Hi,
Where I could find information about "Jass hardening" for Solaris10?
Because, I change the /opt/SUNWjass/Files/etc/syslog.conf file. But yet I don't know if I must restart the jass (and how?) or I must to copy /opt/SUNWjass/Files/etc/syslog.conf to /etc/syslog.conf?
Thanks for your help and best regards
The jass, now 'Solaris Security Toolkit' documentation is pretty vague about how to adjust your hardened configuration. I would guess that you could pull the file from jass, restart jass, change the file, put the file back in and restart jass. http://docs.oracle.com/cd/E19056-01/sec.tk42/819-1402-10/819-1402-10.pdf
Solaris Security Toolkit 4.2 Product Library Documentation
https://blogs.oracle.com/DanX/entry/solaris\_security\_toolkit_customization
Now, I have 0 jass or real solaris admin experience, I just read and google well.
From my experience of JASS, it's a sort of "run when you wish" deal. So any time you run it, it just brings your host up to the level you configured (or leaves it alone if it's equal or stronger in that area).
So adjust config, run the "do it now" script (I've since forgotten the commandline for JASS sorry).
Obligatory, highly opinionated, and easily ignorable grumble: So far, I've never found JASS in it's "make changes" mode to do anything other than make life hard. It's a really distantly poor cousin to setting up proper build templates and/or using it in read-only mode to identify issues for an admin to address. But on the gripping hand, if you *really* spend the time getting the JASS templates perfect, it could be workable.