HP-UX Host Intrusion Detection System Version 4.7 Release Notes HP-UX 11i v3 (766145-001, March 2014)
- Customers using a prior major version (or any of its minor versions) will be supported on a
best-effort basis. They will be asked to adopt the latest version, especially if the problem they are
experiencing has been corrected in the latest version. Specifically, this means that v4.7 is now the
actively supported version on HP-UX 11i v3 and all previous versions are supported on a best-effort
basis.
NOTE: Support for version 2.x of HP-UX HIDS was discontinued on March 31, 2007. HP
recommends that all customers using HP-UX HIDS v2.x upgrade to v4.7. For more information
about discontinuance, see http://www.hp.com/softwarereleases/releases-media2/discon/
index.htm.
New and Changed Features
HP-UX HIDS v4.7 supports Java 6.0.
Known Problems, Limitations, and Fixes
For a current and complete list of HP-UX HIDS problems and their fixes, refer to the Technical
Knowledge Database on the HP IT Resource Center Websites:
• http://us-support.external.hp.com for Americas/Asia-Pacific customers
• http://europe-support.external.hp.com for European customers
The Technical Knowledge Database is available to customers with support contracts.
Clarifications
Perform Updates Instead of Cold Reinstalls
HP-UX HIDS is designed to support updates. If users cold reinstall the newer version by first removing
the older version (swremove), two reboots (instead of just one or possibly none) will occur and
there is the possibility of losing some configuration data.
Do not Change Permissions
Do not change the permissions on files and directories owned by ids. Opening up the permissions
to be world writable or readable causes the agent to fail security checks and to exit. Changing
file permissions also results in swverify errors.
Known Problems and Limitations
Following problems and limitations are applicable for HIDS v4.7 release.
The GUI Schedule Manager Does not Validate Modifications to pathnames_X/programs_X Template
Properties
The GUI Schedule Manager saves modifications made to the template properties in Surveillance
Groups without validating that the Surveillance Schedules and Groups can be successfully parsed.
Incorrect modifications to the Surveillance Schedules and Groups, including incorrect modifications
to template property values, are only detected when the GUI System Manager attempts to activate
the schedule or when the GUI System Manager is restarted and attempts to load the schedules.
If a Surveillance Group is not successfully parsed when the GUI System Manager is started, the
group is removed from the schedule and the group will not appear in the Schedule Manager
window. If a schedule contains only the group that was removed, then the GUI System Manager
displays an error dialog stating that it was unable to parse the schedule and the schedule will not
appear in the System Manager and Schedule Manager windows.
The following scenarios illustrate instances where the GUI Schedule Manager allows administrators
to make and save invalid modifications to pathname_X/program_X filter template properties:
New and Changed Features 9