HPE Community
Operating System - HP-UX
1845946 Members
3734 Online
110250 Solutions
New Discussion

Security Concern

 
SOLVED
Go to solution
Avinash20
Honored Contributor

‎12-04-2007 12:26 AM

‎12-04-2007 12:26 AM

Security Concern

Friends,

I like to have the following to be done on my server:

Information to be logged
- Login Successes and Failures
- Addition / Deletion / Modification of Users
- Changes to Security Settings
- Changes to Logging and Auditing Settings
- Service Access Logs e.g. FTP, Telnet, SSH etc
Login Control
After successful login, every user must be given information reflecting the last login time, date and details of any unsuccessful login attempts since the last successful login.

Terminal Timeout
Inactive Terminal Session (Telnet, SSH, tty, vty, sessions) must be set to a timeout of 15 minutes

any response is highly appreciated
"Light travels faster than sound. That's why some people appear bright until you hear them speak."
0 Kudos
7 REPLIES 7
Kapil Jha
Honored Contributor

‎12-04-2007 01:10 AM

‎12-04-2007 01:10 AM

Re: Security Concern

>>>Login Successes and Failures
It is already logged in wtmp files and you may use "last" command to see when a particular user was logged in.

>>>Inactive Terminal Session
there is a variable TMOUT you can set it to according to your requiredment.

>>>Addition / Deletion / Modification of Users
M not sure about any tools but you can write a script which will tell you whenever thers is some modification in /etc/passwd file.

I suppose you need some tool or you'll have to wrie script for each.
BR,
Kapil


I am in this small bowl, I wane see the real world......
0 Kudos
Avinash20
Honored Contributor

‎12-04-2007 01:37 AM

‎12-04-2007 01:37 AM

Re: Security Concern

Any further suggestion will be more helpful
"Light travels faster than sound. That's why some people appear bright until you hear them speak."
0 Kudos
Shrikant Lavhate
Esteemed Contributor

‎12-04-2007 02:16 AM

‎12-04-2007 02:16 AM

Re: Security Concern

>Service Access Logs

for logging FTP logs that is incoming and outgoing FTP file transfers, insert the-i and -o options with the ftp entry in the /etc/inetd.conf file. like this:
ftpd -a -l -d -i -o

The logs will be saved into /var/adm/syslog/xferlog.
Will it remain a personal, if I broadcast it here!
0 Kudos
Jeeshan
Honored Contributor

‎12-04-2007 02:55 AM

‎12-04-2007 02:55 AM

Solution

Re: Security Concern

Hi Avinash

Did u convert your system in trusted mode. You can do your queried security concern in trusted system

- Login Successes and Failures
If trusted you can get message
- Addition / Deletion / Modification of Users
If u use SAM to do so you have sam.log to view
- Changes to Security Settings
its in trusted system
- Changes to Logging and Auditing Settings
you can do also in trusted system
- Service Access Logs e.g. FTP, Telnet, SSH etc
you can view the syslog.log to view such like messages if your syslog process has entry for this services
-Login Control
if your system in trusted mode user can also see the message of successful and unsuccessful logins
Terminal Timeout
for telnet edit file in /etc/default/security
and for other terminal use their individual configuration files
a warrior never quits
0 Kudos
Avinash20
Honored Contributor

‎12-05-2007 04:31 AM

‎12-05-2007 04:31 AM

Re: Security Concern

Thanks everyone:

http://docs.hp.com/en/B2355-90950/ch08.html

This will help.
"Light travels faster than sound. That's why some people appear bright until you hear them speak."
0 Kudos
Sp4admin
Trusted Contributor

‎12-05-2007 08:02 AM

‎12-05-2007 08:02 AM

Re: Security Concern

Hello Avinash,

you can also use SAM's auditing. For system calls and other command.

sp,
0 Kudos
Avinash20
Honored Contributor

‎03-28-2008 10:48 PM

‎03-28-2008 10:48 PM

Re: Security Concern

Above url helped
"Light travels faster than sound. That's why some people appear bright until you hear them speak."
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.