Hardening the OS
If all of your filtering interfaces are in stealth mode, SunScreen offers optional hardening of the OS, which removes packages and files from the Solaris operating system that are not used by SunScreen--in accordance with the best practices as described in http://www.sun.com/blueprints/browsesubject.html#security. Hardening in SunScreen 3.2 is based upon JASS (JumpStart Architecture and Security Scripts). The JASS scripts are in /usr/lib/sunscreen/admin/jass. The hardening script is /usr/lib/sunscreen/lib/harden_os. The process of hardening can be carried out at install time or at a later time by running the script.
WARNING: this script cannot be reversed; once files have been removed, the only way to recover them is to reinstall Solaris.
Note -
If some of your filtering interfaces are in stealth mode and other interfaces are in routing mode, you should not use the option of hardening of the OS that SunScreen offers.
- © 2010, Oracle Corporation and/or its affiliates