Manualshelf

Host Intrusion Detection System Release 3.0 Release Notes

ManualsBrandsHP ManualsSoftwareHP-UX Host Intrusion Detection System Software
31323334353637383940
Installation
Post-Installation
Chapter 2
30
Post-Installation
When an agent system reboots after an upgrade from HP-UX HIDS version 2.x to
version 3.0, the “HP-UX Startup in progress” list should display “OK” for the
Starting HP-UX HIDS agent” entry.
When an agent system reboots after a cold installation, the “HP-UX Startup in
progress” list should display “N/A” for the “Starting HP-UX HIDS agent” entry.
That is, system boot will not automatically start idsagent until after the secure
communication keys and certificates have been installed on the agent system (see
“Configuration” on page 32).
On each agent system, after the system has rebooted, run the IDS_checkInstall
script.
# /opt/ids/bin/IDS_checkInstall
This script checks that the Intrusion Detection Data Source (idds) kernel driver is
configured and enabled. On all systems, it also checks that all the necessary and
superseding patches have been installed; it does not verify superseding patches.
Updating from Release 2.x
This section contains instructions on the use of conversion utilities for v2.x migrations:
The guiSchedConvert Migration Tool
Delivered as: /opt/ids/bin/guiSchedConvert
Usage: guiSchedConvert [java executable path name]
What it does: The migration tool will migrate any System Manager v2.x schedule and
group file to a corresponding v3.0 syntax. As noted in v3.0 feature announcements,
templates differ significantly from v2.x. Highlights of the change include template name
change, modification in properties offered and changes in the name of the new property
sets. If you have an existing v2.x installation with customer schedules/groups (apart
from what was shipped with the product), you should use the migration tool to convert
these schedules to be compliant with the v3.0 architecture.
The tool checks whether the groups present in the system belong to v3.0 or v2.x. In case
any group belongs to v2.x, it will be migrated. Any v3.0 group will not be changed. For
every group that exist in the system (in /var/opt/ids/gui/SurveillanceGroups), the
guiSchedConvert outputs whether the group is being migrated or not.
Steps:
Please back up the original schedules and groups files before installing/updating to v3.0
and the running migration tool.
After installing/updating to the new v3.0 HIDS software, invoke the tool in one of the
following ways (before starting the idsgui process):
# /opt/ids/bin/guiSchedConvert
Or
$ /opt/ids/bin/guiSchedConvert /opt/java1.3/bin/java