Jump to content United States-English
HP.com Home Products and Services Support and Drivers Solutions How to Buy
» Contact HP
More options
HP.com home
HP-UX Reference > E

enable_idds(5)

Tunable Kernel Parameters
OBSOLETED
HP-UX 11i Version 3: February 2007
» 

Technical documentation

» Feedback
Content starts here

 » Table of Contents

 » Index

NAME

enable_idds — enable intrusion detection data source

VALUES

Failsafe

0 (off)

Default

0 (off)

Allowed values

0 (off) or 1 (on)

Recommended values

1 (on) if HP-UX HIDS is installed,

0 (off) otherwise.

DESCRIPTION

Note: From HP-UX 11i Version 3 onwards, the enable_idds tunable is replaced by the dynamic tunable audit_track_paths(5).

If enable_idds is set to 1, then the HP-UX Host Intrusion Detection System (HP-UX HIDS) can enable the collection of kernel data for intrusion detection. This also causes additional things to be tracked by the kernel, resulting in a small degradation in performance (and increase in kernel memory usage), even if HP-UX HIDS is not in use.

Who Is Expected to Change This Tunable?

Anyone using HP-UX HIDS.

Restrictions on Changing

Changes to this tunable take effect at the next reboot.

When Should the Tunable Be Turned On?

This tunable should be turned on if HP-UX HIDS is installed. The installation will automatically turn on enable_idds.

What Are the Side Effects of Turning the Tunable On?

The name of the current working directory (and root directory) of every process is tracked, resulting in a change in memory usage and performance of the system.

When Should the Tunable Be Turned Off?

If HP-UX HIDS is not being used enable_idds should be turned off.

What Are the Side Effects of Turning the Tunable Off?

When turned off, HP-UX HIDS is unable to use any detection template that uses idskerndsp. (See the documentation for HP-UX HIDS for more information on idskerndsp.)

What Other Tunables Should Be Changed at the Same Time?

This tunable is independent of other tunables.

WARNINGS

This tunable has been replaced by audit_track_paths.

All HP-UX kernel tunable parameters are release-specific. This parameter may be removed or have its meaning changed in future releases of HP-UX.

Installation of optional kernel software, from HP or other vendors, may cause changes to tunable parameter values. After installation, some tunable parameters may no longer be at the default or recommended values. For information about the effects of installation on tunable values, consult the documentation for the kernel software being installed. For information about optional kernel software that was factory installed on your system, see HP-UX Release Notes at http://docs.hp.com.

AUTHOR

enable_idds was developed by HP.

SEE ALSO

audit_track_paths(5), ids.cf(5), HP-UX Host Intrusion Detection System Administrator's Guide.

Printable version
Privacy statement Using this site means you accept its terms Feedback to webmaster
© 1983-2007 Hewlett-Packard Development Company, L.P.