JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
System Administration Guide: Security Services
search filter icon
search icon

Document Information


Part I Security Overview

1.  Security Services (Overview)

Part II System, File, and Device Security

2.  Managing Machine Security (Overview)

3.  Controlling Access to Systems (Tasks)

4.  Controlling Access to Devices (Tasks)

5.  Using the Basic Audit Reporting Tool (Tasks)

6.  Controlling Access to Files (Tasks)

7.  Using the Automated Security Enhancement Tool (Tasks)

Automated Security Enhancement Tool (ASET)

ASET Security Levels

ASET Task List

System Files Permissions Tuning

System Files Checks

User and Group Checks

System Configuration Files Check

Environment Variables Check

eeprom Check

Firewall Setup

ASET Execution Log

Example of an ASET Execution Log File

ASET Reports

Format of ASET Report Files

Examining ASET Report Files

Comparing ASET Report Files

ASET Master Files

Tune Files

The uid_aliases File

The Checklist Files

ASET Environment File (asetenv)

Configuring ASET

Modifying the Environment File (asetenv)

Choosing Which Tasks to Run: TASKS

Specifying Directories for System Files Checks Task: CKLISTPATH

Scheduling ASET Execution: PERIODIC_SCHEDULE

Specifying an Aliases File: UID_ALIASES

Extending Checks to NIS+ Tables: YPCHECK

Modifying the Tune Files

Restoring System Files Modified by ASET

Network Operation With the NFS System

Providing a Global Configuration for Each Security Level

Collecting ASET Reports

ASET Environment Variables

ASETDIR Environment Variable

ASETSECLEVEL Environment Variable

PERIODIC_SCHEDULE Environment Variable

TASKS Environment Variable

UID_ALIASES Environment Variable

YPCHECK Environment Variable

CKLISTPATH_level Environment Variables

ASET File Examples

Tune File Examples

Aliases File Examples

Running ASET (Task Map)

How to Run ASET Interactively

How to Run ASET Periodically

How to Stop Running ASET Periodically

How to Collect ASET Reports on a Server

Troubleshooting ASET Problems

ASET Error Messages

Part III Roles, Rights Profiles, and Privileges

8.  Using Roles and Privileges (Overview)

9.  Using Role-Based Access Control (Tasks)

10.  Role-Based Access Control (Reference)

11.  Privileges (Tasks)

12.  Privileges (Reference)

Part IV Oracle Solaris Cryptographic Services

13.  Oracle Solaris Cryptographic Framework (Overview)

14.  Oracle Solaris Cryptographic Framework (Tasks)

15.  Oracle Solaris Key Management Framework

Part V Authentication Services and Secure Communication

16.  Using Authentication Services (Tasks)

17.  Using PAM

18.  Using SASL

19.  Using Solaris Secure Shell (Tasks)

20.  Solaris Secure Shell (Reference)

Part VI Kerberos Service

21.  Introduction to the Kerberos Service

22.  Planning for the Kerberos Service

23.  Configuring the Kerberos Service (Tasks)

24.  Kerberos Error Messages and Troubleshooting

25.  Administering Kerberos Principals and Policies (Tasks)

26.  Using Kerberos Applications (Tasks)

27.  The Kerberos Service (Reference)

Part VII Oracle Solaris Auditing

28.  Oracle Solaris Auditing (Overview)

29.  Planning for Oracle Solaris Auditing

30.  Managing Solaris Auditing (Tasks)

31.  Solaris Auditing (Reference)



Chapter 7

Using the Automated Security Enhancement Tool (Tasks)

This chapter describes how to use the Automated Security Enhancement Tool (ASET) to monitor or restrict access to system files and directories.

The following is a list of the step-by-step instructions in this chapter.

For a more comprehensive tool than ASET, use the Sun Security Toolkit. The Sun Security Toolkit provides a framework for hardening and minimizing a Solaris system. The kit includes a profiling tool, a reporting tool, and an undo capability. The toolkit is free, and can be downloaded from the Sun web site, The web site contains pointers to online documentation.

The toolkit is described in detail in Securing Systems with the Solaris Security Toolkit, by Alex Noordergraaf and Glenn Brunette, ISBN 0-13-141071-7, June 2003. The book is part of the Sun BluePrints Series, which is published by Sun Microsystems Press.