HPE Community
Operating System - HP-UX
1844270 Members
2688 Online
110230 Solutions
New Discussion

Re: HP-UX Trusted Systems - must install security patches

 
Fabrizio Tedone
Occasional Contributor

‎07-29-2004 03:53 AM

‎07-29-2004 03:53 AM

HP-UX Trusted Systems - must install security patches

Hi all,
I'd like where to look to obtain as soon as possible the list of patches I must install to be able to fully exploit the Trusted System features.
Thanks
0 Kudos
Reply
6 REPLIES 6
Steven E. Protter
Exalted Contributor

‎07-29-2004 04:01 AM

‎07-29-2004 04:01 AM

Re: HP-UX Trusted Systems - must install security patches

download this
http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA

swinstall it

run security_patch_check

It will list every security patch you need.

Use the patch database link on http://itrc.hp.com to build complete depots with dependencies.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Bill Hassell
Honored Contributor

‎07-29-2004 04:42 AM

‎07-29-2004 04:42 AM

Re: HP-UX Trusted Systems - must install security patches

Along with the Trusted patches, get a copy of Bastille (you'll need an Xwindow display device) to guide you through a thorough security analysis: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6849AA


Bill Hassell, sysadmin
0 Kudos
Reply
Sanjay_6
Honored Contributor

‎07-29-2004 04:44 AM

‎07-29-2004 04:44 AM

Re: HP-UX Trusted Systems - must install security patches

Hi,

you can also do a custom patch assessment for your system, which will hopefully download all the patches you need as a bundle.

http://www1.itrc.hp.com/service/patch/assessSystemsPage.do?admit=-682735245+1091119301048+28353475

Hope this helps.

Regds
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

‎07-29-2004 04:51 AM

‎07-29-2004 04:51 AM

Re: HP-UX Trusted Systems - must install security patches

If you follow Bill's suggestion don't do mine. security_patch check is included with bastille and if you click yes, Bastille adds a regular check for security patches to the cron schedule.

Bill's way as always is superior to mine. I was going to post a Bastille list but got lazy.

SEP
SIT
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Fabrizio Tedone
Occasional Contributor

‎07-29-2004 08:15 PM

‎07-29-2004 08:15 PM

Re: HP-UX Trusted Systems - must install security patches

Thanks to everyone. Anyway, at this stage I' was looking more towards a documentation list where it is clear which are the mandatory patches to be installed in order to enable all the features of a Trustes System; I cannot run any self assessment on the nodes now because prior to obtain access to the nodes I have to provide this preliminary analysis. Thanks
0 Kudos
Reply
Bill Hassell
Honored Contributor

‎07-30-2004 02:00 AM

‎07-30-2004 02:00 AM

Re: HP-UX Trusted Systems - must install security patches

The Trusted system features are available out of the box. However, Trusted system is one of several components to security on the system. Thus, you need to scan for all security patches, especially to get the features shown in /etc/default/security (see man security). Just download the securoity_patch_check (http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA) as Steven mantioned. It will produce the report that you need. Additionally, this script will also report on patches with problems, something is often overlooked after a patch is installed. security_patch_check just produces a report.


Bill Hassell, sysadmin
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.