HP-UX Bastille Version B.3.
© Copyright 2009 Hewlett-Packard Development Company, L.P. Confidential computer software. Valid license from HP required for possession, use or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's standard commercial license. The information contained herein is subject to change without notice.
Table of Contents 1 About this product..........................................................................................................5 1.1 Features and benefits.........................................................................................................................5 1.2 Support..............................................................................................................................................6 2 New features in this release................................
1 About this product HP-UX Bastille is a system hardening and reporting program that enhances the security of the HP-UX operating system by consolidating essential hardening and lock-down checklists from industry and government security organizations, and making them accessible to administrators in an easy to use package. The HP-UX Bastille GUI interface guides users through creating a custom security configuration profile.
• Install-time Security (ITS) for Ignite-UX and Update-UX — Applies predefined HP-UX Bastille security configuration profile during first system boot — Enables out-of-the-box security by avoiding any vulnerability window after initial install 1.2 Support For customers with an HP-UX support agreement, technical support is available through the HP World Wide Response Centers at www.hp.com/support. Support is also offered through the IT Resource Center at www.itrc.hp.com.
2 New features in this release 2.1 Greater coverage of the CIS HP-UX security benchmark Expanded security hardening choices allow you to lock down your systems in alignment with the latest Center for Internet Security (CIS) Benchmark for HP-UX or other similar security hardening standards. 2.
3 Installing HP-UX Bastille HP-UX Bastille is included as recommended software on the Operating Environment media and can be installed and run with Ignite-UX or Update-UX. HP-UX Bastille is installed by default, and a manual installation is only necessary to obtain the latest version from the web. For more information on installing HP-UX Bastille, see the HP-UX Bastille Version B.3.2 User Guide at http:// docs.hp.com/en/internet.html.
4 Known issues and workarounds 4.1 Changes made by HP-UX Bastille might cause other software to stop working To revert the system to the state it was in before you ran HP-UX Bastille: # bastille -r This command confirms that the problem has been eliminated. 4.2 Cannot use X because $DISPLAY is not set The user requests the X interface, but the $DISPLAY environment variable is not set. Set the environment variable to the desired display to correct the problem. 4.
4.10 Rerun HP-UX Bastille after installing new software or applying new patches Installing new software or applying new patches might change the system state. On HP-UX, if vendor-specific fix scripts are run with swverify using either the -x fix=true option or the -F option, then HP-UX Bastille should be rerun. 4.
5 Support and other resources 5.1 Contacting HP 5.1.1 Before you contact HP Be sure to have the following information available before you contact HP: • Technical support registration number (if applicable) • Product serial number • Product identification number • Applicable error message • Add-on boards or hardware • Third-party hardware or software • Operating system type and revision level 5.1.
• HP-UX 11i v3 Installation and Update Guide: HP Integrity Servers and HP 9000 Servers (Chapter 3 – Security Considerations): http://docs.hp.com/en/oshpux11iv3.html • HP-UX System Administrator's Guide: Security Management: HP-UX 11i Version 3 (Chapter 3 – HP-UX Bastille): http://docs.hp.com/en/oshpux11iv3.html • HP-UX 11i Version 3 March 2009 Release Notes: Operating Environments Update Release (Chapter 8 – HP-UX Bastille and Install Time Security): http://docs.hp.com/en/oshpux11iv3.
Variable The name of a placeholder in a command, function, or other syntax display that you replace with an actual value. [] The contents are optional in syntax. If the contents are a list separated by |, you must choose one of the items. {} The contents are required in syntax. If the contents are a list separated by |, you must choose one of the items. ... The preceding element can be repeated an arbitrary number of times. Indicates the continuation of a code example.
