Customer Reviews

Hack Proofing Sun Solaris 8

5 star:		(0)
4 star:		(1)
3 star:		(1)
2 star:		(0)
1 star:		(0)

 

 

I am a senior engineer for network security operations. I am not a Solaris system administrator, but I read "Hack Proofing Sun Solaris 8" (HPSS8) to learn more about securing Solaris systems. HPSS8 addresses a wide variety of Solaris security issues, and is suitable for beginning and intermediate system administrators.

HPSS8 is not a Solaris version of "Hack Proofing Linux" (HPL), which I reviewed in October. While HPL seems more like a catalog of open source security tools, HPSS8 focuses on explaining the features and configuration of Solaris hosts. The authors provide useful explanations of Trusted Solaris, with enhancements like Role Based Access Control and Mandatory Access Control. Admins unwilling to deploy Trusted Solaris can experiment with the SunSCREEN Basic Security Module (BSM), which raises a default Solaris 8 installation to the C2 security level. HPSS8 describes how to deploy Sun's Kerberos implementation, called Sun Enterprise Authentication Mechanism (SEAM). The book also introduced me to Sun's implementation of file-based access control lists to protect SUID files.

As a casual reader, not responsible for implementing these tools, I found HPSS8's coverage adequate. I learned about enterprise-grade security features I never knew existed. I'm not sure if admins needing in-depth explanations will find what they need in HPSS8.

HPSS8 appears to be written by authors who know their material. I found no errors, although I admit I am not a Solaris expert. The network security discussions, with which I am more familiar, seemed error-free as well. I appreciated the heavily technical buffer overflow explanation in ch. 10, and was surprised to learn in ch. 8 that Solaris by default routes packets between multiple interfaces. The only slip in editing appeared to be unnecessary "double coverage" of Snort (in ch. 3 and ch. 8), probably written by different authors.

If you're a junior Solaris admin and you need to lock down your machines, securely operate web, email, caching, routing, firewalling, and related services, HPSS8 will definitely help you. Senior Solaris admins will probably not learn new tricks. Security professionals who want to familiarize themselves with Solaris features will enjoy reading HPSS8, as I did.

(Disclaimer: I received a free review copy from the publisher.)

I have never used a Sun Solaris system, but I found this book to be very informative and enlightening nonetheless. Hack Proofing Sun Solaris 8: Protect Your Network From Attack provides an excellent introduction to securing a Solaris 8 system. It covers everything from securing the installation out of the box, to securely implementing Solaris 8 as a web server, email server, firewall or router. The information is presented in a way that will teach someone new to administering Solaris security what they need to know, but it may lack the depth to teach a Solaris guru any new tricks. Although this book doesn't relate to the most current release of Solaris, most people trying to learn about securing Solaris will still benefit from reading it.

(...)