Manualshelf

HP-UX Host Intrusion Detection System Version 4.2 Administration Guide

ManualsBrandsHP ManualsSoftwareHP-UX Host Intrusion Detection System Software
111112113114115116117118119120
Table A-1 Detection Templates (continued)
Detection TemplateAlert SeverityAttackAlert
Creation of
World-Writable File
Template
3A file with world-writable
permission was created by a
privileged user, the
world-writable bit was set on an
existing file owned by a
privileged user, the owner of a
world-writable file was changed
to a privileged user from a non-
privileged user, or a
world-writable file owned by a
privileged user was renamed
from a location that is not being
monitored to a location that is
being monitored.
World-writable file created
Modification of Another
Users File Template
2The following operations were
either unsuccessfully or
successfully performed on a file
by a user other than the owner of
the file:
Truncation
Deletion
Renaming
Non-owned file being
modified
Modification of Another
Users File Template
3The following operations were
either unsuccessfully or
successfully performed on a file
by a user other than the owner:
Modification of file’s mode or
ownership
Opening the file for
modification that may (or may
not) be followed by an actual
file modification.
Non-owned file being
modified
Login/Logout Template2
2
A successful login as a user
specified as privileged
Start of a successful login
session
Login/Logout Template3
2
A successful login as a user not
specified as privileged
Start of a successful login
session
Login/Logout Template2Logout of a user specified as
privileged
End of a login session
Login/Logout Template3Logout of a user not specified as
privileged
End of a login session
Login/Logout Template2A successful switch to a user
specified as privileged
Successful su session
Login/Logout Template3A successful switch to a user not
specified as privileged
Successful su session
Repeated Failed Logins
Template
3Repeated attempts to log in as a
user specified as privileged
Failed login attempts
Repeated Failed Logins
Template
3Repeated attempts to log in as a
user not specified as privileged
Failed login attempts
Repeated Failed su
Commands Template
2Repeated attempts to switch to a
user specified as privileged
Failed su attempts
Repeated Failed su
Commands Template
3Repeated attempts to switch to a
user not specified as privileged
Failed su attempts
Alert Summary 113