1. Index

Index

Numerics  A  B  C  D  E  F  G  H  I  J  K  L  M  N  O  P  R  S  T  U  V  W  X  Z  

Numerics

  • 2FA 1

A

  • access
  • account-policy SMF stencil 1.1.5
  • accounts
  • adiheap security extension 1.1.3
  • adistack security extension 1.1.3
  • admhist command 1.1.8
  • ADMIN_LOW label
    • protecting administrative files A.8.5
  • administering 1
  • AES128 Secure Shell algorithm 1.2.1
  • algorithms
  • analytics
    • uses auditing data 1.1.8
  • annotation
    • audit records with 1.1.8
  • annotation user attribute 1.1.5
  • applications
  • ARMOR roles 1.5
  • ASLR (address space layout randomization) 1.6
  • assessments
  • audit classes
  • auditconfig command
  • audit events
  • auditing 1
  • auditreduce command
  • audit service
  • audit tags 1.1.8
  • authentication
  • authorizations 1

B

  • BART
    • verifying file integrity 3.2
  • Basic Solaris User rights profile 1.2.1
  • boot environment
    • firmware requirements 1.1.3
    • verifying secure 3.1

C

  • capabilities 1
  • certifications
  • chmod command
  • chmod S+vnounlink command 2.6
  • Common Vulnerabilities and Exposures (CVE)
    • monitoring 3
  • compliance
  • computer access
    • administrator responsibilities A.8.4
  • configuring
    • installation 2.1
    • security 2
    • system initially 2.2
    • Trusted Extensions 2.9
  • Console User rights profile 1.2.1
  • core files
    • protecting 2.7
  • critical patch updates (CPU)
    • monitoring 3
  • Cryptographic Framework
  • cryptography 1
    • new security features 1.1.2

D

  • daemons
  • data, protecting 1.4, 2.6
  • database logs
    • preventing deletion 2.6
  • datalinks
    • protecting on ports 1.1.7
  • data loss prevention
  • decisions to make
    • based on site security policy A.2
  • default password length 1.1.6
  • defaults
  • desktop
    • defaults 1.2.2
    • solaris-desktop package 2.1
  • displaying
    • audit events for specified audit flags 1.1.8
  • DoS attacks
    • preventing, file system 2.5
    • preventing, network 2.4

E

  • encrypted ZFS boot
    • new security features 1.1.4
  • encrypting 1
    • file systems 2.5
    • heterogeneous network communications 1.7.2.3
    • network access 1.7.2.2
    • network connections 2.4
    • remote access and 1.7.2
  • executable stack corruption
    • preventing 2.7

F

  • features 1
  • file integrity checks
    • monitoring 3
  • files
    • database logs 2.6
    • default system file access 1.2.2
    • log files 3.2
    • new security features 1.1.4
    • Oracle database logs 2.6
    • package verification 3.1
    • permissions 1.4.1
      • defaults 1.2.2
      • protecting and modifying 2.6
    • preventing accidental deletion 2.6
    • verifying integrity 3.2
  • file systems
  • filtering audit records 1.1.8
  • FIPS 140-2
    • Cryptographic Framework providing 1.4.2
    • IPsec and IKE consuming 1.7.2.1
    • Kerberos consuming 1.7.2.3
    • Secure Shell consuming 1.7.2.2
  • firewall
  • firmware
    • requirements for verified boot 1.1.3
  • fragmented messages

G

  • group packages
    • Oracle Solaris 2.1
  • groups
    • deletion precautions A.8.6
    • security requirements A.8.6
  • guidelines
    • computer security A.3
    • creating security policy A.1
    • email security A.8.2
    • equipment retirement A.6
    • for developers 1.9
    • group administration A.8.6
    • information protection A.8.4
    • password enforcement A.8.3
    • password protection A.8.5
    • personnel security A.5
    • physical security A.4
    • security decisions A.2
    • security enforcement A.8
    • site security A
    • user deletion A.8.7
    • violations to be aware of A.7

H

  • hardening
    • solaris-minimal-server package 2.1
  • hardware
    • Oracle Hardware Management Package 1.2.3
    • scrubbing A.6
    • SPARC T series servers 3.1
  • heap corruption
    • preventing 2.7

I

  • identity service 1.4.3
  • IgnoreUnknown Secure Shell keyword 1.1.6
  • IKE 1
  • IKEv2
    • handling fragmented messages 1.1.7
  • immutable zones 1.6.2, 2.7
  • inetd services
    • protecting with TCP wrappers 1.7.1.2
  • information protection
  • installing
    • group packages 2.1
    • Kerberos using AI 1.7.2.3
    • Oracle Solaris 2.1
    • Trusted Extensions 2.9
  • IP packets
    • handling fragmentation 1.1.7
    • protecting with IPsec 1.7.2.1
  • IPsec and IKE
  • IPS packages 1
  • isolating
    • applications in zones 1.6

J

  • Java Cryptography Extension (JCE) 1.6.5

K

  • Kerberos
  • kernel
  • kernel zones 1.6.2
  • Key Management Framework (KMF) 1.4.2

L

  • labeled environment
    • isolating processes 2.7
  • labeled file systems
    • new security features 1.1.4
  • labeled security
    • Oracle Solaris and Trusted Extensions 1.8
    • Trusted Extensions and 2.9
  • labeling
  • label security
    • file systems and 1.8.2
    • network communications and 1.8.2
    • Trusted Extensions and 1.8.2
  • legacy applications
    • protecting 2.8
  • legacy services
    • protecting with least privilege 2.7
  • limiting 1
  • log files and system security 3.2
  • logging

M

  • maintaining
    • file integrity with BART 3.2
    • system security 3.1
  • malware
    • isolating applications from 1.6
    • protecting kernel from 1.6.3
  • managing
  • MAXDAYS password variable 1.1.6
  • metadata 1
  • MINDAYS password variable 1.1.6
  • modifying 1
  • monitoring
    • system activity and compliance 3
    • system security 3.2
  • multilevel security
    • configuring 2.9

N

  • network access
  • network communications
  • new security features
  • nounlink ZFS attribute
    • preventing file deletion 2.6
  • nxheap security extension 1.6
  • nxstack security extension 1.6

O

  • OpenBSD Packet Filter 1
  • OpenSSH 1
    • interoperability with SunSSH 1.1.6
    • version 1.1.6
  • Oracle database logs
    • preventing deletion 2.6
  • Oracle Hardware Management Package 1.2.3
  • Oracle Solaris group packages 2.1

P

  • package integrity checks
    • monitoring 3
  • packages
    • automated installation 2.1
    • groups 2.1
    • repository maintenance 3.1
    • signed 3.1
    • solaris-desktop 2.1
    • solaris-large-server 2.1
    • solaris-minimal-server 2.1
    • solaris-small-server 2.1
    • trusted 2.9
    • verifying 3.1
  • packet filter
    • OpenBSD Packet Firewall 1.7.1
  • PAM (Pluggable Authentication Modules)
    • user authentication framework 1.5.2
  • PASSLENGTH password variable 1.1.6
  • passwords
  • pe audit class 1.1.8
  • permissions
  • per-object auditing 1.1.8
  • PKCS #11 cryptographic library 1.4.2
  • pluggable authentication modules 1
  • policy
  • ports
    • protecting datalinks 1.1.7
  • powers 1
  • predefined roles 1.5
  • preventing
    • accidental file deletion 2.6
    • DoS attacks 2.4, 2.5
    • executable stack corruption 2.7
    • filling file systems 2.5
    • heap corruption 2.7
  • privacy through labeling 1.1.4
  • privileged execution audit class 1.1.8
  • privileges
  • process rights 1
  • profiles 1
  • programs 1
  • protecting
  • publications
    • security and UNIX B.2

R

  • RBAC 1
  • references for Oracle Solaris B
  • remote access
    • defending against 1.7.2
  • Remote Administration Daemon (RAD) 1.4.3
  • repositories
    • package verification 3.1
  • restricting
    • access through Kerberos 1.7.2.3
    • data flows with label-based MAC policies 1.8.2
  • rights 1
    • managing 1.5.3
    • new security features 1.1.5
    • protecting users 1.5
  • rights profiles
  • role-based access control (RBAC) 1
  • roles
  • root role
    • file permissions and 2.6
    • initial assignment 1.2.1
  • rsyslog daemon 1.1.3, 3.2
  • running
    • secure applications 1.9

S

  • SASL 1.1.6
  • secure by default 1.2
  • Secure Shell (SSH)
  • security
    • after installation 1.2
    • configurable 1.3
    • label-based 1.8, 2.9
    • maintaining system 3.2
    • multilevel 2.9
    • new features in this release 1.1
    • policy 1.10
    • publications B.2
    • references B
    • site security policy A
    • system access and 2.7
    • users and 2.3, 2.7
  • security compliance 1
  • security extensions
  • security features
  • security keywords 1
  • security policy 1
  • sendmail
  • Service Management Facility (SMF)
    • application protection and 2.8
    • rights and 1.6.4
  • services
    • authorizations in SMF, and 1.6.4
    • inetd
      • protecting with TCP wrappers 1.7.1.2
    • protecting
      • legacy applications 2.8
      • with SMF authorizations 1.6.4
  • SHA256 password hash 1.2.1
  • signature-policy
    • property on images and package publishers 3.1
  • signatures
    • packages and 3.1
    • verifying package 3.1
  • site security policies
  • site security policy
    • common violations A.7
    • equipment retirement recommendations A.6
    • Oracle Solaris configuration decisions A.2
    • personnel recommendations A.5
    • physical access recommendations A.4
    • recommendations A.3
    • tasks involved A
  • SMF 1
  • solaris-desktop package 2.1
  • solaris-large-server package 2.1
  • solaris-minimal-server package 2.1
  • solaris-small-server package 2.1
  • SPARC T series servers
    • verified boot and 3.1
  • StatsStore
    • contains auditing data 1.1.8
  • storage
    • remotely for assessments 1.1.1
  • Support Repository Updates (SRU)
    • monitoring 3
  • sxadm command
    • managing security extenstions 1.1.3
  • System Administrator rights profile 1.2.1
  • systems
    • default access 1.2.1
    • initial configuration 2.2
    • monitoring 3, 3.2
    • securing access to 1.2.1
    • security features for 1.2.1
  • system-wide settings
    • account-policy SMF stencil 1.1.5

T

  • tags on assessments 1.1.1
  • TCP wrappers
  • timed account unlocking 1.1.5
  • tmpfs
    • protecting 2.5
  • Trusted Extensions
  • trusted package 2.9
  • two-factor authentication (2FA) 1

U

  • umask default 1.2.2
  • unlock_after user attribute 1.1.5
  • user rights 1
  • users
    • deletion precautions A.8.7
    • protecting 2.3
    • protecting with rights 1.5
    • security precautions A.8.6
    • security training A.8, A.8.6
    • timed account unlocking 1.1.5

V

  • verified boot
    • firmware requirements 1.1.3
    • system security and 3.1
  • verifying
    • file integrity 3.2
    • packages 3.1
    • package signatures 3.1

W

  • WARNDAYS password variable 1.1.6

X

  • X.509 certificates 1.4.3

Z

  • ZFS
    • chmod S+vnounlink command 2.6
    • default file system 1.2.2
    • file systems 1.4.4
    • file systems, protecting 2.5
    • new security features 1.1.4
    • preventing file deletion 2.6
    • umask and 1.2.2
  • zones