Download  Print this page

Secure Solaris File Permissions; Delete And Secure User Accounts; Disallow All Users For At, Cron And Batch Commands - Xerox DocuPrint 115 System Manual

Common controller
Hide thumbs


Security and Network Setup
Disallowing all users for at, cron, and batch commands
Disabling unnecessary solaris services
Disabling bwnfs daemon
Disabling unnecessary internet services daemon
Securing name service cache daemon
Multicast routing
Hide OS and host information
Securing sendmail daemon
Securing network parameters
Disabling executable stacks
Restricting NFS port monitor
Disabling remote logins to CDE
Preventing the DocuSP from acting as a router
Enabling security warning banners

Secure Solaris file permissions

The fix-modes command is run with the '-s' option to secure file
permissions for Solaris only. When this command is run, a file
called /var/sadm/install/content.mods is left. Do not delete this
file, it contains valuable information needed by fix-modes to
revert the changes to the system file permissions.

Delete and Secure User Accounts

When the security script is enabled, the nuucp and listen
accounts are deleted. Also, the passwords for the following
accounts are locked; bin, sys, adm, lp, uucp, nobody, noaccess
and nobody4.

Disallow all users for at, cron and batch commands

When security is enabled, all users are blocked from using the
at, cron, and batch commands by creating the files /etc/cron.d/
cron.allow and etc/cron.d/at.allow.
Disable Unnecessary Solaris Services
Solaris services that are not required for DocuSP are disabled
when security has been enabled. The following services are
System Guide
Common Controller


Table of Contents

  Related Manuals for Xerox DocuPrint 115

This manual is also suitable for:

Docuprint 135Docusp 3.6