[Info-vax] OT: Solaris-11
glen herrmannsfeldt
gah at ugcs.caltech.edu
Sun Dec 4 01:52:54 EST 2011
Howard S Shubs <howard at shubs.net> wrote:
> In article
> <a9387ec9-478d-4af3-b3f9-f868143769e2 at m7g2000vbc.googlegroups.com>,
> Neil Rieck <n.rieck at sympatico.ca> wrote:
>> 1) According to Oracle, Solaris is not fully protected from attack
>> until it is fully booted (really? I was led to believe that security
>> was built into UNIX). For this reason, Solaris-11 has been modified so
>> that the network remains disconnected until booting has finished.
> Bringing the network up is part of booting, so the statement makes no
> sense.
I know that systems reply to ping, much earlier than to other
services, such as telnet. It seems likely, at least, that
a denial of service attack, sending large numbers of some type
of packet, could cause problems early in booting.
Also, routing is started fairly early. Well, everything that
is internal to the kernel starts early, and maybe some of those
could cause problems.
-- glen
More information about the Info-vax
mailing list