Simpler Navigation coming for Servers and Operating Systems
Coming soon: a much simpler Servers and Operating Systems section of the Community. We will combine many of the older boards, and you won't have to click through so many levels to get at the information you need. If you are looking for an older board and do not find it, check the consolidated boards, as the posts are still there.
Security
cancel
Showing results for 
Search instead for 
Did you mean: 

IT security forbidden processes

vijay alur alur
Frequent Advisor

IT security forbidden processes

Hello All,

 

We have a list of processes provided by IT Security that are forbidden to be run on HPUX servers. I want to have a close look at it and check if they really needs to be stopped from running OR there are some process that are mandatory from application view point or OS view point.

 

Below are the processes.

 

auth
bootps
chargen
discard
dtspc
echo
exec

login

ntalk
printer
shell
tftp

 

 

Lead Engineer, IMS.
iGATE
4 REPLIES
Laurent Menase
Honored Contributor

Re: IT security forbidden processes

Hello,

Indeed depends on the application used on that system.

 

auth    -> used by MC/SG, sendmail, but may be configuration may avoid that use
bootps  -> if the no other system boot getting config from that system, no need (

   so if your system is not an ignite server should not be useful
chargen  -> depends on applications , system itself doesn't need it
discard    -> depends on applications, system itself doesn't need it, but often useful for test purpose

                   MC/SG packages could use it
dtspc    -> needed if you use DCE
echo     ->  depends on application, but usually very useful for test purpose

                  MC/SG packages could use it
exec

               -> no rexec possible, doens't look like to be mandatory

login

               -> no rlogin possible, it is a choice, need to check application don't use it

 

ntalk

              -> ntalk, doesn't looks like to be that useful


printer

            -> remote print ,
shell

           -> remsh, may be avoided, but may need to check scripts which need to  use it ignite? MC/SG?
tftp

          -> used with bootp to get the kernel from the server, so if not an ignite server should be ok.

 

 

Now all this is just a first quick look, a real assesment should be made.

Steven Schweda
Honored Contributor

Re: IT security forbidden processes

 
Highlighted
vijay alur alur
Frequent Advisor

Re: IT security forbidden processes

Thanks for replying!!

Lead Engineer, IMS.
iGATE
Emil Velez_2
Trusted Contributor

Re: IT security forbidden processes

all of these are started by inetd

comment out the services in /etc/inetd.cond and execute

inetd -c. to rearead the file

Emil Velez
Instructor Storage, Servers, HP-UX and Partner Courses
Hewlett Packard Enterprise Education Services
Ask me about training on StoreServ (3PAR) StoreOnce, StoreEasy, StoreAll, StoreVirtual, HP-UX, ServiceGuard and HPE Partner Ready Certification Training

internet: Emil.Velez@hpe.com
Linkedin: http://www.linkedin.com/in/emilvelez

HPE Master ASE Server Solutions Architect V3
HPE Master ASE Storage Solutions Architect V2
HP UNIX Certified (ASE HPUX 11iv3 Administration V1)
Certified HPE Instructor
HPE Product Certified - OneView [2016]
HP Sales Certified -Servers, Converged Systems and Services [2015]
HPE Product Certified - Converged Solutions [2017]