HP-UX Host Intrusion Detection System Release 4.1 Release Notes for HP-UX 11i v1 | HP-UX 11i v2

Files modified by non-owners

Vulnerability: Poorly written privileged programs

Monitors: Buffer overflows and Race conditions

Vulnerability: Weak password or unauthorized access

Monitors: Logins/logouts

Vulnerability: Password guessing

Monitors: Failed logins and failed su attempts

• Complements network-based security solutions and bolsters the overall security

of the computing infrastructure. HP-UX HIDS is designed to detect intrusions that

network-based security products cannot identify, thereby strengthening the

integrity of the host system as the last line of defense.

• Provides immediate notification when a suspicious activity is detected and supports

real-time response.

Documentation

The HP-UX HIDS documentation includes manuals, manpages, information about the

HP OpenView SMART Plug-In, an IDS Mailing List, and the ITRC Security Forum.

Manuals

Table 1-2 lists the documents that are available at the HP technical documentation

website in the Internet Security Solutions collection at http://docs.hp.com/en/internet

and on the Instant Information CD in the Internet and Security Solutions collection.

Table 1-2 Availability of HP-UX HIDS Manuals

TitleHP Part No.

HP-UX Host Intrusion Detection System Release 4.1 Release Notes.5992–2145

HP-UX Host Intrusion Detection System Release 4.1 Administrator's Guide5992–0705

Manpages

After installation, you can access the manpages listed in Table 1-3 using the man

command. Before accessing these manpages, add /opt/ids/share/man to your

MANPATH environment variable, as follows:

export MANPATH=/opt/ids/share/man:$MANPATH

Documentation 15