HPE Community
Operating System - HP-UX
1822934 Members
3732 Online
109645 Solutions
New Discussion юеВ

system security

 
хнЩшЛ▒щФР
New Member

тАО06-05-2005 09:32 PM

тАО06-05-2005 09:32 PM

system security

I want to place a rp_5470 out of fire wall.So I worry about its system security. please give me some advice or any documents about these.
0 Kudos
Reply
7 REPLIES 7
Joseph Loo
Honored Contributor

тАО06-05-2005 09:40 PM

тАО06-05-2005 09:40 PM

Re: system security

hi,

there is a very good doc on hardening your server:

http://docs.hp.com/en/5990-8172/ch08s12.html

regards.
what you do not see does not mean you should not believe
0 Kudos
Reply
Binu_2
Advisor

тАО06-08-2005 04:13 AM

тАО06-08-2005 04:13 AM

Re: system security

Hi

Try this link
http://secinf.net/info/unix/hp-ux9.html

Thanks
Binu
0 Kudos
Reply
Devesh Pant_1
Esteemed Contributor

тАО06-08-2005 03:02 PM

тАО06-08-2005 03:02 PM

Re: system security

You may want to consider this offering from HP Bastille which is very nice way of hardening the security.
HP-UX Bastille may be downloaded from http://www.software.hp.com/ISS_products_list.html

More information on Bastille can be read from

http://docs.hp.com/en/5990-6737/ch07s06.html

thanks
Devesh
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

тАО06-08-2005 04:21 PM

тАО06-08-2005 04:21 PM

Re: system security

You have a good set of posts here.

I add to this recommendation, ipfilter firewall.

You are worried about not being behind a firewall? Make your own. Stop worrying.

ipfilter
http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B9901AA

Bastille
http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6849AA

Bastille requires PERL5
http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=PERL

Another suggestion: Use openssh/Secure Shell instead of telnet/ftp

http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=T1471AA

Internet Express has several other good monitoring products:

http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=HPUXIEXP1111

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Bill Hassell
Honored Contributor

тАО06-08-2005 05:33 PM

тАО06-08-2005 05:33 PM

Re: system security

Without a good understanding of Internet security issues (especially if you are using telnet, ftp, and/or Xwindows), it would be very risky to put your server on the open Internet, especially if there is important data on this system. I would suggest getting the HP-UX Security book by Chris Wong as background and look at all the above suggestions. None of the above suggestions are simple to implement without some good HP-UX and networking experience.


Bill Hassell, sysadmin
0 Kudos
Reply
roger_122
Occasional Advisor

тАО06-09-2005 07:24 AM

тАО06-09-2005 07:24 AM

Re: system security

You may want to visit

http://www.cisecurity.org/

for more hints..
0 Kudos
Reply
Rick Garland
Honored Contributor

тАО06-09-2005 08:03 AM

тАО06-09-2005 08:03 AM

Re: system security

I would agree with Bill.

Lots of suggestions can be made and implemented but system security on the internet can be precarious at best.

Another book to read is the Internet Security book - an O'Reilly book.

By all means read the suggestions that have been provided. The more you know the better off you will be.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.