Solaris Security

The first three parts of the book are Introduction, Standalone Systems, and Network-Connected Systems. They focus on each Unix feature, explain it within the Solaris frame of reference, highlight security implications, and mention the resulting administrative tasks. If you lack a course in Unix administration you'll appreciate that. The author also shows how to integrate and update Solaris with Public Domain software that is usually installed with Linux.

Part 4 is an over-simplified story about disaster and recovery. Part 5, the appendices, is a bag of useful information, pointers to interesting web sites, glossary and the like.

Rating:
Summary: Worthless
Review: And so is Book News's Review. They write above "Physical security, bootpaths, permissions, auditing tools, system logs, and passwords are among the topics."

AUDITING TOOLS? A whole two pages describing what auditing is. If you are looking for a book with any information on auditing, don't buy this.

Rating:
Summary: Learn it, love it, live it... then learn more
Review: Give this to all your junior sysadmins and get them to read it. It's amazing how many places and admins don't even make an attempt to secure their machines. I can only assume they don't know how or don't care. If they want a good start, this is it!

Rating:
Summary: A comprehensive collection of techniques and information.
Review: How do I do security on Solaris? If you have ever asked yourself this question, and tried to extract this information from general UNIX security books, then you will understand my motivation for writing this book. Solaris Security is all about Security, all about Solaris. Every page of Solaris Security is relevant to your Solaris-on-SPARC systems.

Not satisfied with just sharing information on all of the "how to's" for Solaris security, I have also included chapters on security principles, system and server design, and recovery. While these topics transcend Solaris (and even UNIX itself), I included them because Solaris Security might be the only security book that you own. I felt an obligation to introduce those of you to the broader world of information security, while at the same time not trying to be all things to all people.

If you are new to Solaris or UNIX, Solaris Security has information for you on basic filesystem and network security principles, all geared specifically towards Solaris.

Solaris Security has several appendices filled with valuable references to enable the reader to stay current on Solaris security issues and be able to do more research on specific topics.

If you're having a hard time convincing your boss (whether that's the IT Manager or the CEO) on the importance of Solaris security, then you need to read the Foreward, Repelling the Wily Hacker. Steven explains why UNIX security is both so important and so difficult. And Solaris Security illustrates how achievable strong host security can be.

Rating:
Summary: Learn it, love it, live it... then learn more
Review: I have been securing solaris servers for a couple years now, and I wish I had this book when I first got started. The general UNIX security books are just not enough. Each UNIX OS has their own configuration procedures for tightening security. Any print book cannot keep up with Internet time, but for those who need a jumpstart to securing their Solaris server, this is a great start. A good security program requires further research. There are many good solaris security sites on the internet.

Rating:
Summary: Great start for Solaris Security
Review: I have been securing solaris servers for a couple years now, and I wish I had this book when I first got started. The general UNIX security books are just not enough. Each UNIX OS has their own configuration procedures for tightening security. Any print book cannot keep up with Internet time, but for those who need a jumpstart to securing their Solaris server, this is a great start. A good security program requires further research. There are many good solaris security sites on the internet.

Rating:
Summary: Easy to read, should be read while getting your SCSA
Review: I thought this was a great book, I wish I had read this bookbefore I got my Sun Certified Systems Administration certificationbecause it really compliments the outline for quite a few of the topics on the exams, this book is easy to read with great "walk-throughs" and countermeasures of things to look for and things to be aware of. It really cleared up a lot of concepts for me that I was unclear on. If you were a total UNIX guru then this might be stuff you already know but if you have a workstation or something like that and you want to lock it down,this book really helps you understand and walks you through things to do for tighter security on your machine

Rating:
Summary: Of people and of UNIX...
Review: I went through the book in less than an hour, mainly because it takes simetime to flip through the pages. Getting this book will bring as much value to your collection as Janice Winsor's man pages guide - just use "man". With all fairness and justice to Janice's other publications. In fact, reading Janice's section on security in the Advanced volume is just as good a discussion as this book.

Or do yourself a favor, buy yourself an hour of your time, and get on Sun's website & Lance Spitzer's - you'll get more out of your hour. Now, if you can't do a "man" and you don't understand what Lance is talking about - please go back to button-clicking. I agree with Nikolai, Fernando and the person from Philly.

Rating:
Summary: Not A Security Guideline!
Review: I'll have to agree with the reader from New Hampshire, this is mostly a book about Solaris administration. Although basic security components are covered, there really aren't any well compiled guidelines for establishing a secure Solaris system.

Stick to the Sun Security FAQ and other on-line resources for good security tips. Use this book as an administration guide and/or as a supplement to other security information.

If your purpose is to learn basic Solaris security administration, then this book will be helpful to you (as other readers have found).

Rating:
Summary: great breadth of security issues, not for experts
Review: I'm a junior sysadmin, and really enjoyed this book for the great overview it gave of security issues, especially Solaris. It covers a very wide breadth of topics, and gives you perhaps 80% of what you would need on a normal basis. Sure, it's not super in-depth 100% on every subject, but it gives many references for further reading. This would not be a book for the expert Solaris security admin, but it gives me exactly what I need. It's a real time-saver because of its breadth, and its very easy and quick to read and understand, it includes copies of what you'd see in log files, and walks you thru the exact commands and output you'd see on the command line, and it includes diagrams/tables for summaries/descriptions for various commands/programs/services, and the recommendations in dis/enabling them.

It covers PROM commands, file permissions, account security, x-windows, auditing tools, cron/at, system logs/syslog, IP, routing, snoop, sendmail, printing, DNS, NFS,NIS+, disaster recovery, security checklist, network access control, overview of 3rd party tools, PGP/MD5 verification of downloaded tools, and 50 pages of appendices.

I found this to be an excellent starting-point for exploring security issues.

By the way, the previous reviewer Nikolai N Bezroukov who gave it one star may be misleading about one point. He wrote:

--- begin quote ---

The quality of the book can be illustrated by the folowing quote (preface, page XLI):

ftp://ftp.win.tne.nl/pub/security/tcp_wrappers_7.6tar.gz

--- end quote ---

The author was using that as a lesson about how URLs in books and on the Web become outdated and obsolete, and he gave tips about them and also suggested readers check the appendices in the back of the book for additional security sites.