Solaris 8 Security [Paperback]

Edgar Danielyan (Author)

Book Description

Publication Date: October 24, 2001 | Series: Landmark

This book covers all the concepts and issues Solaris 8 administrators need to know in order to make and keep their Solaris 8 systems secure. This includes not only Solaris 8 security tools and features, but such subjects as cryptography and defenses against known attacks and vulnerabilities. Readers learn practical, command-level defenses: how to configure a secure DNS server, make IPsec work, identify and prevent system compromises, configure sendmail, and automate security checkups. They also learn what they need to do with /etc/inet/inetd.conf and why DES fails. The book provides a proactive approach to security. Coverage includes intrusion detection systems, network-level filtering, firewalls and other network-level systems.

Editorial Reviews

From the Back Cover

Solaris 8 Security covers all the concepts and issues Solaris 8 administrators need to know in order to make and keep their Solaris 8 systems secure. This includes not only Solaris 8 security tools and features, but such subjects as cryptography and defenses against known attacks and vulnerabilities.

Readers learn practical, command-level defenses, such as:

* How to configure a secure DNS server
* What to do with /etc/inet/inetd.conf
* How to make IPsec work
* Why DES fails
* How to identify and prevent system compromises
* How not to configure sendmail
* How to automate security checkups

The book provides a proactive approach to security. Coverage includes intrusion detection systems, network-level filtering, firewalls and other network-level systems.

About the Author

Edgar Danielyan is a highly respected Solaris guru whose passion for Solaris is evident in the popular column he writes for Inside Solaris magazine. He is a Cisco Certified Security Specialist and veteran member of USENIX, SAGE, ACM and the Computer Society. He co-founded a national ISP and worked for the Ministry of Defense, Computer Center of the Council of Ministers, and a major bank. He has more than seven years of "UNIX on Internet" experience (technical, consulting, and managerial positions), including the last four years working exclusively on Solaris. He has written and lectured on network and UNIX security for the past two years.

Product Details

• Paperback: 300 pages
• Publisher: New Riders Publishing; 1 edition (October 24, 2001)
• Language: English
• ISBN-10: 1578702704
• ISBN-13: 978-1578702701
• Product Dimensions: 8.9 x 6.9 x 0.7 inches
• Shipping Weight: 1 pounds
• Average Customer Review: 4.8 out of 5 stars  See all reviews (6 customer reviews)
• Amazon Best Sellers Rank: #3,246,352 in Books (See Top 100 in Books)

More About the Author

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

Most Helpful Customer Reviews

13 of 13 people found the following review helpful:

5.0 out of 5 stars Gives insight, November 19, 2001

By A Customer

This review is from: Solaris 8 Security (Paperback)

This book is the most up to date book on solaris security. It has a good resources list, as well as hands on intro to IPsec. The Kerberos chapter could be longer, but it sets you thinking anyway; the first chapter gives real insight into security in plain English. Overall it does what it says.

10 of 10 people found the following review helpful:

5.0 out of 5 stars Clear, Concise Security Guide, November 6, 2001

By 

Chris Garrison (Indianapolis, IN United States) - See all my reviews
(REAL NAME)   

This review is from: Solaris 8 Security (Paperback)

I just got a copy of Edgar Danielyan's _Solaris 8 Security_, and like other New Riders titles, I'm pleased with the contents. At around 250 pages, it seems small compared to a lot of the phonebook-sized buzzword-compliant books out there, but that is because it is a very focussed book. I particularly liked the section describing different types of cryptography, each type of encryption is briefly defined and related to security concerns.

The book also touches on subjects such as Kerberos, simple ways to vastly improve the security of a system, and discusses what kinds of attacks are often seen (and how to deal with them).

It's a good book to have on your shelf if you administer Solaris. It provides a good starting point for securing your Solaris 8 systems (and other UNIX systems in general). Ask your boss to buy it for you, you'll both sleep easier.

7 of 7 people found the following review helpful:

4.0 out of 5 stars Good, concise introduction to Solaris security, February 6, 2002

By 

Ben Rothke "Author of 'Computer Security: 20 ... (USA) - See all my reviews
(REAL NAME)   

This review is from: Solaris 8 Security (Paperback)

Mark Twain once said that he didn’t have enough time to write short stories, so he was forced to write long novels. In that vein, there are plenty of computer books in print that comprise more than 1000 pages, cover every topic under the sun, and include a CD-ROM with often-obsolete freeware tools. Such tomes are often a waste of time and money because the contents are primarily filler with little added value.

Solaris 8 Security, on the other hand, provides a very good overview of Solaris security without the bulk of unnecessary and often extraneous information. The book covers a lot of ground. The author covers key issues involved with the various aspects of securing Solaris systems, but does not get bogged down in page-wasting minutiae.

The first three chapters provide a good introduction to basic security, cryptography, and system security issues. Chapter 4 gives a good synopsis of the authentication and authorization facilities in Solaris 8. The chapter includes information about the basics, such as etc/passwd and /etc/shadow, and the new RBAC (Role Based Access Control) functionality that is available in Solaris 8. In the past, RBAC was only available on Trusted Solaris; now it is included in standard versions of Solaris 8 and above.

RBAC attempts to solve the problem of network users having far more network access than is necessary. The fact is that most existing networks allow users to access 10 to 20 times more resources than they will ever use or need. Because authorized users commit roughly 80% of computer crime, providing too much access is a huge security risk. So how does a systems administrator reduce overall user permissions by 70-90%, while providing users with the necessary access on a need-to-know and need-to-do basis? RBAC.

Further chapters in Solaris 8 Security deal with Kerberos, auditing and accounting, and open source security tools. Chapters 8 through 10 conclude the book with overviews of network security and IPSec. Chapter 8 has some very helpful hints on fine-tuning the Solaris 8 TCP/IP stack via various configuration tools and files. Chapter 10 details how to secure various network services including HTTP and NFS.

Anyone looking for a well-focused book on Solaris security should take a look at Solaris 8 Security . It’s an excellent starting point, and at fewer than 200 pages, it provides a really good introduction to Solaris security without wasting readers’ time, money, or trees.