Re: IT security forbidden processes (333 Views)
Reply
Frequent Advisor
vijay alur alur
Posts: 64
Registered: ‎03-15-2009
Message 1 of 5 (337 Views)

IT security forbidden processes

Hello All,

 

We have a list of processes provided by IT Security that are forbidden to be run on HPUX servers. I want to have a close look at it and check if they really needs to be stopped from running OR there are some process that are mandatory from application view point or OS view point.

 

Below are the processes.

 

auth
bootps
chargen
discard
dtspc
echo
exec

login

ntalk
printer
shell
tftp

 

 

Lead Engineer, IMS.
iGATE
Honored Contributor
Laurent Menase
Posts: 1,079
Registered: ‎11-06-2003
Message 2 of 5 (333 Views)

Re: IT security forbidden processes

Hello,

Indeed depends on the application used on that system.

 

auth    -> used by MC/SG, sendmail, but may be configuration may avoid that use
bootps  -> if the no other system boot getting config from that system, no need (

   so if your system is not an ignite server should not be useful
chargen  -> depends on applications , system itself doesn't need it
discard    -> depends on applications, system itself doesn't need it, but often useful for test purpose

                   MC/SG packages could use it
dtspc    -> needed if you use DCE
echo     ->  depends on application, but usually very useful for test purpose

                  MC/SG packages could use it
exec

               -> no rexec possible, doens't look like to be mandatory

login

               -> no rlogin possible, it is a choice, need to check application don't use it

 

ntalk

              -> ntalk, doesn't looks like to be that useful


printer

            -> remote print ,
shell

           -> remsh, may be avoided, but may need to check scripts which need to  use it ignite? MC/SG?
tftp

          -> used with bootp to get the kernel from the server, so if not an ignite server should be ok.

 

 

Now all this is just a first quick look, a real assesment should be made.

Honored Contributor
Steven Schweda
Posts: 9,090
Registered: ‎02-23-2005
Message 3 of 5 (325 Views)

Re: IT security forbidden processes

Frequent Advisor
vijay alur alur
Posts: 64
Registered: ‎03-15-2009
Message 4 of 5 (268 Views)

Re: IT security forbidden processes

Thanks for replying!!

Lead Engineer, IMS.
iGATE
Trusted Contributor
Emil Velez_2
Posts: 125
Registered: ‎01-15-2002
Message 5 of 5 (252 Views)

Re: IT security forbidden processes

all of these are started by inetd

comment out the services in /etc/inetd.cond and execute

inetd -c. to rearead the file

Emil Velez
HP UNIX Certified (CSA, CSE HPUX 11i High Availability) HP Software (Openview) Certified Consultant
Certified HP Instructor, Technical Certified I and II SMB and Enterprise
Master ASE Superdome Solutins

HP Education Services

Ask me about training on Blades, Proliant, HP-UX, ServiceGuard, Polyserve, X9000, Virtual Libraries, and High Availability

internet: Emil.Velez@hp.com
Linkedin: http://www.linkedin.com/in/emilvelez

The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.