Managing Systems and Workgroups: A Guide for HP-UX System Administrators
Administering a System: Managing System Security
Chapter 8 741
8 Administering a System:
Managing System Security
This chapter describes security measures for both standard and trusted
HP-UX systems. It’s divided up as follows:
• “Standard System Security” on page 743
❏ “Planning System Security” on page 744
❏ “Managing Standard Passwords and System Access” on page 748
❏ “Managing Access to Files and Directories” on page 753
❏ “Guidelines for Running a Secure System” on page 774
❏ “Controlling Security on a Network” on page 783
• “Trusted System Security” on page 789
❏ “Setting Up Your Trusted System” on page 790
❏ “Auditing a Trusted System” on page 792, for security breaches
❏ “Managing Trusted Passwords and System Access” on page 801
❏ “Configuring NFS Diskless Clusters for Trusted Systems” on
page 810
• “HP-UX Bastille” on page 815
• “Other Security Packages” on page 835
❏ “HP-UX Host Intrusion Detection System” on page 836
❏ “HP-UX Shadow Passwords” on page 837
❏ “Network Information Service Plus (NIS+)” on page 839
❏ “Pluggable Authentication Modules (PAM)” on page 843
❏ “Secure Internet Services (SIS)” on page 852
❏ “Security Patch Check” on page 854
IMPORTANT The U.S. Computer Security Act of 1987 casts new urgency on computer
security. It stipulates that if financial loss occurs due to computer fraud
or abuse, the company, not the perpetrator, is liable for damages. To
protect your system, HP recommends that you establish a
comprehensive security policy to govern computer use. This section
covers HP-UX security features and tasks and provides some guidelines
on HP-UX system security. Establishing and implementing a security