Tuesday Jan 08, 2008

World's Youngest Sun Ray on Solaris Nevada User

Well, I can hardly believe that three years has passed since the birth of my second son. In keeping with past tradition, today he received his first Sun Ray. Just as his brother before him, he received a Sun Ray 150. Having used his brother's Sun Ray for quite some time, he took to it with ease and had fun playing on some of the typical kids sites. I am sure he will pick things up in no time with his big brother at his side to help him along.

IMG_4369 IMG_4369_2

This bet on early access to technology has certainly paid off (not that I had any doubt!). My eldest is very at home with technology and the Internet whether on a Sun Ray, a Ubuntu desktop or even his Wii. He recently even asked if he could watch me next time I "fix" (read: upgrade) the computers so that he could learn how to do it. With Indiana, he may very well be able to do the upgrade next time! Even in school where they are forced to use Microsoft products, he adapts very well switching from MS Paint to gPaint and IE to Firefox, and so on. I am sure his little brother will follow in his technological footsteps.

A few things have changed over the years since we started down this winding road... The original Ultra 10 was upgraded some time ago to an Ultra 20. Solaris 10 gave way to Solaris Nevada (and everything that comes with it), the Sun Ray Server Software was also brought up to date, and more memory was added. Time passes and all things must change. In this case, certainly for the better!

With each new Solaris and SRSS upgrade, the experience becomes easier to install, configure and use. My hats off to both engineering teams who do a remarkable job. I can't wait until we get Indiana and Sun Ray linked up! Special thanks this round to Kent Peacock and P.S.M. Swamiji who helped me work out one last kink in getting rid of some very, very outdated Sun Ray firmware on my last remaining DTUs! Now everything from the DTU firmware, to the Sun Ray software, to the operating system, etc. are all running the very latest and greatest - at least until Nevada build 81 comes out!

Happy birthday, little one!

Monday Aug 20, 2007

Brief Vacation in Niagara Falls

Originally uploaded by gbrunett

It was time for a little mini-vacation. For a few days last week, my family and I traveled to Niagara Falls, Ontario, Canada. We had an excellent trip and with views such as these, you can easily see why! What a beautiful place to take in a wonder of nature.

Not only that, but it was a great excuse to try out my new camera. \*grin\* I have a few other pictures that I will upload soon that were taken closer to home.

Gotta get back to work!

Take care,


Technorati Tag:

Wednesday Feb 28, 2007

Tagged by DaveW

A little while ago, I was tagged by davew over at Dave's Bit Bucket. First, I would likke to apologize to Dave for taking so long to accept his challenge. I have no excuses and so will make none.

It is especially interesting for one with a security and privacy bent (read: healthy paranoia) to respond to something like this. I am supposed to talk about five things that you may not otherwise know about me from both a personal and professional angle, but as I consider this further - it becomes all the more challenging. Is there a reason you don't know some things about me? Of course, the reasons are many. What is the risk of disclosing some personal information? Could that information be combined with some other seemingly innocuous tidbit to glean something really interesting about me? Possibly.

So, after intentionally little "internal" debate, throwing caution to the wind (again something quite interesting in and of itself for those of us healthy paranoids), here is my list:

1. I have always been interested in languages. Throughout school, I had the pleasure of studying French (8 years), Latin (2 years), Spanish (2 years) and Japanese (1 year). That interest eagerly transitioned to computer languages as well where over the course of school I picked up 8088 Assembly, BASIC, Pascal, COBOL, ForTran, C, along with various scripting languages available at the time. One of these days, I would love to take a swing at Italian.

2. My first programming job was actually in high school where I developed software for the school in return for credits that would be applied toward my Honor Society requirements. Most of those programs were statistical programs for the athletic department. Later, in college, I would actually get my first paid gig where I developed incident management software for our campus security department.

3. My first exposure to Sun was when I was given a Sun 2/50 which at the time was running SunOS 3.5. It was love at first sight. I have worked with every single public release since that time in one way or another (as a software developer [external to Sun], an systems and network administrator, etc.). That said, my experience has not been homogenous. I have also worked in a similar fashion with various releases of AIX, HP-UX, IRIX, Mach, OSF/1, Ultrix, Mac OS X, as well as various Linux variants and to a lesser extent RSTS/E, RT11 and even (check this out) Dell Unix. It is interesting to see things come full circle.

4. One of my first experiences with information security was around my sophomore year in college. By that time, I was working as an assistant system's administrator and helping with between classes and after hours issues since I lived on campus. I recall hardening systems (although back then it was as much to save memory as security), patching SunOS systems (and you may think that patchadd is a pain, man have I got stories), and doing things like system monitoring. The thrill of this game went into high gear the time I was able to track and monitor an attack coming in from one of our Xylogics Annex terminal servers (dialin pool). That was the day the "security" bug really took hold.

5. Although I rarely have time for them anymore, I do have a number of hobbies and interests (it's true really). Since I was about 13 I have played guitar (sometimes better than others). I actually still have three and my most interesting one (from those heavy metal days) is a Kramer Striker 500ST. What is really crazy is that this was my first guitar. I will always remember my instructor's face when I walked in for lessons what that guitar. It still plays great although it could use some new frets. The only upgrade I had ever made to it was to sub-out the lead stock pickup with a Seymour Duncan Distortion Humbucker.

Whew! With this now behind me, I would like to turn my gaze to the next set of victims targets ... tag-ees. Glenn, Wyllys, Valerie, Wences, and last but certainly not least - Alfred - tag you're it!


Thanks Dave! Assignment complete!

Monday Sep 11, 2006

September 11th - 5 Years On

I had been thinking about writing this post most of the day. Honestly, I was very hesitant since a small message could easily turn into a long and widing essay from all of the emotion that would pour out. After reading Rob's post however, I decided to share with you at least a little of what has been bouncing around my mind.

Like, Rob, I too was supposed to be at our World Trade Center office on that fateful day. I remember that we had just received a new shipment of lab equipment and I was going into the office to get everything hooked up so that we could start demonstrating a variety of Solaris and Sun ONE product security configurations and features. It all started as a normal day when all of a sudden my nose started bleeding just as I was exiting the shower. It took quite a while to stop and needless to say delayed my departure. Just as I was leaving, the phone rang...

My mother had called me in tears. After asking what was wrong she told me to turn on the television and that was where I got my first glace on what had happened. Like so many others, I stood in dumbfounded, staring at the television in complete and utter disbelief. As I stood watching, the second plane struck the tower where the Sun office was located, WTC2 (our office had been on the 25th and 26th floors). Realizing that something was terribly wrong, I called my wife who was pregnant with our first child and who had taken some friends to see Philadelphia historic sites for the day. Knowing that she was safe and on her way home helped to ease my mind, but that relief did not last long.

My trip to NY that day was not just for the lab, however. I had scheduled a meeting with some of my team that day to do their performance reviews. Needless to say, I could not reach anyone in the area for the greater part of the day. I honestly believed that I was responsible for the death of a good friend and colleague by scheduling our meeting for that morning. I was relieved to hear later that night that he was in Jersey City and not at the WTC when the planes struck. This was not true for many of my other friends who were in or around the WTC during that time. I remember working with some of our local teams to collect alternate e-mail addresses and telephone numbers for everyone in the area so that we could re-establish contact with everyone and verify that they were safe. Over the course of several days, thankfully, we were able to verify that all of our local employees were safe and accounted for - thanks in large part to the heroic efforts of Avel Villanueva who, keeping a level head, spearheaded the evacuation of our offices. Of the thousands who died, Sun did loose one if its own. Phil Rosenzweig, was on American Flight 11. Requiescat in pace, Phil.

I often still think the unthinkable about that day and what might have happened if I had not been delayed. The damage shown 24/7 in the news and on the Internet was mindboggling. Looking at the damage and remaining landmarks, my mind would wander to times when I had been in one area or another around that complex. Like Rob, there was many a time that I would often work at the WTC office and even work late into the night on one project or another (camping out at one of the local Marriott hotels). There were so many great memories of times spent with customers, partners, friends and even family at or around the WTC complex, and on days like today, that all comes rushing back.

Today, while the family was out for a drive, we passed a local park where a memorial service was being held. Looking out at all of the firetrucks, police cars, and military vehicles, my son asked what was going on. In typical 4 year old fashion, question begat question. My attempts at answering his questions nearly brought tears back to my eyes.

I will never forget September 11, 2001 and what it means, to me and to us all.

Friday Jul 14, 2006

Update: My LIttle Sun Ray Guy

It has been nearly a year and a half since I blogged about My Little Sun Ray Guy. Well, I am very happy to report that things have been going quite well. Over the last month or so, I upgraded his environment moving him from Solaris 10 on an Ultra 10 to a new Ultra 20 running Nevada build 42 (with integrated Solaris Secure by Default, Firefox, Real Player, etc.)

So far, no problems to report. It is performing significantly faster (obviously - the Ultra 20 helps quite a bit there!), but functionally, everything that worked on Solaris 10/SPARC works just fine under Nevada/AMD64. Here are a few pictures that I took recently:

My next goal is to get him using Trusted Extensions as soon as I have some time to get it configured.

That's all for now!

Take care,


Technorati Tag:

Sunday Feb 12, 2006

Sun Ray @ Home Updates

Well, another year has passed for my little Sun Ray user. In Septmeber, I talked about a few updates that we had done to our Sun Ray environment, and I wanted to mention the latest. In late January, we upgraded the operating system on our x86-based Sun Ray server to Nevada (build 32). No issues to report - gotta love the stability of these builds! We are still running SRSS 3.1 as a preview of the next version is not yet available. Certainly, once it is available, we will give is a try.

My son has been using Firefox (from Blastwave) with plugins for Java and Macromedia Flash and has been happily able to access his favorite sites, listen to sounds, play games and puzzles, etc. He is getting more web-savvy by the day and has even been learning to type using gedit for about six months. In fact, he is coming along quite well. I will have him coding in no time now. ;-)

Technorati Tag:

Sunday Aug 28, 2005

Sun Rays and Nevada

By way of an update, over the July break (yes, I know it is nearly September!), I completed the upgrade of my laptop to Nevada (build 18). Add to the mix, Casper's frkit, Darren's netprof, and packages from the good folks supporting Blastwave and my laptop is a force to be reckoned! Since then, Nevada has been my only desktop. It has flawless performed on both wired and wireless networks, at home, at the office and at conferences (being projected), ... you name it.

So, since everything has been going so very well, I decided to expose my family to Nevada ;-)

A few weeks ago, we completed the upgrade of our home Sun Ray environment. My family has moved off of the Ultra 10 (running a pre-release of Solaris 10) to a eMachines PC (Pentium 4) system running Nevada (build 18) and SRSS 3.1. I have to say that the transition was completely painless - the SRSS software installed on the Nevada-based x86 platform with no problem and has since been running flawlessly. Gotta love things that "just work".

Isn't technology grand!

Friday Mar 25, 2005

I'm not dead yet!

It has been a very long time since my last post and for that I apologize. I have a good excuse honest! I was off for most of January with the birth of my second son. Following that, as you can imagine when I came back I needed to spend a good deal of time unburying myself from e-mail, v-mail and project deliverables. So, now that I am nearly unburied, I can safely proclaim that I am not dead yet!

I wanted to take a few moments to catch you up on a few things that I have been doing over the last two months or so. I will also preview a few things that will be coming up...
  • Upon my return from leave, I presented at the RSA 2005 Security Conference held in San Francisco, CA. I had the honor of presenting on the topic of "Adaptive Security for Dynamic and Consolidated Environments" with Dave Walker and Peter Charpentier. It was quite a blast!

  • I have continued my work as a member of the Unix Benchmark Team for the Center for Internet Security. Most of the recent work has been on the development and refinement of the Solaris 10 Security Benchmark. I have to say that in large part due to the teamwork displayed by that organization, the Solaris 10 Benchmark has come together very quickly and should be ready to release soon.

  • I have also been working on converting some of my Solaris 10 Security blog articles to become Sun BluePrints Cookbooks. The first of such to be converted was the Automating Solaris 10 File Integrity Checks. It was published this month. It looks like at least one more will be published next month. Don't think that this is just a rehash of the blog however. We did actually go in and add new clarifications, examples, and other content! Also, I would like to acknowledge Darren Moffat and Scott Rotondo for their careful technical review of the article. Thank you very much.

  • I have also been working on new material. Hopefully in either the April or May edition of the Sun BluePrints, you will see a new article titled something like Limiting Service Privileges in the Solaris 10 OS. The paper is done, it is just a matter of getting it through the necessary processes.

  • I have been doing a lot of customer briefings on a variety of topics. Most of my briefings are deep dives into Solaris 10 security features and capabilities. In fact, just last week I presented to over 300 customers in both New York, NY and Somerset, NJ on those topics. It is absolutely incredible the things that you can accomplish with Solaris 10 in the security space.

  • I have also been preparing a talk that I will be giving on April 4th at the EDUCAUSE Security Professional's Conference in Washington, DC. The subject of my talk will be "Systemically Secure Architectures". If anyone reading this will be there, please be sure to stop me in the hall and say 'Hi'!

  • I have also been accepted to present at the New York State Cybersecurity Conference. The subject of my talk will be "Lessons from the Trenches: Solaris Security Best Practices". Hope to see you there!

Those are just a few of the things that I have been working on recently - that I can talk about of course. ;-) I hope to do another posting with yet another Solaris 10 Security tip in the very near future.

Also, before signing off, I have to send some kudos to the Solaris Security Toolkit team. Thanks to their hard work and determination, we can now proudly say that the Toolkit has become an official Sun product that is supported under the Solaris Support contract. Great work everyone!

Take care,

Friday Jan 21, 2005

World's Youngest Sun Ray on Solaris 10 User

As I talked about previously, my son received a Sun Ray 150 for his birthday this year. He took to it like a fish to water and was easily navigating several of his favorite sites. He had a lot of fun playing games and even brought some of his friends over to his "office" and showed them how to use it.

For those who may be interested, the Sun Ray 150 is connected to an Ultra 10 workstation (440Mhz, 1-Gbyte RAM, 9-Gbyte disk) running Solaris 10 (build 74) and the Sun Ray Server Software 3.0.

I had the Sun Ray configured in its normal and controlled access (kiosk) modes to see which would be more managable. In its normal mode, we used the Java Desktop System interface. Each mode has its benefits for a home system, and I have not quite decided which way it will end up. It does not appear to matter, however, for my son who simply enjoys surfing the web with Mozilla and playing Java and Macromedia Flash games.

Now if I could just get him to file bugs and RFEs! Maybe next year...

Monday Jan 03, 2005

Solaris 10, SunRays, and even JDS3 Linux...

I realize that it has been a while since my last posting, so I wanted to provide a quick update as to some fun I had over the holiday break. I am planning on providing some new security content in the very near future. As an aside, for those who prefer a more structured format, the Sun BluePrints will be publishing a few of my articles (with new and updated content) later this month.

Anyway, during the holiday, I decided to tackle two things. First, I upgraded my home Ultra 10 to Solaris 10 (build 74). The installation process was completely smooth and without incident. I had everything up and running in a hour or so. With that out of the way, I then installed the (version 3.0). This too worked out of the box (or CD has the case may be) without any problems. So, in just a few hours, I found myself with an Ultra 10 with SRSS 3.0 on Solaris 10 - ready for action.

To go with this setup, I recently purchased 3 Sun Ray 150 clients. My goal is spread them throughout the house so that people can have easy access to the network using a comfortable user interface. In fact, my son, who is going to be three in a few days, is going to get one for his birthday! (Sssh! Don't tell him!)

Using the Sun Ray Server Software kiosk mode, I can give him easy access to the web content of his choosing like PBS Kids and Noggin making him have to login to a system, start a browser, etc. Quick and painless. The only thing that I needed to do beyond what I have described above was install the Macromedia Flash plugin for Solaris so that he could play some of the games at the sites above.

Now that all of that software and hardware had been tested, I turned my eyes to my laptop. I have been running beta (pre-release) versions of JDS Linux on my primary (read: only) laptop since the very first release of the software. As such, I jumped at the chance to participate in the JDS3 Linux beta program. So, with reckless abandon, I wiped my laptop and dropped down the JDS3 Linux bits. I am in fact typing up this blog entry from my freshly installed system. For those who are curious, so far so good. I installed JDS3 a few days ago and have already seen a significant improvement a number of areas including support for hardware devices. I am using a Toshiba M2 (1.7GHz, 512M, 60G, NVidia GeForce FX Go5200, 1000BT, 802.11abg).

I have it running currently using an external monitor (@ 1280x1024), but I have also been using its LCD (@ 1400x1050). Both the wired and wireless network adapters were recognized and worked out of the box. In fact, the only software that I loaded on the system (beyond what was available on the JDS disks) was the Cisco VPN client and some networking and security utilities that I use for my "day job".

Anyway, I have to run - post-break work pileup. If you have questions on any of the above, please let me know. Take care!


Friday Nov 12, 2004

JASS & me

As many of you may know, over the last 4+ years, I have worked as the lead developer on the Solaris Security Toolkit. It has been a wild ride and a lot of fun. After supporting over 20 releases of the code however, I have decided that it is time for me to try some new things. While I am not leaving Sun, I will no longer be actively developing JASS. Instead, I will be working on a number of other new skunk-works projects that I can only hope will be as useful to our customers and as successful as JASS has been.

The Solaris Security Toolkit has come a long way from its humble beginnings as a skunk-works project. The Toolkit has grown and matured over the years and has been deployed at over 20,000 customer systems across the globe helping to secure Solaris and Trusted Solaris on the SPARC, Intel and AMD platforms. It has been integrated into a number of Sun Client Solutions and iForce offerings as well as Sun Education courses and certification exams. In short, it has become the de facto standard to hardening the Solaris OS.

More recently, the Solaris Security Toolkit has undergone a productization effort and detailed architectural review. JASS has gone a long way from just a "toolkit developed by SunPS". Today, JASS is an official project with dedicated resources for architecture, development, quality assurance, release engineering and documentation. You should start the the fruits of this effort starting with the next release of the Toolkit. Alex Noordergraaf, the co-founder and lead architect of JASS, will continue to drive the project ever forward. This is all great news and will serve to make the Toolkit even better than ever.

I will continue to work with the JASS team in a consultative capacity especially on matters of architecture, Client Solutions integration and support. As many people have in the past sent me JASS related questions and RFEs directly, I would take this opportunity to ask that you forward them to jass-feedback@sun.com so that they can be properly handled.

Lastly, I just wanted to thank all of the JASS users! Without you, the Toolkit would not be what it is today. This project has succeeded more than I could have ever dreamed. Please accept my heartfelt thanks for your enthusiasm for the project as well as your support and patience (especially for those early releases) ;-)

Take care,


Thursday Jul 15, 2004

Medford Lakes, NJ Flooding

On Monday, July 12th, what seemed like any typical summer thunderstorm turned nasty. Apparently the storm front stalled over the Burlington County, NJ area (including Medford, Medford Lakes, Lumberton, Vincentown, and Southamton) and the rain did not stop... Nearly twelve inches of rain later...

Not only did we suffer from severe flood conditions as a sheer result of the rainfall, but several of the dams and bridges in the area gave way to the volume of water. In fact, there was a cascading dam failure resulting in the drainage of several lakes into the Rancocas Creek.

This last picture (above) shows a huge sinkhole at the top center where once Medford Lake's primary beach ("Beach 1") existed. To the left of the sinkhole is one of the dams that was breached. The bike path and park to the left of the picture were flooded leaving canoes wrapped (literally) around trees. In fact, I saw a canoe wrapped around a tree as high as six feet off the ground.

While we lost bridges, lakes and dams, we were very lucky. Downstream, towns like Lumberton and Pemberton were completely flooded and are still underwater today.

For more information on this flood, you can see:

Lakes Drained In Medford After Dams Burst

Hundreds Homeless In Wake Of New Jersey Flooding

Pemberton Residents Evacuated During Storm

Monday Jun 28, 2004


Hello and welcome to my first attempt at a blog. Before I begin, I would just like to tell you a little about who I am and what I do. As you can tell from the title, my name is Glenn Brunette. I have a Master's in Computer Science from St. Joseph's University in Philadelphia, PA, and I have been working in and around computer and information security for well over a decade.

I am a Distinguished Engineer at Sun Microsystems, Inc. working in the Client Services (formerly Professional Services) division. I have been with Sun for nearly five years and am currently working in the United State's Chief Technologist's Office as the Chief Security Architect for the region.

In this role, my work falls into three different areas: (1) working with teams in my region to ensure that security is built into our solutions and that our teams have a baseline level of security knowledge and training; (2) working with teams across Sun on all kinds of matters related to the security of our products, services, training and certification programs; and (3) working with customers either in a mentoring or consulting capacity. As a general rule, my goal is to help make it easier for Sun and our customers to build and maintain secure computing environments.

In addition to my "day job", I also work on a number of side projects. For example, I am the co-founder and lead developer of the Solaris Security Toolkit (also known as "JASS"). You will probably see me posting about it from time to time. In addition, I am also an active member of the Center for Internet Security's Unix Benchmark Team as well as the National Cybersecurity Partnership's Technical Standards and Common Criteria Task Force.

You can also find me publishing articles for the Sun BluePrints program or speaking at Sun conferences and events such as SunNetwork.




« April 2014