Is there a way to disable all remote connections to the GZ? In other words, couldn't you use a firewall to reject connections on all ports to the GZ? That would effectively deny remote access to the GZ without having to disable any network interfaces.

Of course, disabling the GZ's interface(s) is preferable (it's simpler), but I'm not sure if it's possible. I haven't tried it.


Jordan

On 09/29/10 10:33 AM, Orvar Korvar wrote:
Ok, so it is impossible to shutdown internet connection to the global zone and 
surf only from the local zones. If I want to surf from the local zones, the 
global zone's NIC must be activated. I suspect a hacker will attack the global 
zone, instead of the local zone that I surf from.

Are there any other ways to increase security instead of my original plan 
(shutting down the global zone and surf from local zones)? I am afraid the 
global zone will be attacked...
_______________________________________________
zones-discuss mailing list
zones-discuss@opensolaris.org

Reply via email to