HPE Community
Operating System - HP-UX
1836623 Members
1790 Online
110102 Solutions
New Discussion

Re: Cybercop scan

 
Verónica Muñoz Segovia
Frequent Advisor

‎01-09-2002 03:18 PM

‎01-09-2002 03:18 PM

Cybercop scan

Hi,

Eventually the servers on my site are scan with cybercop and I'm attaching the vulnerabilities that this sw find. On my opinion no one apply to HP-UX 10.20, because I'm always applied all the patches that the HP itrc send me by e-mail, but I would like to find any document to can be sure that what I'm thinking is true.

Hope somebody can help me.
Always is important to know the opinion of other people with or without experience
0 Kudos
Reply
4 REPLIES 4
Michael Tully
Honored Contributor

‎01-09-2002 03:39 PM

‎01-09-2002 03:39 PM

Re: Cybercop scan

Hi,

There are a few things that you can use as a
reference for securing systems.

Have a look at these links:

http://people.hp.se/stevesk/bastion11.html
http://www.deter.com/unix/papers/unix_security_checklist.txt
http://forums.itrc.hp.com/cm/QuestionAnswer/1,11866,0x67f9c6af36b7d5118ff10090279cd0f9,00.html
http://forums.itrc.hp.com/cm/QuestionAnswer/1,11866,0x4499e7e60861d511abcd0090277a778c,00.htm

HTH
-Michael
Anyone for a Mutiny ?
0 Kudos
Reply
Sanjay_6
Honored Contributor

‎01-09-2002 06:36 PM

‎01-09-2002 06:36 PM

Re: Cybercop scan

Hi Veronica,

You can do a custome patch analysis on your system and check if there is any patch you should have on the system. Here is the link on cutome patch manager,

http://us-support3.external.hp.com/wps/bin/doc.pl/sid=b0f2adaf0171c6bed9

Here is the cpm faq,

http://us-support3.external.hp.com/wps/bin/doc.pl/screen=wpsCPMHelp/sid=c46825b01ab01b9b03#faq

Here is a link to the hp security bulletins,

http://us-support3.external.hp.com/cki/bin/doc.pl/sid=bce6d8640fcdb40382/screen=ckiSecurityBulletin

You can subsribe to hp security bulletins if you want.

Hope this helps.

Regds
0 Kudos
Reply
Sanjay_6
Honored Contributor

‎01-09-2002 06:43 PM

‎01-09-2002 06:43 PM

Re: Cybercop scan

Hi Veronica,

The security patch check utility available from hp is for 11.0. Don't think it is available for 10.20. Take a look at this thread,

http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=B6834AA

Hope this helps.

Regds
0 Kudos
Reply
Steven Sim Kok Leong
Honored Contributor

‎01-09-2002 07:34 PM

‎01-09-2002 07:34 PM

Re: Cybercop scan

Hi,

First, I would suggest that you rely on more than one scanner for greater accuracy and depth in the scan. Nessus is one good network-based security scanner.

CERT/CC security bulletins and SANS SAC (Security Alert Consensus) security bulletins are two bulletins you would want to subscribe to, in addition to the HP-UX security bulletin.

If HP-UX could not come up with a patch yet, the HP-UX security bulletin is usually not posted and the users would thus not be informed.

CERT/CC and SANS will usually release information on the security vulnerability whether or not the security patch is available.

If you have the resources to spare, BUGTRAQ is one mailing list which will alert you the latest in vulnerabilities, but be prepared for a lot of seiving and filtering to identify correct and relevant information.

Hope this helps. Regards.

Steven Sim Kok Leong
Brainbench MVP for Unix Admin
http://www.brainbench.com
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.