topic Re: Cybercop scan in Operating System - HP-UX

Cybercop scan

Verónica Muñoz Segovia — Wed, 09 Jan 2002 23:18:31 GMT

Hi,

Eventually the servers on my site are scan with cybercop and I'm attaching the vulnerabilities that this sw find. On my opinion no one apply to HP-UX 10.20, because I'm always applied all the patches that the HP itrc send me by e-mail, but I would like to find any document to can be sure that what I'm thinking is true.

Hope somebody can help me.

Re: Cybercop scan

Michael Tully — Wed, 09 Jan 2002 23:39:59 GMT

Hi,

There are a few things that you can use as a
reference for securing systems.

Have a look at these links:

http://people.hp.se/stevesk/bastion11.html
http://www.deter.com/unix/papers/unix_security_checklist.txt
http://forums.itrc.hp.com/cm/QuestionAnswer/1,11866,0x67f9c6af36b7d5118ff10090279cd0f9,00.html
http://forums.itrc.hp.com/cm/QuestionAnswer/1,11866,0x4499e7e60861d511abcd0090277a778c,00.htm

HTH
-Michael

Re: Cybercop scan

Sanjay_6 — Thu, 10 Jan 2002 02:36:48 GMT

Hi Veronica,

You can do a custome patch analysis on your system and check if there is any patch you should have on the system. Here is the link on cutome patch manager,

http://us-support3.external.hp.com/wps/bin/doc.pl/sid=b0f2adaf0171c6bed9

Here is the cpm faq,

http://us-support3.external.hp.com/wps/bin/doc.pl/screen=wpsCPMHelp/sid=c46825b01ab01b9b03#faq

Here is a link to the hp security bulletins,

http://us-support3.external.hp.com/cki/bin/doc.pl/sid=bce6d8640fcdb40382/screen=ckiSecurityBulletin

You can subsribe to hp security bulletins if you want.

Hope this helps.

Regds

Re: Cybercop scan

Sanjay_6 — Thu, 10 Jan 2002 02:43:59 GMT

Hi Veronica,

The security patch check utility available from hp is for 11.0. Don't think it is available for 10.20. Take a look at this thread,

http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=B6834AA

Hope this helps.

Regds

Re: Cybercop scan

Steven Sim Kok Leong — Thu, 10 Jan 2002 03:34:57 GMT

Hi,

First, I would suggest that you rely on more than one scanner for greater accuracy and depth in the scan. Nessus is one good network-based security scanner.

CERT/CC security bulletins and SANS SAC (Security Alert Consensus) security bulletins are two bulletins you would want to subscribe to, in addition to the HP-UX security bulletin.

If HP-UX could not come up with a patch yet, the HP-UX security bulletin is usually not posted and the users would thus not be informed.

CERT/CC and SANS will usually release information on the security vulnerability whether or not the security patch is available.

If you have the resources to spare, BUGTRAQ is one mailing list which will alert you the latest in vulnerabilities, but be prepared for a lot of seiving and filtering to identify correct and relevant information.

Hope this helps. Regards.

Steven Sim Kok Leong
Brainbench MVP for Unix Admin
http://www.brainbench.com