Manualshelf

HP-UX Host Intrusion Detection System Version 4.2 Release Notes

ManualsBrandsHP ManualsSoftwareHP-UX Host Intrusion Detection System Software
21222324252627282930
Migrating Schedules from Older Versions of HIDS
To use your older schedules with HIDS v4.2, you must migrate them to HIDS v4.2. Schedules
from HIDS v3.1 and v4.0 must be migrated to HIDS v4.2. HIDS v4.1 schedules do not need to
be migrated.
NOTE: If you are migrating schedules from version 3.1 of HIDS, you must first migrate to HIDS
v4.0 and use guiSchedConvert to convert them to HIDS v4.0 schedule files before migrating
them to HIDS v4.2 schedules.
Complete the following process to migrate HIDS v4.0 schedules to HIDS v4.2 schedules:
1. Use the v4.0 idsgui to convert all the Java schedules that you want to migrate into text
files. Use the Details tab in the GUI Schedule Manager to save the schedules. The text
schedules are saved in /var/opt/ids/gui/logs/<schedulename.txt>
2. Use /opt/ids/bin/migrator to migrate each schedule to HIDS v4.2. Use this command
with the following options:
-i input schedule
-o <output directory>
If this option is not specified, the tool creates the schedules and group files in /etc/
opt/ids/schedules and /etc/opt/ids/schedules/groups, respectively. If
this option is specified, the schedule files are created in the specified <output
directory>, and the corresponding group files are created in <output
directory>/groups
The migrated schedules will contain monitor_failed_attempts and log_severity_def
properties in the GLOBALS section.
Preinstallation
Before installing version 4.2 on a system that has a previous version of HP-UX HIDS installed
and running, HP recommends that you stop the idsagent process.
IMPORTANT: For systems that do not currently have any version of HP-UX HIDS installed,
HP recommends that you make a full backup of all administration and agent systems before you
install HP-UX HIDS. Installation on agent systems requires a kernel rebuild (automatic) and
reboot.
Making Depots
It is a good idea to gather the various pieces of software into depots that you can use with the
swinstall command. These instructions tell you how to prepare three combination depots.
You will need at least two of them: one administration depot and one or two agent depots. Table 2-3
lists and describes these depots.
After you select the two or three that you need, HP recommends that you go through the rest of
this section and “Installing the Depots” (page 27) and mark the substeps that you will need to
complete.
Migrating Schedules from Older Versions of HIDS 21