HPE Community
Operating System - HP-UX
1834587 Members
3462 Online
110069 Solutions
New Discussion

HP-UX Security Check Report

 
SOLVED
Go to solution
Filipe Litaiff
Occasional Contributor

‎12-07-2001 05:21 AM

‎12-07-2001 05:21 AM

HP-UX Security Check Report

Dear Forumers,

I have to do an "audit" to HP-UX boxes and generate a report. I used free tools like COPS and Tiger. COPS results were not satisfactory and buggy, tried Tiger and it generated a quite good report, but had two problems:

1- Errors like
./bin/realpath: Syntax error at line 1 : `(' is not expected.
./scripts/check_inetd[41]: shift: The specified number is not valid for this command.

and others in the standard error;

2) I couldn??t figure out how to customize for HP-UX 11 since it reports HP-UX particularities as issues.

The target is to have a tool/script/whatever to run properly once a week and generate a report to track down security issues, preferable free.

Any help would be appreciated.

Thanks,

Filipe
Stoic
0 Kudos
Reply
3 REPLIES 3
Bill McNAMARA_1
Honored Contributor

‎12-07-2001 05:40 AM

‎12-07-2001 05:40 AM

Re: HP-UX Security Check Report

Go here for links to free hp security sw.
The patch check tool is usefull for permission tests and searching for recalled patches.

http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProducts.pl?group_type=category&group_name=ISS

Also try the porting archive for precompiled tools:

http://hpux.cs.utah.edu/

Our security guy here always makes the mistake of allowing me to remotely swlist his system:

myserver> swlist @ should_be_secure

.
.
Medusa 5.3.a Security/Audit Monitoring Toolset
MedusaLocalConf Local configurations and filters for Medusa slaves.
OMNIBACK-II A.03.10 HP OpenView OmniBack II
OSD-SEC A.02.11f HP OSD Security Tools
PWplus 3.1.a Password Security Toolset
SW-DIST B.11.11.00.01.01 HP-UX Software Distributor
SW-DIST-SC B.11.11.00.01.01 HP-UX Software Distributor Version 11.10
SecurityTools 1.0 Security tools
.
.


If I wanted to attack the system I'd start by finding security flaws on all that sw..

( swacl will turn it off )

Later,
Bill

It works for me (tm)
0 Kudos
Reply
Animesh Chakraborty
Honored Contributor

‎12-12-2001 10:37 PM

‎12-12-2001 10:37 PM

Solution

Re: HP-UX Security Check Report

Hi,
I may get solution from ISS
http://www.iss.net/contact.php
Did you take a backup?
Reply
Steven Sim Kok Leong
Honored Contributor

‎12-12-2001 11:07 PM

‎12-12-2001 11:07 PM

Re: HP-UX Security Check Report

Hi,

For network-based security audits, nessus is best free scanning tool available. Its reports are detailed, comprising links to how specific vulnerabilities can be resolved. Value for money.

The plugins (tools for detecting vulnerabilities) can be periodically updated via nessus-update-plugins command which can be run via a cron job to automate the update process.

It is downloadable at http://www.nessus.org.

Hope this helps. Regards.

Steven Sim Kok Leong
Brainbench MVP for Unix Admin
http://www.brainbench.com
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.