«
»

Solaris Security Policies

I just wrote up this blurb for a customer but figured it would be useful to Solaris users in general so am also posting it here. I see a lot of sites developing their own security standards, and I think a lot of time could be saved and quality improved if organizations started off with a well established framework instead of rolling their own security policy from scratch.

The Center for Internet Security is a non-profit organization that works with users and vendors to provide free security standards and tools to help with a wide variety of operating systems. They have guidelines for Solaris 10 security that include:

  • a document describing the suggested settings and why/how to change them
  • scripts and files to help in the process
  • a scoring tool that can be ran to help see if the settings were implemented correctly (it is about 90% automated, for a few questions the script has to ask the administrator if certain tasks were done).

For more information see:

http://www.cisecurity.org/bench_solaris.html

http://blogs.sun.com/gbrunett/entry/cis_solaris_10_security_benchmark1

This entry was posted on Wednesday, December 5th, 2007 at 7:11 pm and is filed under solaris. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

Copyright © 2012 williamhathaway.com. All Rights Reserved.
No computers were harmed in the 0.239 seconds it took to produce this page.

Designed/Developed by Lloyd Armbrust & hot, fresh, coffee.