Enable and disable services
| The following tables provide a list of the services that can be |
| enabled and disabled from the Xerox FreeFlow Print Server |
| “Setup > Security Profiles” menu options. |
| NOTE: Services list may vary, depending on the product. |
| Table |
|
|
System Service | Description |
|
|
Allow_host.equiv_plus | Background: The /etc/hosts.equiv and /.rhosts files provide the remote |
| authentication database for rlogin, rsh, rcp, and rexec. The files |
| specify remote hosts and users that are considered to be trusted. |
| Trusted users are allowed to access the local system without |
| supplying a password. These files can be removed or modified to |
| enhance security. The Xerox FreeFlow Print Server is provided with |
| both of these files deleted entirely. The setting All_host.equiv_plus is |
| set to disabled, then anytime that security settings are applied, the + |
| will be removed from host.equiv. IMPORTANT NOTE: Removing the + |
| from the hosts.equiv file will prevent the use of the Xerox command |
| line client print from remote clients. An alternative would be to remove |
| the + and add the name of each trusted host that requires this |
| functionality. Leaving the + will allow a user from any remote host to |
| access the system with the same username |
Anonymous FTP |
|
BSM | Enable or disable the Basic Security Module (BSM) on Solaris |
Executable Stacks | Some security exploits take advantage of the Solaris OE kernel |
| executable system stack to attack the system. Some of these exploits |
| can be avoided by making the system stack |
| following lines are added to /etc/system/fP file:set |
| noexec_user_stack=1set noexec_user_stack_log=1 |
Hide Info Banners |
|
Multicast Routing |
|
Remote CDE Logins | Deny all remote access (direct/broadcast) to the X server running on |
| the Xerox FreeFlow Print Server by installing an appropriate /etc/dt/ |
| config/Xaccess file. |
Restrict DFS tab |
|
Restrict NFS Portmon |
|
Router | Disable router mode by creating an empty the empty file: /etc/ |
| notrouter. |
Secure File |
|
Permissions |
|
|
|
Security Guide | 5 |
