Manualshelf

Host Intrusion Detection System Administrator's Guide Release 3.0

ManualsBrandsHP ManualsSoftwareHP-UX Host Intrusion Detection System Software
21222324252627282930
Overview
HP-UX HIDS Components
Chapter 1
11
In addition, HP-UX HIDS Agent executes your Alert Response Programs, which can
include an HP-supplied interface with OpenView Operations as well as Other Response
Actions.
Figure 1-1 HP-UX HIDS Components
How the Components Interact to Detect Intrusions
HP-UX HIDS examines information about system activity from a variety of data sources.
These include
kernel audit data
system log files
HP-UX HIDS analyzes this information against its configured attack scenarios. It then
identifies possible intrusions and misuse immediately following any suspected activity
and simultaneously communicates an alert and detailed information on the potential
attack to the HP-UX HIDS System Manager.