HPE GreenLake Administration
- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- How to tell if Zombie agents are running - Is ther...
Operating System - HP-UX
1830250
Members
2831
Online
110000
Solutions
Forums
Categories
Company
Local Language
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Go to solution
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-19-2001 08:51 AM
10-19-2001 08:51 AM
Hi All,
After the 9/11 incident, I am being told to check all my HP-UX 11.0 and 11i servers for zombie agents' software.
Can someone enlighten me here? Also does anyone have a security script that checks for
any bad things happening and then emails you
a message if it finds problems?
We use bourne script. But I need to increase
the sercurity of my boxes and I think having
cron run some security scripts would be the way
to go?
Any idea's...
Laurie
After the 9/11 incident, I am being told to check all my HP-UX 11.0 and 11i servers for zombie agents' software.
Can someone enlighten me here? Also does anyone have a security script that checks for
any bad things happening and then emails you
a message if it finds problems?
We use bourne script. But I need to increase
the sercurity of my boxes and I think having
cron run some security scripts would be the way
to go?
Any idea's...
Laurie
Happiness is a choice
Solved! Go to Solution.
6 REPLIES 6
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-19-2001 08:56 AM
10-19-2001 08:56 AM
Solution
You might want to get a left handed wind shifter also. Someone is pulling your leg, so you might want to kick back. Tell them you need to reinstall the entire OS, and that the machines will be unavailable for two weeks and see how they react to that :-))
TO secure your servers, look at this:
http://people.hp.se/stevesk/bastion11.html
TO secure your servers, look at this:
http://people.hp.se/stevesk/bastion11.html
Live Free or Die
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-19-2001 08:57 AM
10-19-2001 08:57 AM
Re: How to tell if Zombie agents are running - Is there a script?
Hello
run top command , that will show you how many zombie proecess are running.
U can also try ps -ef | grep defunct
Good luck..
-USA..
run top command , that will show you how many zombie proecess are running.
U can also try ps -ef | grep defunct
Good luck..
-USA..
Good Luck..
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-19-2001 09:26 AM
10-19-2001 09:26 AM
Re: How to tell if Zombie agents are running - Is there a script?
Hi Laurie:
I think you will find this link is full of useful pointers:
http://www.hp.com/products1/unix/operating/hpux11i/alwayssecure.html
Included there is the whitepaper "Building a Bastion Host Using HP-UX 11":
http://www.hp.com/products1/unix/operating/hpux11i/infolibrary/building_a_bastion_host.pdf
Regards!
...JRF...
I think you will find this link is full of useful pointers:
http://www.hp.com/products1/unix/operating/hpux11i/alwayssecure.html
Included there is the whitepaper "Building a Bastion Host Using HP-UX 11":
http://www.hp.com/products1/unix/operating/hpux11i/infolibrary/building_a_bastion_host.pdf
Regards!
...JRF...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-19-2001 09:33 AM
10-19-2001 09:33 AM
Re: How to tell if Zombie agents are running - Is there a script?
Hi Laurie,
I think someone may be confused in what they're telling you to look for (zombie agents' software?). It is good to be concerned with security, especially if your server is connected to the Internet. Even so, many security breaches come from within the organization. The rule of thumb is to only run the services you really need. That's the idea of a bastion host. Check out Harry's link and you may want to search hp.com (http://search.hp.com/ since the forums search hasn't been working well) for bastion or security. There's other threads in the forums you'll find interesting and helpful.
Darrell
I think someone may be confused in what they're telling you to look for (zombie agents' software?). It is good to be concerned with security, especially if your server is connected to the Internet. Even so, many security breaches come from within the organization. The rule of thumb is to only run the services you really need. That's the idea of a bastion host. Check out Harry's link and you may want to search hp.com (http://search.hp.com/ since the forums search hasn't been working well) for bastion or security. There's other threads in the forums you'll find interesting and helpful.
Darrell
"What, Me Worry?" - Alfred E. Neuman (Mad Magazine)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-19-2001 10:29 AM
10-19-2001 10:29 AM
Re: How to tell if Zombie agents are running - Is there a script?
Hello Laurie,
a "zombie" is a process in state "" (using "ps -ef") or "Z" (using "ps -el"). So you will catch them with
ps -ef | grep ""
But "zombie agent"? Real zombies are pretty bad agents - too slow, too stupid, and they do rot away pretty fast in a warm climate :-)
BTW, "zombie" is a perfectly natural state for EACH AND EVERY process at the end of its life: when a process dies (for whatever reason) it sends the signal "DEATH-OF-A-CHILD" to its parent process. Until the parent receives it, the process stays in mode "zombie". After the parent has received that signal, the "zombie" vanishes. A "zombie" being visible for some time is to be considered a bug, and can most often only be cured by rebooting... (sometimes sending a "kill -11" or "kill -14" helps).
Read some book about UN*X internals about the details.
Just my $0.02,
Wodisch
a "zombie" is a process in state "
ps -ef | grep "
But "zombie agent"? Real zombies are pretty bad agents - too slow, too stupid, and they do rot away pretty fast in a warm climate :-)
BTW, "zombie" is a perfectly natural state for EACH AND EVERY process at the end of its life: when a process dies (for whatever reason) it sends the signal "DEATH-OF-A-CHILD" to its parent process. Until the parent receives it, the process stays in mode "zombie". After the parent has received that signal, the "zombie" vanishes. A "zombie" being visible for some time is to be considered a bug, and can most often only be cured by rebooting... (sometimes sending a "kill -11" or "kill -14" helps).
Read some book about UN*X internals about the details.
Just my $0.02,
Wodisch
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-19-2001 10:55 AM
10-19-2001 10:55 AM
Re: How to tell if Zombie agents are running - Is there a script?
Hi Laurie:
I think we may be suffering under a nomenclature problem here. I don't think your guys were talking about Zombie processes but rather programs which might 'wake up' and do terrible things. Viruses, worms, Trojan Horses, ... . These are not usually a problem on UNIX boxes but that doesn't mean that they might not be. You can start getting a handle on the security issues by subscribing to the HP Security Bulletins. Go to the ITRC->Maintenance & Support->Support Information Digests. There you can select security bulletins as well as patch notifications.
Clay
I think we may be suffering under a nomenclature problem here. I don't think your guys were talking about Zombie processes but rather programs which might 'wake up' and do terrible things. Viruses, worms, Trojan Horses, ... . These are not usually a problem on UNIX boxes but that doesn't mean that they might not be. You can start getting a handle on the security issues by subscribing to the HP Security Bulletins. Go to the ITRC->Maintenance & Support->Support Information Digests. There you can select security bulletins as well as patch notifications.
Clay
If it ain't broke, I can fix that.
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
Company
Events and news
Customer resources
© Copyright 2025 Hewlett Packard Enterprise Development LP