HPux security

HPux security

Post by RvErve » Fri, 09 Jul 1999 04:00:00

I've little knowledge of HPux and mainly work on solaris.

Unfortunately today I had to work on a HPux machine and saw that there was
no way to prevent people from telnetting into the box and log in with the
root account.

I asked HP and was told it has to be this way.

I can't believe that.

Could some one help me with tips and trics on how to secure a HPux 10.x
machine. Or give me the name of a book/url/document where I can find more
information on HPux security.

I also need to put this machine console port onto a terminal server, please
advise on how this is done with a HP machine?

Thanks, Ron.


HPux security

Post by Oleg Kopyso » Tue, 13 Jul 1999 04:00:00

You can use main documentation site from HP http://docs.hp.com


1. Network Connections and Security Issues (HPUX 10.01)

If you were security paranoid, would you see any problems with the following
network connections listening on your system?

This information is from the lsof utility run on an HP 9000 D350 System at
HP-UX 10.01.  The system has been security hardened to allow only required
network connections.

COMM            PID     USER    FD      TYPE    ...     INODE NAME
syslog          389     root    5u      inet    ...     UDP *:syslog
vuelogin        840     root    5u      inet    ...     UDP *:177
vuelogin        840     root    6u      inet    ...     TCP *:1026
X               880     daemon  3u      inet    ...     TCP *:6000
X               880     daemon  6u      inet    ...     TCP *:1026
vuelogin        12534   root    6u      inet    ...     TCP *:1026
vuesession      12570   root    6u      inet    ...     TCP *:1026
softmsgsr       12594   root    3u      inet    ...     TCP *:1677

I am also thinking of running NTP, but I am unsure of the security
implications of doing this.

Any comments would be greatly appreciated.

Thanks in advance,


2. Help with home network system

3. HPux and solaris 26/27 security audit checklist

4. D Series Disks

5. HPUX 10.x Security tools

6. free SQL database for *BSD

7. US-CA- San Francisco- SWE - Enterprise Security, HPUX, WIN32, C/C++ - Contract Opportunity

8. PROBLEM: memory allocation error with token ring tms380/abyss modules

9. Security hole in HPUX

10. HPUX Admin: MP3 Players and HPUX.

11. SGI Security Advisory 19970504-01-PX - IRIX rld security vulnerability

12. comp.security.unix and comp.security.misc frequently asked questions