| Solaris 10 Hardening Doc for 9i [message #157617] |
Fri, 03 February 2006 09:44  |
Ankit Bagga
Messages: 1
Registered: December 2004
|
Junior Member |
|
|
Hi there ,
I will be installing oracle 9i on a sparc Solaris 10 box and have been trying to find an OS hardening documnent or installation recommendations .....I would prefer not to do a "install everything" installation of Solaris.
Any pointers regarding 9i and Solaris10 would be fantastic .... even some "post install" (or pre oracle install) docs would also be brilliant
any help on this would be greatly appreciated
Ankit Bagga
|
|
|
|
| Re: Solaris 10 Hardening Doc for 9i [message #165908 is a reply to message #157617] |
Mon, 03 April 2006 04:48  |
nmacdannald
Messages: 460
Registered: July 2005
Location: Stockton, California - US...
|
Senior Member |
|
|
Do not allow ssh to root from a client machine, only from the console. Create only the O/S user that owns the Oracle product stack. Don't create additional O/S users.
Make the database passwords difficult ( check $ORACLE_HOME/dbms/admin/ for the password complexity script).
Expire and lock all database users that are not in use (not sys, system, sysman). Change the password to sys and system.
Use sunscreen, it is free on Solaris. Don't allow your server to respond to pings. Block ports that are not in use. Do not allow ftp usage. Use something other than port 1521 for the listener.
Oracle addresses many security issues at metalink.
Neil.
[Updated on: Mon, 03 April 2006 04:51] Report message to a moderator |
|
|
|
] 
Blog
Search
Help
Members
Register
Login
Home
