Bastille, is great, get it perl 5.8 and install it.
get security_patch_check and make it your ogranizational policy to use it, and follow its recommendations on a regular basis.
http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProducts.pl?group_type=search&group_name=security_patch_check&search_free=1&search_trial=1&search_buy=1You should get and install a version of crack 5.0 on a non-production server. Copy your /etc/passwd files once a month and run analysis. Any passwords that get guessed, force password change and make the supervisor aware.
You should run lastb last analysis on all your logs on a regular basis. That should be policy and you write the script and your operations department reviews the output on a weekly basis.
You should consider download and install of the saint utility on a non-production server. It can be used to probe unix boxes and NT/Microsoft boxes and report security vulnerabilities. It should be operational policy that during a maintenance window, production servers are checked in this way.
You should consider taking two courses at HP Education. Practical Unix and Network Security and Internet Security. Almost nobody takes the Internet course but its one of the best courses HP offers.
Lastly, you should make your system a trusted system. This enables password shadowing, automatic expiration of unused accounts, and a great audit log for tracking down issues.
P
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
