tricks, Tools, and Techniques" by Alex Noordergraafdescribes the tricks, tools, and techniques that hackers use to gain unauthorizedaccess to Solaris OE systems.
Chapter 7 "Solaris Fingerprint Database" by Vasanthan Dasan, Alex Noordergraaf, andLou Ordorica provides an introduction to the Solaris Fingerprint Database (sfpDB).
Chapter 8 "Securing the Sun Fire 15K System Controller" by Alex Noordergraaf andDina Kurktchi provides recommendations on how to enhance the security of a SunFire 15K system controller (SC).
Chapter 9 "Securing Sun Fire 15K Domains" by Alex Noordergraaf and Dina Kurktchidocuments all of the security modifications that can be performed on a Sun Fire 15Kdomain without negatively affecting its behavior.
Chapter 10 "Securing Sun Enterprise 10000 System Service Processors" by AlexNoordergraaf describes a secure Sun Enterprise 10000 configuration that is fully Sunsupported. It provides tips, instructions, and guidance for creating a more secureSun Enterprise 10000 system.
Chapter 11 "Sun Cluster 3.0 (12/01) Security with the Apache and iPlanet Web andMessaging Agents" by Alex Noordergraaf, Mark Hashimoto, and Richard Lau describesa supported procedure by which certain Sun Cluster 3.0 (12/01) software agents canbe run on secured and hardened Solaris OE systems.
Chapter 12 "Securing the Sun Fire Midframe System Controller" by AlexNoordergraaf and Tony M. Benson provides recommendations on how to securelydeploy the Sun Fire System Controller (SC).
Chapter 13 "Quick Start" by Alex Noordergraaf and Glenn Brunette is for individualswho want to get started with the Solaris Security Toolkit software as quickly aspossible. Only the bare essentials in getting the Solaris Security Toolkit softwaredownloaded and installed are addressed.
Chapter 14 "Installation, Configuration, and User Guide" by Alex Noordergraaf andGlenn Brunette describes the advanced configuration and user options available inversion 0.3 of the Solaris Security Toolkit software.
Chapter 15 "Internals" by Alex Noordergraaf and Glenn Brunette describes all of thedirectories and scripts used by the Solaris Security Toolkit software to harden andminimize Solaris OE systems.
Chapter 16 "Release Notes" by Alex Noordergraaf and Glenn Brunette describes thechanges made to the Solaris Security Toolkit since the release of version 0.2 inNovember of 2000.
Note - This book does not contain an Index.
The SunDocs SM program provides more than 250 manuals from Sun Microsystems,Inc. If you live in the United States, Canada, Europe, or Japan, you can purchasedocumentation sets or individual manuals through this program.
The docs.sun.com web site enables you to access Sun technical documentationonline. You can browse the docs.sun.com archive or search for a specific book titleor subject. The URL is as follows:
http://docs.sun.com/
At the end of each chapter in this book is a "Related Resources" section, whichprovides references to publications and web sites applicable to the information ineach chapter.
We are interested in improving our documentation and welcome your commentsand suggestions. You can email your comments to us at:
docfeedback@sun.com
Alex Noordergraaf authored or worked with other authors on the chapters in thisbook. In some cases, he was the primary author, and in other cases, he was a co-author.Refer to "How This Book Is Organized" on page xxiii for the names ofauthors for each chapter. The following provides biographical information for allauthors, in alphabetical order by last name.
Tony Benson has over twenty years of experience of developing software solutionsin the areas of military, aerospace, and financial applications. As a Staff Engineer inthe Enterprise Server Products group of Sun Microsystems, he is developing systemmanagement solutions for the Enterprise Server Product line. Prior to his role in theEnterprise Server Products group, he developed secure, distributed revenuecollection systems for a worldwide base of customers in the transit industry.
Glenn Brunette has more than eight years of experience in the areas of computer andnetwork security. Glenn currently works with in the Sun Professional Services SMorganization where he is the Lead Security Architect for the Northeastern USAregion. In this role, he works with many Fortune 500 companies to deliver tailoredsecurity solutions such as assessments, architecture design and implementation, aswell as policy and procedure review and development. His customers have includedmajor financial institutions, ISP, New Media, and government organizations.
In addition to billable services, Glenn works with the Sun Professional ServicesGlobal Security Practice and Enterprise Engineering group on the development andreview of new security methodologies, best practices, and tools.
Vasanthan Dasan is an ES Principal Engineer, one of five high-ranked engineers inSun's Enterprise Services. Vasanthan joined Sun Microsystems in 1992 and iscurrently a Technology Strategist in the Support Services Global Strategy BusinessDevelopment group. He is responsible for architecting application availabilityservices and for providing technical expertise on merger and acquisition activities.
Vasanthan was the Chief Architect for Support Services Engineering, responsible fordeveloping online support services for Sun's customer support engineers andexternal customers. Prior to that, he worked on Solaris products such as CacheFS,AutoClient, Solstice PC Products, and JumpStart as part of the Solaris engineeringteam. Vasanthan co-authored Hands-On Intranet, published by Prentice Hall, andhas written numerous Sun whitepapers. He was largely responsible for Sun's earlyadoption of the Web in 1994, and holds one of the industry's first Web patents,awarded for the invention of web-based personal newspapers.
Mark Hashimoto has been with Sun Microsystems in Menlo Park, California, for thepast three years. Currently, he is developing the user interface components for theSun Cluster Products group. Mark was also one of the originators of the SunPlexManager GUI tool. Mark holds a Master's degree in Computer Science from theUniversity of Arizona.
Dina Kurktchi is a senior software engineer with 15 years of experience in manyareas from device drivers to databases. Her last four years have been focused insecure software development and deployment of security system solutions such asvulnerability assessment tools, intrusion detection systems, and public keyinfrastructures. Currently, she works with the Enterprise Systems Group at SunMicrosystems.
Richard Lau has three years of working experience. As part of the Sun Cluster QAgroup of Sun Microsystems, his duties include Sun Cluster 2.2 patch testing, testingnew features, and performing regression tests for Sun Cluster 3.0 products.
Alex Noordergraaf has over 10 years of experience in the areas of computer andnetwork security. As the Security Architect of the Enterprise Server Products (ESP)group at Sun Microsystems, he is responsible for the security of Sun servers. He isthe driving force behind the very popular freeware Solaris Security Toolkit. Prior tohis role in ESP, he was a Senior Staff Engineer in the Enterprise Engineering (EE)group of Sun Microsystems, where he developed, documented, and publishedsecurity best practices through the Sun BluePrints program. Published topicsinclude: Sun Fire Midframe 15K system security, secure N-tier environments, SolarisOE minimization, Solaris OE network settings, and Solaris OE security. He co-authoredJumpStart Technology: Effective Use in the Solaris Operating Environment.
Prior to his role in EE, he was a Senior Security Architect with Sun ProfessionalServices where he worked with many Fortune 500 companies on projects thatincluded security assessments, architecture development, architectural reviews, andpolicy/procedure review and development. He developed and delivered anenterprise security assessment methodology and training curriculum to be usedworldwide by Sun Professional Services. His customers included majortelecommunication firms, financial institutions, ISPs, and ASPs. Before joining Sun,Alex was an independent contractor specializing in network security. His clientsincluded BTG, Inc. and Thinking Machines Corporation.
Lou Ordorica worked for several years as a system administrator at SunMicrosystems. He went on to teach and write about system administration for Sun'semployees and customers, and is currently providing online support to customersusing the Web.
Will Osser has over eight years of experience in the area of Computer and NetworkSecurity. He has worked extensively with B-1 secure UNIX(R) systems in a variety ofroles including developing, sustaining, pre- and post-sales support, as well astraining. He has also worked as a security consultant designing system and softwarearchitecture. Will is currently a software engineer working for Sun Microsystems inthe Solaris Secure Technology Group.
Will joined Sun directly after completing his Master's Thesis in ComputerEngineering at the University of California.
Keith Watson has spent nearly four years at Sun working in the area of computerand network security. He is currently the product manager for core Solaris security.Previously, Keith was a member of the Global Enterprise Security Service (GESS)team in Sun Professional Services. He is also a co-developer of an enterprise networksecurity auditing tool named the Sun Enterprise Network Security Service (SENSS).Prior to joining Sun, Keith was part of the Computer Operations, Audit, andSecurity Technologies (COAST) laboratory (now part of the CERIAS research center)at Purdue University.