Manualshelf

Host Intrusion Detection System Administrator's Guide Release 3.1

ManualsBrandsHP ManualsSoftwareHP-UX Host Intrusion Detection System Software
21222324252627282930
Overview
HP-UX HIDS Components
Chapter 1
12
In addition, HP-UX HIDS Agent executes your Alert Response Programs, which can
include an HP-supplied interface with OpenView Operations as well as Other Response
Actions.
Figure 1-1 HP-UX HIDS Components
How the Components Interact to Detect Intrusions
HP-UX HIDS monitors system activity by analyzing data from the following file sources:
Kernel audit data
System log files
HP-UX HIDS analyzes this information against its configured attack scenarios. It then
identifies possible intrusions and misuse immediately following any suspected activity.
The suspected activity simultaneously communicates an alert and detailed information
on the potential attack to the HP-UX HIDS System Manager.