Trusted systems

Trusted System

Characteristics/Advantages

1.Trusted system removes the passwd encryptions from the /etc/passwd file. It replaces the entry with a '*' character.

2.It also sets up a database under /tcb directory. tcb will be created. This directory is only readable by root. Trusted - encrypted passwords are NOT stored in /etc/passwd. They are instead stored in files in the /tcb/files/auth/ directory structure which is only readable by root. So its not possible for ordinary users to get the encrypted password, because weak paswords can easily be cracked.

3.SAM provides a variety of system security policies. You have control on how a new user can choose a password or if a new user will get a system-created password. You can enable password aging policies (and controlling them).

4.You can de-activate and re-activate user accounts

5.User accounts will be de-activated automatically, if the user performs several unsuccessful logins. Root can choose how many unsuccessful logins are allowed

6.User accounts will be de-activated automatically, if the user account is inactive for a period of time. Root can choose how many days of inactivity

7.When a new user logins the first time he needs an authorization number. After that he has to set his password first before entering any other command. The authorization number is given to root by SAM.

8.Root is not allowed to choose very simple passwords.

9.Converting a machine to trusted doesn’t require a reboot nor your application to be down but it is always better to convert when the system is quite(when application is down)

Pre-requirements

1.Make sure that all users password must not greater than 8 characters otherwise, after convert they will not be able to login with same password, if longer they will be truncated.

2.Note that conversion to trusted mode is not supported in NIS systems.

3.If you set Password Aging" to "Disabled" under "System Security Policies" before doing the conversion, your passwords won't automatically expire.
4.Backup your /etc/passwd before you do attempt to switch. Back up your file system for later recovery of user files.

5.ALWAYS run pwck prior to converting.

6.Always convert when the system is quite.

How to convert to trusted system

1.It is recommended to covert the system to a trusted system using Sam rather than the command line.
2.Using command it can be converted using tscovert –s
3.Convert to a trusted (secure) system:

Type SAM (in character mode):

#sam
The SAM main menu is displayed.
1.Highlight Auditing and Security.
2.Highlight Audited Events.
The following message is displayed as soon as you click on any of the auditing options for the first time:

a.
You need to convert to a Trusted System before proceeding.

Converting to a Trusted System does the following:

1. Creates a protected database on the system for storing
security information.

2. Moves user passwords in "/etc/password" to this database.

3. Replaces all password fields in "/etc/passwd" with "*".
Do you want to convert to a Trusted System now?

4.Click Yes

The system displays the following message:

Converting to a trusted system....

Successfully converted to a trusted system.

Press OK to continue.


The conversion program does the following:

Verify that the audit files are on your system:
Use swlist -l fileset to list the installed file sets. Look for the file set called SecurityMon which contains the auditing program files. To reduce the listing, you might try

swlist -l fileset | grep Security
In addition, verify that the following files (not specified in SecurityMon) also exist:
/etc/rc.config.d/auditing contains parameters to control auditing. You may modify this file with SAM or by hand.

/sbin/rc2.d/S760auditing is the script that starts auditing. It should not be modified.


After convertion to trusted system
When you change to a trusted system root can choose how many characters of a password are considered. If root changes the default of 8 characters, users may have to reset their passwords (using authorization numbers).

After conversion to a Trusted System, you are ready to use your audit subsystem and run your HP-UX system as a Trusted System. To enable auditing, run SAM and use the “Auditing and Security” window.
You may also enable auditing without running SAM, by manually editing the script in /etc/rc.config.d/auditing.

Next, you must also establish password control by setting the many password options available.

Your system is now converted to a trusted system.

Revert to untrusted system
1.We can easily go back from a trusted system using the command tsconvert –r
2.Recommeded using sam
3.Enter SAM
4.Go to "Auditing and Security".
5.Go to "Audited Events" “Audited System Calls”, and “Audited Users”
6.Choose "Action" --> "Unconvert the system."


Trouble after switching to trusted system

1.If you have applications that make use of /etc/passwd you will have some trouble a guess.
2.Another consideration, and the major headache is AUDITING
3.After switching to trusted mode, auditing is possible, but what is it you would like to audit?
4.Things to consider:

o What type of events will be monitored and what accounts (the more selected the more overhead on the system -- system performance can be a concern!) . There are so many events that can be monitored
o How much space are you will willing to sacrifice with audit logs? Do you plan to let them grow in their default location?
o How much data do you want to save and for how many days? Do you want to save it on tapes for a period of time or would you just discard older logs?

Tips to find out if the system is trusted

1.The tcb directory should exists and /etc/passwd should not show up encoded passwords.
2.A simple way for users to tell if their system has been converted to a Trusted system is to look for the ““last successful/unsuccessful login” message that is displayed by a Trusted System at user login.