I just finished using JASS 4.2 from Sun on 4 Solaris 10 installs. In
the past, I used Titan, but JASS is better integrated. JASS has an
audit (like Titan) capability that doesn't change the system, but it
will tell you how well your system is locked down based on your policy
that you created.
I'm in the process right now of comparing the CIS Solaris Benchmark
v2.1.1 against the standard JASS lock down/ audit script called
secure.driver. From a cursory view, it looks like the CIS benchmark is
covered, but there may be some missing parts.
The only part that disappointed me about JASS was the lack of additional
user support. I thought that there should have been some additional
sites with info on JASS and some additional scripts, but I didn't find
anything interesting. I personally added 8 additional scripts to do
things like fully qualify the host in /etc/inet/hosts and
/etc/inet/ipnodes, install additional packages, update the aliases file,
ensure that a default route was defined, set nosuid on certain
partitions in /etc/vfstab, and set the PS1, PATH, and EDITOR variables
in /etc/profile.
Ron Ogle
-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
On Behalf Of jeffnjillian@gmail.com
Sent: Wednesday, October 18, 2006 12:11 PM
To: focus-sun@securityfocus.com
Subject: Securing Solaris 10
All,
Has anyone out there found a good checklist or tool for securing Solaris
10? I found the CISecurity benchmark, but I didn't know if there was
anything else out there? I'm not very well versed on Solaris, but I have
the task of double checking the admins to ensure it was locked down. I
haven't seen very many checklists posted for this version of Solaris
yet.
Any suggestions?
Thanks in Advance,
Jeff
