From: Steve Garcia (sgarcia@bak.rr.com)
Date: Thu Jun 30 2005 - 14:14:38 EDT
I've just gotten in 10 Blade 2500s to use as student workstations in our
unix lab. I've installed Solaris 10 on about half of them, but before
I go any further with the rest I'd like some advice on hardening them.
I have to confess I'm new to Solaris 10 as well as mostly new to setting
up workstations. The Java Desktop seems very nice, a big step up from
either the Gnome 2.0 desktop that comes with Solaris 9 or the CDE
desktop with any version of Solaris.
Solaris has always come with all kinds of insecure services running "out
of the box". With a server I feel pretty confident shutting everything
off and then just turning on what I need, but the problem with a
workstation is that I don't necessarily know what I "need".
All the handy scripts that help you harden previous versions of Solaris
(YASSP, JASS, TITAN, etc) haven't been updated for Solaris 10.
I've eliminated the obvious silly services, finger, chargen, etc., but
I'm at a loss for a lot of the rpc servcies. For a server I'd get rid
of all of them, but I think some of them might be necessary for the desktop.
Any advice?
Thanks in advance.
Steve Garcia
sgarcia@bak.rr.com
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:31:00 EDT