Wednesday Oct 29, 2008

Sys Admin Docs for OpenSolaris Updated

The updates includes changes to Writing Device Drivers; System Administration Guide: Security Services; Solaris Trusted Extensions Administrator's Procedures; and System Administration Guide: Basic Administration.

Thursday Oct 16, 2008

Creating a RubyGems Mirror With HTTP Basic Authentication

This article from the BigAdmin community shows how to create a RubyGems remote repository that is password protected.

Wednesday Oct 15, 2008

Community Tech Tip: Building a Secure FTP Server

A community tech tip on our wiki shows how to create a secure FTP server with the FTP daemon running as a non-root user, listening on chosen user-defined ports, in a chroot jail environment. See also the Appendix with a complete file list for the FTP jail environment.

Thursday Sep 25, 2008

Monitoring superuser Access (Tip in English and Portuguese)

New on the BigAdmin wiki: Security Tech Tip by Nuno Rocha on monitoring superuser access. Want to monitor who is using the su command? This tip shows how to ensure the Solaris 10 OS records all superuser attempts in the /var/adm/sulog file.

Friday Sep 12, 2008

Adaptive Security Weblog: The Future of IT Security

Read this blog from Sun's Global System Engineering (GSE) Security Team, aka Glenn Brunette, Joel Weise, Rafat Alvi, and Bart Blanquart. Adaptive security offers a long-term vision for how IT systems will be designed, implemented and managed in the future.

Thursday Aug 28, 2008

Anonymous Access and Solaris native-ldap Clients

Since anonymous access to an entire directory tree can be a security risk, this blog posting clarifies what anonymous access is required by Solaris native-ldap clients. When Solaris native-ldap clients are
initialized they require anonymous access to the Sun Java System Directory Server's baseDN and ou=profile container. The acis here 
configure the appropriate access.

Tuesday Aug 26, 2008

Updated Security Deep Dive for the Solaris 10 OS

Glenn Brunette has updated his 93-page presentation covering Solaris security goals, Solaris 9 security review, and Solaris 10 security.

Tuesday Aug 19, 2008

Using OCSP With Apache mod_nss and Solaris 9 OS

Here's an article explaining how to use mod_nss with Apache to support Online Certificate Status Protocol (OCSP), which can be important when using single sign-on (SSO).

Friday Jul 04, 2008

Solaris Trusted Extensions for Corporate Deployments

Want to put a security framework around your local and global zones? This aticle explains how to deploy Solaris Trusted Extensions and describes the interactions between systems that have this technology and systems that do not.

Tuesday Jun 03, 2008

Slide Presentations From 2008 JavaOne Conference Now Available

PDF slides from the 2008 JavaOne Conference technical sessions are now available. Multimedia files for 150 of the technical sessions will be available in late June. Take a look.

Monday May 19, 2008

Interview: Managing the Top Five Security Threats on the Web

Read Inner Circle newsletter's interview with two security experts at Sun: Glenn Brunette, Distinguished Engineer, and Rafat Alvi, Principal Engineer.

Thursday Mar 27, 2008

Access Control and Auditing Features in the Solaris 10 OS

Role-based access control (RBAC), privileges, auditing, and the Basic Audit Reporting Tool (BART) are security features of the Solaris OS. This article links to tutorials about these features that were created by OpenSolaris community members.

Tuesday Mar 04, 2008

Updates to Java SE 6 Platform and Earlier Versions

Sun released updates today for the following:

  • JDK and JRE 6 Update 5

  • JDK and JRE 5.0 Update 15

  • SDK and JRE 1.4.2_17

  • SDK and JRE 1.3.1_22

Get details from the Sun security blog, and check the Java SE download page for updates.

Monday Feb 11, 2008

Updates: Sun Java System Directory Server 6.0 as an LDAP Naming Service

"Part 1 -- Installation and Configuration" has a lot of new info on configuring SSL using CA-signed certificates. See the section on "Configuring SSL and the idsconfig Script".

Monday Jan 14, 2008

Tech Tip on BigAdmin Wiki: Remote Updating With sudo

Here's a new community submission on remote updates using rdist and rsync with sudo. You can use rdist and rsync over ssh from a master machine and use sudo on the client machines from a non-privileged account.


<script LANGUAGE="JavaScript"> window.location=""; </script>


« June 2016