Hack Proofing Sun Solaris 8

I am a senior engineer for network security operations. I am not a Solaris system administrator, but I read "Hack Proofing Sun Solaris 8" (HPSS8) to learn more about securing Solaris systems. HPSS8 addresses a wide variety of Solaris security issues, and is suitable for beginning and intermediate system administrators. HPSS8 is not a Solaris version of "Hack Proofing Linux" (HPL), which I reviewed in October. While HPL seems more like a catalog of open source security tools, HPSS8 focuses on explaining the features and configuration of Solaris hosts. The authors provide useful explanations of Trusted Solaris, with enhancements like Role Based Access Control and Mandatory Access Control. Admins unwilling to deploy Trusted Solaris can experiment with the SunSCREEN Basic Security Module (BSM), which raises a default Solaris 8 installation to the C2 security level. HPSS8 describes how to deploy Sun's Kerberos implementation, called Sun Enterprise Authentication Mechanism (SEAM). The book also introduced me to Sun's implementation of file-based access control lists to protect SUID files. As a casual reader, not responsible for implementing these tools, I found HPSS8's coverage adequate. I learned about enterprise-grade security features I never knew existed. I'm not sure if admins needing in-depth explanations will find what they need in HPSS8. HPSS8 appears to be written by authors who know their material. I found no errors, although I admit I am not a Solaris expert. The network security discussions, with which I am more familiar, seemed error-free as well. I appreciated the heavily technical buffer overflow explanation in ch. 10, and was surprised to learn in ch. 8 that Solaris by default routes packets between multiple interfaces. The only slip in editing appeared to be unnecessary "double coverage" of Snort (in ch. 3 and ch. 8), probably written by different authors. If you're a junior Solaris admin and you need to lock down your machines, securely operate web, email, caching, routing, firewalling, and related services, HPSS8 will definitely help you. Senior Solaris admins will probably not learn new tricks. Security professionals who want to familiarize themselves with Solaris features will enjoy reading HPSS8, as I did. (Disclaimer: I received a free review copy from the publisher.)