Thursday, April 14, 2011

Hp-Ux Terminal Security Policies, Auditing and Security


Terminal Security Policies
Use this screen to set system policies for terminals. Policies apply to all terminals unless terminal-specific policies are set.
Unsuccessful Login Tries Allowed: 10 .
Delay Between Login Tries (sec.): 2 .
Login Timeout Value (sec.): 0 .
.,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,.
[ OK ]   [ Cancel ]   [ Help ]
,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,


* Network Information Service (NIS) is not supported on a trusted system.
System And Process Auditing
Now that the system has been converted to a trusted system and your security policies have been set. It’s time to turn on auditing.
/usr/sbin/sam
Select "Auditing and Security"
Select "Audited Events"
Select "Actions"
Select "Turn Auditing On"
Auditing and Security
File List View Options Actions Help .
. . Turn Auditing ON . .
.Auditing Turned: OFF . ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, . .
. . Set Audit Monitor and Log Parameters... . .
.,,,,,,,,,,,,,,,,,,,,,,,. View Audit Log... .,,,,,,,,,,,,.
.Audited Events . Unconvert the System . 18 selected.
.,,,,,,,,,,,,,,,,,,,,,,,. ======================================= .,,,,,,,,,,,,.
. Audit . (nothing selected) . .
. Event Type Success F,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,G .
.R,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,T .
.. admin Yes Yes acct, adjtime, audctl, audswitch, clock_ ^ .
.. close No No close, ksem_close, mq_close, munmap .
.. create No No creat, mkdir, mknod, msgget, pipe, semge .
.. delete No No ksem_unlink, mq_unlink, msgctl, rmdir, s .
.. ipcclose No No fdetach, shutdown .
.. ipccreat No No bind, socket, socket2, socketpair, socke .
.. ipcdgram No No .
.. ipcopen No No accept, connect, fattach .
.. login Yes Yes .
.. modaccess No No chdir, chroot, fchdir, link, lockf, lock v .
.F< >G .
F,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,G
.
Next you need to select which events you want to audit. At the very minimum you should audit admin - Logs all administrative and privileged events.
login - Logs all logins and logouts
modaccess - Logs all access modifications other than DAC
moddac - Logs all modifications of object’s discretionary access controls
Setup a cron job to collect system diagnostic messages.
  1. ____ /usr/bin/crontab –e
  2. ____ Insert the following 2 lines
# log kernel diagnostic messages every 10 minutes
05,15,25,35,45,55 * * * * /usr/sbin/dmesg - >>/var/adm/messages

Share this

0 Comment to "Hp-Ux Terminal Security Policies, Auditing and Security"

Post a Comment