Host Intrusion Detection System Release 3.1 Release Notes
Announcement
Known Problems, Limitations, and Fixes
17
Known Problems, Limitations, and Fixes
For a current and complete list of HP-UX HIDS problems and their fixes, refer to the
Technical Knowledge Database on the HP IT Resource Center Websites:
http://us-support.external.hp.com for Americas/Asia-Pacific customers
http://europe-support.external.hp.com for European customers
The Technical Knowledge Database is available to customers with support contracts.
Clarifications
Perform Updates Instead of Cold Reinstalls
HP-UX HIDS is designed to support updates. If you cold reinstall the newer version by first
removing the older version (swremove), you will incur two reboots (instead of just one or
possibly none) and the probable loss of some of your configuration data.
Do not Change Permissions
Do not change the permissions on files and directories owned by ids. Opening up the
permissions to be world writable/readable causes the agent to fail security checks and to exit.
Changing file permissions also results in swverify errors.
Send HUP Signal after Log File Rotation
When you rotate the error or alert log files on an agent, you must send an HUP signal to the
idsagent process so it can reset its file descriptors and begin writing to the new logs.
Known Problems
SSH does not Perform a Clean Exit after idsagent is Started
After starting idsagent from a ssh login, logging out of the agent system results in the ssh
session hanging indefinitely. As a workaround, log in by entering:
ssh -l root <machine> /usr/dt/bin/dtterm
Then type in the /sbin/init.d/idsagent start commands interactively.