05-25-2006
Security vulnerability on my sun solaris 9 box
We are running security scans on our machines.
I am concerned with my solaris 9 box running on a 280r. got the following message.
The remote host accepts loose source routed IP packets.
The feature was designed for testing purpose.
An attacker may use it to circumvent poorly designed IP filtering
and exploit another flaw. However, it is not dangerous by itself
Solution : drop source routed packets on this host or on other ingress
routers or firewalls.
From what I've known inthe past, to remediate this issue, I have changed a few things in the nddconfig script.
I have the setting: IP_FORWARD_SRC_ROUTED=0
I believe it was set to 1 by default.
I thought this setting was to not let this system act as a router.
Questions:
Do you think I am doing something wrong in my configuration?
Is there any way to show what the live system has for IP_FORWARD_SRC_ROUTED? I know what the nddscript says, but i want to make sure it is taking effect..
Thanks in advance if anyone can help.
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
I have a Sun box that I am trying to get started up, but everytime it will crap out because it is bound to an NIS domain that no longer exists. The Master for that domain was put out of commission. It was suggested to me that I could boot off of the Installation cd for the OS (Solaris 8) and... (4 Replies)
Discussion started by: Jody
4 Replies
2. UNIX Benchmarks
I could write a long spec here, however.....we are looking at investing in one of thise shiny blue Sun V440's. Rediculousely expensive, however possibly more cost effective over time...too much time listening to salesmen. To the point has anyone actually performed a comparison for Oracle running on... (4 Replies)
Discussion started by: luker
4 Replies
3. Solaris
Evening...
I just recently purchased an older Ultra 5 with Solaris 8 equiped with NT. I'm not necessarily new to the unix world but this is the first time I've had my own box. I'm used to Unix in the working environment.
So with that said...
Are there any specific files I should be... (2 Replies)
Discussion started by: PapaPark
2 Replies
4. UNIX for Dummies Questions & Answers
Hi,
I need a clarification.
Is there any difference between AIX box and Sun Solaris box?
The bzip command with -c option works in AIX box and the same does not work in Sun Solaris box.
Can anyone please explain if there is an implementation difference in both these boxes for the shell... (1 Reply)
Discussion started by: nisha4680
1 Replies
5. Solaris
i want to migrate sun box 5.8 to 5.10 and also 5.9 to 5.10 with jump start
without ditrubing any users, how it can be done? (3 Replies)
Discussion started by: saini707
3 Replies
6. UNIX for Advanced & Expert Users
Hi experts,
I need to send email form my sun box but i unable to send?
1) What Basic setting i have to check?
2) We have DNS server running on other system (ISP-DNS 202.62.64.3,Primary-DNS 192.168.10.4 slave-DNS 192.168.10.1)
3) what Files need to be check, what files need to be created.
... (1 Reply)
Discussion started by: saisivakumar
1 Replies
7. Solaris
How to implement NFS Security in server where filesystem is configured as NFS & AutoFS?
Any special patch need to be applied?
What are the procedures? (1 Reply)
Discussion started by: KhawHL
1 Replies
8. Solaris
Got the console cable all connected up and got tot he ok prompt.
Typed in boot cdrom and got the following:
ok boot cdrom
Boot device: /pci@8,700000/scsi@6/disk@6,0:f File and args:
ERROR: /packages/deblocker: Last Trap: Corrected ECC Error
Can't read disk label.
Can't open disk... (4 Replies)
Discussion started by: bbbngowc
4 Replies
9. Solaris
Hello Friends,
I have installed Solaris 10 on on Sun Virtual Box. I am able to browse internet on solaris 10 thru firefox, however I am not getting sound, there is cross on the tray icon of sound.
Please help with this !!
Regards,
Sahil (3 Replies)
Discussion started by: sahilsardana
3 Replies
10. UNIX for Dummies Questions & Answers
hi
Am Using Windows vista machine where i installed Sun Virtual Box on Which i installled Solaris 10.. am not able to ping my windows machine from Sun OS neither viceversa.. Can someone help me out to get this sorted please .... (2 Replies)
Discussion started by: Sojourner
2 Replies
LEARN ABOUT MOJAVE
defaultrouter
defaultrouter(4) File Formats defaultrouter(4)
NAME
defaultrouter - configuration file for default router(s)
SYNOPSIS
/etc/defaultrouter
DESCRIPTION
The /etc/defaultrouter file specifies a IPv4 host's default router(s).
The format of the file is as follows:
IP_address
...
The /etc/defaultrouter file can contain the IP addresses or hostnames of one or more default routers, with each entry on its own line. If
you use hostnames, each hostname must also be listed in the local /etc/hosts file, because no name services are running at the time that
defaultrouter is read.
Lines beginning with the ``#'' character are treated as comments.
The default routes listed in this file replace those added by the kernel during diskless booting. An empty /etc/defaultrouter file will
cause the default route added by the kernel to be deleted.
Use of a default route, whether received from a DHCP server or from /etc/defaultrouter, prevents a machine from acting as an IPv4 router.
You can use routeadm(1M) to override this behavior.
FILES
/etc/defaultrouter Configuration file containing the hostnames or IP addresses of one or more default routers.
SEE ALSO
in.rdisc(1M), in.routed(1M), routeadm(1M), hosts(4)
SunOS 5.10 17 Aug 2004 defaultrouter(4)