HP-UX Host Intrusion Detection System Release 4.1 Release Notes for HP-UX 11i v1 | HP-UX 11i v2 | HP-UX 11i v3
4.1, administrators can monitor files with a # character in their pathname or
filename by escaping them with a backslash.
• In earlier versions of HIDS, any upgrade of the IDS-ADM subproduct in the HIDS
bundle does not preserve any settings in /opt/ids/bin/idsgui (for example,
INTERFACE setting).
• In earlier versions of HIDS, when an Itanium-based (Itanium IA64) system is
configured to run an HIDS agent that forwards alerts to the HIDS OVO SPI, alerts
are not displayed on the OVO console
• In earlier versions of HIDS, if the aggregation feature is enabled on an HIDS agent
and the aggregated alert size is greater than or equal to 2 KB, the HIDS agent will
not forward the alert to the OVO server. As a result, large aggregated alerts are
not displayed on the OVO console.
• On an HP-UX 11i v2 PA-RISC system, even if the openssl product with a revision
string greater than or equal to A.00.09.07-d is installed, IDS_checkInstall
reports an installation check error.
• In earlier versions of HIDS, certification generation fails when IDS_genAdminKeys
or IDS_genAgentCerts generates certificates for systems with fully qualified
domain names that are 32 characters or longer. The limitation has been addressed
in this release.
• The idsadmin command supports new command-line options for stopping
Surveillance Schedules, getting agent status, halting agents, and specifying multiple
agents to operate on.
The following additional modifications have been made in this release of HIDS:
• If a home directory for user ids exists in the default base directory for the system
(Ex. /home) when HIDS Release 4.1 is installed, then the home directory for user
ids is moved to /opt/ids/home during the installation.
• On HP-UX 11i v3 operating systems, the idssysdsp program is a non-setuid bit
program.
Defect Fixes and Enhancements in HIDS Release 4.1 27