Manualshelf

HP-UX 11i v3 Installation and Update Guide, September 2008 (Update 3 Release)

ManualsBrandsHP ManualsSoftwareHP-UX 11i v3 Enterprise OE
41424344454647484950
Table 3-3 Host-based Sec10Host Install-time Security Settings (continued)
ActionsCategory
Deactivate bootp
Deactivate inetds built-in services
Deactivate CDE helper services
Deactivate finger
Deactivate ident
Deactivate klogin and kshell
Deactivate ntalk
Deactivate login, shell, and exec services
Deactivate swat
Deactivate printer
Deactivate recserv
Deactivate tftp
Deactivate time
Deactivate uucp
Deactivates Event Monitoring Services (EMS) network communication
Enable logging for all inetd connections
inetd Services
Run sendmail via cron to process queue
Stop sendmail from running in daemon mode
Disable vrfy and expn commands
sendmail
Deactivate HP Apache 2.x Web Server
4
Set up cron job to run Software Assistant
2
Other Settings
1
Security settings listed here also apply to Sec20MngDMZ and Sec30DMZ
2
Manual action may be required to complete configuration. Refer to /etc/opt/sec_mgmt/bastille/
TODO.txt for more information, after install or update.
3
The following ndd changes will be made:
ip_forward_directed_broadcasts=0
ip_forward_src_routed=0
ip_forwarding=0
ip_ire_gw_probe=0
ip_pmtu_strategy=1
ip_send_source_quench=0
tcp_conn_request_max=4096
tcp_syn_rcvd_max=1000
4 Settings applied only if software is installed
Security Considerations 43