The Solaris Operating Environment, hereafter refered to as
Solaris
is amazingly feature complete and has a host of
internationalization features present. Because of this completeness,
Solaris comes with a huge number of daemons that are installed and
running by default. Numerous of these daemons have had security
advisories in the past, and probably some of them will have security
issues in the future. Generally speaking, if a daemon isn't running and
isn't network accessible, it cannot be easily attacked by remote
computers.
So, turning off a bunch of typically unused network accessible daemons is generally a prudent manner of helping to harden a machine's configuration. The fewer network ports it can be attacked over, the fewer daemons that need to be bug-free!
I wanted a script that would make it easy to turn off the startup of these daemons, but do it in such a way that the daemons could be turned back on easily too. I also wanted a script that is short enough that anybody can look at it quickly and determine that it doesn't do anything terribly risky, so they might actually run it on their machines and help their security.
At any rate, the script file I wrote is available here, and should be downloaded and run once on your Solaris machine. Running it multiple times won't harm anything, but it won't help either.
Back to the page of Not So Frequently Asked Questions.
Kurt J. Lidl