PCP script to find open TCP ports and PIDs related in Solaris
PCP is a very useful security and adminitration script that can help you quickly find Processes (PIDs) having particular TCP Port(s) open, TCP ports open by specific PIDs or even list all the TCP Ports open by all PIDs running on your system.
Control/Modify dhcpagent configuration in Sun Solaris
Do you you DHCP to get the IP Address for your Solaris Server or workstation then its worth understanding what your DHCP Agent by default requests for from the DHCP server and help avoid certain network issues like “unknown” hostname issue as I’ve descrbed here.
The DHCP Agent by default requests for the
Subnet Mask
Default Router
Hostname
DNS Domain
Broadcast Address
Encapsulated Vendor Option (vendor specific information as described in RFC 2132)
Fix: No hostname when using DHCP in Sun Solaris 8/9/10
If you are using DHCP to receive IP Address for your Sun Solaris system, you may end up with no hostname assigned to the system. This can be confirmed when there is no hostname at the prompt or if the output for the command “hostname” is as follows:
# hostname
unknownor the /etc/hosts file has an entry as follows:
# cat /etc/hosts
#
# Internet host table
#
127.0.0.1 localhost
192.168.0.3 unknown # Added by DHCP
How to add a Static Route (persistent) in Sun Solaris
To add a Static Route in Sun Solaris operating system, you can use the route command. This will dynamically update the Kernel IP Routing table. However, when a server is restarted, these routes will be lost. To prevent this from happening, add a startup script S76static-routes with all the route commands for the static route that needs to persist. This will ensure that the route gets added at boot time.
How to disable IP Forwarding in Sun Solaris
IP packet forwarding is the process of routing packets between network interfaces on one system. A packet arriving on one network interface and addressed to a host on a different network is forwarded to the appropriate interface. While this is a job for the network router, Servers with multiple interfaces connected to different network can perform this action as well. This behaviour as a router is a default in Sun Solaris Operating Systems.
How to recover/reset root password in Sun solaris (SPARC)
There is every little chance that one loses or rather forgets the root password of his Sun Solaris servers. In the event, this happens, there is a way out of it. Well the way and infact the only way is to reset the password as there is no way to recover it. Recovering/restting the password involves booting the server in Single User mode and mounting the root file system.
How to Install OpenSSH in Sun Solaris 9 (x86)
OpenSSH is a free opensource version of the SSH connectivity tools. OpenSSH encrypts all traffic (including passwords) to effectively eliminate eavesdropping, connection hijacking, and other attacks unlike Telnet,rlogin or ftp where the data is not encrypted and transmitted in plain text. Additionally, OpenSSH provides secure tunneling capabilities and several authentication methods, and supports all SSH protocol versions.
SSH access without password in Sun Solaris
A Trust relationship can be established for users on multiple servers running OpenSSH to allow a password free ssh session. This is sometime important when you want to run scripts or commands remotely.
Disable remote logging in Syslog daemon
Syslog daemon in Solaris by default is enabled for remote logging and will listen on UDP port 514 for syslog messages from remote systems. Unless, the server is acting as a remote logging server, this can be a Security issue as a malicious user can launch a Denial Of Service (DoS) attack on the server.
Sun Security Alerts- Sun Alert 274110 Security Vulnerability in the Apache 1.3 "mod_perl" Module Component "Status.pm" May Lead to Unauthorized Access to Data
- Sun Alert 274990 Security Vulnerability in the Transport Layer Security (TLS) and Secure Sockets Layer 3.0 (SSLv3) Protocols Affects Multiple Server Products in the Sun Java Enterprise System Suite
- Sun Alert 275530 Integer Overflow Security Vulnerability in AES and RC4 Decryption in the Solaris Kerberos Crypto Library May Lead to Execution of Arbitrary Code or a Denial of Service (DoS)
- Sun Alert 271169 Multiple Security Vulnerabilities in the Common Unix Printing System (CUPS) Web Interface in OpenSolaris May Lead to Cross-Site Scripting (XSS) and HTTP Response Splitting Attacks
- Sun Alert 273551 Two Security Vulnerabilities in GNU tar (see gtar(1)) May Lead to Files Being Overwritten, Execution of Arbitrary Code, or a Denial of Service (DoS)