Discovery Questions Look here:
OPSYS-LICENSE-02 Is the SQLCAT object file licensed? Fileinfo
OPSYS-LICENSE-02 Is the SQLCI2 object file licensed? Fileinfo
OPSYS-LICENSE-02 Is the SQLCOMP object file licensed? Fileinfo
OPSYS-LICENSE-02 Is the SQLUTIL object file licensed? Fileinfo
FILE-POLICY Who is responsible for managing the SQL system
catalog and SQL environment?
Policy
FILE-POLICY Who is allowed to create and manage SQL
application catalogs ?
Policy
FILE-SQL-01 Is the SQLCAT object file secured correctly? Fileinfo
FILE-SQL-02 Is the SQLCFE object file secured correctly? Fileinfo
FILE-SQL-03
SAFE-SQL-01
Is the SQLCI object file correctly secured with the
Guardian or Safeguard system?
Fileinfo
Safecom
FILE-SQL-04 Is the SQLCI2 object file secured correctly? Fileinfo
FILE-SQL-05
SAFE-SQL-02
Is the SQLCOMP object file correctly secured with
the Guardian or Safeguard system?
Fileinfo
Safecom
FILE-SQL-06 Is the SQLESP object file secured correctly? Fileinfo
FILE-SQL-07 Is the SQLESPMG object file secured correctly? Fileinfo
FILE-SQL-08 Is the SQLH file secured correctly? Fileinfo
FILE-SQL-09 Is the SQLMSG file secured correctly? Fileinfo
FILE-SQL-10 Is the SQLUTIL object file secured correctly? Fileinfo
FILE-SQL-11
SAFE-SQL-03
Is the NLCPCOMP object file correctly secured
with the Guardian or Safeguard system?
Fileinfo
Safecom
FILE-SQL-12 Is the NLCPMSG file secured correctly? Fileinfo
FILE-SQL-13
SAFE-SQL-04
Is the SQL system catalog correctly secured with the
Guardian or Safeguard system?
Fileinfo
Safecom
SWID System Utility
SWID is part of a new program called HP Software Gateway, and is available as a
stand-alone utility. HP Software Gateway represents a group of related software
distribution services and products. The purpose of SWID is to provide unique identifi-
cation of all files distributed by HP.
This unique identifier is known as the “fingerprint” of the file. This fingerprint is
used to perform software inventory, software version analysis, and software delivery.
SWID System Utility 459
Part 6
SWID supercedes the VPROC utility. (Please refer to the Gazette section on BINDER
Subsystem)
$SYSTEM SYSTEM 16> SWID $SYSTEM.SYS01.PEEK
SoftWare Identification Utility – T9298AAH – (05DEC97) System \MEXICO
Copyright Tandem Computers Incorporated 1991-1997
16Jun 3 14:44:54 (Switches: None)
$SYSTEM.SYS01
Code Original fpts Current fpts Mismatch
PEEK 700 64bb-8ebf-6589-d292 64bb-8ebf-6589-d292 No
The phrase “fingerprint of a file” means a context-free and content-dependent
attribute of the file that can be computed by reading the contents of the file such that:
Two identical copies of a file must yield the same fingerprint regardless of the
context (for example, filename, location, ownership, creation time, and last-
modified time).
Two files with different contents should not yield the same fingerprint. A finger-
print is displayed as a character string of fixed length (16 hex characters). Internally, a
fingerprint is stored as a 96-bit number of which 32 bits are used for version and other
reserved information, and the other 64 bits are used to store the fingerprint string.
SWID reports two types of fingerprints, “Current” and “Original”.
The unique fingerprint generated by SWID can form a basis for change manage-
ment by other software products.
RISK SWID is a reporting program only and does not pose any risks.
Securing SWID
BP-FILE-SWID-01 SWID should be secured “UUNU”.
BP-OPSYS-OWNER-02 SWID should be owned by SUPER.SUPER.
BP-OPSYS-FILELOC-02 SWID must reside in $SYSTEM.SYSTEM
Discovery Questions Look here:
OPSYS-OWNER-01 Who owns the SWID object file? Fileinfo
FILE-SWID-01 Is the SWID object file secured correctly? Fileinfo
460 SWID System Utility

Get HP NonStop Server Security now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.