Directory of Security Links (Software Tools)

4 More Discussions You Might Find Interesting

1. Solaris

Unix file, folder permissions, security auditing tools.

I want to periodically check if ASCII password/config files on Unix have 400 or 600 access. Folders and files are owned by designated group and user. Folders and Files do not have world write access. Are there any tools/scripts available for this kind of auditing that I can use on Solaris?

2. Web Development

Symbol Links amongst Apache's served files, is this a security-don't?

I read somewhere that you should make sure Apache is configured to not allow symbolic links to be followed outside the webroot, as this can compromise security. I can imagine how this could lead to a security risk: eg: Is my assumption correct? -- Is it nothing more than: "its just...

3. UNIX for Dummies Questions & Answers

Why do I have two links in my rc.3 directory?

Hi, I am doing a services audit on one of our servers at work and I notice that I sometimes have a service with two slightly different prefixes. For example, S94httpd K15httpd Can one of them be safely deleted?

4. UNIX for Advanced & Expert Users

Listing all Software and Tools installed

Hi, In Unix, how do we know, which software and tools are installed? Is there any command or info file available for the same? Regards,

LEARN ABOUT HPUX

secweb

secweb(1M)																secweb(1M)

NAME

       secweb - invokes the HP-UX Auditing and Security Attributes Configuration tool

SYNOPSIS

       [ ] [ ]

DESCRIPTION

       The  HP-UX Auditing and Security Attributes Configuration tool ( ) is used to configure suditing sub-system and, view and configure system-
       wide and per-user (Local users and NIS users) values of security attributes. It also gives information about account locks.

       The HP-UX Auditing and Security Attributes Configuration tool provides both Web-based and terminal user interface (for Security	Attributes
       Configuration only).  The Web-based interface is launched through the HP System Management Homepage.

       Superuser  privileges  are required to access the HP-UX Auditing and Security Attributes Configuration tool. A user who does not have supe-
       ruser privileges has read-only access to the System Defaults area in the HP-UX Auditing and Security Attributes Configuration tool and can-
       not modify or reset per-user values.

       The terminal user interface is invoked if any of the following conditions are true:

	      o  The command is invoked with option.

	      o  The environment variable is not set.

       The Web-based interface is launched if all the following conditions are true:

	      o  The command is invoked with option.

	      o  The environment variable is set.

	      o  The command is available on the system.

       If the Web-based interface cannot be launched, invokes the terminal user interface.

   Options
       recognizes the following options:

	      Forces a client browser to be used in less secure ways.

			The  option  forces the client browser to be used or started, even when the X-traffic between the X-server and the Mozilla
			browser is not secure.

			Use this option only when you are sure the network traffic between the host where Mozilla is running and the host  in  the
			DISPLAY variable is secure.

			If cannot start the Web browser, the terminal interface is started.

			When the HP-UX Auditing and Security Attributes Configuration Web interface is invoked by SAM, the option is used.

	      If a privileged user (root) executes the
			command  with  the  option,  a temporary login bypass key is generated.  The bypass key enables the user to access the Web
			interface without having to provide login information again.

			When the HP-UX Auditing and Security Attributes Configuration Web interface is invoked by SAM, the option is used.

	      Opens the terminal interface for setting system-wide and
			per-user values of security attributes regardless of the current setting of the environment variable.

       You can also start the HP-UX Auditing and Security Attributes Configuration tool using one of the following methods:

	      o  Invoke and select the Auditing and Security Attributes Configuration (character mode) functional area to launch the terminal user
		 interface and the Auditing and Security Attributes Configuration (Web-based Interface) to launch the Web-based tool

	      o  Invoke  the  HP-UX Auditing and Security Attributes Configuration tool Web interface by typing the URL in the address bar of your
		 browser, where hostname is the name of the server

	      o  Launch the HP-UX Systems Insight Manager on the server and select the Auditing and Security Attributes  Configuration	tool  from
		 Configure -> HP-UX Configuration menu

Online Help
       After the HP-UX Auditing and Security Attributes Configuration tool is started, the online help provides details on how to use the tool.

RETURN VALUES

       Upon completion, secweb returns one of the following values:

	      o  0    Successful

	      o  1    An error occurred

WARNINGS

       o  For  increased  security,  paste  the  URL  in  your	browser,  click  on the Tools menu in the menu bar, then the Auditing and Security
	  Attributes Configuration functional area.

       o  The default minimum values of the security attributes , , , and does not meet the requirements for passwd(1M) command. A  password  must
	  contain  at  least  two letters and at least one numeric or special character. It is recommended to change the default values in for the
	  above mentioned security attributes as per passwd(1M) requirements.  For more information on password construction  requirements,  refer
	  passwd(1M).

AUTHOR

       was developed by Hewlett-Packard Company.

SEE ALSO

       sam(1M), security(4), userdb(4)

																	secweb(1M)

Cybersecurity