Jump to content United States-English
HP.com Home Products and Services Support and Drivers Solutions How to Buy
» Contact HP
More options
HP.com home
 HP-UX Host Intrusion Detection System Version 4.1 Administrator's Guide: HP-UX 11i v1, HP-UX 11i v2 and HP-UX 11i v3 > Chapter 3 Getting Started with HP-UX HIDS

Starting HP-UX HIDS for the First Time
» 

Technical documentation

Complete book in PDF
» Feedback
Content starts here

 » Table of Contents

 » Index

spacerspacerspacer
spacer
spacer
  		 
 

This procedure describes the steps required to start the HP-UX HIDS System Manager and agents for the first time. As you do this, your systems benefits immediately the protection of intrusion detection while you learn the specifics of the software and tune your configuration to fit your requirements.

Procedure 3-2 To Set up hosts and run schedules, follow these steps:

  1. Install the agent software on the agent hosts and the System Manager software on the administration host. For more information, see the HP-UX HIDS Release 4.1 Release Notes.

  2. Create SSL certificates for the administration and agent hosts and propagate them to the host systems. For more information, see “Setting Up HP-UX HIDS Secure Communications”.

  3. Log in to each agent host as root and start the idsagent program as the ids user. For more information, see “Starting HP-UX HIDS Agents”.

    NOTE: The ids password field is set to * on installation on both agent and administration systems, which means you cannot log in directly to ids. For security reasons, do not assign a password to ids.

    1. Login as ids.

      # su ids

    2. Start the agent program.

      $/opt/ids/bin/idsagent

  4. Log in to the administration system as root and start the System Manager as the ids user. For more information, see “Starting the HP-UX HIDS System Manager”.

    1. Login as ids:

      # su ids

    2. Start the System Manager program.

      $/opt/ids/bin/idsgui

    3. The first time you start the System Manager, the product license agreement is displayed. This text is also printed in “HP Software License”. Click Accept to continue or Reject if you are not ready to use the software.

  5. Go to the Schedule Manager screen and create surveillance schedules, or use the predefined schedules. For more information, see “Using the Schedule Manager Screen”.

  6. Go to the Host Manager screen and select the agent hosts you want to monitor. These are the systems you started idsagent on in step 3. As described in “Setting Up HP-UX HIDS Secure Communications”, the certificate script may have provided you with a selection of agent hosts. Check the Monitored box for each host. For more information, see “Using the Host Manager Screen”.

  7. Go to the System Manager screen. For more information, see “Returning to the System Manager Screen”.

  8. Check the status of the agents. The host names are listed in the Monitored Hosts list. If they are not listed as Available, select them all and press the Status button. The monitored hosts will be listed as Available in the Status column. For more information, see “Getting the Status of Agent Hosts”.

  9. Activate the schedules on the agent hosts. This can be the same schedule on all hosts, a different schedule on each host, or any combination thereof.

    1. Select a schedule in the Schedules list, the hosts you want to download it to in the Monitored Hosts list and press the Activate button.

    2. Repeat for different schedules and different hosts. An agent host can run only one schedule at time. If a download is successful, its Status is Scheduled or Running, depending on its timetable. For more information, see “Activating Schedules on Agent Hosts”.



System Manager
  		 


Operations Screens  
Printable version
Privacy statement Using this site means you accept its terms Feedback to webmaster
© Hewlett-Packard Development Company, L.P.