HP-UX Host Intrusion Detection System Release 4.1 Release Notes for HP-UX 11i v1 | HP-UX 11i v2 | HP-UX 11i v3
Will Installing HP-UX HIDS Release 4.1 Reboot My Agent System?
The installation scripts for HP-UX HIDS try to avoid unnecessary system reboots.
However, in some circumstances, a system reboot might be required. Those
circumstances are (in order of priority):
1. If you choose the Reinstall Filesets option in the graphical interface to
swinstall, all HIDS filesets will be installed, and a system reboot will occur.
2. If you pass the -x reinstall=true option to the command-line invocation of
swinstall, all HIDS filesets will be installed, and a system reboot will occur.
3. If you are installing HP-UX HIDS Release 4.1 on a system for the first time (a fresh
install), a reboot will occur.
Table 2-6 Reboot Matrix
Update to Release 4.1Update from:
RebootNot installed
No rebootRelease 4.0
No RebootRelease 3.1
No RebootRelease 3.0
Postinstallation
• The HP-UX startup in progress list should display OK for the Starting HIDS agent
entry.
• When an agent system reboots after a cold installation, the HP-UX startup in
progress list should display N/A for the Starting HIDS agent entry. That is, system
boot will not automatically start idsagent until after the secure communication
keys and certificates have been installed on the agent system. See “Configuration”
(page 43).
• On each agent system, after the system has rebooted, run the IDS_checkInstall
script.
# /opt/ids/bin/IDS_checkInstall
This script checks that the Intrusion Detection Data Source (idds) kernel driver
is configured and enabled. It also checks that all the necessary and superseding
patches (or patches that supersede them) have been installed although it does not
verify if a patch has a superseding patch.
Configuration
After you have installed or updated your HP-UX HIDS software, you need to complete
the configuration with the required and optional steps that are described in Chapter 2
Postinstallation 43