Thread: OS Hardening - Packages required by a program

Hi,

I'm in the process of installing a firewall and would like to harden the OS by installing only the bare minimum OS packages required for the firewall software to run.

The firewall vendor has not provided any OS hardening document. How do I find out which files (and from that info -> which packages) are required for the firewall to run?

I have set up another (test) system with a full OS install and the firewall installed and am in the process of digging into it.

Any help would be appreciated.

which firewall and which distro/os?

Checkpoint NGX on Solaris 10 on a Sun 480R box.

I deliberately made the question generic because it could be applied for hardening the OS wrt to any application you wish to install.

Cheers

Different distros/os have different approaches towards packages applications.

*BSD and Debian prefer to keep it bare bones, and then you add packages as and when required. This helps you to keep the bare minimum apps necessary on your servers.

Others like Red Hat based distribution have a large set of default apps/packages installed unless you configure it otherwise during install time.

Personally I moved on to *BSD long time back for some very similar reasons. You get a bare bones OS, over which you only install stuffs that are absolutely needed.

Have you tried SourceForge.net: Bastille-linux / Bastille Unix ? It currently functions on most major Linux distributions as well as Mac OSX and HP-UX. By looking at source code you will get idea about Solaris version.

Few suggestions:

1. Install required softwares only
   
2. Firewall should close all incoming and outgoing traffic, then open required incoming and outgoing ports. Also, run firewall in stateful mode.
   
3. Always keep system up to date
   
4. Install BSM
   
5. Google for "trusted solaris"

Try following for solaris:

• Server Hardening Checklists - Solaris 10 Server Hardening Checklist
• http://www.nortel.com/solutions/secu...g_guide_v1.pdf
• Got Root : Solaris Hardening Guide