beautypg.com

Xerox 4590 EPS-10912 User Manual

Page 16

background image

1 0

Security Guide

Multicast routing disabled

Multicast is used to send data to many systems at the same time
while using one address.

OS and host information hidden

The ftp, telnet and sendmail banners are set to null so that users
in cannot see the hostname and OS level.

NOTE: All of these services are prohibited with a 'high' security
setting, but if they are re-enabled manually the hostname
information will remain hidden.

Sendmail daemon secured

Sendmail is forced to perform only outgoing mail. No incoming
mail will be accepted.

Network parameters secured

Sun's nddconfig security tool is run. For additional information,
view Sun's document, Solaris Operating Environment Network
Settings for Security, at

http://www.sun.com/solutions/ blueprints/1200/network-updt1.pdf.

Executable stacks disabled

The system stack is made non-executable. This is done so
security exploitation programs cannot take advantage of the
Solaris OE kernel executable system stack and thereby attack the
system.

NFS port monitor restricted

The NFS server normally accepts requests from any port number.
The NFS Server is altered to process only those requests from
privileged ports. Note that with the high security setting, NFS is
disabled; however if the service is re-enabled manually, the port
restriction will still apply.

This manual is related to the following products: