1. Security Services (Overview)
Part II System, File, and Device Security
2. Managing Machine Security (Overview)
3. Controlling Access to Systems (Tasks)
4. Controlling Access to Devices (Tasks)
5. Using the Basic Audit Reporting Tool (Tasks)
6. Controlling Access to Files (Tasks)
Automated Security Enhancement Tool (ASET)
System Files Permissions Tuning
System Configuration Files Check
Example of an ASET Execution Log File
ASET Environment File (asetenv)
Modifying the Environment File (asetenv)
Choosing Which Tasks to Run: TASKS
Specifying Directories for System Files Checks Task: CKLISTPATH
Scheduling ASET Execution: PERIODIC_SCHEDULE
Specifying an Aliases File: UID_ALIASES
Extending Checks to NIS+ Tables: YPCHECK
Restoring System Files Modified by ASET
Network Operation With the NFS System
Providing a Global Configuration for Each Security Level
ASETSECLEVEL Environment Variable
PERIODIC_SCHEDULE Environment Variable
UID_ALIASES Environment Variable
CKLISTPATH_level Environment Variables
How to Stop Running ASET Periodically
How to Collect ASET Reports on a Server
Part III Roles, Rights Profiles, and Privileges
8. Using Roles and Privileges (Overview)
9. Using Role-Based Access Control (Tasks)
10. Role-Based Access Control (Reference)
Part IV Oracle Solaris Cryptographic Services
13. Oracle Solaris Cryptographic Framework (Overview)
14. Oracle Solaris Cryptographic Framework (Tasks)
15. Oracle Solaris Key Management Framework
Part V Authentication Services and Secure Communication
16. Using Authentication Services (Tasks)
19. Using Solaris Secure Shell (Tasks)
20. Solaris Secure Shell (Reference)
21. Introduction to the Kerberos Service
22. Planning for the Kerberos Service
23. Configuring the Kerberos Service (Tasks)
24. Kerberos Error Messages and Troubleshooting
25. Administering Kerberos Principals and Policies (Tasks)
26. Using Kerberos Applications (Tasks)
27. The Kerberos Service (Reference)
Part VII Oracle Solaris Auditing
28. Oracle Solaris Auditing (Overview)
29. Planning for Oracle Solaris Auditing
30. Managing Solaris Auditing (Tasks)
This chapter describes how to use the Automated Security Enhancement Tool (ASET) to monitor or restrict access to system files and directories.
The following is a list of the step-by-step instructions in this chapter.
For a more comprehensive tool than ASET, use the Sun Security Toolkit. The Sun Security Toolkit provides a framework for hardening and minimizing a Solaris system. The kit includes a profiling tool, a reporting tool, and an undo capability. The toolkit is free, and can be downloaded from the Sun web site, http://www.sun.com/software/security/jass. The web site contains pointers to online documentation.
The toolkit is described in detail in Securing Systems with the Solaris Security Toolkit, by Alex Noordergraaf and Glenn Brunette, ISBN 0-13-141071-7, June 2003. The book is part of the Sun BluePrints Series, which is published by Sun Microsystems Press.