12 Security GuideNOTE: All of these services are prohibited with a 'high' securitysetting, but if they are re-enabled manually the hostnameinformation will remain hidden.Sendmail daemon securedSendmail is forced to perform only outgoing mail. No incomingmail will be accepted.Network parameters securedSun's nddconfig security tool is run. For additional information,view Sun's document, Solaris Operating Environment NetworkSettings for Security, athttp://www.sun.com/solutions/ blueprints/1200/network-updt1.pdf.Executable stacks disabledThe system stack is made non-executable. This is done sosecurity exploitation programs cannot take advantage of theSolaris OE kernel executable system stack and thereby attack thesystem.NFS port monitor restrictedThe NFS server normally accepts requests from any port number.The NFS Server is altered to process only those requests fromprivileged ports. Note that with the high security setting, NFS isdisabled; however if the service is re-enabled manually, the portrestriction will still apply.Remote CDE login disabledThe Remote CDE login is disabled.Xerox FreeFlow Print Server router capabilities disabledThe Xerox FreeFlow Print Server router capabilities is disabled(empty/etc/notrouter file created).