Skip Navigation Links | |
Exit Print View | |
Oracle Solaris 10 9/10 Installation Guide: Network-Based Installations |
Part I Planning to Install Over the Network
1. Where to Find Solaris Installation Planning Information
2. Preconfiguring System Configuration Information (Tasks)
3. Preconfiguring With a Naming Service or DHCP
Part II Installing Over a Local Area Network
4. Installing From the Network (Overview)
5. Installing From the Network With DVD Media (Tasks)
6. Installing From the Network With CD Media (Tasks)
7. Patching the Miniroot Image (Tasks)
8. Installing Over the Network (Examples)
9. Installing From the Network (Command Reference)
Part III Installing Over a Wide Area Network
11. Preparing to Install With WAN Boot (Planning)
WAN Boot Requirements and Guidelines
Web Server Software Requirements and Guidelines
Storing Installation and Configuration Files in the Document Root Directory
Storing Configuration and Security Information in the /etc/netboot Hierarchy
Customizing the Scope of the WAN Boot Installation
Specifying Security and Configuration Information in the /etc/netboot Directory
Sharing Security and Configuration Information in the /etc/netboot Directory
Storing the wanboot-cgi Program
Digital Certificate Requirements
Gathering Information for WAN Boot Installations
12. Installing With WAN Boot (Tasks)
13. SPARC: Installing With WAN Boot (Tasks)
14. SPARC: Installing With WAN Boot (Examples)
While WAN boot provides several different security features, WAN boot does not address these potential insecurities.
Denial of service (DoS) attacks – A denial of service attack can take many forms, with the goal of preventing users from accessing a specific service. A DoS attack can overwhelm a network with large amounts of data, or aggressively consume limited resources. Other DoS attacks manipulate the data that is transmitted between systems in transit. The WAN boot installation method does not protect servers or clients from DoS attacks.
Corrupted binaries on the servers – The WAN boot installation method does not check the integrity of the WAN boot miniroot or the Solaris Flash archive before you perform your installation. Before you perform your installation, check the integrity of your Solaris binaries against the Solaris Fingerprint Database at http://sunsolve.sun.com.
Encryption key and hashing key privacy – If you use encryption keys or a hashing key with WAN boot, you must type the key value on the command line during your installation. Follow the precautions that are necessary for your network to make sure that these key values remain private.
Compromise of the network naming service – If you use a naming service on your network, check the integrity of your name servers before you perform your WAN boot installation.