Operating System - HP-UX
1748165 Members
4089 Online
108758 Solutions
New Discussion юеВ

Re: Who can give me some advices about security of HP Server which is acting as a www server?

 
SOLVED
Go to solution
MA Qiang
Regular Advisor

Who can give me some advices about security of HP Server which is acting as a www server?

We will set up a HP Server for www server. But we do not know how to keep the security, and stand the attacks from Internet.

Please give some advices.

Thanks.


11 REPLIES 11
Doug O'Leary
Honored Contributor

Re: Who can give me some advices about security of HP Server which is acting as a www server?

Hey;

Hardening systems is a very broad topic that can't really be addressed adequately in a newsgroup response. If you're truly unfamiliar with UNIX security in general and HP security specifically, then I'd strongly suggest hiring a competant UNIX admin consultant with strong security skills for a two-three week project of hardening your system. There are *ALOT* of things that should be tightened on a standard HP install and that doesn't include all the environmental things that should be in place for a system on the Internet.

All that being said, there have been several links posted on ITRC on hardening HP systems. Searching for security related topics should give you a good starting point.

Doug

------
Senior UNIX Admin
O'Leary Computers Inc
linkedin: http://www.linkedin.com/dkoleary
Resume: http://www.olearycomputers.com/resume.html
Juan M Leon
Trusted Contributor

Re: Who can give me some advices about security of HP Server which is acting as a www server?

If you are in the WAN network I will suggest to to block all the ports on your firewall and allow only the ones that are needed, such as port 80, 21, 25(maybe).
ports used by applications like tomcat or jdbc or others, make sure give the proper authorization on your firewall.
Make sure you have 2 NIC one internal and one external.
another suggestion is to have an ID(Intrusion Detection) server.
hope it helps
Bill Hassell
Honored Contributor

Re: Who can give me some advices about security of HP Server which is acting as a www server?

As mentioned, placing a server onto the open Internet requires extensive knowledge about security. This is true for any opsystem, whether it is HP-UX, Linux or Windows. The simple answer is to to turn off every port and service in the system except for the web page, and download and run the security patch checker. But because web developers (unfortunately) want to write fancy code using Jave and XML, and often want to connect to a database somewhere, you need to setup a two-LAN connection, routing, filters for services and make sure all the Apache security patches are in place as well as best-practices to configure Apache. Apache itself will require some knowledgeable help.

Open Internet connections are so dangerous (to the health of your computer and data), I would not consider this without a knowledgeable consultant. HP-UX is much less vulnerable than other systems but you need to make a lot of changes.


Bill Hassell, sysadmin
Geoff Wild
Honored Contributor

Re: Who can give me some advices about security of HP Server which is acting as a www server?

Well....to get started - check out Bastille:

http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6849AA

Read up on ipfilter for sure...

Keep patches up 2 date as well as applications (Apache, Perl, etc)

Rgds...Geoff
Proverbs 3:5,6 Trust in the Lord with all your heart and lean not on your own understanding; in all your ways acknowledge him, and he will make all your paths straight.
MA Qiang
Regular Advisor

Re: Who can give me some advices about security of HP Server which is acting as a www server?

How to turn off the noused ports and services in the HP-UX system?

Thanks.
Ermin Borovac
Honored Contributor
Solution

Re: Who can give me some advices about security of HP Server which is acting as a www server?

The following white paper offers some good advice.

http://secinf.net/unix_security/Building_a_Bastion_Host_Using_HPUX_11.html
Con O'Kelly
Honored Contributor

Re: Who can give me some advices about security of HP Server which is acting as a www server?

Hi

First off get a list of open ports and identify which ones you require to be open:
# netstat -a | grep -i listen
# lsof -i | grep -i listen

lsof is a better as it is easier to identify which processes / daemons have the port open.

To close the port you need to stop the process running which has the port open and disable it from starting at boot time. Most likely it will be started by a script in /sbin/rc*.d. Either disable this script or set a flag in /etc/rc.config.d/*

For services started by inetd (eg ftp, telnet, echo etc) you disable the daemon in /etc/inetd.conf and then run:
# inetd -c

Cheers
Con
MA Qiang
Regular Advisor

Re: Who can give me some advices about security of HP Server which is acting as a www server?

How to install lsof on HP-UX 11iv1?

Thanks.
Con O'Kelly
Honored Contributor

Re: Who can give me some advices about security of HP Server which is acting as a www server?

Hi

Download lsof from:
http://hpux.connect.org.uk/hppd/hpux/Sysadmin/lsof-4.74/

Use swinstall to install.

Cheers
Con