| Name: | |
| Email: | |
| Security Portal Weekly Newsletter |
Weekly Solaris Security Roundup Archive
By Seán Boran, sean AT boran.com, for Security Portal
A quiet week for Sun, no new advisories or weaknesses, but a few interesting news items. The reference section has been updated.
none this week.
Sunworld:
Hacker's toolchest, Techniques and tools for penetration testing
Discussion: Who paints the hacker image and why?
BigAdmin:
New Freeware section
GNAC Console Server
SunSolve Article: Hardware Diagnostics for Sun Systems: A Toolkit for System Administrators
SecurityFocus
A (Real-Audio) interview with Ravi Iyer, Senior Product Manager for Solaris Software at Sun. Topics include Solaris 8 and security.
Shell access security: An article on SSH from Devshed.
Why 100% Pure Java is a Crock From Samizdat Productions.
BSD Today:Delegating superuser tasks with sudo
Bugtraq vulnerabilities this week - Solaris:
none
Bugtraq vulnerabilities this week - Applications that run on Solaris:
2000-06-08: Lilikoi Ceilidh 2.60 Multiple Vulnerabilities
2000-06-08: Unify eWave ServletExec JSP Source Code Disclosure Vulnerability
2000-06-06: ISC innd 2.x Remote Buffer Overflow Vulnerability
2000-06-05: BRU BRUEXECLOG Environmental Variable Vulnerability
FOCUS-Sun discussions this week:
06/08/00 setuid Q.
06/07/00 solaris packages
06/05/00 High TCP connect timeout rate
06/05/00 No secure copy on Solaris 8?
Progress report on Yassp (the Solaris hardening tool), from the Developers' list:
First release is edging closer, discussions were on:
- renaming Yassp: no changes for now, but the main package will be renamed from SECclean to SANSsouci in the next release (SANSsouci means "without worry" in French, a nice word play)
- preparing the SANS release announcement
- possible improvement to the management of startup files (and how patches might undo Yassp's work).
- Improving the comments and settings in /etc/sshd_config
See also: Yassp site, Hardening Solaris (with Yassp)
SANS Report: How To Eliminate The Ten Most
Critical Internet Security Threats
"...The majority of successful attacks on computer systems via the Internet can
be traced to exploitation of one of a small number of security flaws...A few software
vulnerabilities account for the majority of successful attacks because attackers are
opportunistic – taking the easiest and most convenient route. They exploit the
best-known flaws with the most effective and widely available attack tools. They count on
organizations not fixing the problems, and they often attack indiscriminately, by scanning
the Internet for vulnerable systems."
SANS lists not just the top weaknesses, system affected but also solutions. The document is updated regularly. Read it.
Sun Security Resources:
Sun Security Coordination Team sunsolve.sun.com/pub-cgi/show.pl?target=security/sec
Sun security bulletins are available at: sunsolve.sun.com/security
General Sun Security www.sun.com/security
Solaris Security Datasheets www.sun.com/software/solaris/ds/ds-security
Java Security java.sun.com/security
Patches
If you have a maintenance contract, login to sunsolve and get both the PatchDiag tool and it's reference database, sunsolve.sun.com. If you don't, use the SecurityFocus Solaris Patch Calculator: www.securityfocus.com/sun/vulncalc
Sun security patches: sunsolve.sun.com/securitypatch
Public sunsolve.sun.com/pub-cgi/show.pl?target=patches/patch-access Patch download tool WGET sunsite.auc.dk/ftp/pub/infosystems/wget
Web Publications, resources
SecurityFocus, Sun section: www.securityfocus.com/sun
Vulnerability database: www.securityfocus.com/vdbSecurity Portal papers:
Hardening Solaris
Review of the Sunscreen EFS3 firewall
All about SSH - Part I
All about SSH - Part IISANS Report: How To Eliminate The Ten Most Critical Internet Security Threats
BigAdmin SunFreeware Solaris Guide Freeware4sun Solaris Central Intrusion Detection: snort Solaris-System (x86) Forum Network scanner: Nessus, Nmap Sunwhere index of resources Sunworld security columns The IT Security Cookbook Solaris Security FAQ BSD Today
General discussion resources
News /personal interface to Sun resources: www.sun.com/MySun
BigAdmin discussion forum & FAQs: www.sun.com/bigadmin/home/index.html Newsgroups:
comp.unix.solaris
comp.sys.sun.admin
comp.sys.sun.hardware
alt.solaris.x86Sun-managers Mailing list: This list has been around for many years and is an invaluable resource to Sun system administrators.
To have your mailing address added to or removed from the mailing list, send a request to "majordomo@sunmanagers.ececs.uc.edu". The request should contain simply one line which says either "subscribe sun-managers" or "unsubscribe sun-managers". You can specify the particular e-mail address to be added after the word "subscribe".SecurityFocus "FOCUS-Sun" list: see www.securityfocus.com/focus/sun/subscribe.html
Focus-Sun is meant to be a resource for Sun users and administrators, looking for that extra little bit of help ..., using Sun products in security roles, and getting additional information about the latest in Sun vulnerabilities. ... In addition, important announcements related to breaking vulnerabilities will be posted.