HPE Community
Operating System - HP-UX
1823956 Members
3720 Online
109667 Solutions
New Discussion юеВ

how to implement trusted system ?

 
Mani K
Occasional Advisor

тАО02-17-2006 05:38 PM

тАО02-17-2006 05:38 PM

how to implement trusted system ?

how to implement trusted system and how effective it will be from the normal with OS hardening ?
Never Say Can't.........................
0 Kudos
Reply
6 REPLIES 6
Yogeeraj_1
Honored Contributor

тАО02-17-2006 06:25 PM

тАО02-17-2006 06:25 PM

Re: how to implement trusted system ?

hi mani,

this is something which is documented. Please refer to the following:

http://docs.hp.com/en/B2355-90121/


hope this helps!

kind regards
yogeeraj
No person was ever honoured for what he received. Honour has been the reward for what he gave (clavin coolidge)
0 Kudos
Reply
Faizer
Advisor

тАО02-18-2006 05:24 PM

тАО02-18-2006 05:24 PM

Re: how to implement trusted system ?

This documnet is for HPUX 10. Does anyone know of a newer version for 11.11 etc.
Thanks
Faizer
0 Kudos
Reply
Patrick Wallek
Honored Contributor

тАО02-19-2006 05:40 AM

тАО02-19-2006 05:40 AM

Re: how to implement trusted system ?

Check out the "Managing Systems and Workgroups: A Guide for HP-UX System Administrators" here:

HTML: http://docs.hp.com/en/B2355-90950/index.html

PDF: http://pdf2html.pootwerdie.com/pdf2html.php?url=http://docs.hp.com/en/B2355-90950/B2355-90950.pdf

There is a section this manual about Trusted systems.
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

тАО02-19-2006 02:14 PM

тАО02-19-2006 02:14 PM

Re: how to implement trusted system ?

Shalom Mani,

Trusted system does a few good things.

It creates audit reports which security auditors like and lets you find out what activity is going on with your system.

It breaks the passwords up by taking them out of the /etc/passwd and puts them in a lot of smaller files. This makes it harder for a hacker to find the right file to hack. Grabbing the passwd file can be done quickly and stealthily. Then the hacker runs crack against it and comes back later with the passwords for the id's it cracked. Gathering up an bunch of files takes more time and makes it more likely the hacker gets caught.

By itself trusted system helps but is not good enough. You should harden your system by looking for vulnerable permissions, daemons and services. The Bastille tool lets you do this by asking a series of questions.

Clear text password transmission access is very important to harden a system. The r protocols, telnet and ftp should be eliminated because they all send passwords in clear text.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Muthukumar_5
Honored Contributor

тАО02-19-2006 05:11 PM

тАО02-19-2006 05:11 PM

Re: how to implement trusted system ?

See the difference:

http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=638058

--
Muthu
Easy to suggest when don't know about the problem!
0 Kudos
Reply
Chauhan Amit
Respected Contributor

тАО02-19-2006 07:11 PM

тАО02-19-2006 07:11 PM

Re: how to implement trusted system ?

Check this link,

"Setting Up Your Trusted System"

http://docs.hp.com/en/B2355-90950/ch08s08.html

-Amit
If you are not a part of solution , then you are a part of problem
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.