Solaris security audit esp zones & container

Posted on 2013-09-30
Medium Priority
Last Modified: 2013-12-07
What the specific security items to audit in a Solaris zones
& container environment?

What are the services required & not required in zones &
container & commands to check/disable them?

Any freeware to run in Solaris to scan for vulnerabilities
(eg: CIS scanner?) & up-to-date security patches?
Question by:sunhux
  • 2
LVL 66

Accepted Solution

btan earned 2000 total points
ID: 39536547
I am deep into it but this security article is a good way to start the benchmark,
@ http://www.oracle.com/technetwork/server-storage/solaris/documentation/o11-076-s10-cis-appendix-487450.pdf

pls check out the -Compartmentalization (Zones), -Integrity Management and -Auditing

For more information on Solaris Auditing, see:
• OpenSolaris Community Project: OpenSolaris Security Audit: http://hub.opensolaris.org/bin/view/Project+audit/WebHome

• “Using Solaris Auditing in Zones” in Chapter 27, “Solaris Zones Administration (Overview),” of System Administration Guide: Oracle Solaris Containers-Resource Management and Oracle Solaris: http://download.oracle.com/docs/cd/E19253-01/index.html

• Archived Oracle technical paper: “Enforcing the Two-Person Rule via Role-Based Access Control in the Solaris 10 Operating System”: http://www.oracle.com/technetwork/server-storage/archive/a11-011-two-person-rule-role-access-438989.pdf
LVL 66

Assisted Solution

btan earned 2000 total points
ID: 39536570
For CIS Solaris 11, it is available and handy as for every hardening aspects it state the relevant of zone support such as "Global Zone only", "All", "N/A", "Global Zone and non-global zones configured with exclusive IP stacks"

@ https://benchmarks.cisecurity.org/tools2/solaris/CIS_Solaris_11_Benchmark_v1.0.0.pdf

Featured Post

WEBINAR: GDPR Implemented - Tips & Lessons Learned

Join the WatchGuard team on Thursday, March 29th as we recount some valuable lessons learned in weighing the needs of a business against the new regulatory environment, look ahead at the two months left before implementation, and help you understand the steps you can take today!

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Article by: btan
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
Recently, I read that Microsoft has analysed statistics for their security intelligence report. It revealed: still, the clear majority of windows users do their daily work as administrator. An administrative account is a burden, security-wise. My ar…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
Suggested Courses

619 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question