- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: securing hpux box
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-23-2001 05:49 AM
тАО10-23-2001 05:49 AM
i have nclass servers with hpux 11 installed .
could any body of you tell me how can i secure my hpux box or is there any software which can help me in assesing my hpux box security.
Regards,
Sharif
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-23-2001 05:53 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-23-2001 05:57 AM
тАО10-23-2001 05:57 AM
Re: securing hpux box
Take a look at thread below.
http://docs.hp.com/cgi-bin/fsearch/framedisplay?top=/hpux/onlinedocs/B2355-90742/B2355-90742_top.html&con=/hpux/onlinedocs/B2355-90742/00/00/60-con.html&toc=/hpux/onlinedocs/B2355-90742/00/00/60-toc.html&searchterms=security&queryid=20011023-065709
Here are the security software from hp.
http://www.hp.com/security/home.html
Hope this helps.
Thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-23-2001 05:58 AM
тАО10-23-2001 05:58 AM
Re: securing hpux box
There is C2-security available with HP-UX but not by default. You need to enable it. You can convert the system to trusted by running the command /usr/lbin/tsconvert. Then you can implement enhanced password restrictions, auditing etc., etc.,.
Check this URL for more details.
http://docs.hp.com/hpux/onlinedocs/B2355-90672/B2355-90672.html
All the best,
-Sri
-Sri
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-23-2001 06:00 AM
тАО10-23-2001 06:00 AM
Re: securing hpux box
http://www.hp.com/products1/unix/operating/hpux11i/alwayssecure.html
Regards
rainer
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-23-2001 06:02 AM
тАО10-23-2001 06:02 AM
Re: securing hpux box
got address and exact title:
http://people.hp.se/stevesk/bastion11.html
"Building a Bastion Host Using HP-UX 11" by Kevin Steves
good luck,
Thierry
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-23-2001 06:06 AM
тАО10-23-2001 06:06 AM
Re: securing hpux box
...first protect myself from outside sources getting in. So have a firewall installed and configured (by someone who is familiar with this process if you are not).
The next thing I would do is configure my /var/adm/inetd.sec file to allow or deny only certain IP's or hosts to use certain protocols.
Make sure your root password is secure AND double check your /etc/passwd file to ensure nobody has a GUID=0 except root and who you know should.
If your concerned already you may have folks trying things then setup inetd to log info to your syslog, so you can monitor for this. And keep an eye on your /var/adm/sulog file to see who's trying to crack the password.
...Now you still have a long way to go...so start reading and set up what security measures will work best for your shop.
Just a thought,
Rit
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-23-2001 06:08 AM
тАО10-23-2001 06:08 AM
Re: securing hpux box
Others have already suggested quite a few good white papers.
There is another tool called armor (which is a script) which secures a hp box. Might want to check it out
http://armor.sourceforge.net/
Here's a FAQ about armor
http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/~checkout~/armor/armor/FAQ?rev=HEAD&content-type=text/plain
Here's another thread where some of the folks here in the forum were planning to come up with another script.
http://forums.itrc.hp.com/cm/QuestionAnswer/1,11866,0x42b8cf38d6bdd5118ff10090279cd0f9,00.html
-HTH
Ramesh
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-23-2001 08:27 AM
тАО10-23-2001 08:27 AM
Re: securing hpux box
this is a wide topic.
For starters:
1) You can convert your
system to a Trusted mode.
It can be done through
SAM or command line(tsconvert). Trusted
system implements features
like auditing, shadowpassword
file in a trusted database.
Basically, it gives a
strict control over password
and auditing policies of the
system.
2) the next step is the tuning of connection services.
Go into /etc/services
and /etc/inetd.conf and
disable any service which
you feel is not required.
But, be very sure and careful
before you disable any services.
3) Then, use SSH/SFTP
instead of telnet/ftp .
telnet does not encrypt
passwords when it sends
it on the network.
SSH is a secure version
of connection to the system.
There are many more steps
to secure your system.
It depends on your requirements. Not all the
systems are secured to
a detailed extent.
HTH
raj