Host Intrusion Detection System Release 3.0 Release Notes
Announcement
What Is HP-UX HIDS?
Chapter 1
4
What Is HP-UX HIDS?
HP-UX HIDS is a host-based HP-UX security product for HP computers running HP-UX
11i. HP-UX HIDS enables security administrators to proactively monitor, detect, and
respond to attacks targeted at specific hosts. Since there are many types of attacks that
can bypass network-based detection systems, HP-UX HIDS complements existing
network-based security mechanisms, bolstering enterprise security.
HP-UX HIDS seeks out patterns that might suggest security breaches or misuses by
examining information about system activity from a variety of data sources. Such illicit
activities might include, for example, an intruder attempting to break into or disrupt
your system, subversive “insider” activities, or someone trying to spread a virus. Once
HP-UX HIDS has been activated for a given host system, and it detects an intrusion
attempt, it issues an alert to the administrative interface where you can immediately
investigate the situation, and when necessary, take action against the intrusion. In
addition, you can customize a local response to an alert using one of the sample
programs described in Appendix B, “Response Programs”, of the HP-UX Host Intrusion
Detection System Administrator’s Guide or a program you write yourself.
HP-UX HIDS is particularly useful for enterprise environments where centralized
management tools control networks of heterogeneous systems. These environments
include, for example, web servers, transaction processors, application servers, and
database systems.