HPE Community
Operating System - HP-UX
1836436 Members
2551 Online
110100 Solutions
New Discussion

Trust - System + security

 
SOLVED
Go to solution
yaron daniel
Frequent Advisor

‎07-30-2005 08:20 PM

‎07-30-2005 08:20 PM

Trust - System + security

Hello All

I have some questions:
1) If i move my 2 nodes cluster to mode trusted-system , does it have any affect on the cluster ?
2) I want to harden the security on my system, which port/services the mcsg uses, in order to not close them by mistake ?
3) Is there any differance between the hpux 11i and the 11.23 systems ? (any special commands to use, in the trusted-system mode and mcsg ???).
10x
the truth is out there
0 Kudos
Reply
2 REPLIES 2
Steven E. Protter
Exalted Contributor

‎07-31-2005 01:01 AM

‎07-31-2005 01:01 AM

Solution

Re: Trust - System + security

3) Trusted system is pretty much the same on the two operating systems. The command set is the same. I don't recall seeing any new commands with regards to trusted.

2) MSSG won't function if there is a loss of network connectivity between the systems. If you use ipfilter to shut down ports, you may crash the cluster. I had to be careful in my lab to keep ping working and that kept me out of trouble. Other circumstances really depend on the type of application you are running. You can create a situation where an app bounces from node to node and never runs.


1) I reccommend moving one node at a time to trusted, but there really should be a minimal impact. There may be a few applications that can't run on a trusted system, but I don't know besides NIS that won't run on trusted.

Trusted system takes the passwords out of /etc/passwd and puts them in a series of individual files /tcb/auth/file/r contains the root user and the ronnie user for example.

It makes the system harder to hack, because the hacker may need to get thousands of files to run a password cracker on.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Reply
yaron daniel
Frequent Advisor

‎07-31-2005 02:29 AM

‎07-31-2005 02:29 AM

Re: Trust - System + security

Hi

What happen if i have Oracle Package that user oracle run it. i move to trust system mode and i change now the oracle password on server1, how can i synchronize the passwords between the servers (server1 & server2) ??? This question is also for all users changes (password, homedir and so...)
the truth is out there
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.