Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact firstname.lastname@example.org.
While remote compromises are preferred by attackers and most feared by defenders, local privilege escalation can be equally as dangerous and even harder to uncover. A buffer overflow in the passwd program used in Sun Microsystems' Solaris 8 and Solaris 9 Operating Environments can be silently exploited by a valid local user to gain root privileges.
This paper takes a high level look at reasons to patch, the extent to which systems in the wild are being patched and the patch management process; specifically under current versions of Sun's Solaris Operating Environment.
This paper addresses the SOLARIS(TM) SECURITY TOOLKIT initiative which holds promise in providing secure installations and upgrades for repeatable, quick installations and upgrades within the Solaris Operating Environment.
This paper covers the concept of "Operating Environment Minimization for Security", how it relates to other host based security measures used today, guidelines and the application to the Sun Microsystems Solaris 8 operating environment.
This paper will address how to set up a central logging system for a network of Solaris (Solaris version 8) machines, some of which will be hosting COTS products, including configuration of a central log server.
This article discusses the pros and cons of BSM. It describes how to enable, configure, and manage the BSM auditing on Solaris servers to secure the system, and it offers a few solutions to overcome some problems and disadvantages of BSM.