Just released at SysAdmin Magazine (both in print and on the web) is my latest column. This being part one of a two parter on virtualization. Here is the link. Also in this same issue of SysAdmin is an article by my colleague, Chris Page, about the cluster technology that is part of Oracle’s RAC product. Well worth a read.

SANS has reported a verifiable zero-day exploit for Solaris 10 and beyond (Nevada et al). There is a vulnerability in telnetd that can allow attackers to login without a proper account and password.

Note that in recent releases of Solaris Nevada which are “Secure by default”, telnetd is disabled during installation. Earlier releases have telnet enabled and it should be disabled in almost all circumstances. The command to disable is

# svcadm disable telnet

Here is the Information Week article describing the problem and linking to SANS.