arp_cleanup_interval–60000

ip_forward_directed_broadcasts–0

ip_forward_src_routed–0

ip_forwarding–0

ip_ire_gw_probe–0

ip_pmtu_strategy–1

ip_respond_to_echo_broadcast–0

ip_respond_to_timestamp–0

ip_respond_to_timestamp_broadcast–0

ip_send_redirects–0

ip_send_source_quench–0

tcp_conn_request_max–4096

tcp_syn_rcvd_max–4096

For more information on each of these parameters, run ndd -h

 

 

 

NOTE: If you already have some non-default, non-HP-UX Bastille settings

 

 

 

 

 

 

in effect, you must merge the settings manually. A reminder is added to your

 

 

 

 

 

 

TODO.txt file.

 

 

 

IMPORTANT: Manual action may be required to complete this configuration.

 

 

 

See the TODO.txt file for details.

Actions

 

 

If the /etc/rc.config.d/nddconf file has no entries, the following

 

 

 

parameters are set:

 

 

 

ip_forward_directed_broadcasts=0

 

 

 

ip_forward_src_routed=0

 

 

 

ip_forwarding=0

 

 

 

ip_ire_gw_probe=0

 

 

 

ip_pmtu_strategy=1

 

 

 

ip_respond_to_echo_broadcast= 0

 

 

 

ip_send_redirects= 0

 

 

 

ip_send_source_quench=0

 

 

 

tcp_conn_request_max=4096

 

 

 

tcp_syn_rcvd_max=4096

 

 

 

arp_cleanup_interval= 60000

 

 

 

ip_respond_to_timestamp= 0

 

 

 

ip_respond_to_timestamp_broadcast= 0

 

 

 

Otherwise, an item is created in the TODO.txt file for you to manually

 

 

 

integrate the parameter changes.

HP_UX.other_tools

Headline

 

 

Provide information about other security tools that HP has to offer.

Default

 

 

N

Description

 

 

Although HP-UX Bastille helps to configure most of the security-relevant

 

 

 

features of your operating system, it is not a substitute for a complete security

 

 

 

solution. Such a solution includes properly configured firewalls, network

 

 

 

topologies, intrusion detection, policies, and user education. Hewlett-Packard

 

 

 

has tools and resources to help with most aspects of system security.

43

Page 43
Image 43
HP UX Bastille Software manual HPUX.othertools