Manualshelf

HP-UX Host Intrusion Detection System Version 4.2 Release Notes

ManualsBrandsHP ManualsSoftwareHP-UX Host Intrusion Detection System Software
11121314151617181920
IPv6 support that allows HIDS to function in a pure IPv6 network as well as a mixed
IPv6/IPv4 network.
Numeric user name support for specifying user name template property values.
Known Problems, Limitations, and Fixes
For a current and complete list of HP-UX HIDS problems and their fixes, refer to the Technical
Knowledge Database on the HP IT Resource Center Websites:
http://us-support.external.hp.com for Americas/Asia-Pacific customers
http://europe-support.external.hp.com for European customers
The Technical Knowledge Database is available to customers with support contracts.
Clarifications
Perform Updates Instead of Cold Reinstalls
HP-UX HIDS is designed to support updates. If users cold reinstall the newer version by first
removing the older version (swremove), two reboots (instead of just one or possibly none) will
occur and there is the possibility of losing some configuration data.
Do not Change Permissions
Do not change the permissions on files and directories owned by ids. Opening up the permissions
to be world writable or readable causes the agent to fail security checks and to exit. Changing
file permissions also results in swverify errors.
Known Problems and Limitations
Following problems and limitations are applicable for HIDS v4.2
Error Encountered When Installing HP-UX HIDS 4.2
The following error can appear when installing HP-UX HIDS 4.2 even if J2SE 5.0 is installed:
swinstall error: * Reading source for file information. The corequisite "Jre15.JRE15,
r>=1.5.0.02" for fileset "IDS.IDS-ADM-RUN, r=E.04.01.01" cannot be successfully
resolved.
ERROR:The dependencies for fileset "IDS.IDS-ADM-RUN,r=E.04.01.01" cannot be resolved
(see previous lines). You must resolve the above dependencies before operating on
this fileset or change the "enforce_dependencies" option to "false".
Workaround
If this error is encountered and J2SE 5.0 is already installed, disable the enforcement of
dependencies by deselecting the swinstall Enforce dependency analysis errors in agent option.
Otherwise, install the latest version of J2SE 5.0 available at: http:// www.hp.com/go/java.
The GUI Schedule Manager Does not Validate Modifications to pathnames_X/programs_X Template
Properties
The GUI Schedule Manager saves modifications made to the template properties in Surveillance
Groups without validating that the Surveillance Schedules and Groups can be successfully parsed.
Incorrect modifications to the Surveillance Schedules and Groups, including incorrect
modifications to template property values, are only detected when the GUI System Manager
attempts to activate the schedule or when the GUI System Manager is restarted and attempts to
load the schedules.
If a Surveillance Group is not successfully parsed when the GUI System Manager is started, the
group is removed from the schedule and the group will not appear in the Schedule Manager
window. If a schedule contains only the group that was removed, then the GUI System Manager
Known Problems, Limitations, and Fixes 11