+612 9045 4394
Hack Proofing Sun Solaris 8 - Syngress

Hack Proofing Sun Solaris 8

By: Syngress

Paperback Published: 1st January 2001
ISBN: 9781928994442
Number Of Pages: 608

Share This Book:


or 4 easy payments of $37.95 with Learn more
Ships in 7 to 10 business days

The only way to stop a hacker is to think like one!

Sun Microsystem's venerable and well-respected operating system Solaris is currently in version 8, and runs on both Intel and Sun Hardware. Solaris is one of the most comprehensive and popular UNIX operating systems available. Hundreds of thousands of business enterprises, both small and large, depend on Sun Solaris to keep their business alive - but have they protected themselves against hackers?

Hack Proofing Sun Solaris 8 is the latest addition to the popular Hack Proofing series from Syngress Publishing. Providing hands-on information written by both security professionals and self-proclaimed hackers, this book will give system administrators the edge they need to fortify their Sun Solaris operating system against the never-ending threat of hackers.

  • The fifth title in the popular series that brought us the bestseller Hack Proofing Your Network
  • Teaches strategy and techniques using forensic-based analysis
  • Up to the minute Web-based support with solutions@syngress.com

Forewordp. xxi
Introducing Solaris Security: Evaluating Your Riskp. 1
Introductionp. 2
Exposing Default Solaris Security Levelsp. 2
Altering Default Permissionsp. 2
Making Services Available after Installationp. 4
Working with Default Environmental Settingsp. 7
Evaluating Current Solaris Security Configurationsp. 9
Evaluating Network Servicesp. 9
Evaluating Network Processesp. 11
Monitoring Solaris Systemsp. 14
Using the sdtprocess and sdtperfmeter Applicationsp. 14
Monitoring Solaris Logfilesp. 16
Testing Securityp. 18
Testing Passwordsp. 18
Testing File Permissionsp. 20
Securing against Physical Inspectionsp. 21
Securing OpenBootp. 21
Documenting Security Procedures and Configurationsp. 22
Documenting Security Proceduresp. 22
Documenting System Configurationsp. 24
Securing Solaris with the Bundled Security Toolsp. 33
Introductionp. 34
The Orange Bookp. 35
Choosing Solaris 8 C2 Securityp. 38
Configuring Auditingp. 40
Managing the Audit Logp. 42
Understanding Auditing Classificationsp. 43
Configuring Auditingp. 44
Extracting and Analyzing Auditing Datap. 45
Choosing Trusted Solaris 8p. 47
Using Trusted Solaris 8's B1-Level Securityp. 48
Understanding the Concept of Mandatory Access Controlp. 50
Administrative Labelsp. 53
Auditing and Analyzing Trusted Solaris 8p. 54
Solaris 8 Security Enhancementsp. 55
Using SunScreen Secure Netp. 55
Utilizing SunScreen SKIPp. 56
Using the Solaris Security Toolkit Working with the Solaris Securityp. 58
Using OpenSSHp. 59
Securing Solaris with Freeware Security Toolsp. 67
Introductionp. 68
Detecting Vulnerabilities with Portscanningp. 71
Advanced Portscanningp. 76
Discovering Unauthorized Systems Using IP Scanningp. 77
Using the arp Command on Solarisp. 79
Detecting Unusual Traffic with Network Traffic Monitoringp. 81
Using Snoopp. 82
Using Snortp. 83
Using a Dedicated Snifferp. 86
Using Sudop. 88
Securing Your Usersp. 99
Introductionp. 100
Creating Secure Group Membershipsp. 101
Role-Based Access Controlp. 103
Understanding Solaris User Authenticationp. 104
Authenticating Users with NIS and NIS+p. 107
Authenticating Users with Kerberosp. 109
Authenticating Users with the Pluggable Authentication Modulesp. 115
Securing Your Filesp. 127
Introductionp. 128
Establishing Permissions and Ownershipp. 129
Access Control Listsp. 132
Role-Based Access Controlp. 135
Changing Default Settingsp. 138
Using NFSp. 142
Locking Down FTP Servicesp. 145
Using Sambap. 147
Monitoring and Auditing File Systemsp. 151
Securing Your Networkp. 159
Introductionp. 160
Configuring Solaris as a DHCP Serverp. 160
Using the dhcpmgr GUI Configuration Toolp. 161
Using the dhcpconfig Command-Line Toolp. 170
Securing DNS Services on Solarisp. 173
Using BINDp. 174
Configuring Solaris to Provide Anonymous FTP Servicesp. 181
Using X-Server Services Securelyp. 182
Using Host-Based Authenticationp. 183
Using User-Based Authenticationp. 183
Using X-Windows Securely with SSHp. 186
Using Remote Commandsp. 187
Using Built-In Remote Access Methodsp. 187
Using SSH for Remote Access Enabling Password Free Logins withp. 189
Providing Secure Web and Mail Servicesp. 199
Introductionp. 200
Configuring the Security Features of an Apache Web Serverp. 201
Limiting CGI Threatsp. 203
Using Virtual Hostsp. 206
Monitoring Web Page Usage and Activityp. 206
Configuring the Security Features of Sendmailp. 209
Stopping the Relay-Host Threatp. 213
Tracking Attachmentsp. 215
Configuring Solaris as a Secure Router and Firewallp. 223
Introductionp. 224
Configuring Solaris as a Secure Routerp. 224
Reasoning and Rationalep. 225
Routing Conditionsp. 225
Configuring for Routingp. 229
Security Optimizationp. 233
Security Implicationsp. 233
Unconfiguring Solaris Routingp. 236
Routing IP Version 6p. 237
Configuration Filesp. 238
IPv6 Programsp. 242
IPv6 Router Procedurep. 245
Stopping IPv6 Routingp. 246
IP Version 6 Hostsp. 247
Automatic Configurationp. 247
Manual Configurationp. 248
Configuring Solaris as a Secure Gatewayp. 250
Configuring Solaris as a Firewallp. 250
General Firewall Theoryp. 251
General Firewall Designp. 252
SunScreen Litep. 253
IP Filterp. 254
Using NATp. 254
Guarding Internet Access with Snortp. 255
Snort Configuration Filep. 256
Snort Log Analysisp. 257
Using Squid on Solarisp. 265
Introductionp. 266
The Default Settings of a Squid Installationp. 266
Configuring Squidp. 266
The http_port Tagp. 267
The cache_dir Tagp. 267
Access Control Listsp. 269
Configuring SNMPp. 271
Configuring the cachemgr.cgi Utilityp. 272
New in Squid 2.4--Help for IE Users!p. 274
Configuring Access to Squid Servicesp. 274
The Basics of Basic-Authp. 274
Access Control for Usersp. 275
Access Control Lifetimep. 276
Configuring Proxy Clientsp. 277
Excluding Access to Restricted Web Sitesp. 281
Filtering Content by URLp. 281
Filtering by Destination Domainp. 282
Filtering by MIME Typep. 282
Filtering by Content-Length Headerp. 283
Dissecting Hacksp. 287
Introductionp. 288
Securing against Denial of Service Hacksp. 288
Ping of Deathp. 289
Syn Floodp. 290
E-Mail Floodp. 294
Securing against Buffer Overflow Hacksp. 295
Buffer Overflow against a Web Serverp. 302
Buffer Overflow against an FTP Serverp. 305
Securing against Brute Force Hacksp. 306
Defending against Password Crackersp. 308
Securing against Trojan Horse Hacksp. 309
Defending against Rootkitsp. 309
Defusing Logic Bombsp. 311
Defending against PATH and Command Substitutionp. 313
Securing against IP Spoofingp. 314
Securing Your rhosts Filep. 316
MAC Address Spoofingp. 316
Detecting and Denying Hacksp. 325
Introductionp. 326
Monitoring for Hacker Activityp. 326
Using Tripwirep. 326
Using Shell Scripts to Alert Systems Administratorsp. 335
What to Do Once You've Detected a Hackp. 340
What's a Honeypot?p. 340
Monitoring Solaris Log Filesp. 346
Solaris Log Files to Reviewp. 347
Creating Daily Reportsp. 350
A State-of-the-System Reportp. 350
Hack Proofing Sun Solaris 8 Fast Trackp. 361
Indexp. 381
Table of Contents provided by Syndetics. All Rights Reserved.

ISBN: 9781928994442
ISBN-10: 192899444X
Audience: General
Format: Paperback
Language: English
Number Of Pages: 608
Published: 1st January 2001
Country of Publication: US
Dimensions (cm): 23.44 x 18.95  x 2.79
Weight (kg): 0.89