HP UX Bastille User Manual page 68

Version b.3.3

Hide thumbs

Table Of Contents

Table of Contents

CIS

Level 1 benchmark for HP-UX 1 1i (v1.5.0)

1.3.7

Disable other standard boot services

1.3.8

Only enable Windows-compatibility server processes

1.3.9

Only enable Windows-compatibility client processes

1.3.10

Only enable NFS server processes

1.3.11

Only enable NFS client processes

1.3.12

Only enable RPC-based services

1.3.13

Only enable Web server

1.3.14

Only enable BIND DNS server

1.4

Kernel Tuning

1.4.1

Enable stack protection

1.4.2

Network parameter modifications

1.4.3

Use better TCP sequence numbers

1.4.4

Additional network parameter modifications

1.5

File/Directory Permissions/Access

1.5.1

Set Sticky Bit on World Writable Directories

Find unauthorized world-writable files and SUID/SGID

1.5.2

executables

1.5.3

Find 'unowned' files and directories

1.6

System Access, Authentication, and Authorization

1.6.1

Enable Hidden Passwords

1.6.2

Restrict users who can access to FTP

1.6.3

Prevent Syslog from accepting messages from the network

1.6.4

Disable XDMCP port

1.6.5

Set default-lock screensaver timeout

1.6.6

Configure IPFilter to allow only select communication

1.6.7

Restrict at/cron to authorized users

1.6.8

Restrict crontab file permissions

1.6.9

Restrict root logins to system console

1.6.10

Set retry limit for account lockout

1.6.11

Disable 'nobody' access for secure RPC

1.7

Logging

CIS mapping to HP-UX Bastille

Mapping to HP-UX Bastille

MiscellaneousDaemons.disable_rbootd

MiscellaneousDaemons.nfs_server

MiscellaneousDaemons.nfs_client

MiscellaneousDaemons.disable_ptydaemon

Apache.deactivate_hpws_apache

MiscellaneousDaemons.snmpd

MiscellaneousDaemons.nfs_core

MiscellaneousDaemons.other_boot_serv

MiscellaneousDaemons.disable_smbclient

MiscellaneousDaemons.disable_smbserver

MiscellaneousDaemons.disable_bind

Not Applicable

HP_UX.stack_execute

HP_UX.ndd

HP_UX.tcp_isn

HP_UX.ndd

Not Scorable

AccountSecurity.unowned_files

AccountSecurity.hidepasswords

FTP.ftpusers

MiscellaneousDaemons.syslog_localonly

MiscellaneousDaemons.xaccess

HP_UX.screensaver_timeout

Not Scorable

AccountSecurity.cronuser

AccountSecurity.atuser

AccountSecurity.crontabs_file

AccountSecurity.create_securetty

AccountSecurity.AUTH_MAXTRIES

MiscellaneousDaemons.nobody_secure_rpc

Table of Contents

This manual is also suitable for:

Ux bastille b.3.3

HP UX Bastille User Manual page 68

Related Manuals for HP UX Bastille

Related Products for HP UX Bastille

This manual is also suitable for:

Table of Contents