View previous topic :: View next topic |
Author |
Message |
martinroll Just Arrived
Joined: 09 Mar 2009 Posts: 0 Location: Ireland
|
Posted: Mon Mar 09, 2009 1:41 pm Post subject: XP Pro running processes without authenticated userid |
|
|
My XP Pro system is behaving very strangely, and I have noticed that it is running many processes without allocated userid's.
Normally all processes have an ID allocated.
Can someone point me somewhere where I can find a fix for this please?
Thanks,
Martin Roll,
Ireland.
|
|
Back to top |
|
|
Fire Ant Trusted SF Member
Joined: 27 Jun 2008 Posts: 3 Location: London
|
Posted: Mon Mar 09, 2009 5:57 pm Post subject: |
|
|
Martin,
All processes run with a security context, its inbuilt within the OS.
Quote: |
many processes without allocated userid's |
What appears in the Username column in task manager? It could be there is a user created on your PC which consists of characters which cannot be displayed and they are being used to run processes. What processes are you seeing being execute with no name?
Matt_s
|
|
Back to top |
|
|
martinroll Just Arrived
Joined: 09 Mar 2009 Posts: 0 Location: Ireland
|
Posted: Mon Mar 09, 2009 6:26 pm Post subject: |
|
|
Thanks for the reply.
I know that everything is supposed to run with a verified context. However, in my experience, what is supposed to happen is not always the case. Normally, all processes on my nachine are showing allocated a valid userid.
I do not have any ID on my system with unprintable characters. I know that it is possible to run processes with null userids, if you know how to, by-passing the normal security validation processes.
It would appear that something is malfunctioning on my system, allowing processes to run without proper authentication. I work as a Mainframe Security Sys prog, and we have default profiles at start-up so that system processes can run. I guess my system is running these processes under some default or anonymous id.
I am concerned that my system is exposed if the logon procedures have become compromised in someway.
The processes that run without ID's vary from start-up to start-up, as does the sequence of my startup programs...
|
|
Back to top |
|
|
Fire Ant Trusted SF Member
Joined: 27 Jun 2008 Posts: 3 Location: London
|
Posted: Mon Mar 09, 2009 6:38 pm Post subject: |
|
|
Have you tried another tool such as pslist?
|
|
Back to top |
|
|
martinroll Just Arrived
Joined: 09 Mar 2009 Posts: 0 Location: Ireland
|
Posted: Mon Mar 09, 2009 7:39 pm Post subject: |
|
|
OK. What would appear to be happening, is that during my system startup, process are starting up but not being authenticated immediately.
I guess that they just sit and wait for the authentication to complete, which could explain why my system keeps haging.
I've tried using various utilities to control my startup sequence, but nothing seems to do the job.
Do you have any suggestions for utilities that can make sure that the startup sequence always runs the same way? I'm used to SYSTEM tasks starting up before a user can logon, but my system seems to allow logon almost straight away, before the system is properly initialized.
|
|
Back to top |
|
|
|