Exit Print View
These topics describe how to securely configure the compute servers.
Disable Unnecessary Services (Compute Servers)
Enable Strict Multi-homing
Enable ASLR
Configure TCP Connections
Set Password History Logs and Password Policies for PCI Compliance
Ensure That User Home Directories Have Appropriate Permissions
Enable the IP Filter Firewall
Ensure That Name Services Only Use Local Files
Enable Sendmail and NTP Services
Disable GSS (Unless Using Kerberos)
Set the Sticky Bit for World-Writable Files
Protect Core Dumps
Enforce Nonexecutable Stacks
Enable Encrypted Swap Space
Enable Auditing
Enable Data Link (Spoofing) Protection on Global Zones
Enable Data Link (Spoofing) Protection on Non-Global Zones
Create Encrypted ZFS Data Sets
(Optional) Set a Passphrase for Key Store Access
Create Immutable Global Zones
Configure Immutable Non-Global Zones
Enable Secure Verified Boot (Oracle ILOM CLI)