Manualshelf

Security Management Guide (G06.29+, H06.08+, J06.03+)

ManualsBrandsHP ManualsServerHP NonStop G-Series
71727374757677787980
Safeguard System Security
Security Management Guide 522283-021
3 - 18
Command Files
In addition, if there is an OBJECTTYPE DISKFILE authorization record, you might
want to grant CREATE authority so the user can secure the disk file containing the
object code.
Command Files
If several objects require similar security settings, you might be able to use a command
file to make the task of securing them easier. You can create a command file that
contains the settings common to several objects and add these objects to the
Safeguard database using this file. After you add the objects, you might need to make
only minor changes to the individual records.
Consider using a log file from a SAFECOM session as the source of your command
file. The log file requires some editing before you can use it as a command file.
However, it can be helpful when you try to duplicate a complex SAFECOM session.
The SAFECOM DISPLAY AS COMMANDS command can also help you in creating
command files.
For more information about these features, see the Safeguard Reference Manual.
Auditing
Safeguard auditing attributes allow you to record authentication attempts, object
access attempts, attempts to change or read Safeguard records, and attempts by a
specific user to perform an action. Additionally, you can use the audit service
commands to manage the audit trail. For more information about auditing, see the
Safeguard Audit Service Manual.
Auditing Authentication Attempts
Specify auditing for all authentication attempts by privileged users, such as the
super ID, super-group users, members of the security st
aff, and group managers. Be
sure to audit failed as well as successful authentication attempts. A series of failed
attempts might indicate an intrusion attempt. The following SAFECOM command
specifies auditing of both failed and successful authentication attempts for the
super ID:
=ALTER USER 255,255, AUDIT-AUTHENTICATE-PASS LOCAL, &
=AUDIT-AUTHENTICATE-FAIL LOCAL
In this example, LOCAL specifies local attempts to log on. Remote logon attempts are
not audited because authentication attempts can be audited only on the system where
they occur.
If your policy requires auditing of authentication attempt
s by all users, you can use the
Safeguard global configuration attributes rather than specifying auditing for each user