Enterprise Security: Solaris Operating Environment, Security Journal, Solaris OE v2.5.1, 2.6, 7, and 8


This book is a compilation of best practices and recommendations for securing Solaris Operating Environments (Solaris OE). Tailored for busy system administrators and individuals who architect and implement systems (for example, architects, consultants, and engineers), this book offers expertise for handling non-secure systems. It provides a comprehensive source for securing the operating environment, architecture, hardware, and software. Also included are recommendations for: architecting multi-tiered datacenter...
See more details below
Available through our Marketplace sellers.
Other sellers (Paperback)
  • All (8) from $1.99   
  • New (4) from $6.44   
  • Used (4) from $1.99   
Sort by
Page 1 of 1
Showing All
Note: Marketplace items are not eligible for any BN.com coupons and promotions
Seller since 2005

Feedback rating:



New — never opened or used in original packaging.

Like New — packaging may have been opened. A "Like New" item is suitable to give as a gift.

Very Good — may have minor signs of wear on packaging but item works perfectly and has no damage.

Good — item is in good condition but packaging may have signs of shelf wear/aging or torn packaging. All specific defects should be noted in the Comments section associated with each item.

Acceptable — item is in working order but may show signs of wear such as scratches or torn packaging. All specific defects should be noted in the Comments section associated with each item.

Used — An item that has been opened and may show signs of wear. All specific defects should be noted in the Comments section associated with each item.

Refurbished — A used item that has been renewed or updated and verified to be in proper working condition. Not necessarily completed by the original manufacturer.

2002-06-25 Paperback New Brand New Softcover-no marks or highlights-ships w/ tracking #

Ships from: Zephyrhills, FL

Usually ships in 1-2 business days

  • Canadian
  • International
  • Standard, 48 States
  • Standard (AK, HI)
  • Express, 48 States
  • Express (AK, HI)
Seller since 2015

Feedback rating:


Condition: New
Brand New Item.

Ships from: Chatham, NJ

Usually ships in 1-2 business days

  • Canadian
  • International
  • Standard, 48 States
  • Standard (AK, HI)
  • Express, 48 States
  • Express (AK, HI)
Seller since 2015

Feedback rating:


Condition: New
Brand new.

Ships from: acton, MA

Usually ships in 1-2 business days

  • Standard, 48 States
  • Standard (AK, HI)
Seller since 2008

Feedback rating:


Condition: New

Ships from: Chicago, IL

Usually ships in 1-2 business days

  • Standard, 48 States
  • Standard (AK, HI)
Page 1 of 1
Showing All
Sort by
Sending request ...


This book is a compilation of best practices and recommendations for securing Solaris Operating Environments (Solaris OE). Tailored for busy system administrators and individuals who architect and implement systems (for example, architects, consultants, and engineers), this book offers expertise for handling non-secure systems. It provides a comprehensive source for securing the operating environment, architecture, hardware, and software. Also included are recommendations for: architecting multi-tiered datacenter environments, addressing common vulnerabilities exploited by hackers, and instructions for using Solaris Fingerprint Database and the Solaris Security Toolkit.
Read More Show Less

Product Details

  • ISBN-13: 9780131000926
  • Publisher: Prentice Hall Professional Technical Reference
  • Publication date: 6/25/2002
  • Series: Blueprint Series
  • Pages: 464
  • Product dimensions: 6.94 (w) x 9.22 (h) x 0.68 (d)

Table of Contents

Pt. I Solaris Operating Environment Security
1 Solaris Operating Environment Security 3
2 Network Settings for Security 41
3 Minimization 65
4 Auditing 87
Pt. II Architecture Security
5 Building Secure N-Tier Environments 111
Pt. III Justification for Security
6 How Hackers Do It: Tricks, Tools, and Techniques 129
Pt. IV Tools Security
7 Solaris Fingerprint Database 151
Pt. V Hardware and Software Security
8 Securing the Sun Fire 15K System Controller 163
9 Securing Sun Fire 15K Domains 191
10 Securing Sun Enterprise 10000 System Service Processors 215
11 Sun Cluster 3.0 (12/01) Security with the Apache and iPlanet Web and Messaging Agents 255
12 Securing the Sun Fire Midframe System Controller 283
Pt. VI Solaris Security Toolkit Documentation
13 Quick Start 327
14 Installation, Configuration, and User Guide 337
15 Internals 365
16 Release Notes 405
Index 417
Read More Show Less



This book is one of an ongoing series of books collectively known as the SunBluePrints program. This book provides a compilation of best practices andrecommendations, previously published as Sun BluePrints Online articles, forsecuring Solaris Operating Environment (Solaris OE).

This book applies to Solaris OE Versions 2.5.1, 2.6, 7, and 8.

About This Book

Securing computer systems against unauthorized access is one of the most pressingissues facing today's datacenter administrators. Recent studies suggest that thenumber of unauthorized access continues to rise, as do the monetary lossesassociated with these security breaches.

As with any security decisions, a balance must be attained between systemmanageability and security.

Many attacks have preventative solutions available; however, every day, hackerscompromise systems using well-known attack methods. Being aware of how theseattacks are performed, you can raise awareness within your organization for theimportance of building and maintaining secure systems. Many organizations makethe mistake of addressing security only during installation, then never revisit it.Maintaining security is an ongoing process and is something that must be reviewedand revisited periodically.

Sun BluePrints Program

The mission of the Sun BluePrints Program is to empower Sun's customers with thetechnical knowledge required to implement reliable, extensible, and secureinformation systems within the datacenter using Sun products. This programprovides a framework to identify, develop, and distribute best practices informationthat applies across the Sun product lines. Experts in technical subjects in variousareas contribute tothe program and focus on the scope and usefulness of theinformation.

The Sun BluePrints Program includes books, guides, and online articles. Throughthese vehicles, Sun can provide guidance, installation and implementationexperiences, real-life scenarios, and late-breaking technical information.

The monthly electronic magazine, Sun BluePrints OnLine, is located on the Web at:


To be notified about updates to the Sun BluePrints Program, please register yourselfon this site.

Who Should Use This Book

This book is primarily intended for the busy system administrator (SA) who needshelp handling nonsecure systems. Secondary audiences include individuals whoarchitect and implement systems—for example, architects, consultants, andengineers.

Before You Read This Book

You should be familiar with the basic administration and maintenance functions ofthe Solaris OE. You should also have an understanding of standard networkprotocols and topologies.

Because this book is designed to be useful to people with varying degrees ofexperience or knowledge of security, your experience and knowledge are thedetermining factors of the path you choose through this book.

How This Book Is Organized

This book is organized into six parts that organize security best practices andrecommendations as follows:

Part I—Solaris Operating Environment Security

Chapter 1 "Solaris Operating Environment Security" by Alex Noordergraaf and KeithWatson describes the Solaris OE subsystems and the security issues surroundingthose subsystems. This chapter provides recommendations on how to secure SolarisOE subsystems.

Chapter 2 "Network Settings for Security" by Keith Watson and Alex Noordergraafdescribes known attack methods so that administrators become aware of the need toset or change network settings. The application of most of these network securitysettings requires planning and testing and should be applicable to most computingenvironments.

Chapter 3 "Minimization" by Alex Noordergraaf focuses on practices andmethodology (processes) that improve overall system security by minimizing andautomating Solaris OE installation.

Chapter 4 "Auditing" by Will Osser and Alex Noordergraaf was derived from anauditing case study and includes a set of audit events and classes usable on Solaris 8OE.

Part II—Architecture Security

Chapter 5 "Building Secure N-Tier Environments" by Alex Noordergraaf providesrecommendations for architecting and securing N-Tier environments.

Part III—Justification for Security

Chapter 6 "How Hackers Do It: Tricks, Tools, and Techniques" by Alex Noordergraafdescribes the tricks, tools, and techniques that hackers use to gain unauthorizedaccess to Solaris OE systems.

Part IV—Tools for Security

Chapter 7 "Solaris Fingerprint Database" by Vasanthan Dasan, Alex Noordergraaf, andLou Ordorica provides an introduction to the Solaris Fingerprint Database (sfpDB).

Part V—Hardware and Software Security

Chapter 8 "Securing the Sun Fire 15K System Controller" by Alex Noordergraaf andDina Kurktchi provides recommendations on how to enhance the security of a SunFire 15K system controller (SC).

Chapter 9 "Securing Sun Fire 15K Domains" by Alex Noordergraaf and Dina Kurktchidocuments all of the security modifications that can be performed on a Sun Fire 15Kdomain without negatively affecting its behavior.

Chapter 10 "Securing Sun Enterprise 10000 System Service Processors" by AlexNoordergraaf describes a secure Sun Enterprise 10000 configuration that is fully Sunsupported. It provides tips, instructions, and guidance for creating a more secureSun Enterprise 10000 system.

Chapter 11 "Sun Cluster 3.0 (12/01) Security with the Apache and iPlanet Web andMessaging Agents" by Alex Noordergraaf, Mark Hashimoto, and Richard Lau describesa supported procedure by which certain Sun Cluster 3.0 (12/01) software agents canbe run on secured and hardened Solaris OE systems.

Chapter 12 "Securing the Sun Fire Midframe System Controller" by AlexNoordergraaf and Tony M. Benson provides recommendations on how to securelydeploy the Sun Fire System Controller (SC).

Part VI—Solaris Security Toolkit Documentation

Chapter 13 "Quick Start" by Alex Noordergraaf and Glenn Brunette is for individualswho want to get started with the Solaris Security Toolkit software as quickly aspossible. Only the bare essentials in getting the Solaris Security Toolkit softwaredownloaded and installed are addressed.

Chapter 14 "Installation, Configuration, and User Guide" by Alex Noordergraaf andGlenn Brunette describes the advanced configuration and user options available inversion 0.3 of the Solaris Security Toolkit software.

Chapter 15 "Internals" by Alex Noordergraaf and Glenn Brunette describes all of thedirectories and scripts used by the Solaris Security Toolkit software to harden andminimize Solaris OE systems.

Chapter 16 "Release Notes" by Alex Noordergraaf and Glenn Brunette describes thechanges made to the Solaris Security Toolkit since the release of version 0.2 inNovember of 2000.

Note - This book does not contain an Index.

Ordering Sun Documents

The SunDocs SM program provides more than 250 manuals from Sun Microsystems,Inc. If you live in the United States, Canada, Europe, or Japan, you can purchasedocumentation sets or individual manuals through this program.

Accessing Sun Documentation Online

The docs.sun.com web site enables you to access Sun technical documentationonline. You can browse the docs.sun.com archive or search for a specific book titleor subject. The URL is as follows:

Related Documentation

At the end of each chapter in this book is a "Related Resources" section, whichprovides references to publications and web sites applicable to the information ineach chapter.

Sun Welcomes Your Comments

We are interested in improving our documentation and welcome your commentsand suggestions. You can email your comments to us at:

About the Authors

Alex Noordergraaf authored or worked with other authors on the chapters in thisbook. In some cases, he was the primary author, and in other cases, he was a co-author.Refer to "How This Book Is Organized" on page xxiii for the names ofauthors for each chapter. The following provides biographical information for allauthors, in alphabetical order by last name.

Tony M. Benson

Tony Benson has over twenty years of experience of developing software solutionsin the areas of military, aerospace, and financial applications. As a Staff Engineer inthe Enterprise Server Products group of Sun Microsystems, he is developing systemmanagement solutions for the Enterprise Server Product line. Prior to his role in theEnterprise Server Products group, he developed secure, distributed revenuecollection systems for a worldwide base of customers in the transit industry.

Glenn Brunette

Glenn Brunette has more than eight years of experience in the areas of computer andnetwork security. Glenn currently works with in the Sun Professional Services SMorganization where he is the Lead Security Architect for the Northeastern USAregion. In this role, he works with many Fortune 500 companies to deliver tailoredsecurity solutions such as assessments, architecture design and implementation, aswell as policy and procedure review and development. His customers have includedmajor financial institutions, ISP, New Media, and government organizations.

In addition to billable services, Glenn works with the Sun Professional ServicesGlobal Security Practice and Enterprise Engineering group on the development andreview of new security methodologies, best practices, and tools.

Vasanthan Dasan

Vasanthan Dasan is an ES Principal Engineer, one of five high-ranked engineers inSun's Enterprise Services. Vasanthan joined Sun Microsystems in 1992 and iscurrently a Technology Strategist in the Support Services Global Strategy BusinessDevelopment group. He is responsible for architecting application availabilityservices and for providing technical expertise on merger and acquisition activities.

Vasanthan was the Chief Architect for Support Services Engineering, responsible fordeveloping online support services for Sun's customer support engineers andexternal customers. Prior to that, he worked on Solaris products such as CacheFS,AutoClient, Solstice PC Products, and JumpStart as part of the Solaris engineeringteam. Vasanthan co-authored Hands-On Intranet, published by Prentice Hall, andhas written numerous Sun whitepapers. He was largely responsible for Sun's earlyadoption of the Web in 1994, and holds one of the industry's first Web patents,awarded for the invention of web-based personal newspapers.

Mark Hashimoto

Mark Hashimoto has been with Sun Microsystems in Menlo Park, California, for thepast three years. Currently, he is developing the user interface components for theSun Cluster Products group. Mark was also one of the originators of the SunPlexManager GUI tool. Mark holds a Master's degree in Computer Science from theUniversity of Arizona.

Dina Kurktchi

Dina Kurktchi is a senior software engineer with 15 years of experience in manyareas from device drivers to databases. Her last four years have been focused insecure software development and deployment of security system solutions such asvulnerability assessment tools, intrusion detection systems, and public keyinfrastructures. Currently, she works with the Enterprise Systems Group at SunMicrosystems.

Richard Lau

Richard Lau has three years of working experience. As part of the Sun Cluster QAgroup of Sun Microsystems, his duties include Sun Cluster 2.2 patch testing, testingnew features, and performing regression tests for Sun Cluster 3.0 products.

Alex Noordergraaf

Alex Noordergraaf has over 10 years of experience in the areas of computer andnetwork security. As the Security Architect of the Enterprise Server Products (ESP)group at Sun Microsystems, he is responsible for the security of Sun servers. He isthe driving force behind the very popular freeware Solaris Security Toolkit. Prior tohis role in ESP, he was a Senior Staff Engineer in the Enterprise Engineering (EE)group of Sun Microsystems, where he developed, documented, and publishedsecurity best practices through the Sun BluePrints program. Published topicsinclude: Sun Fire Midframe 15K system security, secure N-tier environments, SolarisOE minimization, Solaris OE network settings, and Solaris OE security. He co-authoredJumpStart Technology: Effective Use in the Solaris Operating Environment.

Prior to his role in EE, he was a Senior Security Architect with Sun ProfessionalServices where he worked with many Fortune 500 companies on projects thatincluded security assessments, architecture development, architectural reviews, andpolicy/procedure review and development. He developed and delivered anenterprise security assessment methodology and training curriculum to be usedworldwide by Sun Professional Services. His customers included majortelecommunication firms, financial institutions, ISPs, and ASPs. Before joining Sun,Alex was an independent contractor specializing in network security. His clientsincluded BTG, Inc. and Thinking Machines Corporation.

Lou Ordorica

Lou Ordorica worked for several years as a system administrator at SunMicrosystems. He went on to teach and write about system administration for Sun'semployees and customers, and is currently providing online support to customersusing the Web.

Will Osser

Will Osser has over eight years of experience in the area of Computer and NetworkSecurity. He has worked extensively with B-1 secure UNIX(R) systems in a variety ofroles including developing, sustaining, pre- and post-sales support, as well astraining. He has also worked as a security consultant designing system and softwarearchitecture. Will is currently a software engineer working for Sun Microsystems inthe Solaris Secure Technology Group.

Will joined Sun directly after completing his Master's Thesis in ComputerEngineering at the University of California.

Keith Watson

Keith Watson has spent nearly four years at Sun working in the area of computerand network security. He is currently the product manager for core Solaris security.Previously, Keith was a member of the Global Enterprise Security Service (GESS)team in Sun Professional Services. He is also a co-developer of an enterprise networksecurity auditing tool named the Sun Enterprise Network Security Service (SENSS).Prior to joining Sun, Keith was part of the Computer Operations, Audit, andSecurity Technologies (COAST) laboratory (now part of the CERIAS research center)at Purdue University.

Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star


4 Star


3 Star


2 Star


1 Star


Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation


  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously

    If you find inappropriate content, please report it to Barnes & Noble
    Why is this product inappropriate?
    Comments (optional)