Manualshelf

HP-UX Host Intrusion Detection System Version 4.1 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX Host Intrusion Detection System Software
11121314151617181920
List of Tables
1 HP-UX 11i Releases.....................................................................................................20
2-1 IDS Scripts Used to Set Up Secure Communications.................................................34
2-2 Runtime File Permissions............................................................................................50
4-1 Monitored Nodes........................................................................................................60
4-2 Status Field Values......................................................................................................60
5-1 Predefined Surveillance Schedules.............................................................................96
8-1 General Preferences Tab............................................................................................128
8-2 Alert Events Subtab...................................................................................................130
8-3 Error Events Subtab...................................................................................................132
8-4 System Manager Subtab............................................................................................133
A-1 Detection Templates..................................................................................................135
A-2 Buffer Overflow Template Properties.......................................................................147
A-3 Execute on Stack Alert Properties.............................................................................148
A-4 Unusual Argument Length Alert Properties ...........................................................149
A-5 Argument with Nonprintable Character Alert Properties........................................150
A-6 Race Condition Template Properties.........................................................................152
A-7 File Reference Modification Alert Properties............................................................154
A-8 setuid Script Executed Alert Properties....................................................................155
A-9 File/Directories Template Properties.........................................................................158
A-10 File Being Modified Alert Properties........................................................................160
A-11 Template Properties...................................................................................................163
A-12 Append-Only File Being Modified Alert Properties.................................................164
A-13 Setuid File Template Properties................................................................................167
A-14 Setuid File Created / Modified Alert Properties.......................................................168
A-15 World-Writable File Template Properties..................................................................171
A-16 World-Writable File Created Alert Properties...........................................................172
A-17 Modification of Another Users File Template Properties........................................175
A-18 Non-Owned File Being Modified Alert Properties...................................................177
A-19 Login/Logout Template Properties...........................................................................180
A-20 Login/Logout Alert Properties..................................................................................181
A-21 Successful su Detected Alert Properties....................................................................183
A-22 Failed Logins Template Properties............................................................................185
A-23 Failed Login Attempts Alert Properties....................................................................186
A-24 Repeated Failed su Commands Template Properties...............................................188
A-25 Repeated Failed Su Attempts Alert Properties.........................................................189
B-1 Additional Arguments Passed to Response Programs for Kernel Template
Alerts.........................................................................................................................194
B-2 Additional Arguments Passed to Response Programs for Suppressed Alerts.........196
B-3 Additional Arguments Passed to Response Programs for Race Condition Template
Alerts.........................................................................................................................197
B-4 Additional Arguments Passed to Response Programs for Login or Logout Alerts..198
13