What - AIX itself.
How:
- put OpenSSH on it (download from bullfreeware.com; comes with latest AIX
versions)
- disable all unnecessary and plain-text authentication services
(including telnet and ftp - use ssh and scp instead)
- use built-in IP filtering (don't make way too many filters, IP filtering
is CPU consuming and may slow down your TCP/TSM sessions). "enable tsm;
enable ssh; disable all" is good enough.
- start the server as ordinary user (just recently discussed again on the
list)
- (optional) if you cannot live without Web-admin interface - install TSM
Secure Web Proxy over the same box
Zlatko Krastev
IT Consultant
"Gill, Geoffrey L." <[EMAIL PROTECTED]>
Sent by: "ADSM: Dist Stor Manager" <[EMAIL PROTECTED]>
29.05.2003 07:06
Please respond to "ADSM: Dist Stor Manager"
To: [EMAIL PROTECTED]
cc:
Subject: Possibly off topic
I am wondering if some of the AIX folks can help with this. It's a bit off
topic but is related to a TSM server nonetheless.
If a TSM server running on AIX, is in the DMZ, what might someone use to
"harden it" if you will. What software packages are available to help keep
out intruders?
Thanks,
Geoff Gill
TSM Administrator
NT Systems Support Engineer
SAIC
E-Mail: [EMAIL PROTECTED]
Phone: (858) 826-4062
Pager: (877) 905-7154
