>Delivered-To: [EMAIL PROTECTED] >From: "Oscar D. Knight" <[EMAIL PROTECTED]> > >Hello All, > >I would like to use SunScreen Lite as a host based FW, ie I only want to >protect the host that SunScreen Lite will be installed on. I'm >protecting a server, E220R running Solaris 8 7/01. Does anyone think this >is a bad idea? Is so why?
We did just recently publish a BluePrint article on securing host systems using SunScreen Lite: http://www.sun.com/security/blueprints/#sunscreenlite You may find this useful for configuring your system. >Also, I've had some trouble with SunScreen rules with "*" as service, IP >of the host/SunScreen machine as source, and ALLOW as action. This rule >seems to allow any host to talk to the host on any service. Can anyone >explain why? There are known issues with "out of the box" 3.1 and the "*" service, you'll want to install patchID 109736, available from http://sunsolve.sun.com/ (the fix went into 109736-02, but you'll want to install the latest rev of the patch. The offending bugID was 4368757 ). >And, it would be nice if the logging facility indicated which rule >matched. I've had several people on the sunmanagers list indicate that >it won't/does not do so. Thought I'd ask here also, anyone know how >to make it do it? Nope, it doesn't do it. If you're just in debugging mode, and want to see what the Screen is doing, you can add logging or SNMP traps just to a specific rule and see if the traffic triggers that action or not. hope that helps... Valerie -- Now appearing as Beth Beam in: "Dilemma at the Toll Road Inn" and the Gaslighter Theater's Nearly World Famous Vaudeville Revue! http://www.gaslighter.com/ Now - New Year's Eve. Tix: 408.866.1408 _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
