Index |
/usr/bin/ldd command, 1
access privileges, protecting, 1
accountability, 1
add_install_client command, 1
add_to_manifest function, 1
adding clients, from JumpStart servers, 1
adding JumpStart client, case scenario, 1
application security, 1
application start, messages, 1
determining if using RPC port mapper, 1
identifying, 1
identifying dynamically loaded, 1
inventorying, 1
requirements, 1
verifying, case scenario, 1
applying patches, 1
architecture, Solaris Security Toolkit software, 1
assumptions and limitations, case scenario, 1
audit option, 1
customizing, 1
directory, 1
matching drivers, 1
proprietary, 1
audit strategy, 1
audit, 1, 2
auditing a system, 1
auditing, limitations, 1
automating, 1
back up, caution, 1
banners, 1
case scenario, 1
command, 1
configuring reports, 1
controlling output, 1
customizing, 1
displaying results, 1
email option, 1
host name, script name, and timestamp information, 1
log entries, sample, 1
messages, 1
mini-scan, 1
options, 1
output option, 1
periodic, 1
process, 1
quiet option, 1
reporting only failures, 1
security assessment, 1
sorting output, 1
services, 1
strong, 1
stronger, 1
automated auditing, 1
-b option, undo, 1
backdoor access, binaries, 1
audits, 1
before installation, 1
requirements before undoing a run, 1
default action, 1
backup software, inventorying, 1
backup_file helper function, 1
Basic Security Module (BSM), 1
binaries, validating, 1
BSM, 1
bug fixes, patches, 1
case scenario, 1
centralized syslog repository, 1
change control policies, 1
changing original files, 1
Check Point Firewall-1 NG, 1
adding, 1
failed, 1
checksums, 1
client does not build, case scenario, 1
adding from JumpStart servers, 1
removing from JumpStart servers, 1
collecting information, running processes, 1
audits, help, 1
driver, 1
email notification, 1
help, 1
history, 1
jass-execute command, 1
most recent execute, 1
output file, 1
quiet, 1
root, 1
comment handler, 1
comment mark (#), 1
compilers, limiting, 1
compilers, warning about installing, 1
assessing, case scenario, 1
audit reporting, 1
auditing, 1
automating, 1
configuring your environment, 1
customizing, case scenario, 1, 2
differences in running vs. stored, 1
guidelines, 1
guidelines for reviewing, 1
information, drivers, 1
JumpStart mode, 1
JumpStart server, 1
JumpStart server, case scenario, 1
monitoring and maintaining, 1
scripts, 1
security assessments, 1
determining if in use, 1
inspecting, 1
JumpStart profiles, 1
main, 1
core.profile, 1
corrupted contents, files, 1, 2
cp command, 1
creating security profile, case scenario, 1
audit runs, 1
using quiet output option, 1
custom configuration, case scenario, 1
guidelines, 1
policies and requirements, 1
security audits, 1
Solaris Security Toolkit, 1
syslog.conf file, 1
-d driver option restrictions, 1
daemons, disabling, 1
data integrity, 1
debugging services, 1
configurations, FTP and Telnet, 1
security profiles, 1
determining, 1
unidentified, 1
installing software, 1
securing, 1
deploying minimized and secured systems, 1
deploying systems, 1
design, Solaris Security Toolkit software, 1
determining OS services to remain enabled, 1
Developer Solaris OE cluster, SUNWCprog, 1
developer.profile, 1
digital fingerprints, 1
audit scripts, 1
drivers, 1
files, 1
finish scripts, 1
JumpStart profiles, 1
list, 1
man, 1
OS, 1
patches, 1
run, 1
software packages, 1
starting, 1
structure, 1
sysidcfg, 1
discrepancies, finding, 1
display help option, 1
display help option, audits, 1
DNS service, 1
documentation directory, 1
documenting results, 1
downloading security software, 1
downtime, 1
driver control flow, 1
driver directory, 1
driver option, 1
overview, 1
configuration information, 1
directory, 1
naming, 1
drivers directory, 1
drivers, JumpStart servers, 1
dtexec processes, 1
email notification option, 1
encryption, 1
encryption software, 1
End User Solaris OE cluster, SUNWCuser, 1
end-user.profile, 1
Entire Distribution Solaris OE cluster, SUNWCall, 1
entire-distribution.profile, 1
importing, 1
environment, configuring, 1
messages or warnings, 1
while parsing the sysidcfg file, JumpStart mode, 1
Ethernet interfaces, case scenario, 1
evaluating a system, 1
executing software in stand-alone mode, 1
executing Solaris Security Toolkit, 1
exploited systems, 1
extensions, 1
extracting patches, 1
-f option, undo, 1
failed checks, 1
failures, applications, 1
faults, 1
file checksums, 1
file names, 1
file samples, sysidcfg, 1
obtaining information, 1
integrity, 1
determining usage, 1
directory, 1
inconsistent, 1
JumpStart clients, storing, 1
listing and reviewing changes, 1
modifying, 1
naming standards, 1
profiles, 1
reviewing manually changed, 1
files directory, 1
finish directory, 1
creating new, 1
undo feature, 1
driver flow, 1
FixModes.tar.Z file, 1
software, downloading, 1
force option, 1
framework, customizing Solaris Security Toolkit, 1
frameworks, services, 1
default configuration, 1
services, enabled, 1, 2
adding, 1
patches, 1
problems, 1
testing, 1
hardening a system quickly, 1
executing Solaris Security Toolkit, 1
listing for undo, 1
reversing changes, 1
helper functions, 1
history option, 1
host-based access control, 1
identifying dynamically loaded applications, 1
inconsistent state, 1
infrastructure, 1
infrastructure components, 1
infrastructure, preparing, case scenario, 1
auditing after, 1
automating patches, 1
automating Solaris OS, 1
backing up, 1
client, case scenario, 1
guidelines, 1
hardening systems, 1
log file, 1
new system, case scenario, 1
patches, 1
planning, 1
preinstallation tasks, 1
software, 1
software, case scenario, 1
standardizing, 1
verification, 1
binaries, checking, 1
data, 1
executables, verifying, 1
file system, 1
software downloads, 1
integrity management solutions, 1
intrusion detection, 1
JASS, 1
JASS_DISPLAY_HOSTNAME variable, 1
JASS_DISPLAY_SCRIPTNAME variable, 1
JASS_DISPLAY_TIMESTAMP variable, 1
JASS_HOME_DIR environment variable, definition, 1
JASS_LOG_BANNER environment variable, 1, 2
JASS_LOG_ERROR environment variable, 1
JASS_LOG_FAILURE environment variable, 1
JASS_LOG_SUCCESS environment variable, 1
JASS_LOG_WARNING environment variable, 1
modifying contents, 1
reviewing contents, 1
undo runs, 1
jass-check-sum command, 1
jass-check-sum program, 1
jass-execute -a command, 1
jass-execute -a command options, 1
jass-execute command options, 1
jass-execute -u command, 1
jass-manifest.txt file, 1
jass-undo-log.txt file, 1
JumpStart Architecture and Security Scripts (JASS), 1
JumpStart architecture, integrating Solaris Security Toolkit, 1
adding, case scenario, 1
does not build, case scenario, 1
files, storing, 1
installing client, case scenario, 1
errors while parsing the sysidcfg file, 1
installation, sysidcfg directory, 1
modifying sysidcfg, 1
using all scripts, 1
using selected scripts, 1
JumpStart profiles, 1
directory, 1
templates, 1
configuring and managing, 1
configuring, case scenario, 1
multihomed, 1
JumpStart technology, 1, 2
-k option, undo, 1
keep option, 1
Kerberos, 1
key components, 1
key environment variables, 1
kill command, 1
LDAP, 1
ldd command, 1
libraries, 1, 2
librpcsvc.so.1 entries, 1
life cycle, maintaining security, 1
limiting compilers, 1
list open files program, 1
installation, 1
reviewing, 1
considering, 1
operations, 1
lsof program, 1
lsof program, obtaining, 1
audits, 1
undo, 1
maintaining version control, 1
maintenance window, 1
make-jass-pkg program, 1
malfunctions, 1
man directory, 1
management protocols, example policy, 1
management software, inventorying, 1
processing multiple, 1
manifest files, 1
manual changes, keeping during undo, 1
manual reviews, security, 1
MD5 binaries, 1
downloading, 1
md5.tar.Z file, 1
messages, audits, 1
meta-services, 1
methodology, securing systems, 1
minimizing output, 1
minimizing, 1, 2
modes, 1
modifications, tracking, 1
modifications, validating, 1
code, 1
profile files, 1
monitoring security, 1
monitoring software, inventorying, 1
most recent execute option, 1
moving patch files, 1
multihomed JumpStart server, 1
naming files, standards, 1
naming services, 1
custom files, 1
installations, 1
Solaris OS, 1
nested or hierarchical security profiles, 1
netstat command, 1
network access, protecting, 1
applications relying on, 1
NIS, 1
notices, generated during undo, 1
-o option, audits, 1
-o option, undo, 1
OEM Solaris OE cluster, SUNWCXall, 1
oem.profile, 1
offline, securing systems, 1
building and deploying, 1
compiling, 1
software, downloading, 1
operational or management functions, inventorying, 1
audit, 1
audits, 1
audits, help, 1
backup, undo, 1
driver, 1
email notification, 1
email, audits, 1
email, undo, 1
help, 1
history, 1
jass-execute command, 1
most recent execute, 1
output file, 1
quiet, 1
quiet, audits, 1
quiet, undo, 1
root, 1
undo command, 1
directory, 1
OS cluster, specifying and installing, case scenario, 1
OS images, 1
disabling, 1
minimizing, 1
sample audit run, 1
sorting audit, 1
audits, 1
file, 1
undo, 1
package name, case scenario, 1
packages directory, 1
packages, adding packages not in pkg format, 1
passwd(1) command, 1
policy example, 1
patches, 1
adding those not installed, 1
creating subdirectories, 1
directory, 1
extracting, 1
installing, 1
moving files, 1
naming directories, 1
overwriting configuration files, 1
README files, 1
rehardening system after installing, 1
Solaris OS patches, 1
periodic audits, 1
objects, defaults, 1
pfiles command, 1
pkgadd command, 1
pkill command, 1
planning and preparing, case scenario, 1
planning phase, 1
planning, installation, 1
platform minimization, 1
pldd command, 1
ports, determining usage, 1
precautions, 1
preinstallation tasks, 1
private management network, 1
privilege management, 1
privileges, protecting, 1
determining which are using files and ports, 1
identifier, 1
directory, 1
modifying, 1
planning and preparing, 1
proprietary drivers and scripts, 1
ps command, 1
purpose, Solaris Security Toolkit software, 1
-q option, audits, 1
-q option, undo, 1
quality assurance (QA) testing, 1
quiet option, 1
rc script, audit runs, 1
reboot, securing systems, 1
Recommended and Security Patch Clusters
downloading, 1
storing, 1
related resources, 1
removing clients, from JumpStart servers, 1
report, email notification, 1
required software, 1
applications, 1
gathering, 1
security, 1
services, 1
services, determining, 1
undoing hardening runs, 1
restricting services, 1
results, documenting, 1
return value, 1
reverse-jass-manifest.txt file, 1
reversing changes, 1
reviewing log files, 1
reviewing security posture, 1
risks and benefits, considering, 1
rm_install_client command, 1
director, 1
option, 1
port mapper, 1
services, 1
checking, case scenario, 1
run directory, 1
rusers command, 1
rusers service, validating, 1
samples, profile files, 1
SCCS, 1
scenario, 1, 2
scp command, 1
list, 1
modifying, caution, 1
naming, 1
building and deploying, 1
commercial versions, compiling, 1
installing, case scenario, 1
product requirements, 1
software, downloading, 1
secure.driver, executing, 1
securing a deployed system, 1
securing systems, methodology, 1
requirements, 1
configuration, 1
performing, 1
security configuration, assessing, 1
developing, 1
reviewing, 1
standards, 1
auditing, 1
reviewing, 1
creating, case scenario, 1
default, 1
nested or hierarchical, 1
templates, 1
validating, 1
verifying installation, case scenario, 1
security software, downloading, 1
security, monitoring, 1
service frameworks, 1
service requirements, determining, 1
abort, hang, 1, 2
determining if required, 1
identifying, 1
inventorying, 1
recently used, determining, 1
requirements, 1
restricting, 1
RPC, 1
shared libraries, 1
SI_CONFIG_DIR, installing software in subdirectory, 1
SIGHUP signal, 1
site-specific drivers, matching audit scripts, 1
slow network connections, using quiet output, 1
SNMP, 1
software components, 1
software installation, scripts, 1
adding packages not in pkg format, 1
directory, 1
software required, 1
Solaris Fingerprint Database, 1
Solaris Fingerprint Database Companion, 1
Solaris Fingerprint Database Sidekick, 1
cluster, SUNWCreq, 1
fixes, 1
images, 1
naming standards, 1
package format, 1
services, checking, 1
installing for JumpStart mode, 1
software, downloading, 1
Solstice DiskSuite, 1
sorting audit output, 1
Source Code Control System (SCCS), 1
specify and install OS cluster, case scenario, 1
stability, 1
stand-alone mode, 1
executing, 1
using, 1
standardizing system installations, 1
standards, enforcing across platforms, 1
standards, security policies, 1
starting directory, 1
stored state, 1
strong authentication, 1
stronger authentication, 1
structure, software, 1
sun4u, 1
SunSolve OnLine web site, 1
SUNWjass directory, 1
SUNWjass-n.n.pkg, 1
directory, 1
file samples, 1
file, modifying for JumpStart mode, 1
file, version restrictions, 1
files, 1
messages, logging, 1
repository, 1
syslog.conf file, customizing, 1
binaries, validating, 1
boot, messages, 1
call, 1
configurations, monitoring and maintaining, 1
requirements, case scenario, 1
stability, verifying, 1
state, 1
vulnerabilities, 1
TCP Wrappers, 1
Telnet, enabling, 1
templates, profile files, 1
test and acceptance plan, 1
testing functionality, 1
testing, on nonproduction systems, 1
timing out, programs, 1
tools, 1, 2
tracking changes, 1
trojan, 1, 2
troubleshooting, 1
system modifications, 1
undo runs, 1
ttsession processes, 1
uncompress command, 1
backup option, 1
command-line options, 1
email option, 1
force option, 1
information required for using, 1
interactive runs, 1
keep option, 1
limitations, 1
logging and reversing changes, 1
manually undoing changes, 1
options, 1
output option, 1
quiet option, 1
restrictions, 1
runs, listing, 1
selecting runs, sample output, 1
unavailable, 1
undoing runs, 1
undo-log.txt file, 1
unexpected behavior, 1
usage auditing, 1
user.init file, 1
user.init.SAMPLE, purpose, 1
user.run.SAMPLE, purpose, 1
user-interactive services, disabling, 1
user-interactive sessions, protecting, 1
validating security profiles, 1, 2
validation process, 1
verbosity levels, 1
verification, before installation, 1
application and service functionality, 1
functionality, multiple reboots, 1
security profile installation, 1
system stability, 1
version control, 1
analysis, 1
scanning, 1
strategy, 1
value, 1, 2
warm-brick, 1
displaying at system boot or application start, 1
executing Solaris Security Toolkit software, 1
Copyright © 2005, Sun Microsystems, Inc. All Rights Reserved.