Manualshelf

HP-UX Bastille Version B.3.3 User Guide

ManualsBrandsHP ManualsSoftwareHP-UX 11i Bastille Software
11121314151617181920
IMPORTANT: When reverting to the configuration prior to the use of HP-UX Bastille, security
configuration changes are undone temporarily. Other manual configuration changes or additional
software installed after HP-UX Bastille was initially run might require a manual merge of
configuration settings.
3.5 Monitoring drift
The bastille_drift program creates HP-UX Bastille configuration baselines and compares
the current state of the system to a saved baseline. This enables the user to compare changes, if
any, against a saved baseline.
NOTE: When first run successfully, HP-UX Bastille automatically saves a baseline in the default
location /var/opt/sec_mgmt/bastille/baselines.
You can use HP-UX Bastille to monitor drift as follows:
To save a baseline:
# bastille_drift --save_baseline baseline
To compare the current state of the system to a saved baseline:
# bastille_drift --from_baseline baseline
Run the bastille_drift utility when new software or patches are installed to check for
changes in the system. The bastille_drift utility also identifies system changes when
swverify is run using -x fix=true or the -F option for vendor-specific fix scripts.
For more information, see bastille_drift(1M).
3.6 Locating files
This section describes the location of important files.
The configuration file contains the answers to the most recently saved session.
/etc/opt/sec_mgmt/bastille/config
The error log contains any errors HP-UX Bastille encountered while making changes to the
system.
/var/opt/sec_mgmt/bastille/log/error-log
The action log contains the specific steps that HP-UX Bastille performed when making changes
to the system.
/var/opt/sec_mgmt/bastille/log/action-log
The TODO.txt file list contains the tasks the must be completed to ensure the system is secure.
/var/opt/sec_mgmt/bastille/TODO.txt
The revert-actions script is part of the revert feature. It returns the changed files to the state
they were in before HP-UX Bastille was run.
/var/opt/sec_mgmt/bastille/revert/revert-actions
The TOREVERT.txt file contains the tasks that must be completed to finish reverting the machine
to the state it was in before HP-UX Bastille was run.
/var/opt/sec_mgmt/bastille/TOREVERT.txt
The assessment reports are available as HTML, text, and a configuration file.
/var/opt/sec_mgmt/bastille/log/Assessment/assessment-report.html
/var/opt/sec_mgmt/bastille/log/Assessment/assessment-report.txt
/var/opt/sec_mgmt/bastille/log/Assessment/assessment-report-log.txt
3.5 Monitoring drift 17