|
Name |
Solaris Benchmark v 2.1.1 (Solaris 10) |
|
Version |
Version 2.1.1 |
|
Status |
Final |
| Creation
Date |
2005 |
| Revision
Date |
2006-03-07 |
| Product
Category |
Operating System |
| Vendor |
Sun Microsystems |
| Product |
Solaris 10 |
| Product
Version |
Solaris 10 |
| Product
Role |
Server Operating System, Desktop Operating Sytem |
|
Checklist
Summary |
This document provides recommendations for securing Solaris operating systems. This benchmark document covers Solaris version 10 for both servers and desktops. Desktop systems typically have different security expectations than server-class systems. In an effort to facilitate use of this benchmark on these different classes of machines, shaded text has been used to indicate questions and/or actions that are typically not applicable to desktop systems in a large enterprise environment. These shaded items may be skipped on these desktop platforms. |
| Known
Issues |
Not Available. |
| Target
Audience |
This checklist has been created for IT professionals, particularly system administrators and information security personnel.
|
| Target
Operational Environment |
Enterprise. |
| Checklist
Installation Tools |
Not Available. |
| Rollback
Capability |
Not Available. |
| Testing
Information |
Not Available. |
| NIAP/CMVP
Status |
Not Available. |
| Regulatory
Compliance |
Not Available. |
Comments,
Warnings, Disclaimer, Miscellaneous
|
Refer to Known Issues. |
| Disclaimer |
Differs for Public and Private consumers, please read disclaimer information from the CIS web site located at: http://www.cisecurity.org/sub_form.html |
| Product
Support |
Not Available. |
| Submitting
Organization/Authors |
The Center for Internet Security (CIS) |
| Point
of Contact |
sol-bench@cisecurity.org |
| Sponsor |
Not Available |
| Licensing |
Differs for Public and Private consumers, please read licensing information from the CIS web site located athttp://www.cisecurity.org/sub_form.html
|
| Checklist
Homepage |
http://www.cisecurity.org/ |
| Download
Package |
http://www.cisecurity.org/sub_form.html |
| Integrity |
sha1
(CIS_Solaris10_Benchmark_v2.1.1.tar.tar) =
2bb272d013bb443fc585fb8fa316dad579c0bf8f
sha256 (CIS_Solaris10_Benchmark_v2.1.1.tar.tar) =
9d54d78055f0ba16b33a266a54b96e5e165d2f0
342f692486f83e18373e8b988
|
| Change
History |
Version 2.1: August 18, 2005. Version 2.1.1: February 21, 2006.
Version
1.0: 2004-09-18
|
| Dependency/Requirement |
Not Available.
|
| References |
Free
benchmark documents and security tools for various
OS platforms and applications: http://www.cisecurity.org/
Pre-compiled software packages for various OS
platforms: ftp://ftp.cisecurity.org/
Patch clusters and related documentation: ftp://patches.sun.com/patchroot/clusters/
Patch management recommendations: http://www.sun.com/blueprints/
browsesubject.html#dcp
Solaris Security Toolkit:
http://www.sun.com/security/jass/
Solaris Fingerprint Database: http://sunsolve.sun.com/pub-cgi/fileFingerprints.pl
Sun’s Kerberos Information: http://www.sun.com/software/security/kerberos/
Role-Based Access Control (RBAC) white paper:
http://wwws.sun.com/software/
whitepapers/wp-rbac/
OpenSSH white paper, NTP white paper, information
on kernel (ndd) settings, et al:
http://www.sun.com/security/blueprints/
Various documentation on Solaris security issues:
http://ist.uwaterloo.ca/security/howto/
On BSM Audit flags:
http://www.samag.com/documents/
s=9427/sam0414c/0414c.htm
On hiding information in Solaris extended attributes:
http://www.usenix.org/publications/
login/2004-02/pdfs/brunette.pdf . |
| NIST
Identifier |
1092 |
