HP-UX Host Intrusion Detection System Release 4.0 Release Notes for HP-UX 11i v1 | HP-UX 11i v2
Announcement
What is HP-UX HIDS
Chapter 16
What is HP-UX HIDS
HP-UX HIDS is a host-based HP-UX security product for HP computers
running HP-UX 11i. HP-UX HIDS enables security administrators to
proactively monitor, detect, and respond to attacks targeted at specific
hosts. Many types of attacks can bypass network-based detection
systems. HP-UX HIDS monitors these bypassed attacks and
complements the existing network-based security mechanisms,
bolstering enterprise security.
HP-UX HIDS seeks patterns that might suggest security breaches or
misuse by examining information about system activity from a variety of
data sources. It detects illicit activities that include attempting to break
into or disrupt the system, modifying system files and directories, or
attempting to spread a virus. When HP-UX HIDS detects an intrusion
attempt, it issues an alert to the administrative interface, where users
can immediately investigate the situation, and take necessary action
against the intrusion. In addition, users can customize a local response
to an alert by using one of the sample programs described in Appendix B,
Response Programs in the Host Intrusion Detection System
Administrator’s Guide. Users may also write their own response
program.
HP-UX HIDS is particularly useful for enterprise environments in which
centralized management tools control networks of heterogeneous
systems. These environments include, Web servers, transaction
processors, application servers, and database systems.