Manualshelf

HP-UX Host Intrusion Detection System Version 4.1 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX Host Intrusion Detection System Software
21222324252627282930
Figure 1-1 HP-UX HIDS Components
HP-UX HIDS monitors system activity by analyzing data from the following file sources:
Kernel audit data
System log files
HP-UX HIDS analyzes this information against its configured attack scenarios. It then
identifies possible intrusions and misuse immediately following any suspected activity.
The suspected activity simultaneously communicates an alert and detailed information
about the potential attack to the HP-UX HIDS System Manager.
Detection Templates HP-UX HIDS includes a set of preconfigured patterns, known
as detection templates. These templates are the building blocks used to identify the
basic types of unauthorized system activity or security attacks frequently found on
enterprise networks. You can customize the detection templates by changing certain
configurable parameters.
HP-UX HIDS Components 29