SST Security Toolkit

SST Security Toolkit

What is SST?

The SST Security Toolkit (SST) is a flexible Unix and Linux hardening tool.  SST simplifies and automates the hardening process which allows administrators to apply security settings consistently across the enterprise.

SST was formerly known as the Solaris Security Toolkit and as and the JumpStart Architecture and Security Scripts (JASS) Toolkit.

SST Branches

One of the core goals of the open source SST project is platform independence.  However, since SST has a loyal following among Solaris administrators the project will maintain two branches – one for legacy Solaris support, another for platform independent *nix support.

SST Security Toolkit: Community Edition (SST:CE)

The Community Edition (or just ‘CE’) will support OpenSolaris, Solaris 10, Red Hat Enterprise Linux (RHEL), and any other operating system in which the community has interest.  In addition to platform independent support, CE will focus on security standards like SCAP and CVE.

SST Security Toolkit: Legacy Version (SST:LV)

The Legacy Version (or just ‘LV’) is all about continuity.  It is an evolutionary release for SST 4.2 that will support Solaris 10 SPARC and x86/x64. Anyone familiar with SST 4.2 will find transitioning to LV to be easy if not seamless.  LV development work will be mostly backwards-compatibility, updated drivers, and .fin and .aud scripts to support the security standards like SCAP.

The latest SST:LV - SUNWjass 4.2.2

Download the latest version of SST:LV - SUNWjass 4.2.2.  This is a beta version, so use caution when executing against mission systems.

Where to find SUNWjass 4.2

If you're looking for the older Solaris Security Toolkit version 4.2, you can find it at http://www.sun.com/software/security/jass/.

Development Goals

If you're wondering about what SST means to accomplish, check the Goals and Use Cases pages.

Getting Started

Want to contribute to SST?  Here's how.

  • Grab the SST:CE source tree
    hg clone ssh://hg.opensolaris.org/hg/sst/sst-ce
    
  • Or if you're interested in SST:LV, you can grab that source tree here:
    hg clone ssh://hg.opensolaris.org/hg/sst/sst-lv
    
    • To build: `cd src; make all; make pkgdefs`.  Your new package will be in src/Releases.
  • Then check out the To do list, grab an action and dive in.
  • When you're done, email security-discuss to discuss committing your changes.

If you're new to OpenSolaris or Mecurial there's a great how-to page here.

The SST Blog

Keep up to date with the SST blog: http://blogs.oracle.com/sst.  You can find nifty things there like meeting minutes and conference call recordings.

Send an email to jason dot callaway at oracle dot com if you have comments or questions.

Tags:
Created by on 2009/10/26 11:40
Last modified by Jason Callaway on 2011/07/08 22:45

Collectives


XWiki Enterprise 2.7.1.34853 - Documentation