Manualshelf

Host Intrusion Detection System Administrator's Guide Release 3.1

ManualsBrandsHP ManualsSoftwareHP-UX Host Intrusion Detection System Software
51525354555657585960
Getting Started
Starting HP-UX HIDS for the First Time
Chapter 3
38
Starting HP-UX HIDS for the First Time
This procedure is a synopsis of the steps required to start the HP-UX HIDS System
Manager and agents for the first time. As you do this, your systems will benefit
immediately form the protection of intrusion detection while you learn the specifics of
the software and tune your configuration to fit your requirements.
Set up hosts and run schedules
Step 1. In the installation phase, you installed the agent software on the agent hosts and the
System Manager software on the administration host. For more information, see the
Release Notes cited in “Documentation” on page 3.
Step 2. In the configuration phase, you created SSL certificates for the administration and agent
hosts and propagated them to the host systems. For more information, see “Setting Up
the HP-UX HIDS Secure Communications” on page 20.
Step 3. Log in to each agent host as root and start the idsagent program as user ids. For more
information, see also “Starting HP-UX HIDS Agents” on page 52.
NOTE The ids password field is set to “*” on installation on both agent and administration
systems, which means you cannot log in directly to ids. For security reasons, you should
not assign a password to ids.
a. Switch to user ids:
# su ids
b. Start the agent program.
$ /opt/ids/bin/idsagent
Step 4. Log in to the administration system as root and start the System Manager as user ids.
For more information, see also “Starting the HP-UX HIDS System Manager” on page 46.
See the password note in Step 3.
a. Switch to user ids:
# su ids
b. Start the System Manager program.
$ /opt/ids/bin/idsgui
c. The first time you start the System Manager, the product license agreement is
displayed. (The text is also printed in “HP Software License” on page 259.) Click
Accept to continue or Reject if you are not ready to use the software.
Step 5. Go to the Schedule Manager screen and create surveillance schedules or use the
predefined schedules. For more information, see “Schedule Manager Screen” on page 57 .