- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- HP UX security checklist?
Operating System - HP-UX
1753365
Members
6319
Online
108792
Solutions
Forums
Categories
Company
Local Language
юдл
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
юдл
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Go to solution
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-19-2007 01:50 AM
тАО09-19-2007 01:50 AM
Re: HP UX security checklist?
A few additional thoughts:
1. Bastille will help you setup a basic ipfilter firewall (if you install ipfilter). The basic setup allows all outgoing traffic (and stateful return) but blocks all the incoming ports except the ones you allow. Bastille is intended to be the checklist you are looking for; we took into account several other checklists and chose what we felt were the most important things to focus on and implemented those first. Bastille is now in its 3rd generation and although there are things we'd like to add, it should be a fairly comprehensive start. On 11.23/11.31, you can even select a "one-click" Bastille hardening level at install-time (although going through the GUI is intended to be very educational too)
2. Software Assistant is replacing Security Patch Check. It includes much improved reporting and automatic downloads, integrity checking, and depot creation for patches. You can get it at https://www.hp.com/go/swa
Bastille can setup a cron job to run a report nightly.
Hope that helps.
-Keith
1. Bastille will help you setup a basic ipfilter firewall (if you install ipfilter). The basic setup allows all outgoing traffic (and stateful return) but blocks all the incoming ports except the ones you allow. Bastille is intended to be the checklist you are looking for; we took into account several other checklists and chose what we felt were the most important things to focus on and implemented those first. Bastille is now in its 3rd generation and although there are things we'd like to add, it should be a fairly comprehensive start. On 11.23/11.31, you can even select a "one-click" Bastille hardening level at install-time (although going through the GUI is intended to be very educational too)
2. Software Assistant is replacing Security Patch Check. It includes much improved reporting and automatic downloads, integrity checking, and depot creation for patches. You can get it at https://www.hp.com/go/swa
Bastille can setup a cron job to run a report nightly.
Hope that helps.
-Keith
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-19-2007 04:09 AM
тАО09-19-2007 04:09 AM
Re: HP UX security checklist?
I'd recommend IPfilter over TCP Wrappers for control and performance. IPFilter is built into the Kernel and comes standard with the OE, so it is tuned to work with the HP-UX Network stack with negligible performance degradation, unlike TCP Wrappers. It is fully supported, and free. It allows more control than tcp wrappers. In addition it provides better UDP/ICMP support, support for multiple layer-2 stacks, handy configuration and rule-testing programs, and neat features like connection-allocation. In addition, Bastille can give you a handy "starter" firewall as Keith mentioned with little work... just the use of an install time security level (in Ignite), or a run through the Bastille security-wizard.
Those Who Would Sacrifice Liberty for Security Deserve Neither." - Benjamin Franklin
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-19-2007 04:16 AM
тАО09-19-2007 04:16 AM
Re: HP UX security checklist?
Thank you! now at least I have more options!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-19-2007 04:20 AM
тАО09-19-2007 04:20 AM
Re: HP UX security checklist?
Starting with Bastile to see what is recommended. Thanks to everyone!
Sandi
Sandi
- « Previous
-
- 1
- 2
- Next »
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
News and Events
Support
© Copyright 2024 Hewlett Packard Enterprise Development LP