Solaris file permissions secured | Xerox 701P40211 specification

Security and Network Setup

System Guide

Solaris file permissions secured

The fix-modes utility (from the Solaris Security Toolkit) adjusts group and world write permissions. It is run with the '-s' option to secure file permissions for Solaris files that were created at install time only. Customer-generated files will not be affected.

NOTE: When this command is run, a file called /var/sadm/ install/content.mods is left. Do not delete this file. It contains valuable information needed by fix modes to revert the changes to the system file permissions if the security setting is changed back to medium.

Network and name service changes

Disabling secure name service databases

The following databases are disabled when Security is invoked:

•passwd(4)

•group(4)

•exec_attr(4)

•prof_attr(4)

•user_attr(4)

Multicast routing disabled

Multicast is used to send data to many systems at the same timewhile using one address.

OS and host information hidden

The ftp, telnet and sendmail banners are set to null so that users in cannot see the hostname and OS level. (Note that all of these services are prohibited with a 'high' security setting, but if they are re-enabled manually the hostname information will remain hidden.)

Sendmail daemon secured

Sendmail is forced to perform only outgoing mail. No incoming mail will be accepted.

4-8	Common Controller

Image 32

Xerox 701P40211 manual Solaris file permissions secured, Multicast routing disabled, OS and host information hidden

Contents

Xerox Document Services Platform Series USA Table of Contents Table of Contents Fonts PrintingFinishing Troubleshooting Accounting and Billing Hints and Tips Table of Contents Table of Contents System Guide Viii About this guide ContentsIntroduction Conventions Customer Support Gateway Configuration Internet Services Http Gateway Configuration Gateway IPP Gateway ConfigurationType cd /opt/XRXnps/XRXipp Simple Network Management Protocol Snmp Configuration Administrator must enable Snmp in License Manager Configuration variables Snmpdebuglog Printer and job messages Snmp MIB Support Gateway Configuration System Guide NDS Setup Type cd /opt/XRXnps/XRXnwqsgw/bin Gateway Configuration System Guide Common Controller Backup and Restore Backup Restore Backing up a System Type restore Restoring a System Security and Network Setup Access and Security Overview of Security Changing the logon level Xerox responsibility User Password changesRoles and responsibilities Security Setup DocuSP 3.7 security changes Using the High security setting Security and Network Setup System Guide User and File-level changes User level Multicast routing disabled Solaris file permissions securedOS and host information hidden Sendmail daemon secured Network parameters secured Executable stacks disabled Remote CDE login disabledDocuSP router capabilities disabled NFS port monitor restricted Configure-xdss script DigiPath and Decomposition ServicesXdss script components Disabling LP Anonymous Printing Remote shell internet service Disable-security and enable-security scriptsEnable-ftp and disable-ftp scripts User Account Management Print command line client from remote systems Configure for xrxusr Other security tips Online help for security Document and backupSample of inetd.conf file # Syntax for TLI-based Internet services # only on machines acting as boot servers Orstream or dgram #rexd/1 tli rpc/tcp wait root /usr/sbin/ rpc.rexd rpc.rexd Quick reference How Do I? Answer How Do I? Answer First In/First Out Fifo Printing Controller settings for limited Fifo scheduling/printingPrinting Enable/Disable Fifo Job Scheduling ‘Enabling Fifo Job Scheduling’ Enabled Disabled ‘No Change Made’ Setpclcontrol Utility Ascii and PCL Printing UtilityImpact on DocuSP printers Set lp/lprcopycount utility Socket Gateway Configuration Utility setVPSoption # ./setVPSoption -2NONVPS Performance considerations Tiff filesTiff orientation Resolution Units Supported Tiff tagsCompression T4 Option Micr Enablement Y ResolutionStrip Byte Counts and Strip Offsets Tile Width, Tile Length, Tile Offsets, Tile Byte Counts Using Vipp Paper Trays Printing hints Printing System Guide Common Controller DocuTech FinishingSubset Finishing Creating jobs to use subset finishing Subset Offset Page Level Jog PCL Offset/Separator/Subset Finishing command Large Capacity ESC&15H Envelope Feed ESC&16H PCL Paper Source CommandMixed Stacking Additional finishing information Finishing System Guide Common Controller Fonts How to choose fontsFonts PostScript Resident Fonts Font download optionResident Fonts System GuideFonts FontsSystem Guide PCL resident fonts Downloaded fonts PCL 5e resident bitmap fontsNon Resident Fonts PostScript fonts Optional or soft fontsFont substitution PCL 5e fonts Accounting and Billing AccountingAuto exporting accounting log Accounting exported values Accounting file fields System Guide Accounting and Billing Bytes Seconds ReadProcessed Skipped Accounting and Billing System Guide Sheets Printed Pages Printed Accounting and Billing System Guide Billing Billable Events Billing Meters Market Region Billing Meters for Region Declared faults TroubleshootingCalling for service Job fault Undeclared faultsPrinter fault Macintosh problems Client problemsWindows problems DigiPath problems GUI problems Print Quality problems Font problems At the # prompt, typesync sync halt and press Enter Inoperable system problemsJob flow problems System Guide Troubleshooting PostScript problems Job Integrity problemsPDL problems Tiff problems Restore password Problems when saving a job Restart DocuSP software without rebootingProductivity and performance problems Printing system logs AlljobslogSystemlog Statuslog Epexceptionlog and epprimarylog Printing the system logs Type sync sync halt Rebooting and restartingPrinting the accounting log Loading XJDC/Unix Opt/XRXnps/bin/XJDC -option,option... filename Configuring XJDC/Unix Xjdc Hints and Tips Output files BASIC.JSL Troubleshooting System Guide Hints and Tips General Color Systems General CommentsTime used to generate the PDL Time used to transfer PDL Time required to print PDL Job submission hints Number of imagesEthernet Gateways Variable data Job submission orderJob RIP Hints Image Quality Job Printing Hints Skipped Pitches PCI Channel Interface PWB Trace Capture Procedure Perform a Trace Export the trace file to floppy Index Numerics Index System Guide INDEX-3 Index INDEX-4 System Guide