IT security forbidden processes (435 Views)
Reply
Highlighted
Frequent Advisor
Posts: 64
Registered: ‎03-15-2009
Message 1 of 5 (435 Views)

IT security forbidden processes

Hello All,

 

We have a list of processes provided by IT Security that are forbidden to be run on HPUX servers. I want to have a close look at it and check if they really needs to be stopped from running OR there are some process that are mandatory from application view point or OS view point.

 

Below are the processes.

 

auth
bootps
chargen
discard
dtspc
echo
exec

login

ntalk
printer
shell
tftp

 

 

Lead Engineer, IMS.
iGATE
Honored Contributor
Posts: 1,080
Registered: ‎11-06-2003
Message 2 of 5 (431 Views)

Re: IT security forbidden processes

Hello,

Indeed depends on the application used on that system.

 

auth    -> used by MC/SG, sendmail, but may be configuration may avoid that use
bootps  -> if the no other system boot getting config from that system, no need (

   so if your system is not an ignite server should not be useful
chargen  -> depends on applications , system itself doesn't need it
discard    -> depends on applications, system itself doesn't need it, but often useful for test purpose

                   MC/SG packages could use it
dtspc    -> needed if you use DCE
echo     ->  depends on application, but usually very useful for test purpose

                  MC/SG packages could use it
exec

               -> no rexec possible, doens't look like to be mandatory

login

               -> no rlogin possible, it is a choice, need to check application don't use it

 

ntalk

              -> ntalk, doesn't looks like to be that useful


printer

            -> remote print ,
shell

           -> remsh, may be avoided, but may need to check scripts which need to  use it ignite? MC/SG?
tftp

          -> used with bootp to get the kernel from the server, so if not an ignite server should be ok.

 

 

Now all this is just a first quick look, a real assesment should be made.

Honored Contributor
Posts: 9,144
Registered: ‎02-23-2005
Message 3 of 5 (423 Views)

Re: IT security forbidden processes

Frequent Advisor
Posts: 64
Registered: ‎03-15-2009
Message 4 of 5 (366 Views)

Re: IT security forbidden processes

Thanks for replying!!

Lead Engineer, IMS.
iGATE
Trusted Contributor
Posts: 134
Registered: ‎01-15-2002
Message 5 of 5 (350 Views)

Re: IT security forbidden processes

all of these are started by inetd

comment out the services in /etc/inetd.cond and execute

inetd -c. to rearead the file

Emil Velez
HP UNIX Certified ATP ASE HPUX
Certified HP Instructor, ATP and ASE Server Solutions
ATP Storage

Master ASE Superdome Solutins



HP Education Services

Ask me about training on HP-UX, Proliant, ServiceGuard, StoreAll, StoreOnce, StoreServ, StoreEasy and High Availability

internet: Emil.Velez@hp.com
Linkedin: http://www.linkedin.com/in/emilvelez

The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.