Manualshelf

Host Intrusion Detection System Administrator's Guide Release 3.1

ManualsBrandsHP ManualsSoftwareHP-UX Host Intrusion Detection System Software
131132133134135136137138139140
Templates and Alerts
Summary
Appendix A
124
Summary
This appendix describes the detection templates that are used to make up surveillance
groups. This appendix also describes the alerts that are passed to the System Manager
and to response programs by the HP-UX HIDS agent.
Alert Summary” on page 125
“Limitations” on page 130
“Template Property Types” on page 131
“Buffer Overflow Template” on page 136
“Race Condition Template” on page 143
“Modification of files/directories Template” on page 148
“Changes to Log File Template” on page 155
“Creation and Modification of Setuid File Template” on page 158
“Creation of World-Writable File Template” on page 162
“Modification of Another User’s File Template” on page 167
“Login/Logout Template” on page 171
“Repeated Failed Logins Template” on page 177
“Repeated Failed su Commands Template” on page 180
“Template Configuration Syntax” on page 182