security policy

SanthoshMenon · ‎07-13-2006

iam planning to prepare security document for hp , can u tell me the approach is correct.
ididnt understand the first line in the sysntax can some one help me please

Prevent Syslog from accepting messages from network
---------------------------------------------
By default the system logging daemon, syslogd, listens for log messages from other systems on network port 514/udp. Unfortunately, the protocol used to transfer these messages does not include any form of authentication, so a malicious outsider could simply barrage the local system's Syslog port with spurious traffic—either as a denial-of-service attack on the system, or to fill up the local system's logging file systems so that subsequent attacks will not be logged.

SYSLOGD_OPTS="`sh -c` /etc/rc.config.d/syslogd ;
echo "$SYSLOGD_OPTS"'`"
ch_rc -a -p SYSLOGD_OPTS="-N $SYSLOGD_OPTS" \
/etc/rc.config.d/syslogd

Steven E. Protter · ‎07-13-2006

Shalom oracle,

Not just an ITRC user but a database?

You are correct there is no authentication for syslog in the standard configuration.

Most systems write their own logs to local disk and sit in protected networks with firewalls.

Further, you can run a product on HP-UX called ipfilter which can limit what hosts are permitted to write to the local syslog.

That is adequate protection, even for servers on the public Internet.

SEP

Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com

SanthoshMenon · ‎07-13-2006

Thanks a lot dir

your really great

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

security policy

security policy

Re: security policy

Re: security policy