BSM Security Auditing for Solaris Servers

Although Solaris servers might be inside the firewall and relatively secure, there are still chances for a hacker to break in, or chances for an ordinary user to attempt malicious activities. Therefore, security efforts have to be made to detect intruders and to prevent unauthorized actions. One of the security utilities for Solaris servers is called BSM (Basic Security Module), which is an auditing tool for system security provided by SUN Microsystems. We can make use of it to increase security on our Solaris systems. This article discusses the pros and cons of BSM. It describes how to enable, configure, and manage the BSM auditing on Solaris servers to secure the system. Based on the author's experience, this article also gives a few solutions to overcome some problems and disadvantages of BSM.