ADSM-L
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Possibly off topic

2003-05-29 10:31:46
Subject: Re: Possibly off topic
From: Ben Bullock <bbullock AT MICRON DOT COM>
To: ADSM-L AT VM.MARIST DOT EDU
Date: Thu, 29 May 2003 07:59:20 -0600 
        For general securing of a DMZ host, these 2 white papers from IBM are 
helpful. They are a little old, but the concepts remain the same.


IBM Redbook - AIX 4.3 Elements of Security, Effective and Efficient 
Implementation 
        
http://publib-b.boulder.ibm.com/Redbooks.nsf/9445fa5b416f6e32852569ae006bb65f/a2502989b5dc09f18525689b00740f90?OpenDocument&Highlight=0,SG24-5962
IBM Redbook - Additional AIX Security Tools on IBM pSeries, IBM RS/6000, and 
SP/Cluster 
        
http://publib-b.boulder.ibm.com/Redbooks.nsf/9445fa5b416f6e32852569ae006bb65f/8934e5c6a09d1094862569bb0074cfaa?OpenDocument

Ben


-----Original Message-----
From: Zlatko Krastev/ACIT [mailto:acit AT ATTGLOBAL DOT NET]
Sent: Thursday, May 29, 2003 5:56 AM
To: ADSM-L AT VM.MARIST DOT EDU
Subject: Re: Possibly off topic


What - AIX itself.
How:
- put OpenSSH on it (download from bullfreeware.com; comes with latest AIX
versions)
- disable all unnecessary and plain-text authentication services
(including telnet and ftp - use ssh and scp instead)
- use built-in IP filtering (don't make way too many filters, IP filtering
is CPU consuming and may slow down your TCP/TSM sessions). "enable tsm;
enable ssh; disable all" is good enough.
- start the server as ordinary user (just recently discussed again on the
list)
- (optional) if you cannot live without Web-admin interface - install TSM
Secure Web Proxy over the same box

Zlatko Krastev
IT Consultant






"Gill, Geoffrey L." <GEOFFREY.L.GILL AT SAIC DOT COM>
Sent by: "ADSM: Dist Stor Manager" <ADSM-L AT VM.MARIST DOT EDU>
29.05.2003 07:06
Please respond to "ADSM: Dist Stor Manager"


        To:     ADSM-L AT VM.MARIST DOT EDU
        cc:
        Subject:        Possibly off topic


I am wondering if some of the AIX folks can help with this. It's a bit off
topic but is related to a TSM server nonetheless.



If a TSM server running on AIX, is in the DMZ, what might someone use to
"harden it" if you will. What software packages are available to help keep
out intruders?

Thanks,

Geoff Gill
TSM Administrator
NT Systems Support Engineer
SAIC
E-Mail:   gillg AT saic DOT com
Phone:  (858) 826-4062
Pager:   (877) 905-7154
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  TSM Metrics, Andy Carlson
Next by Date:  Re: restoring an nt domain controller and disaster recovery quest ion, Consiglio, Tony
Previous by Thread:  Re: Possibly off topic, Zlatko Krastev/ACIT
Next by Thread:  Re: Disk Storage Pool Volume Size, Zlatko Krastev/ACIT
Indexes:  [Date] [Thread] [Top] [All Lists]