HPE Community
Operating System - HP-UX
1835215 Members
2383 Online
110078 Solutions
New Discussion

Re: Security

 
Robert A Kirkpatrick
Advisor

‎05-01-2003 02:29 AM

‎05-01-2003 02:29 AM

Security

Hi, I am looking to improve my system security. I have installed COPS and started tighting up files. Is there any other system software that I can use to assist me
Which does not kill you only makes you stronger
0 Kudos
Reply
8 REPLIES 8
Stefan Farrelly
Honored Contributor

‎05-01-2003 02:33 AM

‎05-01-2003 02:33 AM

Re: Security

Install;

B6834AA B.01.00 HP-UX Security Patch Check Tool

You can download from www.software.hp.com. Run it via cron regularly, it will check to HP and inform you of any new security patches, and if your serevr is uptodate. Very handy.
Im from Palmerston North, New Zealand, but somehow ended up in London...
0 Kudos
Reply
Pete Randall
Outstanding Contributor

‎05-01-2003 02:34 AM

‎05-01-2003 02:34 AM

Re: Security

Hi,

Take a look at HP's free Bastille tool:

http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=B6849AA


"HP-UX Bastille is a security hardening/lockdown tool which can be used to enhance the security of the HP-UX operating system. It provides customized lockdown on a system by system basis by encoding functionality similar to the Bastion Host whitepaper and other hardening/lockdown checklists."


Pete

Pete
0 Kudos
Reply
Zeev Schultz
Honored Contributor

‎05-01-2003 03:04 AM

‎05-01-2003 03:04 AM

Re: Security

Except for Bastille which is good
there is a 'bastion hp-ux document' -
url : http://people.hp.se/stevesk/bastion11.html

Here's a list of HP-UX security tools available:
http://www.hp.com/products1/unix/operating/security/ - all the kerberos,ssh,ipsec etc tools.

Zeev
So computers don't think yet. At least not chess computers. - Seymour Cray
0 Kudos
Reply
Cheryl Griffin
Honored Contributor

‎05-01-2003 03:15 AM

‎05-01-2003 03:15 AM

Re: Security

For a complete listing of security offerings see:
http://www.software.hp.com/ISS_products_list.html
"Downtime is a Crime."
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

‎05-01-2003 08:59 AM

‎05-01-2003 08:59 AM

Re: Security

Forgive the duplication.

Here is a cut and paste of my scurity sermon.

CIFS/9000

http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=B8725AA

Client
http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=B8724AA

Documentation:
http://www.docs.hp.com/hpux/onlinedocs/B8725-90003/B8725-90003.html

Security Post



Links:


security_patch_check: Checks your system and makes sure its up to date with security patches from HP
http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=B6834AA


Required Perl install

http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=PERL

Bastille: Security Hardening Tool

http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=B6849AA

TCP Wrappers

http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=TCPWRAP

Secure Shell: a replacement for rcp ftp and telnet that encrypts passwords

http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=T1471AA

http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=T1471AA

IDS/9000 Intrusion Detection System which can track security breaches and attempted security breaches.

http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=J5083AA

pam kerobos
http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=J5849AA


Attached is a paper on security hardening.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Elif Gius
Valued Contributor

‎05-01-2003 11:03 PM

‎05-01-2003 11:03 PM

Re: Security

You can use tripwire, ipsec, mkpdf for securing your system and watching system changes.
0 Kudos
Reply
Elif Gius
Valued Contributor

‎05-01-2003 11:05 PM

‎05-01-2003 11:05 PM

Re: Security

Hi,

sorry I forgot tcpwrapper...which is a very good tool to restrict access to system daemons.
0 Kudos
Reply
V. V. Ravi Kumar_1
Respected Contributor

‎05-01-2003 11:15 PM

‎05-01-2003 11:15 PM

Re: Security

hi,

see the website
www.cisecurity.org
where u can find out benchmark utilities for HP-UX security checking. We are using it and is a very good tool.

Regards
Never Say No
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.