Unauthorized users from outside a network can corrupt or destroy the data in packets by capturing the packets before they reach their destination and injecting arbitrary data into the contents before sending the packets back on their original course. This procedure is called packet smashing.
On a local area network, packet smashing is impossible because packets reach all systems, including the server, at the same time. Packet smashing is possible on a gateway, however, so make sure that all gateways on the network are protected.
The most dangerous attacks affect the integrity of the data. Such attacks involve changing the contents of the packets or impersonating a user.
Other attacks might involve eavesdropping but do not compromise data integrity or impersonate a user. An eavesdropper records conversations for later replay. Although eavesdropping attacks do not attack data integrity, the attacks do affect privacy. You can protect the privacy of sensitive information by encrypting data that goes over the network.
To encrypt remote operations over an insecure network, see Chapter 1, Using Secure Shell (Tasks), in Managing Secure Shell Access in Oracle Solaris 11.2 .
To encrypt and authenticate data across a network, see Chapter 2, About the Kerberos Service, in Managing Kerberos and Other Authentication Services in Oracle Solaris 11.2 .
To encrypt IP datagrams, see Chapter 6, About IP Security Architecture, in Securing the Network in Oracle Solaris 11.2 .