This procedure ensures that the TCP initial sequence number generation parameter complies with RFC 6528.
Before You Begin
You must become an administrator who is assigned the solaris.admin.edit/etc.default/inetinit authorization. By default, the root role has this authorization. For more information, see Using Your Assigned Administrative Rights in Securing Users and Processes in Oracle Solaris 11.2 .
# grep TCP_STRONG /etc/default/inetinit # TCP_STRONG_ISS sets the TCP initial sequence number generation parameters. # Set TCP_STRONG_ISS to be: TCP_STRONG_ISS=2
# pfedit /etc/default/inetinit TCP_STRONG_ISS=2
# /usr/sbin/reboot