Amazon.com Review
Two of Sun Solaris's prime attractions are its reliability and the high availability of servers running it. These advantages can be, however, negated by carelessness. Forget to apply a patch, or neglect to synchronize your servers' system clocks, and someone who's paying more attention will exploit the holes you've left in your system. The authors of
Hack Proofing Sun Solaris 8 teach you how to run Solaris with flair. They show you how to implement wise security rules and implement popular services--like Common Gateway Interface (CGI) scripts--with a focus on improving security without reducing function. Most of the advice here has to do with Solaris boxes as Web servers, mail servers, and firewalls.
A lot of the authors' advice will be familiar to readers who have done security work before--their advice to disable all nonessential services, for example, falls into this category. Other information, such as the particular syntax of Solaris's native security utilities and third-party programs that are designed for Solaris, is very handy. It'll prove especially nice for people coming to Solaris from security administration on other operating systems. The organizational approach balances quick reference--the ability to quickly locate some detail via the index--with informative background that will help you head off emerging, undocumented attacks. There aren't many earth-shaking revelations in this book, but it contains good documentation of Solaris security tools and procedures. --David Wall
Topics covered: Sun Solaris 8 defensive policies and procedures. Native Solaris tools (like audit log) are documented, as are outside tools like Snort. There's advice on setting user and file permissions, and hints on how to configure network services like HTTP, SMTP, DHCP, and network address translation (NAT) in a secure way. Caching with Squid gets attention, too.
About the Author
Hal Flynn is a Threat Analyst at SecurityFocus, the leading provider of Security Intelligence Services for Business. Hal functions as a Senior Analyst, performing research and analysis of vulnerabilities, malicious code, and network attacks. He provides the SecurityFocus team with UNIX and Network expertise. He is also the manager of the UNIX Focus Area and moderator of the Focus-Sun, Focus-Linux, Focus-BSD, and Focus-GeneralUnix mailing lists. Hal has worked the field in jobs as varied as the Senior Systems and Network Administrator of an Internet Service Provider, to contracting the United States Defense Information Systems Agency, to Enterprise-level consulting for Sprint. He is also a proud veteran of the United States Navy Hospital Corps, having served a tour with the 2nd Marine Division at Camp Lejeune, NC as a Fleet Marine Force Corpsman. Hal is mobile, living between sunny Phoenix, AZ and wintry Calgary, Alberta, Canada. Rooted in the South, he currently calls Montgomery, AL home.
Drew Simonis (CCNA, SCSA, SCNA, CCSA, CCSE, IBM CS) is co-author of Hack Proofing Your Web Applications (ISBN: 1-928994-31-8) and is a Senior Security Engineer with the RL Phillips Group, LLC. He currently provides senior level security consulting to the United States Navy, working on large enterprise networks. He considers himself a security generalist, with a strong background in system administration, Internet application development, intrusion detection and prevention and penetration testing. Drew’s background includes a consulting position with Fiderus, serving as a Security Architect with AT&T and as a Technical Team Lead with IBM. Drew has a bachelor’s degree from the University of South Florida and is also a member of American MENSA. Drew currently lives in Suffolk, VA with his wife Kym and daughters Cailyn and Delaney.
F. William Lynch (SCSA, CCNA, MCSE, MCP, A+) is an Independent Security and Systems Administration consultant in Denver, CO. His specialties include firewalls, VPNs, security auditing, documentation, systems performance analysis, Solaris and open source operating systems such as OpenBSD, FreeBSD, and Linux. He has served as a consultant to multinational corporations and the Federal government including the Centers for Disease Control and Prevention headquarters in Atlanta, GA as well as various airbases of the United States Air Force. William is also the founder and director of the MRTG-PME project, which uses the MRTG engine to track systems performance of various UNIX operating systems. William holds a bachelor's degree in Chemical Engineering from the University of Dayton in Dayton, OH and a master's degree in Business Administration from Regis University in Denver, CO
Randy Cook (SCSA) is a Senior UNIX System Administrator with Sapphire Technologies. He is currently assigned to one of the largest manufacturing and scientific facilities in the world where he provides system security and administration support. He works with a wide variety of UNIX distributions in a high-threat environment. Randy was the co-author and technical editor of the Sun Certified System Administrator for Solaris 8.0 Study Guide (ISBN: 0-07-212369-9) and has written technical articles for industry publications. He has also hosted a syndicated radio program, Technically News, which provided news and information for IT professionals.
