Discovery Questions Look here:
OPSYS-OWNER-01 Who owns the LISTNER object file? Fileinfo
OPSYS-OWNER-03 Who owns the <portconf> file? Fileinfo
FILE-POLICY Who is allowed to start and stop LISTNERs
on the system?
Policy
FILE- LISTNER-01
SAFE-LISTNER-01
Is the LISTNER object file correctly secured with
the Guardian or Safeguard system?
Fileinfo
Safecom
FILE-POLICY Who can make changes to the <portconf> file? Policy
FILE- LISTNER-02
SAFE-LISTNER-02
Is the <portconf> file correctly secured with the
Guardian or Safeguard system?
Fileinfo
Safecom
Related Topics
TCP/IP
LOGIN System Program
The LOGIN program is started by the TELSERV process after a user has specified a
service name to TELSERV. The LOGIN program starts the appropriate service and
authenticates the user if configured to do so. If the service chosen by the user does not
require authentication, the program defined for the service is started and no authenti-
cation is done. If authentication is required, the user is prompted for a userid or alias
and the password for that userid or alias. If they are valid, the program defined for the
service is started already with authentication. If invalid, the user is returned to the
userid prompt.
In general, TACL, PATHWAY and LOGON must be started without authenti-
cation. /bin/sh must be started with authentication.
NOTE: Services are defined for an individual TELSERV process using the SCF
subsystem.
RISK Starting without authentication could allow people to access the system
without a password.
Securing LOGIN
BP-FILE-LOGIN-01 LOGIN should be secured “UUNU”.
BP-OPSYS-LICENSE-01 LOGIN must be LICENSED.
BP-OPSYS-OWNER-01 LOGIN must be owned by SUPER.SUPER.
Part 6
LOGIN System Program 339

Get HP NonStop Server Security now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.