HP-UX Host Intrusion Detection System Version 4.2 Release Notes

ManualsBrandsHP ManualsSoftwareHP-UX Host Intrusion Detection System Software

Table of Contents

1 Announcement................................................................................................................7

What is HP-UX HIDS..............................................................................................................................7

Compatibility with Previous Versions....................................................................................................7

Compatibility with Other Products........................................................................................................7

Localization.............................................................................................................................................8

Benefits....................................................................................................................................................8

Documentation.......................................................................................................................................9

Manuals.............................................................................................................................................9

Manpages..........................................................................................................................................9

HP OpenView SMART Plug-In.........................................................................................................9

IDS Mailing List...............................................................................................................................10

ITRC Security Forum.......................................................................................................................10

Support Model.................................................................................................................................10

New and Changed Features.................................................................................................................10

Known Problems, Limitations, and Fixes ............................................................................................11

Clarifications....................................................................................................................................11

Perform Updates Instead of Cold Reinstalls..............................................................................11

Do not Change Permissions.......................................................................................................11

Known Problems and Limitations...................................................................................................11

Error Encountered When Installing HP-UX HIDS 4.2...............................................................11

Workaround..........................................................................................................................11

The GUI Schedule Manager Does not Validate Modifications to pathnames_X/programs_X

Template Properties...................................................................................................................11

Diagnosing the Problem.......................................................................................................12

Incorrectly Formatted raw Reports Sent as an Email................................................................12

Special Characters not Supported When Specifying Filters Using the tune Command...........12

The idsadmin Command Does not Parse Schedules Whose Property Lines Exceed 65535

Characters...................................................................................................................................13

Limitation when Using idsadmin in Interactive Mode...........................................................13

The idsadmin Tool Cannot Monitor more than one Agent at a Time.......................................13

Display of Schedules Created Using Earlier Versions of HIDS.................................................13

The Migrator Tool does not Update suppression_targets_to_ignore properly...........13

Limitation While Using the ids.cf File for Configuring Duplicate Alert Suppression..........13

Unexpected Behavior by idsagent when report, resync, or tune Command is

Executed.....................................................................................................................................14

SSH does not Perform a Clean Exit after idsagent is Started.................................................14

Agents and Kernel Parameters...................................................................................................14

Dropped Kernel Audit Records.................................................................................................14

The System Manager on PA-RISC 1.1 Systems..........................................................................14

Time Units Cannot be Specified for Template Properties in Schedule Manager.......................14

Schedules that Contain Username Template Values Cannot be run by Version 3.x Agents.....14

Error Log File Rotation...............................................................................................................15

Activations of Surveillance Schedules fail on systems installed with only HIDS v4.2 agent

software......................................................................................................................................15

Workaround..........................................................................................................................15

A Surveillance Schedule with a Surveillance Group that is scheduled to run during two or

more time periods (GROUPPERIODs) is not saved correctly by the HIDS v4.2 Administrative

GUI.............................................................................................................................................15

Workaround..........................................................................................................................16

If the System Manager GUI is not closed gracefully, any Surveillance Schedules that were

activated by the System Manager will be deleted......................................................................16

Table of Contents 3