HPE Community
Operating System - HP-UX
1827445 Members
5466 Online
109965 Solutions
New Discussion

Re: software of vulnerabilities in HPUX

 
SOLVED
Go to solution
Jairo Campana
Trusted Contributor

‎04-29-2003 08:22 AM

‎04-29-2003 08:22 AM

software of vulnerabilities in HPUX

somebody knows software that discovers vulnerabilities of products installed in my server hpux 11.0
legionx
0 Kudos
Reply
6 REPLIES 6
Bill Douglass
Esteemed Contributor

‎04-29-2003 09:10 AM

‎04-29-2003 09:10 AM

Re: software of vulnerabilities in HPUX

You can also check for security vunerabilities at places like http://www.cert.org/, and the CERT mailing list http://www.cert.org/contact_cert/certmaillist.html

Also, here in the ITRC Knowledge base, you can search HPs security bulletins.

For ongoing monitoring and detectiopn, HP's Intrusion Detection System, IDS/9000 is a good tool. You can download it from http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=J5083AA

0 Kudos
Reply
Steven E. Protter
Exalted Contributor

‎04-29-2003 09:30 AM

‎04-29-2003 09:30 AM

Re: software of vulnerabilities in HPUX

The posts above and this forum are a good way of tracking vulnerabilities as they happen.

Berlene post importrant warnings as soon as she gets them.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Cheryl Griffin
Honored Contributor

‎04-29-2003 10:03 AM

‎04-29-2003 10:03 AM

Re: software of vulnerabilities in HPUX

Bill is correct IDS/9000 is also an excellent product. It has alerts that can help in detecting certain operations by applications which might indicate vulnerabilities.
The main aim of this product is to protect the underlying OS and its basic services.

For a complete listing of security offerings see:
http://www.software.hp.com/ISS_products_list.html.
"Downtime is a Crime."
0 Kudos
Reply
Keith Buck
Respected Contributor

‎04-30-2003 08:57 AM

‎04-30-2003 08:57 AM

Solution

Re: software of vulnerabilities in HPUX

security_patch_check

http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=B6834AA

will analyze your system for missing patches. This covers security bulletins released by HP which do not contain MANUAL ACTIONS, as specified in the HP security bulletin.

You should also subscribe to the HP-UX security bulletin mailing list. Click on "maintenance and support" (to your left), then at the bottom click on "Support notifications" and subscribe to the appropriate digest.

A list of past bulletins is available from a link at the bottom of that page, "hp-ux security bulletins archive"

Not all software...but hope it helps. There are also several network and host-based scanners that are available, if that's what you're looking for.

-Keith
Reply
Jairo Campana
Trusted Contributor

‎04-30-2003 10:26 AM

‎04-30-2003 10:26 AM

Re: software of vulnerabilities in HPUX

Excellent Keith also to all
I find other product free:
http://www.nessus.org/intro.html

http://www.saintcorporation.com/products/saint_engine.html

list urls:
http://www.cotse.com/tools/vuln.htm


legionx
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.