Host Intrusion Detection System Administrator's Guide Release 3.1

Conﬁguration

Conﬁguring a Loopback System

Chapter 2

Conﬁguring a Loopback System

On a non-networked system (no IP address) or for testing purposes, you may want to set

up the administration system in a loopback arrangement. This allows only a locally

running agent to communicate with the System Manager on the same system; no other

agent systems can be monitored.

To conﬁgure a loopback system

Step 1. On the administration system, become user ids:

$ su - ids

Step 2. Edit the agent conﬁguration ﬁle; for example:

$ vi /etc/opt/ids/ids.cf

Step 3. Set the value of IDS_LISTEN_IFACE to:

IDS_LISTEN_IFACE 127.0.0.1

Step 4. Set the value of REMOTEHOST in ids.cf to:

REMOTEHOST 127.0.0.1

Step 5. Edit the System Manager script;

$ vi /opt/ids/bin/idsgui

Step 6. Set the value of INTERFACE in idsgui to:

INTERFACE=127.0.0.1

Step 7. Start the System Manager (for more information see “Starting the HP-UX HIDS System

Manager” on page 46).

Step 8. On the Host Manager screen, set up the administration system as an agent system,

using 127.0.0.1 as its IP address (for more information see “Adding a New Host

Manually” on page 89 or “Modifying a Host” on page 93).