HP30003k Associates LogoHP3000/HP 3000 FAQ

Last Updated: Thursday, February 01, 2007 02:38 PM

HP3000 FAQ
MPE/V

HPe3000 FAQ
MPE/XL

HP 3000 FAQ
MPE/iX

HP3000 Security Issues

7.2.1. Physical HP3000 System Security

7.2.1.1. System Console access

CB

Access to a logged on system console gives the perpetrator access to all the capabilities and data that the owner of the logon has. Many shops often leave the console logged on as OPERATOR.SYS (or equivalent) OP capability user. For this reason alone, securing physical access to the system console is important.

Anyone with physical access to the "logical" system console (which need not be ldev 20 -- the logical console can be pointed to any physical terminal or logged on network session) can at a minimum shut down the system. =SHUTDOWN cannot be disabled via the logical console.

Anyone with physical access to the "physical" system console device has access (by hitting control-B) to the ISL prompt on MPE/iX PA-RISC HP3000s. Shutting down or restarting the system, as well as other destructive tasks can be accomplished.

7.2.1.2. System backup media access

CB

Anyone with physical access to an HP3000 system backup tape can at a minimum display/access the stored data on the tape. If the system contains confidential, classified, or sensitive data, the backup tapes must be treated the same. In addition, while a normal system user may have only restricted access to data on the system, someone with access to backup media can access/view ALL data on the system.

Finally, if the system backup used the ";DIRECTORY" parameter, all system accounts, users, groups, AND their passwords are accessible by reading the proper area of the tape. Directory password data on backup media is NOT encrypted in any way.

7.2.1.3. Server front panel access

CB

Anyone with physical access to the HP3000 front panel can physically interrupt power to the system -- which can be a data-damaging incident to a running system. In addition any backup media left in accessible tape drives is accessible.

7.2.1.4. System network drop/upstream access

CB

HP3000s do not encrypt their network traffic (no SSH terminal access is available); so a packet sniffer or similar network tap device on the same subnet as the HP3000 will be able to view all data coming from or going to the HP3000. All commands/responses and logon information will be viewable (it is NOT encrypted in any way).

7.2.2. System access/software Security

7.2.2.1. Checklist of items to secure on your system

Biggies to look for when securing your system:

Security DOs:

  • Get a demo of VEAudit from VESoft! It gives you an excellent starting point for an audit of your system.
  • Get rid of those "always installed" HP accounts that aren't used or that you don't have the products for (CONV/HPPL8#/RJE/etc.)
  • Put your OWN passwords (or better yet RANDOM passwords) on all the third party software accounts on your system (get the freeware RNDPASS program from the public domain software area on www.3kassociates.com to assist you in randomizing passwords for accounts, users, and groups)
  • Identify EVERY user on your system that has SM, PM, and OP capability. Do they REALLY need it?
  • Watch out for "GOD" programs that may be hiding on your system
  • Watch out for "ALLOWALL" utilities that may be in various utility accounts or groups
  • If you use any kind of network access to your 3000, setup an option logon UDC that logs the source IP address and node name to the system console
  • If possible, enforce minimum lengths and formats for passwords (no letter repeated more than once; at least one number; etc.)
  • If possible, keep password histories and don't let users change their password right back to what they have "used for years..."
  • Allow users to change their own passwords (subject to restrictions above)
  • Require users to change their own passwords at least every 30...90 days

Security DON'Ts:

  • User's DON'T need OP capability to manage printers!
  • Don't globally ALLOW commands to all your users (or wide groups of users)
  • Don't give end users access to the colon (:) prompt! It makes their job and yours harder. Setup menus.
  • Don't leave modems connected to your system and unsecured. At least implement device-level (additional!) passwords. Best to leave them DOWNed or unplugged unless needed.
  • Don't use the MANAGER.SYS logon. Put a random password on it and assign users that need SM access their own (traceable!) logons with SM capability. And home then into groups OTHER than PUB.SYS!

7.2.2.2. Security Packages

See http://www.3kassociates.com in the vendor directory (by category; security software)

Back to FAQ Index Back to 3k Home Page
 
HP3000-L FAQ Collection (c) 3k Associates, Inc. 1996-2006