Revealing Ten Key Security Features in Solaris 9
No universal panacea exists for making a Solaris system completely secure, but Solaris 9 has some technologies and tools that you need to know about, whether you’re administering your system or just want to ensure people don’t mess with your files. Sun offers an excellent top-level frequently asked questions document, the Sun Solaris Security FAQ.
One of the best improvements you can make to your Solaris system is to shut off telnet, rlogin, and ftp, and replace these Internet services with the Secure Shell (ssh) package. Although the former services send the account and password information in the clear (that is, unencrypted), the ssh equivalent programs use point-to-point public key encryption, making it much harder for someone to peek into your transactions and extract account information.
IPSec and IPK
Oddly named, IP Secure (IPSec) and Internet Key Exchange (IKE) are critical components of a Virtual Private Network, and enable encrypted IP traffic between two systems by using a robust 128-bit encryption scheme. IPSec increases security between servers so that only authorized parties can communicate.
One of the most important security features of a modern Solaris system is a firewall, a program that screens all incoming connection requests to ensure that they’re legitimate and acceptable. The excellent Solaris solution for this is Sun’s SunScreen tool, which features a state-sensitive packet filter, support for IPSec/IKE, centralized management, proxy services with built-in antivirus checking, and network address translation for hiding internal IP addressing schemes.
Secure LDAP implementation
The Lightweight Directory Access Protocol (LDAP) offers access to a centralized directory, but not without some security risks. Sun’s LDAP implementation has been enhanced for Solaris 9 and now supports both Secure Sockets Layer (SSL) and DIGEST-MD5 encryption. Secure LDAP allows you to name objects and ensure secure access to the naming service. It provides a flexible attribute-mapping mechanism and is designed for complete password management support via the directory server.
If you don’t replace standard Unix communications utilities telnet, rlogin, and ftp with their Secure Shell counterparts, you can increase the security of the tools by using the access control method known as TCP Wrappers. Think of it as an authentication and authorization layer between the client and server systems. It doesn’t encrypt the communication, but it helps ensure that only authorized users are accessing the identified services.
Buffer overflow protection
One of the most common ways for hackers to break into a Solaris system is to exploit buffer overflows. Imagine it this way: You write a program that expects no more than a 20-letter password to be entered. But a wily hacker enters a 15,000-character entry, overflowing the space allocated for the password variable. With some apps, the overflow can end up being an executed code snippet, which clearly is very bad! Solaris 9’s enhanced buffer overflow protection goes a long way toward solving this problem.
Role-based access control
Unix has always had three categories of access control: owner, group, and other. But on a modern multiuser system, a more sophisticated tool is needed; that’s what role-based access control offers. By defining as many roles as needed, you can give a printer tech access only to the areas on your system that require updates for new printers being installed. Role-based access control is well worth learning about, whether you’re a system administrator or just a Solaris 9 user.
Smart card support
One of the most secure methods of controlling access to a Solaris system is through smart cards. By coupling traditional account passwords (known in security circles as “what you know” security) with smart cards (which operate on the basis of “what you have”), you have a solid method of limiting access, particularly from a remote location.
Invented at MIT, Kerberos is a popular authentication scheme on a widely distributed network, particularly for single sign-on setups. The latest version of Kerberos includes improved system security and replaces the formerly separate Sun Enterprise Authentication Mechanism product. Kerberos also interoperates gracefully with MIT Kerberos and Microsoft’s Active Directory, which is a boon if you have a multi-OS network.
Solaris Resource Manager
Although it may not seem to be a security tool, the Solaris Resource Manager (SRM) is a great boon for controlling access and use of system resources. It controls resource allocation, monitoring, and control, including an improved accounting capability. For example, disabling writing to the CD-ROM device can help ensure that critical system or company files aren’t copied. Preventing guest users from printing is another example of where SRM is helpful.