Security
Showing results for 
Search instead for 
Do you mean 

IT security forbidden processes

Frequent Advisor

IT security forbidden processes

Hello All,

 

We have a list of processes provided by IT Security that are forbidden to be run on HPUX servers. I want to have a close look at it and check if they really needs to be stopped from running OR there are some process that are mandatory from application view point or OS view point.

 

Below are the processes.

 

auth
bootps
chargen
discard
dtspc
echo
exec

login

ntalk
printer
shell
tftp

 

 

Lead Engineer, IMS.
iGATE
4 REPLIES
Honored Contributor Honored Contributor

Re: IT security forbidden processes

Hello,

Indeed depends on the application used on that system.

 

auth    -> used by MC/SG, sendmail, but may be configuration may avoid that use
bootps  -> if the no other system boot getting config from that system, no need (

   so if your system is not an ignite server should not be useful
chargen  -> depends on applications , system itself doesn't need it
discard    -> depends on applications, system itself doesn't need it, but often useful for test purpose

                   MC/SG packages could use it
dtspc    -> needed if you use DCE
echo     ->  depends on application, but usually very useful for test purpose

                  MC/SG packages could use it
exec

               -> no rexec possible, doens't look like to be mandatory

login

               -> no rlogin possible, it is a choice, need to check application don't use it

 

ntalk

              -> ntalk, doesn't looks like to be that useful


printer

            -> remote print ,
shell

           -> remsh, may be avoided, but may need to check scripts which need to  use it ignite? MC/SG?
tftp

          -> used with bootp to get the kernel from the server, so if not an ignite server should be ok.

 

 

Now all this is just a first quick look, a real assesment should be made.

Honored Contributor Honored Contributor

Re: IT security forbidden processes

 
Frequent Advisor

Re: IT security forbidden processes

Thanks for replying!!

Lead Engineer, IMS.
iGATE
Trusted Contributor

Re: IT security forbidden processes

all of these are started by inetd

comment out the services in /etc/inetd.cond and execute

inetd -c. to rearead the file

Emil Velez
HP UNIX Certified ATP ASE HPUX
Certified HP Instructor, ATP and ASE Server Solutions
ATP Storage

Master ASE Superdome Solutins



HP Education Services

Ask me about training on HP-UX, Proliant, ServiceGuard, StoreAll, StoreOnce, StoreServ, StoreEasy and High Availability

internet: Emil.Velez@hp.com
Linkedin: http://www.linkedin.com/in/emilvelez