Manualshelf

HP-UX Host Intrusion Detection System Release 4.1 Release Notes for HP-UX 11i v1 | HP-UX 11i v2

ManualsBrandsHP ManualsSoftwareHP-UX Host Intrusion Detection System Software
21222324252627282930
ENDTEMPLATE
TEMPLATE world_writable
ENDTEMPLATE
TEMPLATE non_owned
ENDTEMPLATE
TEMPLATE login_logout
ENDTEMPLATE
TEMPLATE failed_login
ENDTEMPLATE
TEMPLATE failed_su
ENDTEMPLATE
> /opt/ids/bin/migrator -i FileAndLoginMonitoringAlwaysOn.txt
INFO: : Attempting to parse schedule file...
INFO : Successfully parsed schedule file
(FileAndLoginMonitoringAlwaysOn.txt).
INFO : The schedule and group(s) will be created in
(/etc/opt/ids/schedules) and (/etc/opt/ids/schedules/groups)
respectively.
INFO : Attempting to create ASCII schedule and group(s) files.
INFO : Writing to schdule file
(/etc/opt/ids/schedules/FileAndLoginMonitoringAlwaysOn.txt)
SUCCESS : Created the schedule file in output
directory (/etc/opt/ids/schedules)
> grep TEMPLATE FileAndLoginMonitoringAlwaysOn.txt
>
The GUI Schedule Manager Does not Validate Modifications to pathnames_X/programs_X
Template Properties
The GUI Schedule Manager saves modifications made to the template properties in
Surveillance Groups without validating that the Surveillance Schedules and Groups
can be successfully parsed. Incorrect modifications to the Surveillance Schedules and
Groups, including incorrect modifications to template property values, are only detected
when the GUI System Manager attempts to activate the schedule or when the GUI
System Manager is restarted and attempts to load the schedules. An error dialog as
shown in Figure 1-1 (page 20) appears if there are incorrectly formatted template
property values when the GUI System Manager is started.
If a Surveillance Group is not successfully parsed when the GUI System Manager is
started, the group is removed from the schedule and the group will not appear in the
Schedule Manager window. If a schedule contains only the group that was removed,
then the GUI System Manager displays an error dialog stating that it was unable to
parse the schedule and the schedule will not appear in the System Manager and
Schedule Manager windows.
The following scenarios illustrate instances where the GUI Schedule Manager allows
administrators to make and save invalid modifications to pathname_X/program_X
filter template properties:
Known Problems, Limitations, and Fixes 21