E Cis Mapping To Hp-Ux Bastille - HP UX Bastille User Manual

E CIS mapping to HP-UX Bastille

CIS Level 1 benchmark for HP-UX 1 1i (v1.5.0)
CIS ID CIS benchmark section
1.1 Patches and Additional Software
1.1.1 Apply latest OS patches
1.1.2 Install and configure SSH
1.1.3 Install and Run Bastille
1.2 Minimize inetd network services
1.2.1 Disable Standard Services
1.2.2 Only enable telnet
1.2.3 Only enable FTP
1.2.4 Only enable rlogin/remsh/rcp
1.2.5 Only enable TFTP
1.2.6 Only enable printer service
1.2.7 Only enable rquotad
1.2.8 Only enable CDE-related daemons
1.2.9 Only enable Kerberos-related daemons
1.2.10 Only enable BOOTP/DHCP daemon
1.3 Minimize boot services
1.3.1 Disable login: prompts on serial ports
1.3.2 Disable NIS/NIS+ related processes
1.3.3 Disable printer daemons
1.3.4 Disable GUI login
1.3.5 Disable email server
1.3.6 Disable SNMP and OpenVIew
Mapping to HP-UX Bastille
HP-UX Bastille lock down items
Not Scorable
MiscellaneousDaemons.configure_ssh
Not Scorable
SecureInetd.deactivate_builtin
SecureInetd.deactivate_finger
SecureInetd.deactivate_ident
SecureInetd.deactivate_ntalk
SecureInetd.deactivate_recserv
SecureInetd.deactivate_time
SecureInetd.deactivate_uucp
SecureInetd.deactivate_telnet
SecureInetd.deactivate_ftp
SecureInetd.deactivate_rtools
SecureInetd.deactivate_tftp
SecureInetd.deactivate_printer
SecureInetd.deactivate_rquotad
SecureInetd.deactivate_dttools
SecureInetd.deactivate_ktools
SecureInetd.deactivate_bootp
Not Applicable
Not Applicable
Not Applicable
Not Applicable
Not Applicable
Not Applicable
Not Applicable
Not Applicable
Not Applicable
AccountSecurity.serial_port_login
MiscellaneousDaemons.nis_client
MiscellaneousDaemons.nis_server
MiscellaneousDaemons.nisplus_server
MiscellaneousDaemons.nisplus_client
Printing.printing
AccountSecurity.gui_login
Sendmail.sendmaildaemon
Sendmail.sendmailcron
MiscellaneousDaemons.snmpd
67