Manualshelf

HP-UX Host Intrusion Detection System Version 4.3 release notes

ManualsBrandsHP ManualsSoftwareHP-UX Host Intrusion Detection System Software
12345678910
1 Announcement
The HP-UX Host Intrusion Detection System Version 4.3 is a maintenance release that contains
defect fixes but no new features or enhancements.
What is HP-UX HIDS
HP-UX HIDS is a host-based HP-UX security product for HP computers running HP-UX 11i.
HP-UX HIDS enables security administrators to proactively monitor, detect, and respond to
attacks targeted at specific hosts. Many types of attacks can bypass network-based detection
systems. HP-UX HIDS monitors these bypassed attacks and complements the existing
network-based security mechanisms, bolstering enterprise security.
HP-UX HIDS seeks patterns that might suggest security breaches or misuse by examining
information about system activity from a variety of data sources. It detects illicit activities that
include attempting to break into or disrupt the system, modifying system files and directories,
or attempting to spread a virus. When HP-UX HIDS detects an intrusion attempt, it issues an
alert to the administrative interface, where users can immediately investigate the situation, and
take necessary action against the intrusion. In addition, users can customize a local response to
an alert as described in Appendix B, Response Programs in the Host Intrusion Detection System
Administrator’s Guide.
HP-UX HIDS is particularly useful for enterprise environments in which centralized management
tools control networks of heterogeneous systems. These environments include Web servers,
transaction processors, application servers, and database systems.
Compatibility with Previous Versions
HP-UX HIDS version 4.3 software is backward compatible with HIDS versions 4.2, 4.1, 4.0, and
3.1. However, surveillance schedules created with 3.1 or 4.0 must be migrated to HIDS version
4.3 (see “Migrating Schedules from Older Versions of HIDS” (page 19)). Schedules created with
HIDS version 4.1 or 4.2 do not need to be migrated. However, a version 4.1 schedule must be
migrated in order to make use of the configuration properties introduced in version 4.2 and
supported in version 4.3.
HP recommends that users upgrade all systems to HIDS version 4.3.
NOTE: HP-UX HIDS v4.3 is not backward compatible with HIDS v1.0 and HIDS v2.0, v2.1,
and v2.2 (collectively referred to as HIDS 2.x). HIDS v1.0 and HIDS v2.x are obsolete. HIDS
version 4.3 schedules with the Log File Monitoring detection template feature enabled
cannot be activated by HIDS agents running the HIDS v4.1 software.
Compatibility with Other Products
HP-UX HIDS is not compatible with all HP software products; see Table 1-1 for the list of products
that are supported. Do not run HP-UX HIDS on systems that are running unsupported products
(or vice versa).
Table 1-1 HP-UX HIDS Product Compatibility
Supported?Product
YesHP-UX 11i v3
YesHP-UX 11i v2
NoHP-UX 11i v1.6
NoHP-UX 11i v1.5
What is HP-UX HIDS 7