Security Event Managment (SEM) with CEP (Part 1) Post: 302124612

Sponsored Content

Special Forums News, Links, Events and Announcements Complex Event Processing RSS News Security Event Managment (SEM) with CEP (Part 1) Post 302124612 by Linux Bot on Monday 2nd of July 2007 01:48:13 AM

07-02-2007

Registered User

Security Event Managment (SEM) with CEP (Part 1)

Many readers may already know that I have a deep background in network management with an emphasis in computer and network security. My experience in this area, after leading countermeasure efforts for the USAF*in the Langley Cyberattack, motivated me to write a CACM paper applying multisensor data fusion techniques to intrusion detection.
If you look further into the field of security event management or SEM, you will see that complex event processing and security event managment are a perfect match.* I first presented the relationship between CEP and SEM for*TIBCO*at an IDC event in Lisbon; and then followed up at TUCON with a presentation titled, Combating Fraud and Intrusion Threats with Event Processing.**
In the TUCON*presentation, I outlined SEM functionality and explained the*serious shortcomings of the current approaches to SEM in the marketplace.* Then,***I applied*CEP to*SEM and explained how*CEP, in the context of my* CEP reference architecture, holds great promise for SEM.
In this new blog series, Security Event Managment (SEM) with CEP, I will cover this topic in detail.* Next in this series, we discuss trends and vulnerabilities in cyberspace.

More...

Linux Bot

View Public Profile for Linux Bot

Find all posts by Linux Bot

LEARN ABOUT HPUX

secweb

secweb(1M)																secweb(1M)

NAME

       secweb - invokes the HP-UX Auditing and Security Attributes Configuration tool

SYNOPSIS

       [ ] [ ]

DESCRIPTION

       The  HP-UX Auditing and Security Attributes Configuration tool ( ) is used to configure suditing sub-system and, view and configure system-
       wide and per-user (Local users and NIS users) values of security attributes. It also gives information about account locks.

       The HP-UX Auditing and Security Attributes Configuration tool provides both Web-based and terminal user interface (for Security	Attributes
       Configuration only).  The Web-based interface is launched through the HP System Management Homepage.

       Superuser  privileges  are required to access the HP-UX Auditing and Security Attributes Configuration tool. A user who does not have supe-
       ruser privileges has read-only access to the System Defaults area in the HP-UX Auditing and Security Attributes Configuration tool and can-
       not modify or reset per-user values.

       The terminal user interface is invoked if any of the following conditions are true:

	      o  The command is invoked with option.

	      o  The environment variable is not set.

       The Web-based interface is launched if all the following conditions are true:

	      o  The command is invoked with option.

	      o  The environment variable is set.

	      o  The command is available on the system.

       If the Web-based interface cannot be launched, invokes the terminal user interface.

   Options
       recognizes the following options:

	      Forces a client browser to be used in less secure ways.

			The  option  forces the client browser to be used or started, even when the X-traffic between the X-server and the Mozilla
			browser is not secure.

			Use this option only when you are sure the network traffic between the host where Mozilla is running and the host  in  the
			DISPLAY variable is secure.

			If cannot start the Web browser, the terminal interface is started.

			When the HP-UX Auditing and Security Attributes Configuration Web interface is invoked by SAM, the option is used.

	      If a privileged user (root) executes the
			command  with  the  option,  a temporary login bypass key is generated.  The bypass key enables the user to access the Web
			interface without having to provide login information again.

			When the HP-UX Auditing and Security Attributes Configuration Web interface is invoked by SAM, the option is used.

	      Opens the terminal interface for setting system-wide and
			per-user values of security attributes regardless of the current setting of the environment variable.

       You can also start the HP-UX Auditing and Security Attributes Configuration tool using one of the following methods:

	      o  Invoke and select the Auditing and Security Attributes Configuration (character mode) functional area to launch the terminal user
		 interface and the Auditing and Security Attributes Configuration (Web-based Interface) to launch the Web-based tool

	      o  Invoke  the  HP-UX Auditing and Security Attributes Configuration tool Web interface by typing the URL in the address bar of your
		 browser, where hostname is the name of the server

	      o  Launch the HP-UX Systems Insight Manager on the server and select the Auditing and Security Attributes  Configuration	tool  from
		 Configure -> HP-UX Configuration menu

Online Help
       After the HP-UX Auditing and Security Attributes Configuration tool is started, the online help provides details on how to use the tool.

RETURN VALUES

       Upon completion, secweb returns one of the following values:

	      o  0    Successful

	      o  1    An error occurred

WARNINGS

       o  For  increased  security,  paste  the  URL  in  your	browser,  click  on the Tools menu in the menu bar, then the Auditing and Security
	  Attributes Configuration functional area.

       o  The default minimum values of the security attributes , , , and does not meet the requirements for passwd(1M) command. A  password  must
	  contain  at  least  two letters and at least one numeric or special character. It is recommended to change the default values in for the
	  above mentioned security attributes as per passwd(1M) requirements.  For more information on password construction  requirements,  refer
	  passwd(1M).

AUTHOR

       was developed by Hewlett-Packard Company.

SEE ALSO

       sam(1M), security(4), userdb(4)

																	secweb(1M)