HPE Community
Operating System - HP-UX
1752794 Members
6891 Online
108789 Solutions
New Discussion юеВ

Re: HPUX Hardining

 
SOLVED
Go to solution
HP UNIX Professionals
Frequent Advisor

тАО02-24-2011 07:07 AM

тАО02-24-2011 07:07 AM

HPUX Hardining

Hi Expects,

Anybody know what are the files location to be verified and audited for hardening the HPUX box.


Thanks in advance
0 Kudos
Reply
7 REPLIES 7
Shrikant Lavhate
Esteemed Contributor

тАО02-24-2011 07:24 AM - last edited on тАО08-25-2011 02:18 PM by

тАО02-24-2011 07:24 AM - last edited on тАО08-25-2011 02:18 PM by

Solution

Re: HPUX Hardining

Hi,

It depends on which areas you want to tweak and which policies, which level of security etc you want to implement.
Look/search for "trusted systems" in HPUX resources online.


Few threads:
http://h30499.www3.hp.com/t5/Security/HPUX-11-31-OS-Hardening/m-p/4697844#M15269

http://h30499.www3.hp.com/t5/Security/Hardening-HPUX-11i-and-OS-patches/m-p/4883072#M15908


Also googling with "HPUX hardening" yeilds results which you may want to read.

Will it remain a personal, if I broadcast it here!
Reply
James R. Ferguson
Acclaimed Contributor

тАО02-24-2011 07:35 AM

тАО02-24-2011 07:35 AM

Re: HPUX Hardining

Hi:

I think you are looking for the details of Bastille. See:

http://bizsupport.austin.hp.com/bc/docs/support/SupportManual/c02244038/c02244038.pdf

Regards!

...JRF...

Reply
Shrikant Lavhate
Esteemed Contributor

тАО02-24-2011 07:37 AM - last edited on тАО08-25-2011 02:19 PM by

тАО02-24-2011 07:37 AM - last edited on тАО08-25-2011 02:19 PM by

Re: HPUX Hardining

much informative thread:

http://h30499.www3.hp.com/t5/Security/HP-UX-Bastille-lockdown-hardening-tool/m-p/2730238#M3544

Will it remain a personal, if I broadcast it here!
Reply
Jose Mosquera
Honored Contributor

тАО02-24-2011 07:44 AM

тАО02-24-2011 07:44 AM

Re: HPUX Hardining

Hi,

Please check this:
http://h20000.www2.hp.com/bc/docs/support/SupportManual/c01944073/c01944073.pdf

Rgds.
Reply
Kenan Erdey
Honored Contributor

тАО02-24-2011 08:15 AM

тАО02-24-2011 08:15 AM

Re: HPUX Hardining

Hi,

generally /etc contains files to be monitored. But except this there are other locations that contains configuration files. with 11.31 audit system extension product gives you ability to audit only directories you want instead of whole filesystem.

also you can audit system calls. we had chose which system calls to be audited. if you want i check and write here.

Computers have lots of memory but no imagination
Reply
abir chowdhury
Advisor

тАО02-27-2011 11:36 PM

тАО02-27-2011 11:36 PM

Re: HPUX Hardining

hi
# cd /etc
vi inetd.conf

put the # mark in telnet and ftp services.
put the # mark in login .

#inted -c (for restart the all services)

(to stop telnet and ftp)
=============================================

#vi .rhosts
put the # mark in all entries
to stop the remote services.

(to stop rlogin)
==========================================
#cd /opt/ssh/etc
vi sshd_config

Change the line:

PermitRootLogin yes

to:

PermitRootLogin no

Then stop and restart SSH.

# /sbin/init.d/secsh stop

# /sbin/init.d/secsh start

You will then NOT be allowed to ssh as root.

============================================


0 Kudos
Reply
Don Mallory
Trusted Contributor

тАО02-28-2011 05:11 AM

тАО02-28-2011 05:11 AM

Re: HPUX Hardining

The short answer is, "All of them". The long answer depends on the level of risk you are willing to accept and another configuration / service features you have installed.

A good place to start is the CIS Benchmark (www.cisecurity.org/). The content is industry consensus based and it has an example Bastille config file, but also goes further in that it provides you with scripts that can be used to configure additional hardening, but also report on various configuration exposures. I much prefer this over Bastille on it's own.

The benchmark downloads are here:
http://cisecurity.org/en-us/?route=downloads.multiform

Best regards,
Don
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.