HPE Community
Operating System - HP-UX
1847730 Members
3267 Online
110265 Solutions
New Discussion

sercure a brand-new unix box rx3440

 
SOLVED
Go to solution
I.Delic
Super Advisor

‎07-03-2004 10:52 PM

‎07-03-2004 10:52 PM

sercure a brand-new unix box rx3440

Hi guy's,

Ik got new Unix box RX3440. I want to secure him.
FTP, TELENT, RLOGIN RSHELL i want to stop it or i want to allow some user to use it.
I want to lockup anonymos user . Is this a good idea ? I stil want to use my appache server.
Yes i kan find it al by myself but at this moement i don't have a much time
Can you pas me a some documentation about it ?

Thank you in advance

Idriz

0 Kudos
Reply
2 REPLIES 2
Thayanidhi
Honored Contributor

‎07-03-2004 11:39 PM

‎07-03-2004 11:39 PM

Re: sercure a brand-new unix box rx3440

Hi,

/var/adm/inetd.sec
file should me modified to allow/deny inet services. Example is available in the same file (commented).

Note: this will work for standard inet services which you mentioned. a application service such listner cannot be controlled using inetd.sec
Refer to the application vendor if you want to deny such services.

TT
Attitude (not aptitude) determines altitude.
0 Kudos
Reply
Con O'Kelly
Honored Contributor

‎07-04-2004 11:58 AM

‎07-04-2004 11:58 AM

Solution

Re: sercure a brand-new unix box rx3440

Hi

In very simple terms you can disable these services by commenting them out in /etc/inetd.conf and then running the following command:
# inetd -c

As already stated you can use /var/adm/inetd.sec file to restrict access to these services.

You can download a good document from Centre for Internet Security which details steps involved in securing HP-UX servers.
http://www.cisecurity.org/bench_hpux.html

Also look at the Building a Bastion Host document which I have attached.

Cheers
Con


Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.