https://community.hpe.com/t5/operating-system-hp-ux/3rd-party-security-software/m-p/2556961#M887422 Cont...<BR />o remote management (ssh, etc.)<BR />o network encryption (ipsec, etc.)<BR />o file encryption (pgp, etc.). Wed, 25 Jul 2001 13:26:56 GMT Chris Calabrese 2001-07-25T13:26:56Z https://community.hpe.com/t5/operating-system-hp-ux/3rd-party-security-software/m-p/2556956#M887417 Wed, 25 Jul 2001 12:50:39 GMT https://community.hpe.com/t5/operating-system-hp-ux/3rd-party-security-software/m-p/2556956#M887417 Jeff Gyurko 2001-07-25T12:50:39Z https://community.hpe.com/t5/operating-system-hp-ux/3rd-party-security-software/m-p/2556957#M887418 Hey community!<BR /><BR />Would help if I type something before grazing the enter key.<BR /><BR />I'm looking for opinions/experiences with 3rd party security software on the HP's. Specifically login security, surrogate security, ftp security...the basics. What's worked, what hasn't, what are you currently using, the support you get from the vendor...<BR /><BR />Throw it at me.<BR /><BR />Thanks all. Wed, 25 Jul 2001 12:54:47 GMT https://community.hpe.com/t5/operating-system-hp-ux/3rd-party-security-software/m-p/2556957#M887418 Jeff Gyurko 2001-07-25T12:54:47Z https://community.hpe.com/t5/operating-system-hp-ux/3rd-party-security-software/m-p/2556958#M887419 You should start with the built-in "trusted mode" (/usr/lbin/tsconvert).<BR /><BR />As for 3rd party tools, the big ones are Axent/Symantec ESM and Tivoli. But I have to warn you that these are comprehensive security management solutions that assume many machines and dedicated staff.<BR /><BR />If you just want to centrally manage user accounts, use NIS+ or LDAP. If you want to harden your systems, see <A href="http://www.sabernet.net/papers/hp-ux10.html" target="_blank">http://www.sabernet.net/papers/hp-ux10.html</A> and <A href="http://people.hp.se/stevesk/bastion11.html" target="_blank">http://people.hp.se/stevesk/bastion11.html</A> Wed, 25 Jul 2001 13:03:46 GMT https://community.hpe.com/t5/operating-system-hp-ux/3rd-party-security-software/m-p/2556958#M887419 Chris Calabrese 2001-07-25T13:03:46Z https://community.hpe.com/t5/operating-system-hp-ux/3rd-party-security-software/m-p/2556959#M887420 Hi,<BR /><BR />We're currently evaluating Nessus here. Nessus does security evaluations on Unix and NT boxes. It seems to hit the box pretty hard. It tripped up on the buggy perflbd that we have which goes runaway when it gets poked. Oops. Gotta load more patches. It is open source, so the price is right. Here is their web site:<BR /><BR /><A href="http://www.nessus.org" target="_blank">http://www.nessus.org</A><BR /><BR /><BR />JP<BR /> Wed, 25 Jul 2001 13:15:45 GMT https://community.hpe.com/t5/operating-system-hp-ux/3rd-party-security-software/m-p/2556959#M887420 John Poff 2001-07-25T13:15:45Z https://community.hpe.com/t5/operating-system-hp-ux/3rd-party-security-software/m-p/2556960#M887421 That brings up a good point..... Exactly what are you looking for anyway. I was guessing account management, but it's not entirely clear if you want<BR />o account management<BR />o server hardening<BR />o scanners/auditing<BR />o intrusion detection<BR />o forensics<BR />o firewalls Wed, 25 Jul 2001 13:25:36 GMT https://community.hpe.com/t5/operating-system-hp-ux/3rd-party-security-software/m-p/2556960#M887421 Chris Calabrese 2001-07-25T13:25:36Z https://community.hpe.com/t5/operating-system-hp-ux/3rd-party-security-software/m-p/2556961#M887422 Cont...<BR />o remote management (ssh, etc.)<BR />o network encryption (ipsec, etc.)<BR />o file encryption (pgp, etc.). Wed, 25 Jul 2001 13:26:56 GMT https://community.hpe.com/t5/operating-system-hp-ux/3rd-party-security-software/m-p/2556961#M887422 Chris Calabrese 2001-07-25T13:26:56Z https://community.hpe.com/t5/operating-system-hp-ux/3rd-party-security-software/m-p/2556962#M887423 * Replace BIND by BIND-9.x or djbdns<BR />* Replace sendmail by Postfix<BR />* Replace rcp, rlogin, telnet by OpenSSH &amp; friends<BR />* Install TCP_wrappers instead of using inetd.sec<BR /><BR />That should help significantly<BR /><BR />Then add tripwire or AIDE to have a hostbased IDS<BR /><BR />Add snort for a networkbased IDS<BR /><BR />And all this AT NO COST!<BR /> Thu, 26 Jul 2001 09:07:34 GMT https://community.hpe.com/t5/operating-system-hp-ux/3rd-party-security-software/m-p/2556962#M887423 Ralf Hildebrandt 2001-07-26T09:07:34Z