Interface Card OL* Support Guide
Chapter 2
pdweb - Peripheral Device Tool Web Interface
Using pdweb With Bastille
30
Using pdweb With Bastille
HP Bastille is a security hardening/lockdown tool which enhances the security of a UNIX host. It configures
daemons, system settings, and firewalls to be more secure. It turns off unnecessary services such as pwgrd
and printing, and it configures client software such as rcp and rlogin to be more secure. HP Bastille also helps
create chroot jails that help limit the vulnerability of common Internet services such as Web servers and
Domain Name Servers (DNS).
To use the Peripheral Device Tool in conjunction with HP Bastille, you must configure the system:
Step 1. Log in to the host system as root.
Step 2. Enter cp /etc/opt/sec_mgmt/bastille/MANDMZ.config
/etc/opt/sec_mgmt/bastille/config. This copies the configuration file, pre-configured to work
with pdweb, to the correct directory.
NOTE The HOST.config configuration file can be used but is less secure. Do not use the
DMZ.config configuration file as pdweb does not function using this configuration
because it does not allow the Web server to autostart.
Step 3. Enter bastille -b to activate the new configuration.
Refer to the bastille (1M) manual page for details.