Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP HP-UX Auditing System Extensions

system access

security guidelines for remote, 55

system administration

auditing guidelines, 176

auditing users, 171

authenticating users during login, 31

authenticating users using PAM, 34

backup guidelines, 26

controlling file security on a network, 106

defining security attributes, 46, 62

installing HP-UX securely, 23

installing security patches, 26

managing an administrative domain, 74

managing passwords, 41

managing remote access, 55

managing setuid and setgid programs, 50

managing user access, 29

mounting and unmounting a file system securely, 104

preventing stack buffer overflow attacks, 52

protecting root acess, 58

protecting unattended workstations and terminals, 53

securing FTP, 68

securing inetd, 71

securing Internet Services, 67

securing login banners, 57

securing the HP-UX file system, 87

security breaches , 23

setting install-time security options, 25

using boot authentication to prevent unauthorized access, 25

system run level

changing, 53

controlling access with, 53

system security

defining security attributes, 46, 62

T

TCP wrappers

and SSH, 83

protecting against spoofing with, 72

telephone

securing, 56

temporary account

disabling, 30

terminal

configuring screen lock for, 54

protecting unattended, 53

terminal access, 195

terminal control database

trusted system, 197

terminal device file

protecting, 54

time-based access control, 196

TMOUT variable

configuring, 54

trusted, 195

trusted password, 195

trusted password database, 197

trusted system

converting from, 192

converting to, 191

databases, 197

U

umask command

changing default file permissions with, 89

unique user name

importance of, 32

unmounting a file system securely, 104

user access

managing, 29

user account

restricted, 30

user authentication

during login, 31

PAM login example, 39

using PAM, 34

user ID (uid), 194, 195

user name

creating unique, 32

user security

managing, 29

userdbset command

examples of defining user attributes with, 49

V

/var/adm/inetd.sec, 72

verifying permissions on network control files, 75

W

who command

obtaining user login information with, 34

workstation

protecting unattended, 53

wtmp file

tracking successful logins with, 33

WU-FTPD, 69

218 Index