HP-UX System Administrator's Guide: Security Management HP-UX 11i v3 (B3921-90020, September 2010)
Table Of Contents
- HP-UX System Administrator's Guide: Security Management
- Table of Contents
- About this Document
- Part I Protecting Systems
- 1 Installing the HP-UX Operating Environment Securely
- 1.1 Installation Security Considerations
- 1.2 Preventing Security Breaches During the Boot Process
- 1.3 Enable Login Security for root
- 1.4 Using Boot Authentication to Prevent Unauthorized Access
- 1.5 Setting Install-Time Security Options
- 1.6 Installing Security Patches
- 1.7 Postinstallation Security Tips for Backup and Recovery
- 2 Administering User and System Security
- 2.1 Managing User Access
- 2.2 Authenticating Users During Login
- 2.3 Authenticating Users with PAM
- 2.4 Managing Passwords
- 2.4.1 System Administrator Responsibilities
- 2.4.2 User Responsibilities
- 2.4.3 Criteria of a Good Password
- 2.4.4 Changing the /etc/passwd Password File
- 2.4.5 The /etc/shadow Shadow Password File
- 2.4.6 Eliminating Pseudo-Accounts and Protecting Key Subsystems in /etc/passwd
- 2.4.7 Secure Login with HP-UX Secure Shell
- 2.4.8 Securing Passwords Stored in NIS
- 2.4.9 Securing Passwords Stored in LDAP Directory Server
- 2.5 Defining System Security Attributes
- 2.6 Handling setuid and setgid Programs
- 2.7 Preventing Stack Buffer Overflow Attacks
- 2.8 Protecting Unattended Terminals and Workstations
- 2.9 Protecting Against System Access by Remote Devices
- 2.10 Securing Login Banners
- 2.11 Protecting the root Account
- 3 HP-UX Standard Mode Security Extensions
- 4 Remote Access Security Administration
- 4.1 Overview of Internet Services and Remote Access Services
- 4.2 The inetd Daemon
- 4.3 Protection Against Spoofing with TCP Wrappers
- 4.4 Secure Internet Services
- 4.5 Controlling an Administrative Domain
- 4.6 Securing Remote Sessions Using HP-UX Secure Shell (SSH)
- 4.6.1 Key Security Features of HP-UX Secure Shell
- 4.6.2 Software Components of HP-UX Secure Shell
- 4.6.3 Running HP-UX Secure Shell
- 4.6.4 HP-UX Secure Shell Privilege Separation
- 4.6.5 HP-UX Secure Shell Authentication
- 4.6.6 Communication Protocols
- 4.6.7 HP-UX Secure Shell and the HP-UX System
- 4.6.8 Associated Technologies
- 4.6.9 Strong Random Number Generator Requirement
- 4.6.10 TCP Wrappers Support
- 4.6.11 chroot Directory Jail
- 1 Installing the HP-UX Operating Environment Securely
- Part II Protecting Data
- 5 File System Security
- 5.1 Controlling File Access
- 5.2 Setting Access Control Lists
- 5.3 Using HFS ACLs
- 5.4 Using JFS ACLs
- 5.4.1 Definition of a JFS ACL
- 5.4.2 How the System Generates a JFS ACL
- 5.4.3 Minimal JFS ACL
- 5.4.4 Additional JFS ACL user and group Entries
- 5.4.5 JFS ACL group and class Entries
- 5.4.6 Using the setacl and getacl Commands
- 5.4.7 Effect of chmod on class Entries
- 5.4.8 Example of Changing a Minimal JFS ACL
- 5.4.9 Default JFS ACLs
- 5.4.10 Changing JFS ACL with the setacl Command
- 5.5 Comparison of JFS and HFS ACLs
- 5.6 ACLs and NFS
- 5.7 Security Considerations for /dev Device Special Files
- 5.8 Protecting Disk Partitions and Logical Volumes
- 5.9 Security Guidelines for Mounting and Unmounting File Systems
- 5.10 Controlling File Security on a Network
- 6 Compartments
- 7 Fine-Grained Privileges
- 5 File System Security
- Part III Protecting Identity
- 8 HP-UX Role-Based Access Control
- 8.1 Overview
- 8.2 Access Control Basics
- 8.3 HP-UX RBAC Components
- 8.4 Planning the HP-UX RBAC Deployment
- 8.5 Configuring HP-UX RBAC
- 8.6 Using HP-UX RBAC
- 8.7 Troubleshooting HP-UX RBAC
- 9 Audit Administration
- 8 HP-UX Role-Based Access Control
- A Trusted Systems
- B Other Security Products
- B.1 HP-UX AAA Server (RADIUS)
- B.2 HP-UX Bastille
- B.3 HP-UX Directory Server
- B.4 HP-UX Encrypted Volume and File System (EVFS)
- B.5 HP-UX HIDS
- B.6 HP-UX IPFilter
- B.7 HP-UX IPSec
- B.8 HP-UX LDAP-UX Integration
- B.9 HP-UX Secure Resource Partitions (SRP)
- B.10 HP-UX Secure Shell
- B.11 HP-UX Trusted Computing Services
- B.12 Security Patches
- Glossary
- Index
certificate A security certificate associates (or binds) a public key with a principal—a particular person,
system, device, or other entity. The security certificate is issued by an entity, in whom users have
put their trust, called a Certificate Authority (CA), which guarantees or confirms the identity of
the holder (person, device, or other entity) of the corresponding private key. The CA digitally
signs the certificate with the CA's private key, so the certificate can be verified using the CA's
public key.The most commonly used format for public-key certificates is the International
Organization for Standardization (ISO) X.509 standard, Version 3.
Certificate
Authority
See CA.
Certificate
Revocation
List
See CRL.
challenge-response authentication
A form of authentication where the authenticator sends a random value, the challenge, to the
user or principal being authenticated. The user sends back a response based on the challenge
value and a shared secret value previously established with the authenticator, such as an MD5
hash value.
Unlike a regular password exchange, the challenge-response dialog varies, so an intruder cannot
replay the user's response to gain authentication.
chroot jail A method restricting the files and directories accessible by a process and users of that process.
The process starts in a specified base directory (the root), and cannot access any directories or
files above the root directory.
compartments A method of isolating various components of the system from one another. When configured
properly, components are an effective method to safeguard the HP-UX system and the data that
resides upon it.
containment A mechanism or set of mechanisms to restrict the access rights of processes.
In the context of RBAC, containment is a combination of mandatory access control and fine-grained
privileges. See RBAC.
CRL Certificate Revocation List. Certificates are issued with a specific lifetime, defined by a start
date/time and an expiration date/time. However, situations can arise, such as a compromised key
value, that necessitate the revocation of the certificate. In this case, the certificate authority can
revoke the certificate. This is accomplished by including the certificate's serial number on a CRL
updated and published on a regular basis by the CA and made available to certificate users. See
CA.
cryptography The process of encoding normal data (or cleartext) data so it can only be decoded by holders of
specific information.
Data
Encryption
Standard
See DES.
denial of
service attack
An attack where a system is prevented from responding to network packets so the system cannot
service requests. Denial of service attacks may be implemented by flooding a vulnerable system
with false requests that consume a large number of resources. Denial of service attacks are often
used with host spoofing to keep the spoofed host (the host with the IP address the spoofer is
assuming) from participating in the exchange between the spoofer and the system the spoofer is
trying to access.
200 Glossary