Journals due: No later than Tuesday, June 1st.
Most operating systems that come "right out of the box" contain code that is relatively old in terms of the latest set of operating system and security patches. Windows NT, Linux and Solaris are no exception. All three of your machines are vulnerable to a variety of attacks from users on the machine as well as from external attacks. You need to update both of your machines to prevent the most common and obvious attacks as well as learn the process for upgrading components of your system in an orderly fashion.
From the Microsoft Web site (www.microsoft.com)
find and install Service Pack # 5 for Windows NT 4.0 Server. One of the problems
that this service pack (SP) fixes is the infamous "WinNuke" program that can
crash an NT machine. Try running the utility before and after
installing SP5 so you can see how it works. WinNuke can be found at users.nac.net/splat/winnuke.
You'll see on this web page that a number of other NT and '95/'98 vulnerabilities
exist, some of which are corrected by various service packs and hotfixes.
In addition to adding SP5 and testing your machine's WinNuke-ability, you are
to figure out how to add the "/sos" option to your BOOT.INI file for the first
menu option and once done, reboot to see the result. Page 33 of EWNTSA contains
more information.
Find and install the latest Linux stable production kernel sources. A good place to look is www.kernelnotes.org or sunsite.unc.edu. Updating the Linux kernel to the "latest & greatest" production kernel is one of the tasks that a Linux SysAdmin should get into the habit of doing whenever new kernels are released. Modify or create /etc/lilo.conf so that you can boot from your original kernel or from the new 2.2.7 (or higher) kernel you build. This is always a wise idea, so if your new kernel doesn't work you don't have to resort back to a floppy boot. Instructions on installing and building your Linux kernel can be found on page 648 of ESA. In the sample kernel build session, substitute "make menuconfig" for the "make config" step (it's much easier to navigate) and note that the kernel version number (on the tar command) will be different. You do not need to install the patches (the "for p...done" steps) if you just grab the latest kernel tar image with the latest patches.
Read about the Solaris 7 patches in metalab.unc.edu/pub/sun-info/sun-patches/Solaris7.PatchReport. Attempt to install as many of the "Solaris 7 Recommended Patches" and "Solaris 7 Patches Containing Security Fixes" as possible (you won't be able to install them all; one point of this exercise is learning what is appropriate to install). Each of the patch files has a "readme" file that explains the steps to go through to install the patch.
In addition to learning how you add patches to Solaris, you need to learn about /etc/system. This file is used to manage the behavior of the Solaris kernel. Basically, as described on page 658 of ESA, you edit this file and then reboot for the changes to take effect. Add the following lines to your /etc/system file and reboot:
set pt_cnt=128 set npty=128 set maxusers=20