HP Host Intrusion Detection System (HIDS) manual Executablestack

Page 10

race condition attacks, while the HP-UX HIDS Race Condition template will detect them. See the secure_sid_scripts(5) man page for details. Even if the secure_sid_scripts tunable is enabled to prevent setuid script attacks, you might still want to run the Race Condition template to detect other types of race condition attacks (see the Administration Guide in Appendix A for more details on what the Race Condition template detects).

3.2.2.2.5executable_stack

Starting with 11i v1, this tunable provides comprehensive stack buffer overflow protection by using a combination of highly efficient software and existing memory management hardware. Enabling this tunable will prevent certain stack buffer overflow attacks, while the HP-UX HIDS Buffer Overflow template will attempt to detect them. See the executable_stack(5)man page for details.

3.2.2.2.6maxdsiz

If the HP-UX HIDS agent error file (/var/opt/ids/error.log) contains “out of memory” errors, the maximum data segment size may need to be increased.

3.2.2.3 Swap

If the HP-UX HIDS agent error file (/var/opt/ids/error.log) contains “out of memory” errors, the swap space may need to be increased. Run the /usr/bin/swapinfo command to determine your swap usage.

HP Company Internal

Page 10 of 20

Image 10
Contents HP Company Internal Legal Notices Contents Intended Audience Product IdentificationPurpose of Document GlossaryProduct Overview Sizing and Tuning OverviewHP-UX Hids Deployments Sizing and Tuning Recommendations Sizing GuidelinesTuning Considerations Disk CapacityKernel Tuning System performance over security Executablestack Reference Documents/ Web sites Appendix a CPU Consumption CPU Consumption on PA Processors Way PAEvent/sec CPU Consumption on Itanium Processors Way IAWay IA Appendix B Resident Memory Consumption Memory Consumption on PA ProcessorsResident Memory KB Memory Consumption on Itanium Processors Way IA
Related manuals
Manual 55 pages 31.55 Kb Manual 270 pages 6.58 Kb