Manualshelf

HP-UX 11i Version 2 June 2007 Release Notes

ManualsBrandsHP ManualsSoftwareHP-UX 11i v2 Foundation OE LTU
181182183184185186187188189190
Security
OpenSSL
Chapter 8
185
Bastille may change, document their dependency. Where practical, Bastille also
documents these dependencies. HP-UX 11i v2 Installation and Update Guide, available
at http://www.docs.hp.com/en/oshpux11iv2.html, discusses which particular
Bastille settings are applied at each level.
Performance
ITS does not impact performance, but if the DMZ or MngDMZ levels are used, there may
be a very small network performance slowdown due to the IPFilter packet filtering.
Documentation
Information can be found in the following documents:
bastille (1M) manpage (add /opt/sec_mgmt/share/man/ to MANPATH)
Bastille User’s Guide, delivered in
/opt/sec_mgmt/bastille/docs/user_guide.txt
HP-UX Bastille Web site at http://www.hp.com/go/bastille
HP-UX 11i v2 Installation and Update Guide, available online at
http://www.docs.hp.com/en/oshpux11iv2.html
“HP-UX Bastille” on page 178
Obsolescence
Not applicable.
OpenSSL
OpenSSL A.00.09.07l.003 supporting HP-UX 11i v2 is based on the open source
OpenSSL 0.9.7l and OpenSSL 0.9.8d products. OpenSSL offers a general-purpose
cryptography library and implements the Secure Sockets Layer (SSL v2/v3) and
Transport Layer Security (TLS v1) protocols.
The OpenSSL bundle contains the following:
OpenSSL A.00.09.08d in the /opt/openssl/0.9.8 directory
OpenSSL A.00.09.07l in the /opt/openssl/0.9.7 directory
The default version of OpenSSL that is enabled on HP-UX 11i v2 is OpenSSL
A.00.09.07l. You can use the /opt/openssl/switchversion.sh script to switch between
OpenSSL A.00.09.07l and OpenSSL A.00.09.08d. You can also use this script to swap the
openssl.cnf file depending on the version of OpenSSL. However, this is an optional
step.