JASS supports Solaris 10!

Today is the big day! The Solaris Security Toolkit version 4.2 has been released. The biggest change in this new release is with its support of the Solaris 10 OS (global and local zones). You can read all about the changes in this new update in the Release Notes. With this release, you have a fully documented and supported tool for hardening the Solaris 10 OS (as well as previous releases) on both SPARC, Intel and AMD platforms!

Download and try it out today!

Technorati Tag:

Comments:

Glenn, thanks for helping us in the development of this version; you provided lots of great support to the development team, especially in the early Alpha development phase. We couldn't have done it without you!

Posted by John Falkenthal on August 01, 2005 at 07:19 AM EDT #

Thanks for the update, I think the framework holds a lot of potential for integrated updating and validation. There is a site that is offering to be a repository of customized finish scripts. I have several that I hope to post. The one that I've hacked the most is the strong permissions script. I changed from just using chmod to the using the function; this so changes will be reflected in the manifest; so they will be reversible. later, Mark

Posted by Mark on September 16, 2006 at 03:48 AM EDT #

Glenn, My name is Ashok Nair. I want to apologize upfront, that this is not a comment about SST. We are currently working on a project to implement Solaris 10 for a federal agency. We use custom jumpstart/SST/JET for the implementation. We really,really need some guidance from authoritative source about minimizing OS. I am a bit confused about the process. In my past experience, I would select a metacluster and then add/delete other clusters or packages. This always worked. The basic goal of our system build is to have 1. use reduced net for web tier 2. use either SUNWCuser or SUNWCall for app and data 3. remove unneeded software like Sun one appserver/apache/samaba/Gnome/Star office from all systems 4. Include Dtrace,mdb,snoop,truss,tools required flar on all system builds. I coulf have done this based on selecting a metacluster and then usning jumptstart profile add/delete keywords to customize. Now, the issue is , one of co-workes referred to a doc from Sun Doc ID 86177(support of minimized systems) that lays out an additive approach to system building. I don't have access to that doc, he contracts through Sun. We did try to follow this, by selecting a starting point and adding packages. It was immensley difficult. The difficuly was with getting all the dependencies right. We used package dependency tool you wrote to help us through this process. Even with that there would be some warnings about some distant depndencies about packages. My instinct was that some of these warnings can be ignored. My co-worker was skeptical about support from Sun about such a system build. A build with no warnings was set as a goal. After spnding a incredible amount of time to to get our requirement we gave up. We sould not remove all the un-needed software from our builds. I opened a Sun case to get to the bottom of this and the response was what I expected, that one could delete packages using custom jumpstart. There was difference within our team about the correctness of that response. We could really use some guidance here. 1. How can we achive our goal with and still not break Sun support 2. Can we ignore some of the warnings from custome jumpstart 3. What is the methdology to be followed for removing unwanted software? Thank you so much for any help Ashok Nair

Posted by Ashok Nair on January 18, 2007 at 09:04 PM EST #

Ashok,

Please drop me an e-mail and we can discuss this in more detail offline. I want to better understand your requirements and what has been done to date before I offer any suggestions. Thanks!

You can get me at: glenn{dot}brunette{at}sun{dot}com.

Glenn

Posted by Glenn Brunette on January 19, 2007 at 08:34 AM EST #

Post a Comment:
Comments are closed for this entry.
About

This area of cyberspace is dedicated the goal of raising cybersecurity awareness. This blog will discuss cybersecurity risks, trends, news and best practices with a focus on improving mission assurance.

Search

Archives
« July 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
  
       
Today