Manualshelf

Host Intrusion Detection System Administrator's Guide Release 3.0

ManualsBrandsHP ManualsSoftwareHP-UX Host Intrusion Detection System Software
31323334353637383940
Configuration
Setting Up the HP-UX HIDS Secure Communications
Chapter 2
20
Setting Up the HP-UX HIDS Secure Communications
HP-UX HIDS provides a secure communication environment between its administration
System Manager and its agent processes via the Secure Sockets Layer (SSL) protocol.
(See “Glossary of HP-UX HIDS Terms” on page 13.)
To use the SSL protocol, each component involved in the communication requires a
separate identity, or certificate, to identify itself and to authenticate that any
information received from another HP-UX HIDS component is genuine and not initiated
by an unauthorized outsider.
To ensure secure communication, both the System Manager process which runs on the
administration system, and the HP-UX HIDS agent process which runs on each
participating agent system, need to have a certificate associated with it. HP-UX HIDS
provides a toolset to generate X.509 certificates to provide authentication. The System
Manager will not start until you establish such secure communication.
Table 2-1 provides an overview of the IDS scripts you will need to use. See the detailed
steps following the table.
NOTE HP-UX HIDS certificate management is self-contained and does not require (and cannot
not be integrated with) a pre-existing public key infrastructure (PKI).
Step 1. Create the X.509 Certificates
The certificate for the HP-UX HIDS System Manager process must first be generated by
user ids locally on the HP-UX HIDS administration system. Only then can the
certificates for each of the agent nodes be signed by the HP-UX HIDS administration
station. The administration system holds the Root Certification Authority (Root CA) that
is used to endorse all other certificates.
a. On the administration system, become user ids:
$ su - ids
b. Change directory to /opt/ids/bin:
$ cd /opt/ids/bin
c. Generate the administration keys:
Table 2-1 Overview of Procedures to Set Up Secure Communications
Script to Use Where Used End Product
IDS_genAdminKeys Administration
system
Root Certification Authority and
Administration SSL certificate
IDS_genAgentCerts Administration
system
A bundle of signed certificates for
each agent system
IDS_importAgentKeys Agent systems Agent SSL certificate