Chapter 11. Security

IN THIS CHAPTER

  • Security overview

  • Pluggable Authentication Modules (PAM)

  • Password management

  • Secure by Default (SBD)

  • Role-based access control (RBAC)

  • Privileges

  • Access Control Lists (ACLs)

  • Secure Shell (SSH)

  • IP Security

  • Logs

  • Basic Audit Reporting Tool (BART)

  • Solaris Auditing

  • Kerberos

  • Trusted Extensions

There are two kinds of people in the computer world: those who care about security and those who should care about security. From large companies to small companies to government systems to your personal home network, computer systems can be compromised. Luckily, OpenSolaris contains numerous security features to protect against and ameliorate various forms of attacks. Unfortunately, many of the features are not enabled by default because they would affect performance or usability of the system. If you want your OpenSolaris system to be safe, you must take active steps to secure it. This chapter will help you put the appropriate security measures in place.

Security Overview

Computer attacks are varied and numerous. You've probably read about some of the infamous ones, such as the theft of over 45 million customer credit and debit card numbers from the T. J. Maxx company in 2006 and 2007 by hackers who cracked the wireless network in one of the stores and used it as a gateway to the central database. But computer attacks don't need to be direct. Someone could break into your system by calling one of your users on the telephone and convincing him to provide his password. An attacker ...

Get OpenSolaris™ Bible now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.