HPE Community
Operating System - HP-UX
1834150 Members
2059 Online
110064 Solutions
New Discussion

Forbidden process found

 
SOLVED
Go to solution
Jagadeshin
Occasional Contributor

‎11-02-2004 01:47 AM

‎11-02-2004 01:47 AM

Forbidden process found

Forbidden process found: A system-owned process that is defined as Forbidden in the Services template is running on the agent. You should terminate the process because it may be causing security problems or damaging your system.

I am getting the following error from the ESM (Enterprise Security Manager). How can i rectiy the same?
0 Kudos
Reply
3 REPLIES 3
Jeff Schussele
Honored Contributor

‎11-02-2004 02:01 AM

‎11-02-2004 02:01 AM

Re: Forbidden process found

Hi,

Well I would *first* determine just what the process is. The default ESM template can be a little overboard IMHO.
I would hope the ESM message would tell you just what the process is - at least by PID.
Then if you determine that indeed it should not be running then kill it. But you also need to determine how/why it started so that it won't just restart immediately or on next boot.

Rgds,
Jeff
PERSEVERANCE -- Remember, whatever does not kill you only makes you stronger!
0 Kudos
Reply
Jagadeshin
Occasional Contributor

‎11-02-2004 02:10 AM

‎11-02-2004 02:10 AM

Re: Forbidden process found

Sorry for not mentioning the process name. The process name is chargen.
0 Kudos
Reply
Steve Steel
Honored Contributor

‎11-02-2004 02:20 AM

‎11-02-2004 02:20 AM

Solution

Re: Forbidden process found

Hi

see

http://www.giac.org/practical/Andrew_Scheible_GSEC.doc

http://www.giac.org/practical/Gus_Fritschie_GCUX.doc

Ask Tivoli

Steve Steel
If you want truly to understand something, try to change it. (Kurt Lewin)
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.