topic Re: HPUX Security in Operating System - HP-UX

HPUX Security

Ted Flanders_1 — Thu, 06 Jul 2000 14:52:47 GMT

I am fairly new to the Unix enviroment. We are going to be heading out to the web pretty quick. We also have a WAN and a LAN in place. It is my job to keep my box secure. Can anyone throw me a bone and tell me where to get started on this. How do I find out what I have already? How do I find out what I need? The HP website is huge and I havent had any luck yet. I want to make sure I have the most up to date version of security on my box. Our there any good books out on this? I would appreciate some direction. Thanks.

Re: HPUX Security

Brian M. Fisher — Thu, 06 Jul 2000 15:02:00 GMT

The HP-UX course Practical UNIX and network Security was very valuable to me in securing my servers.
A couple of good books are:
Practical UNIX & Internet Security - O'Reilly
Halting the Hacker - Prentice Hall

A good place to start wouls be to switch your system to a "trusted system" via SAM.
Also, read up on inetd.sec the inet daemon security file.
i.e. man inetd.sec

Brian
<*(((>< er

Re: HPUX Security

Kofi ARTHIABAH — Thu, 06 Jul 2000 15:10:54 GMT

- Harden the OS = set it up as a trusted system from within SAM
- Disable Unused services
- setup /var/adm/inet.sec to limit what is allowed in/out and from/to where
- If possible disable telnet/ftp and use ssh/sftp instead
- check http://www.cert.org for recent security advisories (also http://www.nipc.gov)
- get the latest patch bundles and install (http://software.hp.com)
- if you do not already have a firewall, you might want to install some sort of firewall software to protect the rest of your network
- visit http://www.sans.org for some tips on system security
- checkout the hp docs http://docs.hp.com/hpux/internet/ for more on internet and security
Good luck

Re: HPUX Security

Fred Martin_1 — Fri, 07 Jul 2000 11:41:29 GMT

If you are going to set up a firewall, or even if you're outsourcing that, read the book "Building Internet Firewalls" (O'Reilly) and read it in its entirety.

There is much to learn and the book is excellent.

Re: HPUX Security

Rob Adams — Fri, 07 Jul 2000 16:57:55 GMT

If you are setting up a web site, either internal or external access, you might be interested in a new course being released by HP Education Services:
Optimising your Web Server with HP-UX (H4291S)
This is based on Apache, and includes both security and performance issues.
Worth a look, keep checking the HP web site for details: http://education.hp.com/

Re: HPUX Security

Wodisch — Sat, 08 Jul 2000 17:14:25 GMT

Hello Ted,

try to get the HP document "Administering Your HP-UX Trusted System",
HP Prt No. B2355-90121, First Edition August 1996.
This is about "trusted systems", ie. after having run "tsconv" on your HP-UX box.
To get back to to "not so trusted system" there is the undocumented option "-r"
to that command... ;-)

Re: HPUX Security

Maarten van Maanen — Wed, 26 Jul 2000 14:19:04 GMT

Hi,

I don't know what kind of website you are going to install or what it will be doing. If so, you could check the site www.hp.com/security for the HP Virtual Vault solution. It's a dedicated and highly specialised variation of HP-UX called VVOS (or HP-UX 10.24) which is a segmented type of Unix to give to a very high level of security. At the moment it is mainly used by banks. However, it should be used on a machine operating as a front-end.

Maarten van Maanen
Netherlands

Re: HPUX Security

Rita C Workman — Fri, 04 Aug 2000 12:27:12 GMT

Well the books suggested by others are all good and go for it. Since your a newbie you need to subscribe to some mags like SYSADMIN for UNIX. It's pretty helpful. And get yourself on as many forums like this as you can (subscribe to hp-ux admin at majordomo@dutchworks.nl.....some really interchange there also).
And finally, before you do anything else...if you don't have a firewall up than you need to take a look at your /var/adm/inetd.sec file. If you don't have a 'good' firewall up you need to start shutting down some doors till you get things in place. The file has info in it. Then take a look at your /etc/rc.config.d/netdaemons file and turn on inetd="-l" so you can log everything acessing your system. Then recycle your inted by keying /usr/sbin/inetd -c. You'll make points when you start seeing what unauthorized access you've been able to stop at the box.
And last go get those books and start reading......
Regards,

Re: HPUX Security

Michael Koslosky — Fri, 19 Jan 2001 15:59:50 GMT

I have asked this before, but
I have been to that hpux open
source porting and archive site,
but see no reference to SSL or
sftp. Can someone send pointers?
Also, I'd like info about running
in trusted mode with Service Guard,
and or other stuff ?
Please reply here, but if possible,
copy to glbny@yahoo.com (thanks).