HP-UX Host Intrusion Detection System Version 4.4 Release Notes (5900-1612, April 2011)

ManualsBrandsHP ManualsSoftwareHP-UX Host Intrusion Detection System Software

Contents

1 Announcement...........................................................................................5

What is HP-UX HIDS.................................................................................................................5

Compatibility with Previous Versions............................................................................................5

Compatibility with Other Products...............................................................................................5

Localization.............................................................................................................................6

Benefits...................................................................................................................................6

Documentation.........................................................................................................................7

Manuals.............................................................................................................................7

Manpages..........................................................................................................................7

HP OpenView SMART Plug-In................................................................................................7

IDS Mailing List ..................................................................................................................8

ITRC Security Forum.............................................................................................................8

Support Model....................................................................................................................8

New and Changed Features......................................................................................................8

Known Problems, Limitations, and Fixes ......................................................................................8

Clarifications.......................................................................................................................9

Perform Updates Instead of Cold Reinstalls..........................................................................9

Do not Change Permissions..............................................................................................9

Known Problems and Limitations............................................................................................9

Error Encountered When Installing HP-UX HIDS 4.4.............................................................9

Workaround..............................................................................................................9

The GUI Schedule Manager Does not Validate Modifications to pathnames_X/programs_X

Template Properties.........................................................................................................9

Diagnosing the Problem............................................................................................10

Incorrectly Formatted raw Reports Sent as an Email............................................................10

Special Characters not Supported When Specifying Filters Using the tune Command.............10

The idsadmin Command Does not Parse Schedules Whose Property Lines Exceed 65535

Characters...................................................................................................................10

Limitation when Using idsadmin in Interactive Mode..........................................................10

The idsadmin Tool Cannot Monitor more than one Agent at a Time.....................................11

Display of Schedules Created Using Earlier Versions of HIDS..............................................11

The Migrator Tool does not Update suppression_targets_to_ignore properly..........................11

Limitation While Using the ids.cf File for Configuring Duplicate Alert Suppression..................11

Unexpected Behavior by idsagent when report, resync, or tune Command is Executed...........11

SSH does not Perform a Clean Exit after idsagent is Started................................................11

Agents and Kernel Parameters.........................................................................................12

Dropped Kernel Audit Records........................................................................................12

The System Manager on PA-RISC 1.1 Systems....................................................................12

Time Units Cannot be Specified for Template Properties in Schedule Manager......................12

Schedules that Contain Username Template Values Cannot be run by Version 3.x Agents.......12

Error Log File Rotation....................................................................................................12

The swverify command reports error after removing the IDS Agent or the IDS Admin Sub-product

from a server that has HIDS bundle installed.....................................................................13

Defect Fixes in HP-UX HIDS Version 4.4................................................................................13

2 Installation...............................................................................................14

Introduction............................................................................................................................14

Installation Summary...............................................................................................................14

Hardware and Software Requirements.......................................................................................15

Administration and Agent Systems........................................................................................15

Contents 3