HP 5187-2725 사용자 설명서
Choosing a Migration Path
Install-time Security Considerations
Chapter 2
45
Secured Services and Protocols
Each security configuration bundle provides incrementally higher
security by locking down various protocols and services. HP-UX Bastille
uses a series of questions to determine which services and protocols to
secure. Using one of the Install-time Security Configuration bundles
applies a default security profile, simplifying the lockdown process.
security by locking down various protocols and services. HP-UX Bastille
uses a series of questions to determine which services and protocols to
secure. Using one of the Install-time Security Configuration bundles
applies a default security profile, simplifying the lockdown process.
The following tables detail the services and protocols affected by the
security bundles, listed in Table 2-2, if you choose to apply one at install-
or update-time.
security bundles, listed in Table 2-2, if you choose to apply one at install-
or update-time.
•
Table 2-3 lists the security settings for
Sec10Host
. These settings
also apply to
Sec20MngDMZ
and
Sec30DMZ
•
Table 2-4 lists the security settings applied with
Sec20MngDMZ
,
additional to the settings in Table 2-3
•
Table 2-5 lists the security settings applied with
Sec30DMZ
. These
IMPORTANT
Review these tables carefully. Some of the locked down services and
protocols may be used by other applications, and may have adverse
effects on the behavior or functionality of these applications. For
example, ServiceControl Manager and ParMgr rely on WBEM for part of
their functionality;
protocols may be used by other applications, and may have adverse
effects on the behavior or functionality of these applications. For
example, ServiceControl Manager and ParMgr rely on WBEM for part of
their functionality;
Sec30DMZ
blocks all incoming WBEM connections via
IPFilter.
You can change the security settings configured at install-time by
running HP-UX Bastille after installing or updating your system. For
more information about using HP-UX Bastille, see the Managing
Systems and Workgroups manual, or the HP-UX Bastille User’s Guide,
located on your system at
running HP-UX Bastille after installing or updating your system. For
more information about using HP-UX Bastille, see the Managing
Systems and Workgroups manual, or the HP-UX Bastille User’s Guide,
located on your system at
/opt/sec_mgmt/bastille/docs/user_guide.txt