Great Deals on Used Textbooks & New Textbooks!               
My Account | Help Desk | Market Place Shopping Cart
Free shipping. Click here for details.
No items in cart.
Total: $0.00
Textbooks Sell Textbooks Books Supplies Medical Books College Apparel Movies Clearance
Search  Advanced >>
Related Topics: Computers >> Operating Systems >> Unix
Enterprise Security: Solaris Operating Environment, Security Journal, Solaris OEv2.51, 2.6, 7, and 8,9780131000926
Other versions by this Author

Enterprise Security: Solaris Operating Environment, Security Journal, Solaris OEv2.51, 2.6, 7, and 8


Edition: 1st
Author(s): Noordergraaf, Alex
ISBN10:  0131000926
ISBN13:  9780131000926
Format:  Paperback
Pub. Date:  1/1/2003
Publisher(s): Prentice Hall PTR

Send to a friend
New Price  N/A
List Price $50.00
eVIP Price  $45.13
New Copy:  Currently Not Available
add remove
Marketplace Price $35.00
List Price $50.00 Available in the eCampus Marketplace
Take 90 Days to Pay on $250 or more
with Quick, Easy, Secure
Subject to credit approval.
 ALSO AVAILABLE FROM THESE OTHER MERCHANTS 
clicking 'SHOP NOW' will bring you to the listed merchant's site
StorePriceShippingQuality 
Alibris$3.23See SiteUsedShop Alibris Now
Alibris$3.23See SiteNewShop Alibris Now
0.34375
SummaryTable of Contents
-- Provides tricks, tools, and techniques that hackers use to break into systems
-- Includes complete documentation and CD-ROM of the Solaris Security Toolkit
-- Part of the Sun Microsystems Press Blueprint series

This guide provides the reader with best practices from Sun Microsystems for architecting multi-tiered datacenter environments.

This Sun Microsystems Blue Print features documented, automated, and supported security best practices for high-end servers and cluster software. Written for experienced developers and system administrators it includes tricks, tools, and techniques that hackers use to break into systems. The author details best practices and tools for sniffing out "trojaned" system files and binaries and describes Solaris security features, network settings, and minimization.

Acknowledgements iii
Preface xxi
Part 1. Solaris Operating Environment Security
Solaris Operating Environment Security
3(38)
File Systems and Local Security
4(19)
Initial Installation
4(1)
Minimization
5(1)
Console Security
6(3)
File System
9(4)
Accounts
13(2)
The init System
15(1)
Kernel Adjustments
16(3)
Log Files
19(1)
Miscellaneous Configuration
20(3)
Network Service Security
23(16)
Network Service Issues
24(1)
Available Tools
24(1)
Telnet
25(1)
Remote Access Services (rsh, rlogin, and rcp)
26(1)
Remote Execution Service (rexec)
26(1)
FTP
26(1)
Trivial FTP
27(1)
inetd Managed Services
28(1)
RPC Services
29(2)
NFS Server
31(1)
Automount
32(1)
sendmail Daemon
33(1)
Name Service Caching (nscd)
34(1)
Print Services
35(1)
IP Forwarding
36(1)
Network Routing
36(1)
Multicast Routing
36(1)
Reducing inetsvc
37(1)
Network Service Banners
38(1)
Related Resources
39(2)
Network Settings for Security
41(24)
The ndd Command
42(2)
Notes on Parameter Changes
43(1)
Address Resolution Protocol (ARP)
44(4)
ARP Attacks
45(1)
ARP Defenses
46(2)
Internet Control Message Protocol (ICMP)
48(3)
Broadcasts
48(2)
Redirect Errors
50(1)
Internet Protocol (IP)
51(5)
IP Forwarding
51(2)
Strict Destination Multihoming
53(1)
Forwarding Directed Broadcasts
53(1)
Routing
54(1)
Forwarding Source Routed Packets
55(1)
Transmission Control Protocol (TCP)
56(5)
SYN Flood Attacks
56(2)
Connection Exhaustion Attacks
58(1)
IP Spoofing Attacks
59(2)
Common TCP and UDP Parameters
61(2)
Adding Privileged Ports
61(2)
Changing the Ephemeral Port Range
63(1)
Script for Implementing ndd Commands
63(1)
Related Resources
64(1)
Minimization
65(22)
Installation Clusters
66(2)
Test Environment
68(1)
Methodology Overview
68(5)
Verifying JumpStart Software
69(1)
Installing Core Solaris OE Cluster
70(1)
Installing Patches
70(1)
Removing Unnecessary Packages
71(1)
Using JumpStart Software to Configure the OS
71(1)
Installing and Configuring Software Packages
72(1)
Checking For Errors
72(1)
Testing Software Installation
72(1)
Final Configuration of iPlanet Web Server 4.1
73(12)
Solaris 8 OE
73(4)
Solaris 7 OE
77(3)
Solaris 2.6 OE
80(5)
Related Resources
85(2)
Publications
85(1)
Web Sites
85(2)
Auditing
87(24)
Sun SHIELD Basic Security Module (BSM)
88(1)
Auditing Principles
88(1)
Auditing Goals
89(1)
Enabling Auditing
90(2)
Definition of Terms
92(3)
Audit Flag
92(1)
Audit Preselection Mask
92(1)
Audit Trail
92(1)
Audit User ID (AUID)
93(1)
audit_class
93(1)
audit_control
94(1)
audit_event
94(1)
audit_user
95(1)
Audit Trails
95(2)
Audit Classes and Events
97(7)
Login or Logout (10)
98(1)
Nonattribute (na)
98(1)
Administrative (ad)
99(3)
Additional Audit Events
102(1)
Application Audit Class
103(1)
Excluded Audit Classes
103(1)
Audit Trail Analysis
104(1)
audit_control, audit_class, and audit_event Files
105(2)
audit_control File
105(1)
Modified audit_class File
105(1)
Modified audit_event File
106(1)
audit_event Modifications
107(1)
Solaris OE Upgrades
107(1)
Related Resources
108(3)
Part II. Architecture Security
Building Secure N-Tier Environments
111(18)
Is There a Silver Bullet?
112(1)
N-Tier Description
113(4)
Web Server Tier
114(1)
Application Server Tier
114(1)
Database Server Tier
115(1)
Storage Area Network Tier
115(1)
Backup Tier
115(1)
ExtraNet/Service Provider Tier
116(1)
Management Tier
116(1)
Defense-In-Depth
117(1)
Segmentation
117(1)
System Build Requirements
117(3)
Dedicated Functionality
118(1)
Hardening
118(1)
Host-Based Firewall
118(1)
Minimization
119(1)
Communication and IP Forwarding
120(1)
Network Flow
120(1)
System Configuration
121(1)
Network Segmentation
121(3)
Internet-Web Server Tier
122(1)
Web Server-Application Server Tier
122(1)
Application Server Tier-Database Tier
122(1)
ExtraNet Tier-Database Tier
122(1)
Backup Tier-Systems Being Backed Up
123(1)
San Tier-Systems Using SAN
123(1)
Management Tier-All Servers
123(1)
Build Process
124(1)
Encryption
124(1)
Backups
125(1)
Centralized Logging
125(1)
Intrusion Detection
126(1)
Related Resources
126(3)
Part III. Justification for Security
How Hackers Do It: Tricks, Tools, and Techniques
129(22)
Tricks
130(2)
Finding Access Vulnerabilities
130(1)
Finding Operating System Vulnerabilities
131(1)
Attacking Solaris OE Vulnerabilities
131(1)
Tools
132(3)
Port Scanners
132(1)
Vulnerability Scanners
133(1)
Rootkits
134(1)
Sniffers
134(1)
Techniques
135(3)
Attacks From the Internet
135(2)
Attacks From Employees
137(1)
How to Use the Tools
138(9)
Using Port Scanners
138(1)
Using Vulnerability Scanners
139(2)
Using Rootkits
141(3)
Using Sniffers
144(3)
References
147(1)
Related Resources
147(4)
Publications
147(1)
Web Sites
147(4)
Part IV. Tools Security
Solaris Fingerprint Database
151(12)
How Does the sfpDB Work?
152(1)
sfpDB Scope
153(1)
Limitations
153(1)
Downloading and Installing MD5
153(2)
Creating an MD5 Digital Fingerprint
155(1)
Testing an MD5 Digital Fingerprint
156(1)
Real-World Results
157(2)
Additional sfpDB Tools
159(1)
Solaris FingerPrint Database Companion (sfpC)
159(1)
Solaris Fingerprint Database Sidekick (sfpS)
159(1)
Frequently Asked Questions
160(1)
Related Resources
160(3)
Part V. Hardware and Software Security
Securing the Sun Fire 15K System Controller
163(28)
Introduction to Sun Fire 15K SC
164(1)
Assumptions and Limitations
165(1)
Understanding the SC Functions
166(2)
Redundant SCs
167(1)
System Management Services (SMS) Software
167(1)
Securing the Sun Fire 15K SC
168(1)
Solaris Security Toolkit Software
168(1)
Obtaining Support
169(1)
Default SC SMS Software Configuration
169(6)
SC Solaris OE SMS Packages
170(1)
SC SMS Accounts and Security
171(2)
SC SMS Daemons
173(2)
SC Network Interfaces
175(4)
Main SC Network Interfaces
176(2)
Spare SC Network Interfaces
178(1)
Secured SC Solaris OE Configuration
179(1)
Security Recommendations
179(2)
Implementing the Recommendations
181(8)
Software Installation
181(4)
Securing the SC with the Solaris Security Toolkit Software
185(4)
Related Resources
189(2)
Securing Sun Fire 15K Domains
191(24)
Disclaimer
192(1)
Obtaining Support
193(1)
Assumptions and Limitations
193(2)
Solaris 8 OE
193(1)
SMS
194(1)
Solaris OE Packages
194(1)
Solaris Security Toolkit Software
194(1)
Network Cards
194(1)
Minimization
194(1)
Domain Solaris OE Configuration
195(2)
Sun Fire 15K Domain Hardening
197(5)
Standalone Versus JumpStart Modes
197(1)
Solaris Security Toolkit Software
197(1)
Security Modifications
198(4)
Installing Security Software
202(5)
Installing the Solaris Security Toolkit Software
202(2)
Installing the Recommended and Security Patch Clusters
204(1)
Installing the FixModes Software
205(1)
Installing the OpenSSH Software
206(1)
Installing the MD5 Software
206(1)
Domain Solaris OE Modifications
207(3)
Executing the Solaris Security Toolkit Software
207(2)
Verifying Domain Hardening
209(1)
Secured Domain Solaris OE Configuration
210(3)
Solaris Security Toolkit Scripts
213(1)
Related Resources
214(1)
Securing Sun Enterprise 10000 System Service Processors
215(40)
Background Information
216(13)
Assumptions and Limitations
216(1)
Qualified Software Versions
217(1)
Obtaining Support
218(1)
Sun Enterprise 10000 System Features and Security
218(1)
System Service Processor (SSP)
219(5)
Solaris OE Defaults and Modifications
224(5)
Building a Secure Sun Enterprise 10000 System
229(21)
Modifying Network Topology
229(5)
Installing Main SSP Detection Script
234(1)
Adding Security Software
235(8)
Creating Domain Administrator Accounts
243(1)
Adding Host-Based Firewalls
244(6)
Verifying SSP Hardening
250(2)
Testing the Main SSP
250(1)
Testing the Spare SSP
251(1)
Sample SunScreen Software Configuration File
252(1)
Related Resources
253(2)
Sun Cluster 3.0 (12/01) Security with the Apache and iPlanet Web and Messaging Agents
255(28)
Software Versions
256(1)
Obtaining Support
257(1)
Assumptions and Limitations
258(3)
Solaris 8 OE
258(1)
Sun Cluster 3.0 (12/01) Software
258(1)
iPlanet Web and Messaging Servers and Apache Web Server Supported
259(1)
Solaris OE Packages and Installation
259(1)
Cluster Interconnect Links
259(1)
Solaris Security Toolkit Software
260(1)
Security Modification Scope
260(1)
Minimization
260(1)
Solaris OE Service Restriction
261(6)
Hardening Modifications
262(3)
Hardening Results
265(2)
Sun Cluster 3.0 Daemons
267(1)
Terminal Server Usage
268(1)
Node Authentication
268(2)
Securing Sun Cluster 3.0 Software
270(8)
Installing Security Software
270(5)
Sun Cluster 3.0 Node Solaris OE Modifications
275(3)
Verifying Node Hardening
278(1)
Maintaining a Secure System
279(1)
Solaris Security Toolkit Software Backout Capabilities
280(1)
Related Resources
281(2)
Securing the Sun Fire Midframe System Controller
283(44)
System Controller (SC) Overview
284(1)
Midframe Service Processor
285(2)
Hardware Requirements
285(1)
Mapping of MSP to SC
286(1)
Network Topology
287(3)
Terminal Servers
288(1)
Control-A and Control-X Commands
288(2)
MSP Fault Tolerance
290(1)
MSP Security
291(12)
MSP Hardening
296(1)
Solaris Security Toolkit Installation
297(1)
Recommended and Security Patch Installation
298(2)
Solaris Security Toolkit Execution
300(1)
MSP SYSLOG Configuration
301(2)
SC Application Security Settings
303(10)
Platform Administrator
304(7)
Domain Administrator
311(2)
Domain Security Settings
313(1)
The setkeyswitch Command
313(1)
Other System Controller Security Issues
314(7)
Engineering Mode
314(1)
dumpconfig and restoreconfig
315(2)
flashupdate
317(4)
Recovering a Platform Administrator's Lost Password
321(2)
Related Resources
323(4)
Publications
323(1)
Web Sites
323(4)
Part VI. Solaris Security Toolkit Documentation
Quick Start
327(10)
Installation
328(2)
Compressed Tar Archive
328(1)
Package Format
329(1)
Configuration and Usage
330(3)
Standalone Mode
330(1)
JumpStart Mode
331(2)
Undo
333(1)
Frequently Asked Questions
334(2)
Related Resources
336(1)
Installation, Configuration, and User Guide
337(28)
Problem
338(1)
Solution
338(2)
Standalone Mode
339(1)
JumpStart Technology Mode
340(1)
Supported Versions
340(1)
Obtaining Support
340(1)
Architecture
341(1)
Installation and Basic Configuration
341(1)
Advanced Configuration
341(15)
driver.init Configuration File
342(1)
Jass_Files_Dir
342(6)
finish.init Configuration File
348(7)
user.init Configuration File
355(1)
Using the Solaris Security Toolkit
356(5)
JumpStart Mode
356(2)
Standalone Mode
358(3)
Building Custom Packages
361(3)
Related Resources
364(1)
Internals
365(40)
Supported Solaris OE Versions
366(1)
Architecture
366(1)
Documentation Directory
367(1)
Drivers Directory
367(10)
Driver Script Creation
367(2)
Driver Script Listing
369(8)
Files Directory
377(5)
The Jass_Files Environment Variables and Files Directory Setup
377(2)
Files Directory Listing
379(3)
Finish Directory
382(17)
Finish Script Creation
382(1)
Finish Script Listing
383(7)
Install Finish Scripts
390(3)
Minimize Finish Script
393(1)
Print Finish Scripts
393(2)
Remove Finish Script
395(1)
Set Finish Scripts
395(3)
Update Finish Scripts
398(1)
OS Directory
399(1)
Packages Directory
400(1)
Patches Directory
400(1)
Profiles Directory
401(1)
Profile Creation
401(1)
Profile Configuration Files
401(1)
Sysidcfg Directory
402(1)
Version Control
402(1)
Related Resources
403(2)
Release Notes
405(12)
New Undo Feature
406(1)
Updated Framework
407(2)
driver.run Script
407(1)
Jass_Config_Dir Variable Renamed
407(1)
Scripts* and Files* Prefix Conventions
407(1)
Sunwjass
407(1)
New Data Repository
408(1)
copy_files Function Enhanced
408(1)
New Configuration File finish.init
408(1)
Changes to Profiles
409(1)
New Driver Scripts
409(1)
Changes to Driver Scripts
409(1)
New Finish Scripts
410(1)
Changes to Finish Scripts
411(2)
Disabled Accounts
411(1)
Increased Partition Size Default
411(1)
Modified disable-system-accounts.fin
411(1)
Renamed disable-rlogin-rhosts.fin
411(1)
Updated install-strong-permissions.fin
412(1)
Removed EvilList Parameter Duplicates
412(1)
Improved Output Format for print-jass-environment.fin
412(1)
Symbolic Links Changed in set-system-umask.fin
412(1)
Improved Finish Scripts
412(1)
Preventing kill Scripts from Being Disabled
413(1)
New File Templates
413(1)
Miscellaneous Changes
414(3)
Logging Changes to System Files
414(1)
Symbolic Links to Files and Directories
414(1)
Formatting Leading Slashes (/)
414(1)
Processing User Variables-Bug Fixed
414(1)
Removed add-client Directory Dependency
414(1)
Changed Default le0 Entry
415(1)
New Variable Jass_Hostname
415(2)
Index 417

Check Out These Items!
eCampus.com Pink Backpack eCampus.com Pink Backpack
Retail Price $28.95
Our Price $10.00 		eCampus.com T-Shirt eCampus.com T-Shirt
Retail Price $14.99
Our Price $2.00 		eCampus.com 4GB USB Drive eCampus.com 4GB USB Drive
Retail Price $32.95
Our Price $25.00
  Buy Textbooks
  Sell Textbooks
  College Apparel
  Shop by School
  Virtual Bookstores
   Order Status
  Shipping Rates
  Return Policy
  Marketplace Info
  F.A.S.T.
   Contact Us
  Privacy Policy
  Legal Notices
  Site Security
  Employment
  Help Desk
  eCampus Blog
  Affiliate Program
  Bulk Orders
  College Marketing
 HACKER SAFE certified sites prevent over 99.9% of hacker crime.
eCampus.com blog follow eCampus.com on twitter find eCampus.com on facebook RSS Need Help? eService@ecampus.com   Copyright© 1999-2008     
.