Network Integrity with zones on solaris 10
Updated: 21 May 2010 | 4 comments
This issue has been solved. See solution.
Hi,
I have a probleme to find which process listen on TCP or UDP port.
ESM return port XXXXX is listen but "process unknown"
the process is running in non-global zone on solaris 10.
however when I run lsof on global zone, it works! I can get the process name but ESM can't!
Why ESM can't get the process name?
thanks
Bruthe
discussion Filed Under:
Comments
If you are running an AIX
If you are running an AIX 4.x computer that runs lsof binaries, this check
Ref pg 81 : http://securityresponse.symantec.com/avcenter/security/ESM/2008.03.05/su29_rn.pdf
VMWARE-- SEP 12.1 vs McAfee vs Trend Micro
Hi, Your "Reference" is
Hi,
Your "Reference" is completly irrevelant:
- first, we are in SU38 not in SU 23
- in pg 81, the check is "forbidden TCP (or UDP) Listenning port", my problem is with the check "TCP (or UDP) Listenning port" (not forbidden)
- your reference is for AIX, my problem is on Solaris 10 !
Bruthe
Hi, more informations: the
Hi,
more informations:
the check "listening TCP port" of module Network Integrity isn't able to find the process name for one port, the result is like this
The named port is listening 9521 TCP Owning process: unknown; zone: global
But the check "Modified listening TCP ports" of module Network Integrity is able to find the name of process for the same port, the result is like this:
Modified listening TCP port 9521 TCP processname changed to k***t from k********0
these 2 check are running in same time from the same module and the same policy.
Why the first check can't fin the name of the process???
Thanks
Bruthe
Hi Ok my problem is
Hi
Ok my problem is solved
this is just the version version of lsof
Bruthe
Would you like to reply?
Login or Register to post your comment.