All post

Thursday, April 14, 2011

Hp-Ux configure Sendmail

11:08 AM No Comments
SendmailSendmail is very often a security risk. Therefore it is very important that you be running the newest version or at least a fully patched version. Also since most machines only need to send out mail to a relay host, many of sendmail functionalities can be disabled. You can download the latest version of sendmail forhttp://www.sendmail.org.____ replace the existing /etc/mail/sendmail.cf...

Hp-UX User Access Control

11:07 AM No Comments
User Access ControlTight controls must be maintained on user’s accounts. You should only have accounts on a system that are necessary for the applications that are running.Restrict root login to just the console. User must use su to login as root.____ /usr/bin/touch /etc/securetty ____ /usr/bin/echo console > /etc/securetty ____ /usr/bin/chmod 400 /etc/securetty Enable password...

Hp-Ux Terminal Security Policies, Auditing and Security

11:06 AM No Comments
Terminal Security Policies Use this screen to set system policies for terminals. Policies apply to all terminals unless terminal-specific policies are set.Unsuccessful Login Tries Allowed: 10 .Delay Between Login Tries (sec.): 2 .Login Timeout Value (sec.): 0 ..,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,.[ OK ]  ...

Hp-UX Convert to a Trusted System

11:03 AM No Comments
Convert to a Trusted SystemHP-UX offers some additional security features such as, a more stringent authentication system, auditing, terminal access control and time-based access control. These are in addition to the normal Unix security mechanisms that are generally available. But to take advantage of these features the system must be converted to a trusted system.* If security...

Hp-Ux Remaining Network Services

11:01 AM No Comments
Remaining Network ServicesIf the machine is to be a DNS client then you’ll need to define the domain and it’s name server(s). You will have to configure which sources the resolver will use and in which order. You should configure so that the host file is checked first then DNS.____ /usr/bin/touch /etc/resolv.conf ____ /usr/bin/echo "domain " > /etc/resolv.conf ____ /usr/bin/echo...

Hp-Ux File System Configuration

11:00 AM No Comments
File System ConfigurationSome file systems are static in nature and won’t change unless you’re doing some type of upgrade. Therefore to safeguard against unkown modifications to the files in these file systems and possible addition of trojan horses, it makes sense to mount these files systems read-only. (/usr and /opt are examples) You also want to ensure that setuid programs...
Subscribe to: Posts (Atom)