I am new to this board and look to the group for some guidance. I have been tasked with doing some server hardening for our HP-UX 11.x PA/IA machines. I've read everything I've found on the subject but most docs seem to be pretty outdated. I am familiar with Bastille and creating Trusted systems but at this point I would like to start by shutting down unnecessary services and ports.
Can anyone point me to documentation/information about HP-UX 11.x default installed services and their purposes?
I know many services can be turned off with the /etc/rc.config.d/* scripts but regarding /sbin/rc*.d links, is changing the capital K or S to lower case sufficient to shut off the service? In other words, will lower case first characters cause the link to be ignored?
Thank you in advance, any guidance is greatly appreciated.
>>I know many services can be turned off with the /etc/rc.config.d/* scripts but regarding /sbin/rc*.d links, is changing the capital K or S to lower case sufficient to shut off the service? In other words, will lower case first characters cause the link to be ignored?
Yes, the lower case characters 'will cause the links ot be ignored'. If you look at the rc script itself, on/about line 17 of /sbin/rc, is a function called get_scripts. The logic is a fairly easy to folllow if you're familiar with scripting; however, the key part for this discussion is:
case $name in
${mode}*)
${mode} will either be 'S' or 'K'
So, moving the link to a lower case will eliminate it from consideration which is also in line with the standard method on other OSs.
All that being said, if there is an /etc/rc.config.d script, edit that. Some apps don't use those, though, so you should be aware of this method as well.
Does anyone know of a source that describes the default HP-UX /etc/rc.config.d/* services and their use/purpose? I am currently researching to find information on each but if there is a doc on the subject it would be a great help.
