Online Expert Day - HPE Data Storage - Live Now
April 24/25 - Online Expert Day - HPE Data Storage - Live Now
Read more
System Administration
cancel
Showing results for 
Search instead for 
Did you mean: 

HP-UX system configuration Audit/check

cartman_2
Frequent Advisor

HP-UX system configuration Audit/check

Hi,

I have to analize/check/Audit the system configuration of several HP-UX servers, and i was looking in the forum for recommendations on what to check, I have a small list, but I was hoping you could point me out more things to check out..


-Filesystem space(close to filling up FS)
-Network config(lan negotation and errors)
-Mirror config (mirrored lvols,bootconf,etc)
-Patch level, Driver level, firmware level
-product state(swverify ....,)
-Swap config (enough swap)
-dump/crash config (crashconf, etc)
-syslog/dmesg for errors
-boot/shutdown log for errors


10 REPLIES
Michal Kapalka (mikap)
Honored Contributor

Re: HP-UX system configuration Audit/check

hi,

your list of tast looks good,

but i would recomend to use

SysInfo or cfg2html to collect all your servers configuration.

mikap
Jeeshan
Honored Contributor

Re: HP-UX system configuration Audit/check

i'd like to add something familiar script called nickel.

Run the nickel script and check the files. There you will get all information about your system
a warrior never quits
cartman_2
Frequent Advisor

Re: HP-UX system configuration Audit/check

Yes I have cfg2html and nickel installed, but what I was looking for is other configurations to check out..

primary/alternate boot paths ok, but i would include that in the mirror config check
Michal Kapalka (mikap)
Honored Contributor

Re: HP-UX system configuration Audit/check

hi,

you could checkk ioscan for NO_HW, vgdisplay / lvdisplay ....

lvlnboot -v
....

mikap
cartman_2
Frequent Advisor

Re: HP-UX system configuration Audit/check

ioscan looking for NO_HW is a good one

all the others i would include in Mirror,lvm config


anything else?
R.O.
Esteemed Contributor

Re: HP-UX system configuration Audit/check

For instance, to check mirror copies of each vg00's lvol:

# > vgdisplay -v vg00 | grep "LV Name" | awk '{print$3}' | while read lvol
> do
> lvdisplay $lvol|grep Mirror
> done

Regards,
"When you look into an abyss, the abyss also looks into you"
cartman_2
Frequent Advisor

Re: HP-UX system configuration Audit/check

Thanx RO, but i'm not looking for ways to check things(no problem there)

What I'm looking for is Ideas on what things I can check out on the system.
Sunny Jaisinghani
Trusted Contributor

Re: HP-UX system configuration Audit/check

You may check following things to make your servers more secure

1.world writable files,
2.zero bytes files,
3.check for insecure services such as telnet, ftp, rlogin, rcp, etc.
4. check for .rhosts files and remove them for better security
5. check for terminals in /etc/securetty which allow direct root login. It should contain only 1 entry i.e console for security purpose.


Sunny Jaisinghani
Trusted Contributor

Re: HP-UX system configuration Audit/check

You can also monitor event logs or set up EMS alerts through email.

EMS alerts help you detect hardware failures.
Raj D.
Honored Contributor

Re: HP-UX system configuration Audit/check

Carmen,
Also consider checking user crontab files, and cron.allow users (and may be at.allow if any) , from security point of view.
Hth,
Raj.
" If u think u can , If u think u cannot , - You are always Right . "