WAN Boot Security Limitations
While WAN boot provides several different security features, WAN boot does not address
these potential insecurities.
Denial of service (DoS) attacks – A denial of service attack can take many forms, with the goal of preventing users from accessing a specific service. A DoS attack can overwhelm a network with large amounts of data, or aggressively consume limited resources. Other DoS attacks manipulate the data that is transmitted between systems in transit. The WAN boot installation method does not protect servers or clients from DoS attacks.
Corrupted binaries on the servers – The WAN boot installation method does not check the integrity of the WAN boot miniroot or the Solaris Flash archive before you perform your installation. Before you perform your installation, check the integrity of your Solaris binaries against the Solaris Fingerprint Database at https://sunsolve.sun.com.
Encryption key and hashing key privacy – If you use encryption keys or a hashing key with WAN boot, you must type the key value on the command line during your installation. Follow the precautions that are necessary for your network to make sure that these key values remain private.
Compromise of the network naming service – If you use a naming service on your network, check the integrity of your name servers before you perform your WAN boot installation.