Solaris CX-310-301 1 Manual

next previous

Solaris 9 Security CX-310-301 6

Detection and Device Management.............................................................................23

Monitoring Login Attempts ......................................................................................................... 23

Loginlog.................................................................................................................................. 23

lastlog, utmpx, wtmpx and last ............................................................................................... 24

System Log Files ....................................................................................................................... 24

/var/adm/messages ................................................................................................................ 24

SU logging.............................................................................................................................. 25

Syslog ........................................................................................................................................ 25

Configuring Standalone syslog............................................................................................... 26

Configuring syslog to Log Centrally ....................................................................................... 27

Using Multiple Files ................................................................................................................ 28

Process Accounting ................................................................................................................... 29

Auditing with the Basic Security Module (BSM)......................................................................... 29

Overview................................................................................................................................. 29

Enabling BSM......................................................................................................................... 30

Generating an Audit ............................................................................................................... 31

Interpreting the Results .......................................................................................................... 32

The audit command................................................................................................................ 32

Audit Log Files........................................................................................................................ 32

Disabling BSM........................................................................................................................ 33

Device Management.................................................................................................................. 33

Authorizing Device Access to a User ..................................................................................... 34

Managing Devices Under BSM Control ................................................................................. 34

Security Attacks............................................................................................................35

Denial of Service (DoS) Attacks.................................................................................................35

Preventing DoS Attacks ......................................................................................................... 36

How DoS Attacks Execute ..................................................................................................... 36

Privilege Escalation Attacks....................................................................................................... 37

Types of Attack....................................................................................................................... 37

Detecting Attacks ....................................................................................................................... 38

Using Solaris Fingerprint Database ....................................................................................... 38