- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- security checking apps
Operating System - HP-UX
1753293
Members
6634
Online
108792
Solutions
Forums
Categories
Company
Local Language
юдл
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
юдл
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Go to solution
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-19-2007 11:18 PM
тАО09-19-2007 11:18 PM
Hi all,
I have some scripts to check on some basic unix security however does anyone know of any apps that are built into HP / Linux / Sun / AIX that check certain security such as changes in files, permissions, trojans etc?
I am looking into using tripwire - does anyone have any other suggestions?
thanks
Chris.
I have some scripts to check on some basic unix security however does anyone know of any apps that are built into HP / Linux / Sun / AIX that check certain security such as changes in files, permissions, trojans etc?
I am looking into using tripwire - does anyone have any other suggestions?
thanks
Chris.
hello
Solved! Go to Solution.
5 REPLIES 5
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-19-2007 11:24 PM
тАО09-19-2007 11:24 PM
Solution
Shalom Chris,
tripwire is the absolute standard in this area. Nothing else comes close.
It also runs on all the operating systems you mentioned.
It is part of HP-UX Internet Express for example.
For hardening, you should also use Bastille.
SEP
tripwire is the absolute standard in this area. Nothing else comes close.
It also runs on all the operating systems you mentioned.
It is part of HP-UX Internet Express for example.
For hardening, you should also use Bastille.
SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-19-2007 11:30 PM
тАО09-19-2007 11:30 PM
Re: security checking apps
You can also use snort and chkrootkit - all they are part of Internet Express - http://h20338.www2.hp.com/hpux11i/cache/324414-0-0-0-121.html
Also this applications are available for most of the Unix boxes.
regards,
ivan
Also this applications are available for most of the Unix boxes.
regards,
ivan
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-20-2007 04:01 AM
тАО09-20-2007 04:01 AM
Re: security checking apps
FYI. For HPUX only, we support HPUX Host Host IDS that is tightly integrated with the kernel. I posted a comparison between a file integrity checker like tripwire with our HIDS at:
http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=1040677
I like the quote from the CTO at Tripwire (Gene Kim) that you can find at http://archives.neohapsis.com/archives/sf/ids/2000-q4/0071.html
"To roll up in one sentence, I view IDS as early warning detection, and integrity as damage assessment and recovery. I use both, because both are essential."
So, depends on your requirements. If batch-mode integrity checks are all you need, tripwire or similar integrity checkers is the way to go.
Pierre
http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=1040677
I like the quote from the CTO at Tripwire (Gene Kim) that you can find at http://archives.neohapsis.com/archives/sf/ids/2000-q4/0071.html
"To roll up in one sentence, I view IDS as early warning detection, and integrity as damage assessment and recovery. I use both, because both are essential."
So, depends on your requirements. If batch-mode integrity checks are all you need, tripwire or similar integrity checkers is the way to go.
Pierre
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-21-2007 12:14 AM
тАО09-21-2007 12:14 AM
Re: security checking apps
The Center for Internet Security (www.cisecurity.org) have a series of benchmarking and scoring tools. The majority of them are PDF documents with script snippets to relate to particular recommendations. A lot of it is in Bastille, but not all.
As well, they have scoring scripts, permission check scripts and a tool that checks against the SANS Top 20 list (www.sans.org).
For intrusion detection, Snort is great for network based attacks, Tripwire is both open source (free) and closed source (paid). The former is actually a university project by the founder of the TripWire corporation.
Red Hat Enterprise 5 now includes aide, which is just like Tripwire, but different, also open source.
There is also Tiger - The UNIX Security audit and Intrusion Detection Tool:
http://www.nongnu.org/tiger/
As well, they have scoring scripts, permission check scripts and a tool that checks against the SANS Top 20 list (www.sans.org).
For intrusion detection, Snort is great for network based attacks, Tripwire is both open source (free) and closed source (paid). The former is actually a university project by the founder of the TripWire corporation.
Red Hat Enterprise 5 now includes aide, which is just like Tripwire, but different, also open source.
There is also Tiger - The UNIX Security audit and Intrusion Detection Tool:
http://www.nongnu.org/tiger/
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-21-2007 03:53 AM
тАО09-21-2007 03:53 AM
Re: security checking apps
It depends on what you want to do:
1. Bastille now includes a reporting mechanism for all the security-relevant things that it can harden (OS configuration items that are documented trade-offs between security and functionality). Bastille is also available for several Linux distributions.
2. HP-UX Software Assistant (https://www.hp.com/go/swa) has extensive reporting capabilities for known security vulnerabilities (bulletins) that could affect your system. Other OS's have similar tools (yum, apt, etc.) that at least update the system. Some (at least rudimentary) reporting is also generally available through those interfaces.
3. HP-UX IDS and Tripwire - See Pierre's comments
4. Center for Internet Security - similar purpose to Bastille, quite a bit of overlap from each direction but each includes things the other doesn't. Note that the HP-UX Benchmark was updated just a week or two ago.
Hope that helps.
-Keith
1. Bastille now includes a reporting mechanism for all the security-relevant things that it can harden (OS configuration items that are documented trade-offs between security and functionality). Bastille is also available for several Linux distributions.
2. HP-UX Software Assistant (https://www.hp.com/go/swa) has extensive reporting capabilities for known security vulnerabilities (bulletins) that could affect your system. Other OS's have similar tools (yum, apt, etc.) that at least update the system. Some (at least rudimentary) reporting is also generally available through those interfaces.
3. HP-UX IDS and Tripwire - See Pierre's comments
4. Center for Internet Security - similar purpose to Bastille, quite a bit of overlap from each direction but each includes things the other doesn't. Note that the HP-UX Benchmark was updated just a week or two ago.
Hope that helps.
-Keith
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
News and Events
Support
© Copyright 2024 Hewlett Packard Enterprise Development LP