Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP HP-UX Auditing System Extensions

putpwent function, 197

putspwent function, 197

R

random number generator, 83

recovery

security guidelines for, 26

remote access

security guidelines for managing, 55

Remote Access Services, 67

overview of, 67

remote procedure call

See RPC, 73

remote sessions

securing using SSH, 76

reuse

password, 196

roleadm, 155

examples, 156

syntax, 155

roles

configuring, 155

default, 156

groups, 157

guidelines for creating, 152

root

drawbacks of, 143

root access

gaining, 24

monitoring, 58

reviewing, 59

using Restricted SMH Builder for limited, 58

root account

protecting, 58

RPC

and TCP wrappers, 73

RSA cryptosystem, 209

rsh command

limiting system access with, 30

run level

changing, 53

controlling access with, 53

S

screen lock

configuring, 54

Sec00Tools security level, 25

Sec20MngDMZ security level, 25

Sec30DMZ security level, 25

Secure Shell

see SSH, 76

securing remote sessions, 76

security attribute

defining, 46, 62

security level

choosing during installation, 25

security patch

installing, 26

SecurityMon file set, 192

selection and generation, 195

self-auditing program, 187

set group ID program

See setgid programs, 50

set user ID program

See setuid programs, 50

setacl command

changing ACLs with, 97

changing JFS ACLs with, 100

setfilexsec command, 113, 132

setgid programs, 27, 198

managing, 50

setuid programs, 27, 198

managing, 50

shadow password, 43

single-user mode

booting into, 24

SIS, 73

Software Assistant

using, 26

spoofing

defined, 70

protecting against using TCP wrappers, 72

SSH, 46

associated technologies, 83

authentication, 76, 80

encryption, 76

features, 76

GSS-API, 80

HP-UX system, 82

password authentication, 81

port forwarding, 77

privileged mode execution, 79

public key based authentication, 81

running, 78

running scp client, 79

running sftp client, 79

running ssh client, 78

securing remote sessions, 76

software components, 77

strong random number generator, 83

support for TCP wrappers, 83

SSH-1 protocol, 82

SSH-2 protocol, 82

stack buffer overflow protection, 52

sticky bit

setting, 89

strong random number generator, 83

superuser access

monitoring, 58

protecting, 58

reviewing, 59

using Restricted SMH Builder for limited, 58

swlist command, 192

217