- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: Security tightening on our HP systems.
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-18-2005 04:33 AM
тАО10-18-2005 04:33 AM
Security tightening on our HP systems.
daemon
bin
sys
adm
uucp
lp
nuucp
hpdb
www
I assume these accounts are neccesary however do they pose any additional security threats and can we lock them down in any particular way.
Cheers
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-18-2005 04:57 AM
тАО10-18-2005 04:57 AM
Re: Security tightening on our HP systems.
Other security things you might want to look into.
permissions on /tmp /var/tmp /var/preserve
are typically wrong on HP, by being 777 instead of 1777.
comment unused things out of inetd.conf.
and you may also want to add some stuff in nddconf.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-18-2005 05:13 AM
тАО10-18-2005 05:13 AM
Re: Security tightening on our HP systems.
http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6849AA
Rgds...Geoff
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-18-2005 05:17 AM
тАО10-18-2005 05:17 AM
Re: Security tightening on our HP systems.
www for example ois for a webserver and you need to be careful with how you run that service.
Bastille is good, because it comes with security_patch_check and requires PERL5 to run.
Bastille's gui makes hardening a system very easy. It also lets you shut down archaic daemons and such. A good start.
SEP
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-18-2005 05:25 AM
тАО10-18-2005 05:25 AM
Re: Security tightening on our HP systems.
Change the /etc/passwd file for these users as folows.
daemon:*:1:5::/:/usr/bin/false
bin:*:2:2::/usr/bin:/usr/bin/false
sys:*:3:3::/:/usr/bin/false
adm:*:4:4::/var/adm:/usr/bin/false
uucp:*:5:3::/var/spool/uucppublic:/usr/bin/false
lp:*:9:7::/var/spool/lp:/usr/bin/false
nuucp:*:11:11::/var/spool/uucppublic:/usr/bin/false
hpdb:*:27:1:ALLBASE:/:/usr/bin/false
www:*:30:1::/:/usr/bin/false
smbnull:*:101:101:DO NOT USE OR DELETE - needed by Samba:/home/smbnull:/usr/bin/
false
webadmin:*:40:1::/usr/obam/server/nologindir:/usr/bin/false
Regards,
Syam
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-18-2005 05:29 AM
тАО10-18-2005 05:29 AM
Re: Security tightening on our HP systems.
You can have additional security with bastille hardening tool for HPUX. The documentation on how to achieve this is attached.
I am sure that this will help you in implementing security policies on ur systems.
regards,
Syam