IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [process]

76 questions
18
votes
4 answers

How to find processes that are hidden from task manager

I have read that you can hide processes from the task manager, example here I've seen a few posts on hidden keyloggers using rootkit but that's it really. Is there a tool or way to look at processes being run even though they have been hidden?
Arlix
  • 1,459
  • 3
  • 13
  • 22
15
votes
2 answers

Are there any architectures currently out there that use hardware-enforced process isolation? What would it take to add that to x86?

First-time asker/commenter, long-time reader. As someone who's currently doing a lot of thinking & writing about measures that might foundationally improve computer security (ie., involving not just the kind of evolutionary, fairly modest steps that…
halfinformed
  • 153
  • 4
8
votes
1 answer

Do command substitution and piping prevent prying eyes from seeing hashed password being passed from process A to B?

This is loosely related to one of my recent answers. I've listed 4 methods of adding a new user via mkpasswd and useradd combination on Ubuntu 16.04. Command substitution: sudo -p ">" useradd -m -s /bin/bash -p $(mkpasswd --hash=SHA-512 "123" )…
Sergiy Kolodyazhnyy
  • 519
  • 5
  • 17
6
votes
2 answers

How to handle decomissioned/donated/RMAed printers?

Printers, nowadays, almost always include some form of non-volatile storage that keep tracks of pretty much everything that went through the device. In the case of larger, "departmental" system that often combine print/scan/fax functionality, that…
Stephane
  • 18,557
  • 3
  • 61
  • 70
6
votes
2 answers

Is there a way to check for "hollow" processes, or malware hidden within "normal" processes

I recently came across an article on the The Verge, which centers around the concept of commercial malware production and how it's used around the world. The article introduced me to a number of interesting (and worrisome) concepts such as "process…
posdef
  • 161
  • 3
6
votes
2 answers

Securing a process from local users

We require a method to run a process on a users machine whereby a local user cannot kill this process (from task manager or otherwise). Is there a way to make this application a system process or make it un-killable. I have gone through all the…
Sachin Aggarwal
  • 161
  • 3
6
votes
3 answers

Secure TCP traffic for inter process communication

I have several processes running on a system that interact with each other by TCP (eg. with the asynchronous messaging protocol by twisted). process1 <=====> broker <=====> process2 There is one server instance (broker) running on a linux host,…
Ovomaltine
  • 63
  • 1
  • 4
6
votes
1 answer

How exactly do "hidden" processes work

How can a process be hidden inside another one? Is the process moved into another process and turned into a thread with it's own run loop? How exactly does a process get moved? I see this Metasploit command, migrate PID which seems to do this. I…
some_id
  • 385
  • 2
  • 14
5
votes
1 answer

How do Software Development Processes, OWASP CLASP & MS SDL, and Security Standards fit together?

How do these three concepts fit together: The Software Development Process (SDP) indicates the different phases of creating an application. Well known processes are waterfall, spiral, agile, extreme programming, etc. OWASP Clasp and Microsoft SDL…
daniel f.
  • 281
  • 1
  • 6
5
votes
4 answers

What is the most secure way of transferring a secret between 2 processes running on the same system?

As a part of my system, I have many processes, each of them created through a script. One of the processes can be considered as a "Master Process" in the sense that this process communicates with the Server and gets all configuration and key related…
Jay
  • 525
  • 6
  • 15
5
votes
2 answers

Is it possible for unprivileged user to modify/inject into other user's (root) process?

Although I'm not any kind of kernel specialist and I do not program in languages like C/C++ and thus I do not have deep understanding of critical concepts of managing processes at OS level I do have feeling that processes / daemons / socket…
Miloš Đakonović
  • 153
  • 6
5
votes
1 answer

What remote forensic technique could be used to discover a malware running via process injection

A piece of malware is running on a Windows 7 machine via process injection, so it does not show up in a process list. What remote forensic technique could be used to discover the malware is running under the contents of a specific process?
Whatever you want
  • 59
  • 1
  • 2
4
votes
1 answer

How to determine which program accessed the Mac Camera?

The green light on my laptop's camera just flashed on and then off after 1 second. I am extremely concerned about this since I am not running any programs which could have enabled the camera. I checked Console.app and found only…
Kevin Burke
  • 96
  • 1
  • 2
  • 10
4
votes
4 answers

Identify Malicious/Suscipicous Processes from Process List

I have a list of 1000 processes and I want to identify which of them are legitimate and which are not. I only have the name of the processes and I want to categorize them. Is there any way to get information of those processes programmatically? If…
rise of a phoenix
  • 53
  • 1
  • 1
  • 6
4
votes
1 answer

Privileges separation over parent/children processes on UNIX systems?

I was scrolling through a Google Research paper related to privileges separation and I felt lost while reading this : In Unix, every process runs within its own protection domain, i.e., the operating system protects the address space of a…
Shruikan
  • 53
  • 5
1
2 3 4 5 6