dladm – Display Link status,speed,duplex,statistics,MTU
In the past we have to mess around with the NDD commands and stats tools like kstat to find the network link status, speed, duplex information in Sun Solaris. With Solaris 10, this has become much easier with the dladm utility.
dladm is the admin utility for Data-Link Interface which helps to display informarthe like Link Status (UP/DOWN), Speed, Duplex, MTU, VLAN Tagged and crucially statistics of network traffic on each of the interfaces historically as well as in real time. dladm can also configure and admin Link Aggregation on multiple NICs which we will not focus here.
Read more
PCP script to find open TCP ports and PIDs related in Solaris
PCP is a very useful security and adminitration script that can help you quickly find Processes (PIDs) having particular TCP Port(s) open, TCP ports open by specific PIDs or even list all the TCP Ports open by all PIDs running on your system.
How to setup DHCP client in Sun Solaris
Setting up a Sun Solaris Server to receive its IP address from a DHCP Server is fairly straight forward and is infact just a matter of setting up files on your Solaris Server.
Network Interface may not come up online at reboot in Solaris
Everytime you reboot your Sun Solaris Server, you may find that one or more of your Network Interfaces may not come online.
If you did a “netstat -r”
sunsolaris# netstat -r
Routing Table: IPv4
Destination Gateway Flags Ref Use Interface
——————– ——————– —– —– —— ———
BASE-ADDRESS.MCAST.NET solaris10 U 1 0 hme0
default 192.168.0.1 UG 1 0 hme0
localhost localhost UH 1 61 lo0
You may not find that the network for the Network interface not found in there (192.168.0.0 here) and as you would expect adding the netmask manually fixes the problem.
sunsolaris# ifconfig hme0 255.255.0.0
Increase/Decrease route flushing time period in Solaris
Just as we saw modifying the caching time for ARP entries in the ARP table here. We can modify the default time that a sun Solaris system can hold the routing entries.
The default time for which a dynamically learnt Route entry in the routing table is 20mins (1200000ms)
Display/Add/Delete/modify ARP entries in ARP Table
Not so often we would end up troubleshooting or manipulating ARP and ARP tables in Sun Solaris. However, following are some of the useful commands which can help when required. The following commands will help you display,modify,add,delete ARP entries in Sun Solaris ARP table.
Reduce ARP caching time in Sun Solaris using ndd
ARP attacks are the easiest attacks that can be launched on a network or a Server causing a Denial of Service. One of those things that can be done on the Sun Solaris Operating System is to alter the caching time for the ARP cache whch reduces the time that a rogue ARP entry stays in the ARP table. While this is not fool proof but can certainly make it that extra difficult to the hacker.
The default time that ARP entries are cached in a Sun Solaris system is 5 mins.
Enable/Disable IP Forwarding in Solaris 10 without reboot
IP packet forwarding is the process of routing packets between network interfaces on one system. A packet arriving on one network interface and addressed to a host on a different network is forwarded to the appropriate interface.
In Solaris 10, IP Forwarding can be enabled or disabled using the routeadm & ifconfig commands as against the ndd commands in Solaris 9 and earlier. The advantage is the change dynamic and real-time and the change persist across reboot unlike the ndd command.
Control/Modify dhcpagent configuration in Sun Solaris
Do you you DHCP to get the IP Address for your Solaris Server or workstation then its worth understanding what your DHCP Agent by default requests for from the DHCP server and help avoid certain network issues like “unknown” hostname issue as I’ve descrbed here.
The DHCP Agent by default requests for the
Subnet Mask
Default Router
Hostname
DNS Domain
Broadcast Address
Encapsulated Vendor Option (vendor specific information as described in RFC 2132)
Fix: No hostname when using DHCP in Sun Solaris 8/9/10
If you are using DHCP to receive IP Address for your Sun Solaris system, you may end up with no hostname assigned to the system. This can be confirmed when there is no hostname at the prompt or if the output for the command “hostname” is as follows:
# hostname
unknownor the /etc/hosts file has an entry as follows:
# cat /etc/hosts
#
# Internet host table
#
127.0.0.1 localhost
192.168.0.3 unknown # Added by DHCP
Sun Security Alerts- Sun Alert 274110 Security Vulnerability in the Apache 1.3 "mod_perl" Module Component "Status.pm" May Lead to Unauthorized Access to Data
- Sun Alert 274990 Security Vulnerability in the Transport Layer Security (TLS) and Secure Sockets Layer 3.0 (SSLv3) Protocols Affects Multiple Server Products in the Sun Java Enterprise System Suite
- Sun Alert 275530 Integer Overflow Security Vulnerability in AES and RC4 Decryption in the Solaris Kerberos Crypto Library May Lead to Execution of Arbitrary Code or a Denial of Service (DoS)
- Sun Alert 271169 Multiple Security Vulnerabilities in the Common Unix Printing System (CUPS) Web Interface in OpenSolaris May Lead to Cross-Site Scripting (XSS) and HTTP Response Splitting Attacks
- Sun Alert 273551 Two Security Vulnerabilities in GNU tar (see gtar(1)) May Lead to Files Being Overwritten, Execution of Arbitrary Code, or a Denial of Service (DoS)