SANS has recently replaced this guide with another publication, but many people still ask me about the original guide I wrote for SANS and tell me that they still use it all the time. It was (as far as I know) the first widely published guide of its kind for any Unix-like system, and is frequently referenced by other Unix hardening recipes.
Since they're not publishing it anymore, SANS was kind enough to let me distribute the PDF version of the guide from my web site. There's also an errata page that you might want to peruse.
If you're interested in this material, you might also want to check out the work we're doing at the Center for Internet Security. CIS is also producing consensus hardening guides (and auditing tools) for different operating platforms-- Windows, Unix, and even Cisco IOS-- and applications. I'm the maintainer for their Solaris Benchmark and very active on all of their Unix mailing lists.
Hal Pomeranz, 3/30/2004
Return to: Deer Run Home > Hal's Homepage >