Re: Building a Secure Server

Warren griggs · ‎08-05-2002

Hi,

I want to build a secure web server with a minimum os install and then configure minimum services. Does anybody know a good server build document for HPUX.

Thanks,

Colin.

Rainer von Bongartz · ‎08-05-2002

Check out this document:

http://people.hp.se/stevesk/bastion11.html

Regards
Rainer

He's a real UNIX Man, sitting in his UNIX LAN making all his UNIX plans for nobody ...

Thierry Poels_1 · ‎08-05-2002

RTFF!! This question has already been asked many times before...

http://people.hp.se/stevesk/bastion11.html

good luck,
Thierry.

All unix flavours are exactly the same . . . . . . . . . . for end users anyway.

Warren griggs · ‎08-05-2002

Thanks for that, if anyone is interested this is Sun's equivelant.

http://www.enteract.com/~lspitz

This also has a lot of good security white papers and links.

Cheers,

Colin.

Anonymous · ‎08-06-2002

Colin,

you may actually use a "hardening script":
http://www.bastille-linux.org/download.html

HP-UX depot updated 24 July 2002, includes a Beta copy of Perl with Tk, about 21MB total (Note: you will need to upgrade this version of Perl when the official version is released)

more info and comments eg in
HP-UX Bastille - lockdown-hardening tool
http://forums.itrc.hp.com/cm/QuestionAnswer/1,,0xc2d291ccb36bd611abdb0090277a778c,00.html

New Beta release of HP-UX Bastille
http://forums.itrc.hp.com/cm/QuestionAnswer/1,,0xb43036e69499d611abdb0090277a778c,00.html

High level options for HP-UX Bastille
http://forums.itrc.hp.com/cm/QuestionAnswer/1,,0x672536e69499d611abdb0090277a778c,00.html

Steven Sim Kok Leong · ‎08-06-2002

Hi,

Check out the CIS (Centre for Internet Security) security benchmark for HP-UX at:

http://www.cisecurity.org/bench_HPUX.html

It provides security guidelines (including permission settings) for HP-UX 11.00 in addition to HP-UX 10.20 and HP-UX 11.11. Pretty comprehensive.

In addition to hardening, you would want to use a vulnerability scanner to verify your security settings across the network.

Nessus is the ultimate opensource scanner if you want to audit your system across the network with the latest vulnerability checks.

http://www.nessus.org

Because of its opensource and the huge pool of volunteers writing vulnerability checks for it (the scripting language to write vulnerability check is pretty easy to use), vulnerability checks always come available extremely quickly once a vulnerability is known, unlke many other similar software.

Hope this helps. Regards.

Steven Sim Kok Leong

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: Building a Secure Server

Building a Secure Server