Xerox DocuTech 6100 Production Publisher Leaflet
Security and Network Setup
3-10
System Guide
Multicast routing disabled
Multicast is used to send data to many systems at the same
time while using one address.
OS and host information hidden
The ftp, telnet and sendmail banners are set to null so that
users in cannot see the hostname and OS level.
NOTE: All of these services are prohibited with a high
security setting, but if they are re-enabled manually the
hostname information will remain hidden.
time while using one address.
OS and host information hidden
The ftp, telnet and sendmail banners are set to null so that
users in cannot see the hostname and OS level.
NOTE: All of these services are prohibited with a high
security setting, but if they are re-enabled manually the
hostname information will remain hidden.
Sendmail daemon secured
Sendmail is forced to perform only outgoing mail. No
incoming mail will be accepted.
incoming mail will be accepted.
Network parameters secured
Suns nddconfig security tool is run. For additional
information, view Suns document, Solaris Operating
Environment Network Settings for Security, at
http://www.sun.com/solutions/ blueprints/1200/network-
updt1.pdf.
information, view Suns document, Solaris Operating
Environment Network Settings for Security, at
http://www.sun.com/solutions/ blueprints/1200/network-
updt1.pdf.
Executable stacks disabled
The system stack is made non-executable. This is done so
security exploitation programs cannot take advantage of the
Solaris OE kernel executable system stack and thereby
attack the system.
security exploitation programs cannot take advantage of the
Solaris OE kernel executable system stack and thereby
attack the system.
NFS port monitor restricted
The NFS server normally accepts requests from any port
number. The NFS Server is altered to process only those
requests from privileged ports. Note that with the high
security setting, NFS is disabled; however if the service is re-
enabled manually, the port restriction will still apply.
number. The NFS Server is altered to process only those
requests from privileged ports. Note that with the high
security setting, NFS is disabled; however if the service is re-
enabled manually, the port restriction will still apply.
Remote CDE login disabled
The Remote CDE login is disabled.