Solaris Express Installation Guide: Network-Based Installations
Previous Next

Document Information

Preface

Part I Planning to Install Over the Network

1.  Where to Find Solaris Installation Planning Information

2.  Preconfiguring System Configuration Information (Tasks)

3.  Preconfiguring With a Naming Service or DHCP

Part II Installing Over a Local Area Network

4.  Installing From the Network (Overview)

5.  Installing From the Network With DVD Media (Tasks)

6.  Installing From the Network With CD Media (Tasks)

7.  Installing Over the Network (Examples)

8.  Installing From the Network (Command Reference)

Part III Installing Over a Wide Area Network

9.  WAN Boot (Overview)

10.  Preparing to Install With WAN Boot (Planning)

WAN Boot Requirements and Guidelines

WAN Boot Security Limitations

Gathering Information for WAN Boot Installations

11.  Installing With WAN Boot (Tasks)

12.  SPARC: Installing With WAN Boot (Tasks)

13.  SPARC: Installing With WAN Boot (Examples)

14.  WAN Boot (Reference)

Part IV Appendixes

A.  Troubleshooting (Tasks)

B.  Installing or Upgrading Remotely (Tasks)

Glossary

Index

WAN Boot Security Limitations

While WAN boot provides several different security features, WAN boot does not address these potential insecurities.

  • Denial of service (DoS) attacks – A denial of service attack can take many forms, with the goal of preventing users from accessing a specific service. A DoS attack can overwhelm a network with large amounts of data, or aggressively consume limited resources. Other DoS attacks manipulate the data that is transmitted between systems in transit. The WAN boot installation method does not protect servers or clients from DoS attacks.

  • Corrupted binaries on the servers – The WAN boot installation method does not check the integrity of the WAN boot miniroot or the Solaris Flash archive before you perform your installation. Before you perform your installation, check the integrity of your Solaris binaries against the Solaris Fingerprint Database at http://sunsolve.sun.com.

  • Encryption key and hashing key privacy – If you use encryption keys or a hashing key with WAN boot, you must type the key value on the command line during your installation. Follow the precautions that are necessary for your network to make sure that these key values remain private.

  • Compromise of the network naming service – If you use a naming service on your network, check the integrity of your name servers before you perform your WAN boot installation.
Previous Next