I have been asked to work on some Sun Sun Ray (yes, it’s a redundant name).

They seem very much a throw-back to X terminal days, and in particular they remind me of a Sun Java Thin Client box I had to work on in 1997. My conclusion on the Java terminal at the time was DOA. There were literally no apps. Can’t believe it has been ten years already…anyway, the issue I am looking at relates to VPN connectivity.

Sun promises great new security functionality in their Sun Ray Software 4, as described in this beta release page:

…great new features such as the VPN/IPsec client in the Sun Ray firmware. This allows customers to simply plug their Sun Ray clients into nearly any network and connect back to their corporate desktop. Please note that the VPN/IPsec client only works initally with Cisco gateways that support the Cisco EasyVPN protocol.

Grammar check. Should that be “client initially only works with Cisco”? Hmmm, only Cisco? This looks like a not-so-easy EasyVPN protocol.

Why did Sun, a self-proclaimed champion of open standards, grab onto such a proprietary/rare IPSec configuration? Is Cisco a big consumer of the Sun Ray?

So that is what I have been researching lately. I love the X terminal concept, but it surprises me to hear there is no alternative to Cisco’s IKE implementation. That and the fact that Sun Ray documentation only points to IKE-DES3-MD5, rather than more contemporary options like IKE-AES-SHA1.

Well, being away from my log for a while has left some interesting bread crumbs to sift through.

For example, I have noted that someone in Iran (80.191.136.xx) has been trying to attack my site.

I tracked back a couple very sloppy attempts to the Isfahan municipality computer services organization.

Basically, in the latest attempt, they have been searching for a vulnerable version of wp-trackback.php, and submitting “‘ and 1=1” to post.php.