Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP HP-UX Auditing System Extensions

Index

Symbols

/dev special device file

security considerations for, 103

/etc/d_passwd file

controlling access using, 56

/etc/default/security, 25

/etc/dialups file

controlling access using, 56

/etc/ftpd/ftpusers file

changing access with, 69

/etc/group file, 194

/etc/inetd.sec file, 72

/etc/pam.conf file, 35

configuring systemwide with, 37

/etc/pam_user.conf file, 35

/etc/passwd file, 191, 192, 193, 194

application user accounts, 30

changing, 42

example of pseudo-account in, 45

format of, 43

recovering, 27

restricted account, 30

/etc/rbac/aud_filter, 188

/etc/rbac/cmd_priv, 160

entries, 162

/etc/security.dsc file, 47

/etc/shadow shadow password file, 43

/sbin/rc2.d/S760auditing, 192

/tcb/files/auth/ protected password database, 192, 193

/tcb/files/auth/*/*, 191, 194, 196, 197

/tcb/files/ttys, 196

/tmp, 198

/var.adm/userdb file, 48, 63

/var/adm/inetd.sec file

configuring, 72

A

access

device-based access, 196

password, 195

terminal control, 195

time-based access, 195, 196

access control list

See ACL, 91

Access Control Policy Switch, 147

customizing, 166

interfaces, 147

ACL

and NFS, 103

comparison of JFS and HFS, 102

default JFS entries, 99

example of changing a minimal JFS, 98

setting, 91

setting HFS, 91

setting JFS, 95

trusted system backup/recovery, 197

administrative domain

managing, 74

AES (Advanced Encryption Standard), 205

AH (Authentication Header)

definition, 205

anonymous FTP

securing, 69

at command, 192

audisp command

viewing audit log output with, 186

audit event, 177

type, 179

audit flag, 195

audit ID (aid), 192, 194, 195

audit log file, 179

overwriting existing, 181

streamlining data in, 187

viewing, 186

auditing

basic profile, 178

commands, 172

enabling, 172

turning on after recovery, 27

users, 171

authadm, 157

examples, 158

syntax, 157

authentication, 192

during login, 31

PAM login example, 39

used by SSH, 80

using boot, 25

using PAM, 34

Authorization Number, 193

authorizations, 144

configuring, 157

object, 144

operation, 144

auxiliary audit log file, 180

B

backup

security guidelines for, 26

trusted system, 191, 197

backup media

security of, 197

Bastille (see HP-UX Bastille)

batch, 192

213