Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP HP-UX Auditing System Extensions

boot authentication

using, 25

boot processs

gaining, 24

booting

preventing security breaches during booting, 23

btmp file

tracking failed logins with, 33

C

CA (certificate authority)

defined, 205

CDE Lock Manager

configuring, 55

CDE Login Manager

logging in with, 32

Certificate Revocation List (CRL), 206

chfn, 194

chmod command

changing file access permissions with, 88

effect on class entries, 97

chown, 27, 194, 198

chroot jail, 84

chsh, 194

cmdprivadm, 158

examples, 159

syntax, 158

command

login, 193

swlist, 192

compartments, 109

activating, 124

creating rules, 114

file system rules, 116

IPC rules, 117

modifying rules, 114

network interface rules, 122

network rules, 119

planning a structure, 111

privilege limitation rules, 123

troubleshooting, 126, 140

crontab, 192

D

DES (Data Encryption Standard), 206, 207

device assignment database

trusted system, 197

device-based access control, 196

Diffie-Hellman, 207

group, 207

directory access

securing, 89

disk partition

security considerations for, 104

domain

managing an administrative, 74

E

encrypted password field, 194

encryption

definition, 207

ESP (Encapsulating Security Payload)

definition, 207

/etc/ftpd/ftpusers, 69

/etc/inetd.sec, 72

/etc/passwd, 27

expiration time

password aging, 195

F

fbackup command, 26

trusted backup, 197

file

/etc/group, 194

/etc/passwd, 191, 192, 193, 194

file corruption

locating and correcting using fsck command, 90

file ownership

setting, 89

file security

considerations for /dev special files, 103

controlling file access, 87

controlling on a network, 106

protecting disk partitions and logical volumes, 104

protecting files related to user accounts, 90

protecting NFS-mounted files, 107

file set

SecurityMon, 192

file system

security guidelines for mounting and unmounting, 104

fileaccess

setting access permissions, 88

filter

definition, 207

fine-grained privileges, 131

configuring, 160

frecover command, 26

trusted recovery, 197

fsck command

correcting file corruption with, 90

FTP

securing, 68

securing anonymous, 69

ftpd server, 69

function

getdvagent, 197

getprdfent, 197

getprpwent, 197

getprtcent, 197

getpwent, 197

getspwent, 197

putprpwnam, 197

putpwent, 197

214 Index