HP-UX Host Intrusion Detection System Version 4.4 Administrator Guide (5900-1634, April 2011)

ManualsBrandsHP ManualsSoftwareHP-UX Host Intrusion Detection System Software

Undoing and Redoing Changes...........................................................................................61

Saving a Surveillance Group...............................................................................................61

Configuring Detection Templates...............................................................................................61

Modifying a Property Value in a Template.............................................................................62

Undoing and Redoing Changes...........................................................................................64

Suggested Best Practices.....................................................................................................64

Some Template Configuration Guidelines..............................................................................64

Setting Surveillance Schedule Timetables...................................................................................65

Specifying When a Schedule Will Run..................................................................................65

Canceling Changes...........................................................................................................67

Saving a Surveillance Schedule...........................................................................................67

Configuring Alert Aggregation.................................................................................................67

Guidelines for Configuring Alert Aggregation .......................................................................69

Configuring Monitor Failed Attempts.........................................................................................70

Configuring Duplicate Alert Suppression....................................................................................71

Duplicate Alert Suppression Options.....................................................................................72

Viewing Surveillance Schedule Details.......................................................................................73

Viewing the Source of a Surveillance Schedule......................................................................73

Refreshing the Details Display..............................................................................................74

Clearing the Details Display................................................................................................74

Saving the Details Display...................................................................................................74

Predefined Surveillance Schedules and Groups...........................................................................75

6 Using the Host Manager Screen.................................................................78

Managing Hosts.....................................................................................................................78

Opening the Host Manager Screen......................................................................................78

Closing the Host Manager Screen........................................................................................79

Adding New Hosts.................................................................................................................79

Adding a New Host Manually.............................................................................................80

Adding New Hosts from /etc/hosts......................................................................................82

Adding New Hosts from a File.............................................................................................82

Rules for Host Lists Files.......................................................................................................83

Modifying a Host...................................................................................................................83

Deleting a Host......................................................................................................................84

Enabling and Disabling Hosts..................................................................................................84

Managing a Tag....................................................................................................................85

Maintaining Host Files.............................................................................................................86

Saving the Host List in the Current File...................................................................................87

Saving the Host List in a Different File....................................................................................87

Using an Alternate Host List File...........................................................................................87

Using Multiple Host Files.....................................................................................................88

7 Using the Network Node Screen................................................................89

Network Node Screen............................................................................................................89

Opening a Network Node Screen.......................................................................................89

Closing a Network Node Screen.........................................................................................89

Alerts Tab..............................................................................................................................90

HP-UX HIDS Alerts..............................................................................................................91

Errors Tab .............................................................................................................................91

HP-UX HIDS Errors..............................................................................................................91

General Operations................................................................................................................92

Sorting Entries...................................................................................................................92

Selecting Entries................................................................................................................92

Contents 5