How To Tighten Security

This section discusses standard security precautions you can take to protect your network, the security mechanisms in Solaris ISP Server, and how to use these mechanisms in a Solaris ISP Server installation.

Standard Security Precautions

The following standard security precautions will help safeguard your network.

• Design your network for as few software components per machine as is compatible with the machine's purpose. Any software product has the potential to introduce security holes, whether through known vulnerabilities or through bugs. The fewer processes running and the fewer protocols supported, the more secure the computer will be.

  In addition, if an intruder were to compromise one computer, only a portion of the resources and services in your system would be involved.

• Disable Solaris services that are not needed on the particular computer. Solaris ISP Server host configuration software offers recommendations based on your choice of application software, for example, disabling some 'r' commands (such as rlogin) to ensure protection for passwords and to restrict access to hosts for unauthorized individuals. Unless you have a specific reason for enabling a service, accept these recommendations.

• Change passwords regularly and encourage using difficult-to-guess passwords. The directory services do not enforce periodic changing of passwords; you must have your users change them at appropriate intervals.

• Use public-key cryptography to encrypt all traffic between trusted hosts at the IP level. SunScreen SKIP, bundled with Solaris ISP Server, authenticates incoming IP traffic and ensures that outgoing data is not altered or viewed by others while in transit.

• Use routers that can identify trusted hosts and block spoofed IP addresses.

• Fix vulnerabilities and bullet proof your code. Ensure that all applications check buffer limits and prevent overruns.

• Grant access only to the portions of the system that employees need to do their jobs. Limit administrator rights to only those services they actually manage. Sun Internet Administrator supports this effort by offering a centralized way to manage administrator access. Administrators do not even need UNIX accounts to do their work.

• Implement security mechanisms such as network monitoring and firewalls.

Security Mechanisms in Solaris ISP Server

Security mechanisms in Solaris ISP Server include a hardening step performed during installation, access control lists (ACLs), encryption software (SunScreen SKIP), and intrusion detection based on examination of log files.

Authentication

Authentication in Solaris ISP Server is performed using a private Pluggable Authentication Module (PAM). User login information is validated against the directory using LDAP. This form of authentication allows for more users on a single system, and provides a better security model than standard UNIX authentication. It allows central authentication for users of all systems on the network and removes the need to create a UNIX account for every user.

Access Control

Sun Directory Services has ACLs that are set during installation. They are defined so that only appropriate entities can add, change, or delete entries. Specific information on the ACLs configured by Solaris ISP Server is in Chapter 3, Using Directory Services of this book.

Sun WebServer has ACLs that protect web site content based on user-definable realms. All Solaris ISP Server web-based interfaces are protected by these ACLs, to prevent unauthorized access.

Hardening of the Solaris Operating System

The Solaris ISP Server host configuration software disables unnecessary Solaris services and changes the modes and owners of certain system files, reducing the potential security gaps in the system. This process is configurable; you control which services are disabled and which other hardening steps are performed.

Intrusion Detection

Using syslog, Solaris ISP Server applications log administrator's actions. These logs are checked at a configurable interval for login attempts. A user-specified alert is triggered if failed attempts are noted.

Secure Sockets Layer (SSL)

SSL provides authentication and authorization (access control) by the use of signed (or self-signed) certificates. Privacy of communications and data integrity are provided by cryptography. SSL encryption uses a 40-bit algorithm in the global version of the product and a 128-bit algorithm in the US/Canada version.

To configure SSL on Sun WebServer, refer to the Sun WebServer online help.

SunScreen^TM SKIP

SunScreen SKIP provides cryptographic technology configurable at the IP level. It performs host-level authentication and access control by use of certificates and ACLs. It provides privacy by way of encryption (40-bit global, and 128-bit US/Canada), and data integrity by means of encryption.

To configure SunScreen SKIP between two machines, first use the Solaris ISP Server host configuration software to install it on both systems. Then, see the SunScreen^TM SKIP User's Guide for instructions on creating certificates and further configuration steps.