Solaris 8 Security covers all the concepts and issues Solaris 8 administrators need to know in order to make and keep their Solaris 8 systems secure. This includes not only Solaris 8 security tools and features, but such subjects as cryptography and defenses against known attacks and vulnerabilities.
Readers learn practical, command-level defenses, such as:
The book provides a proactive approach to security. Coverage includes intrusion detection systems, network-level filtering, firewalls and other network-level systems.
1. Enterprise Security Framework.
Security Principles. The Security Process. Risk Management. Calculating Risk. Defining Security Policy. Design Vulnerabilities. Implementation Vulnerabilities. Ascertaining Your Security Requirements. Management Issues. Justifying Investing in Security. Security Training. Security Perimeter Problems. Access Control Models. Low-Cost But Effective Security Measures. Handling Security Incidents. Evaluating the Efficiency of Security _Measures. Human Factors. Social Engineering. Remote-Access Control. UNIX and Security. Password Selection and Use. Security for Business. Summary.
Types of Algorithms. Digital Certificates and Certifying _Authorities (CAs). Keys. Cryptanalysis. Random and Pseudo-Random Number Generators. Applications of Cryptography. Sun Crypto Accelerator I Board. Summary.
Installation. Patches and Maintenance Updates. Configuring for Security. Network Information Service Plus (NIS+) Security. System Identification. System Logs. /etc/issue. Automated Security Enhancement Tool (_ASET). Solaris Fingerprint Database (sfpDB). www.sun.com/BigAdmin. Summary.
/etc/passwd and /etc/shadow. /etc/logindevperm. /etc/default/login. /etc/default/su. Secure Shell (SSH). Name Services. RBAC. Pluggable Authentication Modules (PAM). Service Access Facility (SAF). Open Card Framework (OCF). Kerberos. Point-to-Point Protocol (PPP) Security. Dial-Up Passwords. Summary.
What Does Kerberos Mean? A Brief History of Kerberos. Kerberos and Solaris 8. Kerberos Limitations. Do You Need Kerberos? Planning Kerberos Deployment. The Differences Between Kerberos 4 and 5. How Does Kerberos Work? Configuring Kerberos. Kerberos and the Network File System _(NFS). Troubleshooting Kerberos. Alternatives to Kerberos. Summary.
Auditing. Accounting. Summary.
OpenSSH: Open Secure Shell. OpenSSL: Open Secure Sockets Layer Library and Tool. Nessus: Remote System Security Scanner. nmap: Network-Mapping and Port-Scanning _Tool. sudo: Controlled su. lsof: List Open Files. ntop: Network Usage and Protocol Analyzer. npasswd: New passwd. top: Advanced ps. TCP Wrappers: Advanced TCP Superdaemon. chrootuid: Advanced chroot with the setuid Feature. rpcbind: More Secure rpcbind. logdaemon: Secure rlogind, rshd, login, rexecd, and ftpd Replacements. argus: Audit Record Generation and Utilization System. tcpdump: Network Monitoring and Data Acquisition Tool. libpcap: Portable Packet-Capture Library. genpass: Random-Password Generator. xinetd: Extended Internet Superdaemon. Summary.
Minimization for Network Security. Fine-Tuning the Solaris 8 TCP/IP Stack. Types of Firewalls. Solaris Firewalls. Router-Based Firewalls. Network Intrusion Detection Systems. Network/Port Address Translation _(NAT/PAT). Network Troubleshooting. Remote Vulnerability Testing: Nessus. A Sample ndd(1M) Setup. Summary.
Security Associations (SAs). IPsec Transport Mode. IPsec Tunneling. Configuring IPsec on Solaris 8. IPsec Virtual Private Networks (VPNs). Monitoring and Troubleshooting Ipsec. Summary.
Securing BIND 9. Securing E-Mail. Securing FTP. Securing X Windows (X11). Securing the Network File System (NFS). Securing the World Wide Web (WWW) _Service. Summary.
For More Information.
System Security Checklist. /etc. Network Security Checklist.
Web Sites. Mailing Lists. Usenet Newsgroups. Publications. Books. Incident Response Centers.
Internal and External Threats. Mandatory Access Control. Role-Based Access Control. Profiles. Privileges. Labels. Device Access. Administration. Trusted Common Desktop Environment. Trusted Paths. Summary.
Installation. Administration. Rules. Policies. Objects. Summary.