This article hasn't been updated for over 5 years. The information below may be obsolete.

Solaris Automated Security Enhancement Tool (ASET)

Published  |  1 minute read   |  3290 views  |   Security  

The Solaris ASET allows you to monitor and to control system security by automatically performing tasks that you would otherwise do manually. It can be configured for three security levels.

The ASET security package provides automated administration tools that enable you to control and monitor your system's security. You specify a security level at which to run ASET. The security levels are low, medium, and high. At each higher level, ASET's file-control functions increase to reduce file access and tighten your system security.

Security
Level		 Description
LowASET doesn't modify any system files, but reports on potential security weaknesses.
MediumSome system files may be modified to restrict access. This should not affect system services. It will report on security weaknesses and changes performed.
HighFurther restrictions are made to provide a secure system. System parameters are changed to provide minimal access. Most system applications should still work normally, but security is considered more important than applications at this level.

At the highest level the checks performed by ASET are:

  • Verify appropriate permissions for system files
  • Verify contents of system files
  • Check consistency and integrity of entries in passwd and group
  • Check contents of system configuration files
  • Check environment files: .profile, .cshrc, .login
  • Verify appropriate eeprom settings to restrict console login access
  • Disables IP packet forwarding so that the system can be used as a firewall or gateway machine
  • It checks files such as:
    /etc/hosts.equivfor "+" entries
    /etc/inetd.conffor tftp, ps, netstat, and rexd entries
    /etc/aliasesfor the decode alias
    /etc/default/loginfor root access via the CONSOLE= entry
    /etc/vfstabfor world-readable/writable file systems
    /etc/dfs/dfstabfor files shared without restrictions
    /etc/ftpusersat high security places root in this file to disallow access for root
    /var/adm/utmp
    /var/adm/utmpx    		changes world-writable access at high security level
    /.rhosts removes this for medium and high security levels
  • ASET uses the directory /usr/aset for its scripts and reports. Some of the scripts used to control ASET actions are tune.low, tune.medium, and tune.high in the /usr/aset/masters directory, which specify file ownership and permissions.
  • ASET requires the package SUNWast be installed on the system.