TITAN Solaris2 documentation.
89f7d26a84df69d3c89dfac8e83da2aca8bceb1d6218150c644ae2f97956ff2d<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META NAME="GENERATOR" CONTENT="Mozilla/4.07 [en] (X11; U; SunOS 5.6 sun4u) [Netscape]">
</HEAD>
<BODY>
<CENTER>
<H1>
<A HREF="../../images/bigmap.jpg"><IMG SRC="bigmap.jpg" HEIGHT=275 WIDTH=424></A>
TITAN's view of the world</H1></CENTER>
<HR>
<UL><!-- Published by Quadralay WebWorks HTML Lite 1.5.1 --><A NAME="10346"></A>
<BR>
<H1>
TITAN 3.0 FCS Solaris 2.X</H1>
<H1>
Descriptions as to what each module does:</H1>
Running Titan
<BR><A NAME="418052"></A>
<BR><A HREF="../../Titan-Config">Titan-Config</A> This script figures out
which OS you are using and makes the appropriate links to the shell scripts
accordingly. Titan-Config also asks if you want to make a backup directory
of all files modified by Titan.
<P><A HREF="../../arch/sol2sun4/bin/Titan">Titan</A> Titan is the
program which runs all the other shell scripts (*.sh) and accepts either
the -I (intro) -F (fix) -C(configuration) [ + filename] )or -V (verify)
flag.
<P><A HREF="../../arch/sol2sun4/bin/Titan.top">Titan.top </A>This module
is the same as Titan except the path has been modified so that When "Titan-Config"
is run, Titan can be run from the top most directory.
<P><A HREF="../../arch/sol2sun4/bin/TitanReport">TitanReport</A>. This
file runs all Titan modules in the $TITANDIR/bin/modules directory using
the "-v" flag. TitanReport then e-mails the results. Titanreport is intended
to run out of cron, or as an auditing tool. See the<A HREF="FAQ.html">
FAQ</A> for mor.
<P><A HREF="../../arch/sol2sun4/bin/sample.Desktop">Sample.Desktop</A>,
<A HREF="../../arch/sol2sun4/bin/sample.Firewall">sample.Firewall</A>,
<A HREF="../../arch/sol2sun4/bin/sample.Server">sample.Server</A>,
<A HREF="../../arch/sol2sun4/bin/sample.config">sample.config.</A> These
files are used as templates when titan is run as "Titan -c config-file".
See the <A HREF="FAQ.html">FAQ</A> for more.
<P><A HREF="../../arch/sol2sun4/lib/backtit.sh">backtit.sh </A>This modules
is called by "Titan-Config" when run "Titan-Config -i" (install). Backtit.sh
makes a backup copy of all the files Titan modifies (tbacktit.sh currently
does not backup file permission changes)
<P><A HREF="../../arch/sol2sun4/lib/untit.sh">untit.sh</A> Untit.sh is
called by "Titan-Config" when run 'Titan-Config -d" (deinstall) Untit.sh replaces
the files modified by Titan with the origional un-secure versions, and
is provided as a recovery mechanism if we were to agressive about securing
the system.
<P><A HREF="../../src1/noshell.c">noshell.c</A> This is the preferred way
of doing a noshell. This should be statically compiled (see <A HREF="../../src1/noshell-makefile">noshell-makefile</A>)
and should replace the shell script that disable-accounts.sh placed in
/usr/sbin/noshell.
<P><A HREF="../../src1/noshell-simple.c">noshell-simple.c</A> This is a
simplified version of noshell.c . I don't expect this to get much use,
but should be statically compiled (see <A HREF="../../src1/noshell-makefile">noshell-makefile</A>)
and replace the /usr/sbin/noshell script that disable-accounts.sh creates.
the script that disable-accounts.sh creates is better than nothing,
(better than /bin/true which is also a shell script) but a statically linked
C program is the best way to go.
<BR>
<BR>
<H3>
Titan modules</H3>
<P><BR><A HREF="../../arch/sol2sun4/bin/modules/add-umask.sh">add-umask.sh </A>
Adds system wide umasks for rc?.d files causing system daemon to create
more secure files; (From Casper Dik's code.)
<P><A HREF="../../arch/sol2sun4/bin/modules/adjust.syn-timeout.sh">adjust.syn-timeout.sh </A>
This changes the system configuration to shorten the Abort Time out Value
to ten seconds. Only runs for older versions of Solaris 2.X. Newer versions
have a patch ( 103582-11 currently) which should be applied instead.
<P><A HREF="../../arch/sol2sun4/bin/optional/anon-ftp.setup.sh">anon-ftp.setup.sh </A>
Straight from the Man page for in.ftpd. Sets up Anonymous ftp area in a
reasonable way. This <B>should NOT</B> be used very often, only on systems
that are supposed to allow anonymous ftp. Titan does not run this
by default by design.
<P><A HREF="../../arch/sol2sun4/bin/modules/automount.sh">automount.sh
</A>Disables
the automounter at boot time.
<P><A HREF="../../arch/sol2sun4/bin/modules/create-issue.sh">create.issue.sh</A>
Creates the /etc/issue banner that gets displayed at login time.
<P><A HREF="../../arch/sol2sun4/bin/modules/decode.sh">decode.sh </A>Looks
for any ``|'' in /etc/aliases and fixes if found.
<P><A HREF="../../arch/sol2sun4/bin/modules/disable-L1-A.sh">disable-L1-A.sh
</A>Solaris
2.6 and newer only. This disables the L1-A or stop-A keyboard sequence
by modifying /etc/default/kbd.
<P><A HREF="../../arch/sol2sun4/bin/modules/disable-NFS.bind.sh">disable-NFS.bind.sh</A>
Moves the privileged port range to 2050 which thus includes the NFS
ports
<P><A HREF="../../arch/sol2sun4/bin/modules/disable-accounts.sh">disable-accounts.sh</A>
Disables ``system'' accounts like ``bin'' and ``daemon'' and creates a
/usr/sbin/noshell script. The noshell script should only be a place holder
until you compile and install the noshell statically linked C program
<P><A HREF="../../arch/sol2sun4/bin/modules/disable-core.sh">disable-core.sh</A>
This changed the /etc/system file making the core dump size limited
to zero length. This prevents bad guys forcing a core dump to examine any
information that might be stored in the core image such as /etc/shadow
information.
<P><A HREF="../../arch/sol2sun4/bin/modules/disable-ping-echo.sh">disable-ping-echo.sh</A>
This disables ip_respond_to_echo_broadcast so that specific ping crashes
don't work . It also hides the system from some network probe agents that
use broadcast ping to discover hosts to probe.
<P><A HREF="../../arch/sol2sun4/bin/modules/disable_ip_holes.sh">disable_ip_holes.sh</A>
Disables ip_forward ip_forward_directed_broadcasts, ip_source_routed,
and ip_ignore_redirect 1, ect..
<P><A HREF="../../arch/sol2sun4/bin/modules/2.6dmi.sh">dmi-2.6.sh</A> Simply
moves aside all the dmi daemons start up files. DMI doesn't do any authentication
; allows core dumps and seems to allow you to start up arbitrary services.
It isn't well documented on what it actually does.
<P><A HREF="../../arch/sol2sun4/bin/modules/eeprom.sh">eeprom.sh</A>
Check Only. This checks to see if you set an eeprom password ("eeprom security-mode
= command" is recommended; and then move/remove the eeprom command support
from the kernel) If you don't set a eeprom password, a bad guy might set
one for you (eeprom security-mode = full) and then halt your system. Then
since you don't know the password, you cannot reboot (DOS attack)
<P><A HREF="../../arch/sol2sun4/bin/modules/file-own.sh">file-own.sh</A>
Changes system files (mainly in /usr ) to be owned by "root"." I personally
don't like anything that the root user is going to run not being owned
by root. When /usr/bin is owned by user ``bin'' user ``bin can trojan anything
root runs; thus bin=root. Thus I change everything back to root to begin
with. We need not mention NFS where root=nobody but bin=bin; I think you
get the point.
<P><A HREF="../../arch/sol2sun4/bin/modules/fix-cronpath.sh">fix-cronpath.sh</A>
Changes permission and ownership of things run out of roots cron.
Otherwise every time cron is run a new trojan/setuid-root-file could be
created.
<BR><A NAME="418095"></A>
<P><A HREF="../../arch/sol2sun4/bin/modules/fix-modes.sh">fix-modes.sh</A>
modes.c modes; (From Casper Dik). Fixes all the mode 775 directories
and binaries and changes the ownership to root where needed. The modes.c
may need to be compiled locally. - <FONT COLOR="#FF0000">Big
note here!</FONT> - REMEMBER to <B>re-run this</B> whenever you add packages
or patches!! If you don't, the modes get brain dead again. Titan
DOES NOT run this by default. This should be run often such as out of cron
or at least after adding any vendor patches.
<P><A HREF="../../arch/sol2sun4/bin/modules/fix-stack.sh">fix-stack.sh
</A>wrapper
for Casper Dik's protect_stack which forces all user zero-fill-on-demand
pages are marked rw- instead of rwx. This blocks many of the stack smashing
bugs from working. Note this doesn't work on all versions of the SPARC
architectures (multi processors for instance)
<P><A HREF="../../arch/sol2sun4/bin/modules/fix-stack.sol2.6.sh">fix-stack.sol2.6.sh</A>
Solaris 2.6 has the protect_stack ability built-in as a /etc/system configurable
option. This blocks many of the stack smashing bugs from working.
<BR>
<P><A HREF="../../arch/sol2sun4/bin/modules/ftpusers.sh">ftpusers.sh</A>
Creates a sane /etc/ftpusers which stops users such as root or "bin" from
using ftp. This prevents "root" from ftping over a new /etc/shadow file,
and forces the administrators to ftp as themselves and then "su" to root
thus keeping the audit trail (more) intact.
<P><A HREF="../../arch/sol2sun4/bin/modules/hosts.equiv.sh">hosts.equiv.sh</A>
Checks for /etc/hosts.equiv. it should also check /etc/nsswitch.conf "password
and group" entries but currently doesn't.
<P><A HREF="../../arch/sol2sun4/bin/modules/inetd.sh">inetd.sh</A> Changes
/etc/inetd.conf and turns off most of the services. You will
want to localize this. For desktops for instance you might
want to leave on the services for calendar manager and tooltalk (assuming
windows) My suggestion is to get tcp_wrappers and wrap all services. Then
get ssh and turn off rsh/rlogin and ftp and only use ssh/scp for remote
access needs.
<BR><A NAME="418928"></A>
<P><A HREF="../../arch/sol2sun4/lib/is_root">is_root</A> this is not intended
to be run by users. The other scripts call this as a generic check for
execution as root.
<P><A HREF="../../arch/sol2sun4/bin/modules/log-tcp.sh">log-tcp.sh </A>Adds
the "-t" flag to in.inetd startup in /etc/rc2.d/S72inetsvc to trace all
incoming TCP services.
<P><A HREF="../../arch/sol2sun4/bin/modules/loginlog.sh">loginlog.sh</A>
Fixes the syntax so that (assuming Sun patches) log entries are made for
failed login attempts.
<P><A HREF="../../arch/sol2sun4/bin/modules/lpsched.sh">lpsched.sh</A>
Disables lp. For firewalls, and non-print servers. Probably want to leave
this service on for desktops.
<P><A HREF="../../arch/sol2sun4/bin/modules/nfs-portmon.sh">nfs-portmon.sh</A>
Turns on NFS port monitoring for solaris.
<P><A HREF="../../arch/sol2sun4/bin/modules/nsswitch.sh">nsswitch.sh</A>
Modifies /etc/nsswitch.conf removing all the nis/nis+/dns entries. This
is useful on a firewall, but you may want to tune it down a little on networked
servers and desktops. It also sets password and group to only look
at local password/group files; again network servers or desktops might
not want this behavior.
<P><A HREF="../../arch/sol2sun4/bin/modules/nuke-sendmail.sh">nuke-sendmail.sh</A>
This module does as it implies. Disables sendmail. This modules should
be used on Firewalls that are not sendmail servers, Servers that are not
sendmail servers, and all desktops that have their mail delivered to a
server.
<P><A HREF="../../arch/sol2sun4/bin/modules/2.6-pam-rhosts.sh">pam-rhosts-2.6.sh</A>
This solaris 2.6 module saves and modifies the /etc/pam.conf file removing
the line: " rlogin auth sufficient /usr/lib/security/pam_rhosts_auth.so.1"
such that rhosts are not allowed by the PAM system.
<P><A HREF="../../arch/sol2sun4/bin/modules/passwd.sh">passwd.sh</A> Checks
that all accounts have passwords and adds in a "*" password if run in fix
mode.
<P><A HREF="../../arch/sol2sun4/bin/modules/powerd.sh">powerd.sh</A> Checks
that the power suspend (/usr/openwin/bin/sys-suspend) can only be run by
the root user.
<P><A HREF="../../arch/sol2sun4/bin/modules/psfix.sh">psfix.sh</A>
This program creates /etc/rc3.d/S79tmpfix so that upon boot the /tmp
<BR> directory will always have the sticky bit set mode 1777
<P><A HREF="../../arch/sol2sun4/bin/modules/rhosts.sh">rhosts.sh</A> Originally
from COPS. Scans for .rhosts in NIS and local directories but unlike COPS
if run in fix mode it removes/renames them.
<BR><A NAME="418129"></A>
<P><A HREF="../../arch/sol2sun4/bin/modules/rootchk.sh">rootchk.sh</A>
Checks roots path and makes sure that root owns the directories and binaries
in roots path. Changes them (when run -F) if they are wrong. Also removes
the ``.'' from the path.
<P><A HREF="../../arch/sol2sun4/bin/modules/routed.sh">routed.sh</A> Starts
in.routed in the quiet mode (-q)
<P><A HREF="../../arch/sol2sun4/lib/sanity_check">sanity_check</A> This
isn't meant to be run by users (thus no .sh extension) It is called by
the other scripts to check to make sure scripts are called with at least
one additional argument (-i/-v/-f)
<P><A HREF="../../arch/sol2sun4/bin/modules/sendmail.sh">sendmail.sh</A>
changes sendmail.cf adding in the option ``goaway'' so that ``telnet hostname
25" (connecting to the sendmail port) doesn't allow cracker to look up
user info. Note- you should also changes the P=/bin/sh to P=/bin/false
if you can or look into using smrsh for servers and desktops. No firewalls
TURN OFF/wrapper sendmail on the firewall system. Now would
be a good time to look into VMailer.
<P><A HREF="../../arch/sol2sun4/bin/modules/smtp-banner.sh">smtp-banner.sh</A>
modifies your /etc/mail/sendmail.cf file to hide the OS version you are
running changes the banner from : Sendmail SMI-8.6/SMI-SVR4 ready at Fri,
2 May 1997 to : Sendmail Server Ready
<P><A HREF="../../arch/sol2sun4/bin/modules/smtpbanner-8.8.sh">smtpbanner-8.8.sh
</A>Modified
sendmail version 8.8 sendmail.cf to change the banner to give out less
information.
<BR>
<P> <A HREF="../../arch/sol2sun4/bin/modules/2.6snmpdx.sh">snmpdx-2.6.sh</A>
2.6snmpdx.sh Simply moves aside all the snmpdx daemons start up files.
Snmpdx give out more
<BR>information than you really want it to. Who needs a port scanner if
snmpdx is running?
<P><A HREF="../../arch/sol2sun4/bin/modules/syslog.sh">syslog.sh</A> Modifies
/etc/syslog.conf so that console messages are also saved to system log
files.
<P><A HREF="../../arch/sol2sun4/bin/modules/tcp-sequence.sh">tcp-sequence.sh</A>
Solaris 2.6 and newer.Changes the TCP initial sequence number generation
parameters to use RFC 1948 sequence number generation, unique-per-connection-ID.
<P><A HREF="../../arch/sol2sun4/bin/modules/userumask.sh">userumask.sh</A>
Adds in a umask of 022 for users in /etc/skel and /etc files.
<BR><A NAME="418148"></A>
<P><A HREF="../../arch/sol2sun4/bin/modules/utmp.sh">utmp.sh</A> Checks
utmp and utmpx just to be sure it isn't world writeable.
<BR><A NAME="418150"></A>
<P><A HREF="../../arch/sol2sun4/bin/modules/vold.sh">vold.sh</A>
Turns off vold. Needed on a Firewall and Servers, but might be left on
on desktop systems where users are allowed to mount CD's and Floppy disks
via windowing tools.
<P><A HREF="../../arch/sol2sun4/bin/modules/wwwchk.sh">wwwchk.sh</A> This
program looks for a WWW (HTTP/HTTPS) server running locally and tries to
validate permissions on any htaccess or other locally defined access control
files. Other areas checked are DocumentRoot, ServerRoot permissions on
any user account access control files e.g.; htaccess In fix mode (-f) changes
will set all files/dirs to owner read/write/execute, group read/execute,
other execute.
<P><A HREF="../../arch/sol2sun4/bin/modules/ziplock.sh">ziplock.sh</A>
The final step in tightening - <FONT COLOR="#FF0000">READ CAREFULLY</FONT>
-This program absolutely tightens perms for much of the OS. Caution after
this is run ONLY root and group STAFF will be able run many system
functions!!! <B>Not intended to be run on normal systems only those with
strict access rules.</B>
<BR>
<BR>
<P><A NAME="418156"></A><A HREF="TITAN_documentation.html">Back to Titan
Main Doc Page</A>
<H5>
<A NAME="418157"></A></H5>
</UL>
<H5>
Last Modified: 0:00 PDT, October 31, 1998</H5>
</UL>
</BODY>
</HTML>
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed