[SunHELP] Re: Filtering with Solaris 8 x86
Erik Parker
sunhelp at sunhelp.org
Thu Nov 30 23:24:51 CST 2000
> > boxes (SPARC) with no problems. What about downgrading to Solaris 7 ?
>
> i don't know that downgrading would help him. he's running x86. i run ipfilter
> as well (on sparc of course) and have zero problems. and i'm running 8. so
> you are trying to compare apples to oranges here. of course x86 hardware is
> flakier than sparc hardware, so that could be his problem (don't say anything,
> i know i'm a sun-bigot/anti-wintel guy)
>
> as far as SunScreen, i don't think there is an x86 version of that although i
> could be wrong.
>
> cheers,
Yah downgrading isn't really an option.. and because the machine is hosted
1500 miles away from me, I can't mess with ip filter anymore, plane
tickets get too costly.
As for the guy who said to upgrade bind, hate to tell you, but Bind is a
walking talking remote exploit, at any version. In most of our contracts
we take for forensic analisys, we've found one thing in common on
un-explainable remotely owned standalone hosts. Bind 8 (even current), and
bind 4.9.7.
Any security engineer would tell ya not to run bind. It runs in a jail
(Chroot), but for us that are paranoid, that isn't good enough.
Erik Parker
Mind Security
An armed society, is a polite society.
More information about the SunHELP
mailing list