- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- IT security forbidden processes
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-30-2012 04:28 AM
11-30-2012 04:28 AM
IT security forbidden processes
Hello All,
We have a list of processes provided by IT Security that are forbidden to be run on HPUX servers. I want to have a close look at it and check if they really needs to be stopped from running OR there are some process that are mandatory from application view point or OS view point.
Below are the processes.
auth
bootps
chargen
discard
dtspc
echo
exec
login
ntalk
printer
shell
tftp
iGATE
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-30-2012 04:53 AM
11-30-2012 04:53 AM
Re: IT security forbidden processes
Hello,
Indeed depends on the application used on that system.
auth -> used by MC/SG, sendmail, but may be configuration may avoid that use
bootps -> if the no other system boot getting config from that system, no need (
so if your system is not an ignite server should not be useful
chargen -> depends on applications , system itself doesn't need it
discard -> depends on applications, system itself doesn't need it, but often useful for test purpose
MC/SG packages could use it
dtspc -> needed if you use DCE
echo -> depends on application, but usually very useful for test purpose
MC/SG packages could use it
exec
-> no rexec possible, doens't look like to be mandatory
login
-> no rlogin possible, it is a choice, need to check application don't use it
ntalk
-> ntalk, doesn't looks like to be that useful
printer
-> remote print ,
shell
-> remsh, may be avoided, but may need to check scripts which need to use it ignite? MC/SG?
tftp
-> used with bootp to get the kernel from the server, so if not an ignite server should be ok.
Now all this is just a first quick look, a real assesment should be made.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-30-2012 07:04 AM
11-30-2012 07:04 AM
Re: IT security forbidden processes
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-13-2013 01:58 PM
04-13-2013 01:58 PM
Re: IT security forbidden processes
Thanks for replying!!
iGATE
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-18-2013 02:39 PM
05-18-2013 02:39 PM
Re: IT security forbidden processes
comment out the services in /etc/inetd.cond and execute
inetd -c. to rearead the file
Instructor Storage, Servers, HP-UX and Partner Courses
Hewlett Packard Enterprise Education Services
Ask me about training on StoreServ (3PAR) StoreOnce, StoreEasy, StoreAll, StoreVirtual, HP-UX, ServiceGuard and HPE Partner Ready Certification Training
internet: Linkedin: http://www.linkedin.com/in/emilvelez
HPE Master ASE Server Solutions Architect V3
HPE Master ASE Storage Solutions Architect V2
HP UNIX Certified (ASE HPUX 11iv3 Administration V1)
Certified HPE Instructor
HPE Product Certified - OneView [2016]
HP Sales Certified -Servers, Converged Systems and Services [2015]
HPE Product Certified - Converged Solutions [2017]