Manualshelf

Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP HP-UX Auditing System Extensions
12345678910
4 Remote Access Security Administration................................................................................67
4.1 Overview of Internet Services and Remote Access Services.................................67
4.1.1 Securing ftp..........................................................................................68
4.1.2 Securing Anonymous ftp.........................................................................69
4.1.3 Denying Access Using /etc/ftpd/ftpusers.................................................69
4.1.4 Other Security Solutions for Spoofing.......................................................70
4.2 The inetd Daemon.......................................................................................70
4.2.1 Securing inetd......................................................................................71
4.2.1.1 Denying or Allowing Access Using /var/adm/inetd.sec......................72
4.3 Protection Against Spoofing with TCP Wrappers..............................................72
4.3.1 Additional Features of TCP Wrappers......................................................73
4.3.2 TCP Wrappers Do Not Work with RPC Services.......................................73
4.4 Secure Internet Services................................................................................73
4.5 Controlling an Administrative Domain.............................................................74
4.5.1 Verifying Permission Settings on Network Control Files...............................75
4.6 Securing Remote Sessions Using HP-UX Secure Shell (SSH)................................76
4.6.1 Key Security Features of HP-UX Secure Shell.............................................76
4.6.2 Software Components of HP-UX Secure Shell...........................................77
4.6.3 Running HP-UX Secure Shell...................................................................78
4.6.3.1 Running the ssh Client....................................................................78
4.6.3.2 Running the sftp Client...................................................................79
4.6.3.3 Running the scp Client...................................................................79
4.6.4 HP-UX Secure Shell Privilege Separation..................................................79
4.6.5 HP-UX Secure Shell Authentication..........................................................80
4.6.5.1 GSS-API.......................................................................................80
4.6.5.2 Public Key Authentication...............................................................81
4.6.5.3 Host-Based and Public Key Authentication........................................81
4.6.5.4 Password Authentication................................................................81
4.6.6 Communication Protocols......................................................................82
4.6.7 HP-UX Secure Shell and the HP-UX System...............................................82
4.6.8 Associated Technologies.......................................................................83
4.6.9 Strong Random Number Generator Requirement......................................83
4.6.10 TCP Wrappers Support........................................................................83
4.6.11 chroot Directory Jail.............................................................................84
II Protecting Data......................................................................................................................85
5 File System Security..........................................................................................................87
5.1 Controlling File Access..................................................................................87
5.1.1 Setting File Access Permissions.................................................................88
5.1.2 Setting File Ownership...........................................................................89
5.1.3 Protecting Directories.............................................................................89
5.1.4 Protecting Files Related to User Accounts..................................................90
Table of Contents 5