race condition attacks, while the HP-UX HIDS Race Condition template will detect them. See the secure_sid_scripts(5) man page for details. Even if the secure_sid_scripts tunable is enabled to prevent setuid script attacks, you might still want to run the Race Condition template to detect other types of race condition attacks (see the Administration Guide in Appendix A for more details on what the Race Condition template detects).
3.2.2.2.5executable_stackStarting with 11i v1, this tunable provides comprehensive stack buffer overflow protection by using a combination of highly efficient software and existing memory management hardware. Enabling this tunable will prevent certain stack buffer overflow attacks, while the HP-UX HIDS Buffer Overflow template will attempt to detect them. See the executable_stack(5)man page for details.
3.2.2.2.6maxdsizIf the HP-UX HIDS agent error file (/var/opt/ids/error.log) contains “out of memory” errors, the maximum data segment size may need to be increased.
3.2.2.3 Swap
If the HP-UX HIDS agent error file (/var/opt/ids/error.log) contains “out of memory” errors, the swap space may need to be increased. Run the /usr/bin/swapinfo command to determine your swap usage.
HP Company Internal | Page 10 of 20 |