Skip navigation
1123 Views 2 Replies Latest reply: May 4, 2012 10:30 AM by AlbertRudolf RSS
AlbertRudolf Level 2 109 posts since
Nov 25, 2010
Currently Being Moderated

Apr 23, 2012 7:51 AM

UNIX process name

Greetings,

 

When performing trusted scands and compliance scnas, what is the name of the process Qualys starts withing Unix computers?

 

Thank you!

  • Jason Creech Level 3 124 posts since
    May 28, 2010
    Currently Being Moderated
    May 1, 2012 11:54 AM (in response to AlbertRudolf)
    UNIX process name

    Hi Albert,

     

    There is not one process name that is started. 

     

    When we connect for a compliance scan, we establish an SSH session using the credentials specified in the Auth record and confirm we have acheived a root shell (UID=0).

     

    From that point forward, we run many different commands and scripts to gather configuration data.  So, there is not one process name to list but possibly hundreds of different activities.

     

    For example, on RedHat, PC scans run commands like:

     

    awk cat cut echo egrep find grep id ls sed tr last sort uniq sysctl ps

     

    Note that this is not a comprehensive list as we are continually adding new control coverage and will run additional command often several times with different parameter settings.

     

    During a scan we will also create temporary files in /tmp with random names to seperate stout/sterr channels and serve as a holding area.

     

    Let me know if this helps,

     

    Best regards,

     

    Jason Creech

    Qualys

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 6 points