topic Re: SECURITY in Operating System - HP-UX

SECURITY

Nobody's Hero — Tue, 17 Jul 2001 13:24:36 GMT

I appreciate all the expertise on this site.
Can anyone tell me if there is a security assessment tool for HP9000's. Maybe a type of software that finds weaknesses in the platform, like rhosts files, too many this, not enough of that kind of detail?

Thanks as alyays
Bob

Re: SECURITY

Mark van Hassel — Tue, 17 Jul 2001 13:35:24 GMT

Hi Robert,

Our security group use ESM (Enterprise Security Manager) from axent technology (www.axent.com). I don't think its free though.

Re: SECURITY

Chris Calabrese — Tue, 17 Jul 2001 13:48:32 GMT

The following come to mind:

COPS (http://ciac.llnl.gov/ciac/ToolsUnixSysMon.html#Cops)

Tiger (http://ciac.llnl.gov/ciac/ToolsUnixSysMon.html#Tiger)

ISS System Security Scanner (www.iss.net)

PentaSafe VigilEnt (www.pentasafe.com)

Re: SECURITY

Ralf Hildebrandt — Tue, 17 Jul 2001 15:40:53 GMT

YOu can use www.nessus.org
Free, easy to use.

Re: SECURITY

Chris Calabrese — Tue, 17 Jul 2001 16:26:14 GMT

Nessus is a network-oriented scanner and can only go so far in discovering host vulnerabilities.

Re: SECURITY

Michael Tully — Wed, 18 Jul 2001 03:11:15 GMT

There are some freebies out there:

tiger, satan, cops & crack & iss.
ESM is a very good one but is definitely
not free.

Some of these are avaiilable from:

http://www.deter.com/unix/#unix

HTH
Michael

Re: SECURITY

Brian Markus — Mon, 30 Jul 2001 04:29:39 GMT

I was truly impressed with Nessus, however the Nessus deamon had a bug in it a while back that allowed some nasty things to be done with the server. Put it behind a firewall, then do an internal audit. It's almost to powerful, if you build a Nessus box, keep it heavly guarded. Oh, and pray the script kiddies out there on the net don't get a hold of this tool. Our live's will be a nightmare.

Brian.