security features

khilari · ‎12-27-2005

Hi there, actually i just deployed a new hp/ux server. It is in a network and i want to put in security features (firewalls) etc, to make sure it stays secure. Any suggestions as to any patches or software i could install
to achieve that???

Rick Garland · ‎12-27-2005

Look into Bastille.

There is an HP port of this product.

Steven E. Protter · ‎12-27-2005

Shalom Mujtaba,

Bastille is a good start.
http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6849AA
It requires Perl 5

http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=PERL

There are several options to be aware of with Bastille.

1) It can shut down vulnerable, little used deamons that one wonders why are installed in the first place. This also boosts system peformrance.
2) You can automatically set up security_patch_check and have your systems checked against the lastest required security patches from HP. This is actually a requirement in many service contracts and should not be ignored.

3) You can set up the ipfilter firewall and have a firewall directly on your HP server. This is probably better done with a hardware solution, but if there is no hardware solution or Linux box around, this will do.

If you use Bastille to disable the Berkley protocols, this may interfere with Serviceguard and will interfere with Ignite, DR, so tread cautiously.

Security is a never ending job of searchs and tweaks and sofware upgrades.

You might also find a commercial product, Tripwire useful for you security. It makes sure binaries are not altered my malicoius users and such.

SEP

Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com

wip · ‎12-27-2005

Hi,

Please try Internet System Scanner from ISS and do a security base line by scanning you entire system for security vulnerabilities for hpux.

thanks
wip

Andrew Cowan · ‎12-27-2005

The Nessus security scanner is also a good tool to scan for vulnerabilities. See: http://www.nessus.org/

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

security features

security features

Re: security features

Re: security features

Re: security features

Re: security features