Unsolved
This post is more than 5 years old
14 Posts
0
1910
ProSphere Unix Discovery - Security Concerns
With ProSphere 2.x, it looks like many of the security issues that the Unix team had with the discovery of hosts were resolved. The only outstanding issue the unix team has is with putting inq in /tmp/nl_dwd/inq and then executing the program as root (via sudo). To resolve this last issue, can ProSphere be changed to resolve "inq" like the powermt, fcinfo and other commands. If it's already on the system in the executable path, why does it need to be put on the host again and run?
Please look at resolving this issue as we are unable to discover unix hosts until this is resolved.
Thanks.
cincypiper1
27 Posts
0
December 24th, 2013 10:00
For any login to any Unix machine, our enterprise (a bank) uses solutions like PowerBroker, made by BeyondTrust. Direct logins to ANY unix client throughout our enterprise is through Powerbroker.
Unix Host discovery remains a no go for anyone using logins on Unix machines governed by such tools.