Enable/Disable IP Forwarding in Solaris 10 without reboot

IP packet forwarding is the process of routing packets between network interfaces on one system. A packet arriving on one network interface and addressed to a host on a different network is forwarded to the appropriate interface.

In Solaris 10, IP Forwarding can be enabled or disabled using the routeadm & ifconfig commands as against the ndd commands in Solaris 9 and earlier. The advantage is the change dynamic and real-time and the change persist across reboot unlike the ndd command.

Read more

Disable ICMP Redirect in Sun Solaris for Security

Solaris Operating Environment by default is configured to both accept and send  the ICMP Redirect messages. According to RFCs, only a router or a gateway device should send an ICMP Redirect message and any other hosts should only be able to receive the ICMP Redirects. If the Solaris server is not acting as a Router or a Gateway then sending ICMP Redirect message should be disabled. The same applies to accepting ICMP Redirect messages if the solaris server is not required to receive ICMP Redirect messages (say a single Router/Gateway network/subnets scenario) as a malicous hacker could send fake ICMP redirect messages to modify the routing table on the host and potentialy cause a Denial of Service attack.

Read more

• Login / Register

  • Register
  • Log in
  • Entries RSS
  • Comments RSS
  • WordPress.org

• Categories

  • DNS
  • General
  • hardware
  • Networking
  • Package Management
  • security
  • Solaris 10
  • Solaris 7
  • Solaris 8
  • Solaris 9
  • SSH
  • Sun X86 platform

• Archives

  Select Month January 2010 October 2009 August 2009 July 2009 June 2009 May 2009 February 2009 January 2009 September 2008 July 2008 May 2008 April 2008 March 2008 January 2008

•  

  March 2010

  M	T	W	T	F	S	S
  « Jan
  1	2	3	4	5	6	7
  8	9	10	11	12	13	14
  15	16	17	18	19	20	21
  22	23	24	25	26	27	28
  29	30	31

• 

• Tags

  ARP backup cache database dhcp dhcpagent DNS etc hcl hostname hosts ip IPMP ipv4 ipv6 keygen MultiPathing nameserver ndd nfs nscd opensource openssh openssl package password patch Processor recovery root route routing-table security server solaris solaris-express Solaris 10 solaris10 sparc sshd sun sun-solaris sunvts x86 zlib

• Links

  • Big Admin
  • Sun Freeware

• Sun Security Alerts

  • Sun Alert 275590 A Security Vulnerability in the ntp Daemon (xntpd(1M)) May Lead to a Denial of the Solaris Network Time Protocol(NTP) Service
  • Sun Alert 274110 Security Vulnerability in the Apache 1.3 "mod_perl" Module Component "Status.pm" May Lead to Unauthorized Access to Data
  • Sun Alert 274990 Security Vulnerability in the Transport Layer Security (TLS) and Secure Sockets Layer 3.0 (SSLv3) Protocols Affects Multiple Server Products in the Sun Java Enterprise System Suite
  • Sun Alert 275530 Integer Overflow Security Vulnerability in AES and RC4 Decryption in the Solaris Kerberos Crypto Library May Lead to Execution of Arbitrary Code or a Denial of Service (DoS)
  • Sun Alert 271169 Multiple Security Vulnerabilities in the Common Unix Printing System (CUPS) Web Interface in OpenSolaris May Lead to Cross-Site Scripting (XSS) and HTTP Response Splitting Attacks

• Recent Posts

  • Error ’shmget’ call failed with error number 22 (Invalid argument)
  • Fix errors in commands in Sun ILOM
  • How to find System Serial Number in x86 using ipmitool
  • Error Could not get shadow information for NOUSER
  • Install Sybase Perl module in Solaris 10

• Recent Comments

  • ron on psrinfo – Find number of Physical & Virtual Processors in Solaris 10
  • Lahiru Jeewantha on OBP Error: FATAL: system is not bootable, boot command is disabled
  • gregor@switch on Multiple Interfaces (NICs) use single MAC-Address in Solaris on SPARC
  • Mark Notto on Fix errors in commands in Sun ILOM
  • Mansoor Ahmed on Find Chasis Serial Number using sneep