By Seán Boran (sean at boran.com) for SecurityPortal
Weekly Solaris Security Digest Archive
http://www.securityportal.com/research/research.wss.html
To receive this digest via Email:
http://securityportal.com/subscribe.html
none
none
2000-11-01: SAMBA SWAT Symlink Vulnerability
http://www.securityfocus.com/vdb/bottom.html?vid=18722000-11-01: SAMBA SWAT Logging Failure Vulnerability
http://www.securityfocus.com/vdb/bottom.html?vid=18732000-11-01: SAMBA SWAT Logfile Permissions Vulnerability
http://www.securityfocus.com/vdb/bottom.html?vid=18742000-10-31: Netscape Servers Suite Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/vdb/bottom.html?vid=18652000-10-31: Netscape Servers Suite Denial of Service Vulnerability
http://www.securityfocus.com/vdb/bottom.html?vid=18672000-10-31: tcpdump AFS ACL Packet Buffer Overflow Vulnerability
http://www.securityfocus.com/vdb/bottom.html?vid=18702000-10-30: Inktomi Search Software DoS Vulnerability
http://www.securityfocus.com/vdb/bottom.html?vid=18662000-10-31: Unify eWave ServletExec File Upload Vulnerability
http://www.securityfocus.com/vdb/bottom.html?vid=18762000-10-30: Unify eWave ServletExec DoS Vulnerability
http://www.securityfocus.com/vdb/bottom.html?vid=18682000-10-29: CatSoft FTP Serv-U Brute-Force Vulnerability
http://www.securityfocus.com/vdb/bottom.html?vid=18602000-10-29: Pagelog.cgi File Disclosure/Creation Vulnerability
http://www.securityfocus.com/vdb/bottom.html?vid=18642000-10-29: KW Whois Remote Command Execution Vulnerability
http://www.securityfocus.com/vdb/bottom.html?vid=18832000-10-27: bftpd Buffer Overflow Vulnerability
http://www.securityfocus.com/vdb/bottom.html?vid=18582000-10-27: Padl Software nss_ldap Local Denial of Service Vulnerability
http://www.securityfocus.com/vdb/bottom.html?vid=18632000-10-27: CGI Script Center News Update Password Changing Vulnerability
http://www.securityfocus.com/vdb/bottom.html?vid=18812000-10-27: ICS 'host' (Bind 8.1) Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/frames/?content=/vdb/bottom.html?vid=1887%3Fvid%3D1887
The latest Solaris Recommended / Security Patch clusters are as follows:
Solaris 8 Sep/07/00
Solaris 7 Oct/03/00
Solaris 2.6 Oct/09/00
Solaris 2.5.1 Oct/09/00
Installing Solaris Over The Network, by John Richardson
http://www.sunhelpdesk.com/users/john/001.htmDiscussion: Backup and Restore Practices for Sun Enterprise Servers
http://mysun-mail.sun.com:9613/cgi-bin/forums?14@@.eeefc10Useful tools for Sun workstations and Solaris
http://www.squirrel.com/squirrel/sun-stuff.html
Strangers In the Night, Finding the purpose of an unknown program, by Wietse Venema
http://www.ddj.com/articles/2000/0011/0011g/0011g.htmThe story is about analyzing an unknown program that was left behind by an intruder. The fact that the computer systems involved were running UNIX is only of marginal importance.
Comment: A useful article from one of the masters of Computer Forensics.
Security Analysis & Design, by Uttara Nerurkar
http://www.ddj.com/articles/2000/0011/0011d/0011d.htm....I put together a security analysis and design/modelling technique that closely couples the security and functional model of the product. While the model is based on my experience with financial software, it is sufficiently generic to be suitable for other business applications as well.
Solaris Administration Supplement
http://www.sysadminmag.com/supplement/web_feature.shtmlThe special supplement contains several security relevant articles:
- New Approaches to Making Solaris More Secure, by Rich Teer
- Securing Solaris, by Ido Dubrawsky
- Implementing C2 Auditing in the Solaris Environment, by Kevin Wenchel and Stephen Michaels
- IP Filter on Solaris, by Ron McCarty
Hardening Solaris: Creating a Diamond in the Rough Pt. II, by Hal Flynn
http://www.securityfocus.com/frames/?focus=sun&content=/focus/sun/articles/harden2.html
All tools are now summarised in the 'Weekly Security Tools Digest'
http://securityportal.com/topnews/weekly/tools.html
No messages in the archive, but there were some minor discussions on /etc/ftpusers.
rpc.meta* Summary
http://www.theorygroup.com/Archive/YASSP/2000/msg00666.htmlSee also :
http://www.yassp.org
Over the last two years or so, several (free) useful tools and papers on hardening Solaris have appeared. Here we present a list with some comments.
My favourites are Titan and Yassp, but the idea is to provide a decent
list of alternatives here, so you can learn from the various papers and pick an
appropriate tool for your needs.
Titan and Yassp have different approaches and are useful in different situations. I would
prefer Yassp for DMZ/bastion host hardening, but Titan is probably more useful for
securing general Workstations and multi-user servers. Also, each has features not found in
the other.
Yassp
http://www.yassp.org
The goal is to install Solaris and have a good host security without having to spend hours in modification. According to Alan Paller, director of research at the SANS Institute, 'When these scripts have been field tested, they will become the recommended solution for hardening Solaris systems and we will promote them widely.'
Yassp is in final beta, the final release should be published very soon.Hardening Solaris (based on Yassp beta11)
http://www.securityportal.com/topnews/solaris_hardening20000523.html
This article presents a concise step-by-step approach to securely installing Solaris for use in a firewall DMZ or other sensitive environment, using the Yassp tool - beta11. For Solaris 8, the Sunscreen EFS lite firewall is also presented.Interview with Jean Chouanard (main developer behind Yassp)
http://securityportal.com/cover/coverstory20000821.html
The Titan project
http://www.fish.com/titan/
http://www.fish.com/titan/TITAN_documentation.html
Titan is a collection of programs, each of which either fixes or tightens one or more potential security problems with a particular aspect in the setup or configuration of a Unix system. Conceived and created by Brad Powell, it was written in Bourne shell, and its simple modular design makes it trivial for anyone who can write a shell script or program to add to it, as well completely understand the internal workings of the system.
Hardening Solaris - Compass Security Draft 0.82, by Ivan Butler
http://www.csnc.ch/download/sources/Hardening-Solaris V0.82.pdf
This PDF document provides a step by step tutorial to creating a Solaris system resistant to various method of attack, based on the Titan scripts.
Sun's hardening tool, Jass
http://www.sun.com/blueprints/tools
Jass has a restrictive license and is still in beta. It was tested a few weeks back in 'Tip of the Week' and didn't seem ready for prime time.Sun's hardening documentation:
- Solaris Operating Environment Security
http://www.sun.com/blueprints/0100/security.pdf
Discusses how to enhance system and network service security in Solaris.- Solaris Operating Environment Network Settings for Security:
http://www.sun.com/blueprints/1299/network.pdf
Discusses the many low-level network options available within Solaris and their affect on security.- Solaris Minimization for Security:
http://www.sun.com/blueprints/1299/minimization.pdf
A Simple, Reproducible and Secure Application Installation Methodology: Discusses OS minimization as a technique for reducing system vulnerabilities; a simple method for duplicating these installations on large numbers of servers is also introduced- JumpStart Architecture and Security Scripts for the Solaris Operating Environment Part 1
http://www.sun.com/blueprints/0700/jssec.pdf
This article is part one of a three part series presenting the JumpStart Architecture and Security Scripts tool (Toolkit) for Solaris. The Toolkit is a set of scripts which automatically harden and minimize Solaris Operating Environment systems. The modifications made are based on the recommendations made in the previously published Sun BluePrints OnLine security articles.
SecurityFocus, list of Sun relevant articles
http://www.securityfocus.com/focus/sun/menu.html?fm=0&action=unfoldLance Spitzner's white papers
http://ww.enteract.com/~lspitz/papers.html
This papers are useful and referenced by many people. Worth a read.Securing Solaris Servers - A Checklist Approach, by Paul D. J. Vandenberg and Susan D. Wyess
http://www.usenix.org/sage/sysadmins/solaris/index.html#host
This material is excerpted from an internal U.S. Government document on web security, which the authors played leading roles in preparing. This material has been officially reviewed, and the authors have been granted permission to use this material in a non-official publication.Hardening Solaris (pre Yassp), by Seán Boran
http://www.securityportal.com/coverstory19991025.html
This article presents a step-by-step approach to securely installing Solaris for use in a firewall DMZ. It's a bit old now and not as comprehensive as it should be, but it is useful for those who wish to 'manually harden' their system.tcp tuning under solaris, by Jens-S. Vöckler
http://www.rvs.uni-hannover.de/people/voeckler/tune/EN/tune.htmlSecurity: How to Documents, Information Systems and Technology, University of Waterloo
http://ist.uwaterloo.ca/security/howto/Wietse Venema's tools and papers (tcp wrapper, rpcbind/portmapper, postfix, Satan, ....)
ftp://ftp.porcupine.org/pub/security/index.htmlSolaris Security Guide, Sabernet
http://www.sabernet.net/papers/Solaris.htmlSolaris Security Step by Step, from SANS
http://www.sans.org
This available in paper or PDF form, is quite useful, but it's not free.Sunworld
- Sunworld security columns
http://www.sunworld.com/sunworldonline/common/swol-backissues-columns.html- Solaris Security FAQ
http://www.sunworld.com/common/security-faq.html- Padded Cells
http://www.sunworld.com/swol-01-1999/swol-01-security.htmlSoftpanorama University Pages: Solaris Hardening and Security
http://www.softpanorama.org/Security/sos.shtml
This site is an index to many Solaris security papers and toolsSecuriteam: Hardening Solaris SPARC/x86 security for Firewall usage - a step by step guide
http://www.securiteam.com/unixfocus/Hardening_Solaris_SPARC_x86_security_for_Firewall_usage_-_a_step_by_step_guide.html
New Approaches to Making Solaris More Secure, by Rich Teer (including hardening scripts)
http://www.sysadminmag.com/supplement/web_feature1.shtmlSecuring Solaris, by Ido Dubrawsky
http://www.sysadminmag.com/supplement/913secsol.shtmlCasper Dik's fixmode (improves Solaris file permissions)
ftp.wins.uva.nl:/pub/solarisChris Calabrese's Harden script
ftp://ftp.freebird.org/unixware/freebird/internet/systools/harden
Alberto Begliomini's SECUR
ftp://ftp.coldstone.com/secur
If you have any security tips/scripts you'd like to share with others, contact sean at boran.com.
For brevity, the list of Solaris resources and references is kept in a separate
document:
securityportal.com/topnews/weekly/solarisref.html
Seán Boran is an IT security consultant based in Switzerland and the author of the online IT Security Cookbook.
© Copyright 2000, SecurityPortal Inc. & Seán .Boran, All Rights Reserved, Last Update: 10 November, 2000 |