https://community.hpe.com/t5/operating-system-linux/how-to-secure-a-hp-ux11i-server/m-p/2950692#M4247 I've attached a document that supplies quick-and-dirty things to do to a server to secure it. These will slow down or thwart most attacks. However, like the other poster, I recommend the bastion product, which does many of the things I outline in my document. <BR /><BR />However, security is NOT something you can do once and forget. It has to be something that is maintained frequently, if you're serious about your data. Sooner or later, just about every possible system will be attacked in one manner or another, and the only way to deal with this is to always stay one step ahead of the latest threats. <BR /><BR />Good Luck<BR />Chris Mon, 14 Apr 2003 15:33:50 GMT Chris Vail 2003-04-14T15:33:50Z https://community.hpe.com/t5/operating-system-linux/how-to-secure-a-hp-ux11i-server/m-p/2950690#M4245 Hi, Is there any quick guide to securing a Server running UX11i? Disabling telnet, ftp etc is fine, but how do I disbale direct root access and inforce a/c logon first then allow su to root etc. Also, is there a file to restrict (by IP-Address)clients which are allowed to access my Web-Server. Appreciate any security information/documentation guidelines which may be available. Thanks in advance. Mon, 14 Apr 2003 13:10:31 GMT https://community.hpe.com/t5/operating-system-linux/how-to-secure-a-hp-ux11i-server/m-p/2950690#M4245 Declan Mc Kay 2003-04-14T13:10:31Z https://community.hpe.com/t5/operating-system-linux/how-to-secure-a-hp-ux11i-server/m-p/2950691#M4246 Hi,<BR /><BR />you can find a lot in this forums. You might start witk looking for 'bastion'. Which is a script to secure your system. I think it is a HP-product at the moment. <BR /><BR />Greetzz<BR />Donald Mon, 14 Apr 2003 14:14:54 GMT https://community.hpe.com/t5/operating-system-linux/how-to-secure-a-hp-ux11i-server/m-p/2950691#M4246 Donald Kok 2003-04-14T14:14:54Z https://community.hpe.com/t5/operating-system-linux/how-to-secure-a-hp-ux11i-server/m-p/2950692#M4247 I've attached a document that supplies quick-and-dirty things to do to a server to secure it. These will slow down or thwart most attacks. However, like the other poster, I recommend the bastion product, which does many of the things I outline in my document. <BR /><BR />However, security is NOT something you can do once and forget. It has to be something that is maintained frequently, if you're serious about your data. Sooner or later, just about every possible system will be attacked in one manner or another, and the only way to deal with this is to always stay one step ahead of the latest threats. <BR /><BR />Good Luck<BR />Chris Mon, 14 Apr 2003 15:33:50 GMT https://community.hpe.com/t5/operating-system-linux/how-to-secure-a-hp-ux11i-server/m-p/2950692#M4247 Chris Vail 2003-04-14T15:33:50Z https://community.hpe.com/t5/operating-system-linux/how-to-secure-a-hp-ux11i-server/m-p/2950693#M4248 1. this is a linux and not a hp unix forum. u will receive faster and better responses if u post in the hp forum.<BR /><BR />2. there is a white paper regarding building a bastion host.<BR /><A href="http://www.hp.com/products1/unix/operating/infolibrary/whitepapers/building_a_bastion_host.pdf" target="_blank">http://www.hp.com/products1/unix/operating/infolibrary/whitepapers/building_a_bastion_host.pdf</A><BR /><BR /><BR />3. for host based access restriction use tcp_wrappers or /var/adm/inetd.sec file.<BR /><BR /><BR />hth<BR />-balaji<BR /> Tue, 15 Apr 2003 09:10:13 GMT https://community.hpe.com/t5/operating-system-linux/how-to-secure-a-hp-ux11i-server/m-p/2950693#M4248 Balaji N 2003-04-15T09:10:13Z