This content has been marked as final. Show 2 replies
The first step I would take is working on the firewall for Solaris. There is a nice explanation here. Set your firewall to only allow traffic you want.
The other things would be disable any kind of plain text network traffic like ssh instead of telnet, sftp instead of ftp, and other plain text communication.
Unix authentication is pretty strong as is but if your worried there is kerebos installed by default. Disabling root access to the system is highly recommended. Use sudo instead
Since your using it as a web server chroot your ftp server to prevent attacks through FTP.
After doing this you can do the /etc/security but be warned you can even disable root if you don't watch out.
Telling you everything about securing Solaris would fill several books but the steps above should get started. Most attacks on web servers are through port forwarding on the http port. Make sure your main focus is on that port.
Now I have problem with wget utility below with the same URL, please kindly help to check to check and give advice.
If access with URL below is can receive data
#./wget no-check-certificate private-key=/cert/data.pem --certificate=/cert/data.crt "https://server1.com.kh"
Resolving https://server1.com.kh... 220.127.116.11
Connecting to https://server1.com.kh. connected.
WARNING: Certificate verification error for https://server1.com.kh: self signed certificate in certificate chain
HTTP request sent, awaiting response... 200 OK
Length: 285 [text/html]
100%[====================================>] 285 --.--K/s
10:29:13 (8.85 MB/s) - `index.html' saved [285/285]
If I access with long URL below is cannot receive data too but on Linux OS(Debian) can receive data
#./wget no-check-certificate private-key=/cert/data.pem --certificate=/cert/data.crt "https://server1.com.kh/data/?action=datano;datano=aaaa"
Resolving server1.com.kh... 18.104.22.168
Connecting to server1.com.kh|22.214.171.124|:443... connected.
WARNING: Certificate verification error for server1.com.kh: self signed certificate in certificate chain
HTTP request sent, awaiting response... No data received.
Note: this domain (server1.com.kh) is running on CentOS
Please kindly give advice,
Thanks and regards,