Re: sunscreen and stealth interfaces

• Previous message: Joseph Tam: "Re: Problems chrooting BIND 9.2.2 in a Solaris 8 box"
• In reply to: przemolicc_at_poczta.fm-no-spam-now: "sunscreen and stealth interfaces"
• Next in thread: Szymon Miotk: "Re: sunscreen and stealth interfaces"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Sun, 14 Mar 2004 15:52:34 -0800
To: Sun-Security Focus <focus-sun@securityfocus.com>

On Wed, Mar 10, 2004 at 12:47:39PM +0000, przemolicc@poczta.fm-no-spam-now wrote:
> Hello,
>
> I am trying to test sunscreen in stealth mode (Solaris 9).
> But have warning:
> edit> verify
> Warning: Stealth Interfaces detected but STEALTH_NET not specified.
> Configuration verified successfully (not activated).
> edit> save
> Saved policy to test version 75
> edit> quit
> # ssadm activate test
> Warning: Stealth Interfaces detected but STEALTH_NET not specified.
> Configuration activated successfully on fdelta.
>
> Can anybody explain me why the warning is occuring ?

You have to define what network the screen (effectively operating as a dumb bridge, by dumb I mean no spanning trees) is "stealthifying":

http://docs.sun.com/db/doc/806-6347/6jfa0g877?q=stealth_net&a=view

"If the Screen is configured in stealth mode, the network that it partitions and the netmask must be specified. In the configuration editor this is accomplished using the STEALTH_NET #.#.#.# #.#.#.# keyword, where the first #.#.#.# is the network address and the second #.#.#.# is the netmask. In the administration GUI, these parameters are the Stealth Net Address and Stealth Netmask, respectively, in the Miscellaneous tab of the Screen object."

http://docs.sun.com/db/doc/806-6347/6jfa0g89n?q=stealth_net&a=view

"STEALTH_NET #.#.#.# #.#.#.# {Network and Netmask for stealth type Interfaces}

STEALTH_NET #.#.#.#/#.#.#.#

STEALTH_NET #.#.#.#/#bits"

Also consider the ROUTER option, especially with VPNs.

-- 
adam

• Previous message: Joseph Tam: "Re: Problems chrooting BIND 9.2.2 in a Solaris 8 box"
• In reply to: przemolicc_at_poczta.fm-no-spam-now: "sunscreen and stealth interfaces"
• Next in thread: Szymon Miotk: "Re: sunscreen and stealth interfaces"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Edit mailbox size limit message ... and issue a warning at 75mb, in order to give them enough of a cahnce to ... can we edit the message that comes from the "System ... because it says "Mailbox size limits: You will receive a warning when your ... (microsoft.public.exchange.admin) Re: ActiveSync and Excel files ... that you get the warning message? ... The changes you make actually do sync back to the PC, ... time you sync you get the error message at the next edit and save (on the ... Excel's features aren't supported in the mobile version and might be lost ... (microsoft.public.pocketpc.activesync) Re: Mail Server for Solaris ... you still don't have an answer to the original question. ... Just admit it- ... That there is even a warning about not editing the .cf file manually is ... Only edit the source .mc file. ... (comp.unix.solaris) sunscreen and stealth interfaces ... I am trying to test sunscreen in stealth mode (Solaris 9). ... edit> verify ... Warning: Stealth Interfaces detected but STEALTH_NET not specified. ... (Focus-SUN) Re: Pop Up Blocker Not applied - repost ... that you are editing your IE GPO on a W2k3 Server. ... As the warning message tells you, this edited IE GPO only gets applied to computers with security mode active. ... So just edit your GPO from a XP machine with GPMC and all should work fine. ... I don't have an attitude problem. ... (microsoft.public.windows.group_policy)