HP-UX 11i Version 2 December 2007 Release Notes

ManualsBrandsHP ManualsSoftwareHP-UX 11i v2 Foundation OE LTU

• LAN Commands

— Local Area Network Administration Program (lanadmin): New options added. Now

supports third-party LAN drivers.

— The linkloop Command: Now works correctly with Ethernet interfaces set for an

MTU size other than 1500. Now supports third-party LAN drivers.

— The lanscan Command: New option added. Can no longer be used to read from crash

dumps.

• Network Information Service Plus (NIS+): Deprecated. HP-UX 11i v2 is the last release to

support NIS+. HP will introduce a migration strategy to facilitate move from NIS+ to LDAP.

• Network Tracing and Logging (NetTL): Supports tracing and formatting of IPv6 packets.

Improved performance. GUI nettladm added. Options added.

• Network Transport (ARPA): Support for enhancements of HP-UX DLPI. Enhancements to

CKO interfaces between HP-UX transport and DLPI. Removed support for dump reading

by netstat and arp. IPv6 transport supported.

• Networking libc APIs getaddrinfo and getnameinfo: Both functions have additional

lookup.

• Networking libc APIs getipnodebyname and getipnodebyaddr: Deprecated. Both

functions not supported post-HP-UX 11i v2. In applications, the APIs getaddrinfo and

getnameinfo functions should be used instead.

• The nslookup Program: Extended to follow the configured host name resolution algorithm

and to query NIS, DNS, and host tables.

• Router Discovery Protocol Daemon (rdpd): Obsolete. Functionality has been subsumed in

gated.

• Web Browsing:

— Mozilla Application Suite 1.2.1: Added as default browser for HP-UX 11i v2.

— Netscape 7: Replaces Netscape Communicator 4.79.

Initial Release Notes, Chapter 7: “Security”

• Boot Authentication: Now available on all Standard Systems. Standard Mode Boot

Authentication feature can be configured by two parameters.

• Generic Security Service Application Programming Interface (GSS-API): Now delivered as

part of HP-UX 11i v2. IPv6 enabled.

• HP-UX Auditing System: Several system call options and event type options are accepted,

but will be obsoleted in the next release.

• HP-UX Bastille 2.1: Now included in HP-UX 11i v2. New version adds finer granularity of

configuration, improved question flow, better input validation, and new lockdown features.

• HP-UX Host Intrusion Detection System (HIDS) 2.2: Maintenance release with defect fixes

and a few enhancements. No new functionality in this version.

• HP-UX IPFilter A.03.05.06: Supports HP-UX 11i v2 on Itanium®-based platforms.

Automatically installed with all OEs. Using IPFilter and ServiceGuard requires specific

IPFilter rules to ensure proper operation of ServiceGuard clusters.

• HP-UX Secure Shell A.03.10: New product. Based on OpenSSH 3.1p1, provides a secure

channel for remote communication by transparently encrypting network traffic. Uses hashing

to ensure data integrity and supports several authentication methods.

• Install-Time Security 1.0. x: Adds a security step to the install/update process that allows

you to configure the Bastille security lockdown engine during system installation.

• Kerberos Client (KRB5-Client): Now delivered as part of HP-UX 11i v2. Changes include

support for appdefaults section in the /etc/krb5.conf; multidomain support; IPv6

support.

• PAM Kerberos: Supports both Itanium®-based and PA-RISC applications in 32-bit mode.

Now prevents a user from changing another user’s password.

84 What is New at a Glance