GreenLake Administration
- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- HIDS and ServicGaurd together
Operating System - HP-UX
1855759
Members
9178
Online
104103
Solutions
Forums
Categories
Company
Local Language
back
Forums
Discussions
Knowledge Base
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Knowledge Base
Forums
Discussions
- Cloud Mentoring and Education
- Software - General
- HPE OneView
- HPE Ezmeral Software platform
- HPE OpsRamp
Knowledge Base
Discussions
Forums
Discussions
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Go to solution
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-14-2007 06:16 AM
06-14-2007 06:16 AM
Hi,
We have four of rx4640's running HP-UX 11.23 with ServiceGuard. We have been told to install Host Intrusion Detection System (HIDS). In reading the release notes for HIDS 4.1, I see that HIDS has not been tested with ServiceGuard. The release notes are dated April, 2007. Can anyone tell me if there has been a change in ServicGuard/HIDS compatibility since the writing of that document? In other words, can I ignore the Release notes with respect to this compatibility issue?
Thanks,
Darrell Tschakert
We have four of rx4640's running HP-UX 11.23 with ServiceGuard. We have been told to install Host Intrusion Detection System (HIDS). In reading the release notes for HIDS 4.1, I see that HIDS has not been tested with ServiceGuard. The release notes are dated April, 2007. Can anyone tell me if there has been a change in ServicGuard/HIDS compatibility since the writing of that document? In other words, can I ignore the Release notes with respect to this compatibility issue?
Thanks,
Darrell Tschakert
I'll add a quote when I think of one.
Solved! Go to Solution.
5 REPLIES 5
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-14-2007 06:27 AM
06-14-2007 06:27 AM
Re: HIDS and ServicGaurd together
I can't answer your question (that sounds promising). But I did want to make a suggestion in going with 4.0 instead of 4.1. I recently upgraded to 4.1 and have had more headaches with this release than I would like to admit. The only thing that I like about 4.1 is the tuning feature. But if you do not edit the file that the tuning function offers you can get some really nasty looking rules in your surveillance groups.
"The difference between me and you? I will read the man page." and "Respect the hat." and "You could just do a search on ITRC, you don't need to start a thread on a topic that's been answered 100 times already." Oh, and "What. no points???"
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-14-2007 06:57 AM
06-14-2007 06:57 AM
Solution
Shalom,
Not tested does not mean it won't work.
I've not tested the combination. I believe so long as you don't run it in the cluster and run it on individual nodes it will work flawlessly.
If you want to run it in the cluster, my logical question is what protection and logging does the passive node get?
Running HIDS on a floating ip to shared storage provides no protection to the passive node.
As to whether it will work at all, I've seen nothing. If you have a lab with two systems, you can test.
SEP
Not tested does not mean it won't work.
I've not tested the combination. I believe so long as you don't run it in the cluster and run it on individual nodes it will work flawlessly.
If you want to run it in the cluster, my logical question is what protection and logging does the passive node get?
Running HIDS on a floating ip to shared storage provides no protection to the passive node.
As to whether it will work at all, I've seen nothing. If you have a lab with two systems, you can test.
SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-14-2007 07:09 AM
06-14-2007 07:09 AM
Re: HIDS and ServicGaurd together
Since I used to run SG for a few years and have been admin'ing HIDS for a little while I could only suggest not to set HIDS to monitor the virtual IP of any packages. I would suggest just putting the agents on each node and monitoring each. You will probably have a lot of fun editing the surveillance group templates to ignore any SG related routines.
"The difference between me and you? I will read the man page." and "Respect the hat." and "You could just do a search on ITRC, you don't need to start a thread on a topic that's been answered 100 times already." Oh, and "What. no points???"
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-14-2007 07:29 AM
06-14-2007 07:29 AM
Re: HIDS and ServicGaurd together
Thanks everyone.
Shalom,
I intend to run HIDS on the individual nodes. I intend to put the Managment System on one of the idle nodes and agents on all of the nodes. The documentation suggests running the Managment system on a separate machine - I don't have a separate machine so will run it on an idle SG node.
We don't have any machines to test HIDS on.
I know next to nothing about HIDS, so I learned something here - Thanks.
Darrell T.
Shalom,
I intend to run HIDS on the individual nodes. I intend to put the Managment System on one of the idle nodes and agents on all of the nodes. The documentation suggests running the Managment system on a separate machine - I don't have a separate machine so will run it on an idle SG node.
We don't have any machines to test HIDS on.
I know next to nothing about HIDS, so I learned something here - Thanks.
Darrell T.
I'll add a quote when I think of one.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-14-2007 07:43 AM
06-14-2007 07:43 AM
Re: HIDS and ServicGaurd together
Since you are not familiar with HIDS I would definitely suggest reading:
http://docs.hp.com/en/5992-0705/index.html
for 4.1 and/or
http://docs.hp.com/en/5991-6776/index.html
for 4.0.
Both provide a wealth of knowledge for getting started. Once you have the gist of how it works the hard part is brushing up on regexps to modify templates.
http://docs.hp.com/en/5992-0705/index.html
for 4.1 and/or
http://docs.hp.com/en/5991-6776/index.html
for 4.0.
Both provide a wealth of knowledge for getting started. Once you have the gist of how it works the hard part is brushing up on regexps to modify templates.
"The difference between me and you? I will read the man page." and "Respect the hat." and "You could just do a search on ITRC, you don't need to start a thread on a topic that's been answered 100 times already." Oh, and "What. no points???"
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
Company
Events and news
Customer resources
© Copyright 2026 Hewlett Packard Enterprise Development LP