HPE Community
Operating System - HP-UX
1830466 Members
2618 Online
110005 Solutions
New Discussion

Medusa Security System

 
SOLVED
Go to solution
Shivkumar
Super Advisor

‎06-17-2005 12:56 PM

‎06-17-2005 12:56 PM

Medusa Security System

Hey Guys,

What is medusa security system on hpux 11i ?

Thanks,
Shiv
0 Kudos
Reply
9 REPLIES 9
Joseph Loo
Honored Contributor

‎06-17-2005 01:19 PM - last edited on ‎04-18-2017 12:34 AM by

‎06-17-2005 01:19 PM - last edited on ‎04-18-2017 12:34 AM by

Re: Medusa Security System

hi shiv,

not sure if is is for hp but u may refer to this site:

[Broken link removed on <4/18/2017> by Mod]

interesting what u get when u google.

hope it helps.

regards.

what you do not see does not mean you should not believe
Reply
KVK
Valued Contributor

‎06-17-2005 01:57 PM - last edited on ‎04-18-2017 12:33 AM by

‎06-17-2005 01:57 PM - last edited on ‎04-18-2017 12:33 AM by

Re: Medusa Security System

Hi Shiv,

Couldn't find any information about medusa in docs.hp.com . It could be a third party application for the security system in the Unix/Linux platforms . the only way to find the about the medusaDS9 Google :-)

http://talby.csu.umist.ac.uk/~isd/_unix_security/unix_security_survey.11.html

Reply
Mel Burslan
Honored Contributor

‎06-17-2005 02:46 PM

‎06-17-2005 02:46 PM

Re: Medusa Security System

Medusa is the home brew security architecture that hp uses on their 1500+ internal hpux servers. Not available to outside hpux customers to the best that I know. It is actually not a product. It is the combination of hodge podge little and big applications which snuck their way into the HP data center at one time and liked so much that powers that be decided to use it on all servers.

If you are inquiring about it because you want to use it, licence it or use it one way or the other and you are not working for HP, might as well forget about it.
________________________________
UNIX because I majored in cryptology...
Reply
nz_1
Advisor

‎09-07-2005 04:04 PM

‎09-07-2005 04:04 PM

Re: Medusa Security System

A medical company here uses medusa for their Integrity servers.
Reply
Shivkumar
Super Advisor

‎09-07-2005 05:11 PM

‎09-07-2005 05:11 PM

Re: Medusa Security System

Nash; Could you please eloborate in detail what functions it performs ?

Thanks,
Shiv
0 Kudos
Reply
Ross Minkov
Esteemed Contributor

‎09-07-2005 05:17 PM

‎09-07-2005 05:17 PM

Solution

Re: Medusa Security System

Medusa is an HP-UX Security Auditing Tool. It stands for Master Environment for Detection of Unix System Anomalies. Medusa is only for HP INTERNAL USE.

Regards,
Ross
Reply
Shivkumar
Super Advisor

‎09-07-2005 05:24 PM

‎09-07-2005 05:24 PM

Re: Medusa Security System

If you could give some documentation on this it would be great. Thanks.
0 Kudos
Reply
Mel Burslan
Honored Contributor

‎09-07-2005 06:41 PM

‎09-07-2005 06:41 PM

Re: Medusa Security System

Shiv,

As I have previously mentioned, months ago, there is no such product called MEDUSA per se. It is the name of the combination of security related utilities framework used in internal HP IT systems. How I know it ? I contracted to HP for the maximum allowed 2 years term, doing reactive support for HP's internal IT systems. Otherwise, MEDUSA to an outsider is no more than a rumor, hence you most probably will not find any doc.s related to that.
________________________________
UNIX because I majored in cryptology...
Reply
Indira Aramandla
Honored Contributor

‎09-07-2005 07:00 PM

‎09-07-2005 07:00 PM

Re: Medusa Security System

Hi Shiv,

Here is some info formt he web.

The Medusa DS9 is a tool, which implements the ZP Security Framework. The main goal of a project is to implement a framework for implementation of any security model. Medusa DS9 consists of two major parts: the VS monitor, implemented in kernel of a operating system, and Security Decision Center implemented as user-space daemon called Constable. Constable is configured using our own configuration language, which is slightly based on C.

Medusa DS9 Security System is a very interesting piece of software. In the Slovak language, ``medusa'' means ``jellyfish''. Like jellyfish, Medusa can sting an enemy with its tentacles. In Greek mythology, Medusa was one of the three Gorgon monsters. Anybody who got a glimpse of her face became petrified.

Medusa is a security system which can extend the overall security of your system. Medusa consists of two parts. The first is a set of small patches to the Linux kernel, and the second is a user-space security dæmon (authorization server) called Constable.
The basic idea behind Medusa is really simple. Before execution of certain operations, the kernel asks the authorization server (Constable) for confirmation. The authorization server then permits, forbids or changes the operation. The authorization server and kernel talk to each other through the special device: /dev/medusa. In this way, an administrator can create his own security model, which can complete or override the original UNIX model. I have told you the principle is simple; however, the actual implementation is a bit complicated. If you are interested in how, see Resources.
In 1995, the authors of Medusa were administrators of university machines. Since there were many users, someone often cracked a machine and used it as a base for nasty activities. Instead of taking part in a never-ending race with crackers and their exploits, they decided to achieve better security in a different way. In 1996, an ancient preliminary version, old Medusa, was born. After more development, a new generation called Medusa DS9 appeared in July 1998.

Indira A
Never give up, Keep Trying
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.