HP-UX Host Intrusion Detection System Version 4.1 Administrator's Guide
Table B-3 Additional Arguments Passed to Response Programs for Race Condition
Template Alerts
DescriptionAlert
Value/Format
Alert Data
Type
Alert FieldResponse
Program
Argument
Full path name of the program
under attack
<full pathname>StringAttacked
Program Path
name
argv[36]
File type of the program under
attack. Corresponds to an enum
vtype value defined invnode.h
<type>IntegerAttacked
Program File
Type
argv[37]
Mode of the program under
attack
<mode>
(decimal)
IntegerAttacked
Program
Mode
argv[38]
Owner of the program under
attack (uid)
<uid>IntegerAttacked
Program
Owner
argv[39]
Group of the program under
attack (gid)
<gid>IntegerAttacked
Program
Group
argv[40]
Inode number of the program
under attack
<inode>IntegerAttacked
Program
Inode
argv[41]
Device number of the program
under attack
<device>IntegerAttacked
Program
Device
argv[42]
Number of arguments passed
to the program under attack
(for example, argc)
<argc>IntegerAttacked
Program
Number of
Arguments
argv[43]
Program arguments of the
program under attack (first
1024 characters)
<argv[0]>
<argv[1]> ....
IntegerAttacked
Program
Arguments
argv[44]
Table B-4 lists the additional arguments that are set for system templates while
generating login and logout alerts.
How Automated Response Works in HP-UX HIDS 197