Manualshelf

HP-UX 11i v3 Installation and Update Guide, February 2007 (Initial Release)

ManualsBrandsHP ManualsSoftwareHP-UX 11i v3 Foundation OE
51525354555657585960
Choosing an Installation Method
Security Considerations
Chapter 3 57
4. Settings applied only if software is installed
5. Manual action may be required to complete configuration. Refer to
/var/opt/sec_mgmt/bastille/TODO.txt for more information, after install or
update.
Table 3-5 Additional Sec30DMZ Install-time Security Settings
1
Category Actions
IPFilter
Configuration
2
Includes all IPFilter settings in Table 3-4 and:
Block incoming HIDS agent connections
3,4
Block incoming WBEM connections
5
Block incoming web admin connections
Block incoming web admin autostart connections
Block all traffic except HP-UX Secure Shell
Block ICMP echo
1. Applies all security configuration settings in Table 3-3 and Table 3-4
2. IPFilter rules are applied via a custom rules file located at
/etc/opt/sec_mgmt/bastille/ipf.customrules
3. Settings applied only if software is installed
4. HP-UX Host IDS is a selectable software bundle and only available for commercial
servers
5. WBEM is required for several HP management applications including HP Systems
Insight Manager and ParMgr