I'm nt a security expert, either, but have been dealing with it for some years now. Generally I want listening services to be auditable and/or loggable. I want them to run with the least privileges possible. And for something sensitive like this where arbitrary files on the system can be modified, I want it to require authentication, encryption, and be programmed defensively so the mechanisms in place are harder to subvert. rsh/rexec/rcp were generally horrible in regards to these, but they were born in a day when everyone on the (much smaller) Internet was friends for the most part. Do these constraints apply to this service? You may not know, and that's fine. But I can see where Ricardo is coming from. I'd also ask, were I doing an audit, why this was employed, as opposed to Windows intrinsic mechanisms or something like ssh/scp/sftp? Corey Clingo BASF From: "Johnson, Alex P (IOM)" <Alex.Johnson@xxxxxxxxxxxx> To: "foxboro@xxxxxxxxxxxxx" <foxboro@xxxxxxxxxxxxx> Date: 06/11/2012 10:57 PM Subject: Re: [foxboro] FRSExec Sent by: foxboro-bounce@xxxxxxxxxxxxx It's a service used by several applications, e.g., IACC and FoxCTS to move files. In some ways, it replaced the rsh/rexec/rcp services under Solaris. The security guys haven't complained about it, but I'm not an expert. Regards, Alex Johnson Invensys Operations Management 10900 Equity Drive Houston, TX 77041 +1 713 329 8472 (desk) +1 713 329 1600 (operator) +1 713 329 1700 (Central Fax) alex.johnson@xxxxxxxxxxxx -----Original Message----- From: foxboro-bounce@xxxxxxxxxxxxx [mailto:foxboro-bounce@xxxxxxxxxxxxx] On Behalf Of Ricardo Abech Sent: Monday, June 11, 2012 10:13 PM To: foxboro@xxxxxxxxxxxxx Subject: [foxboro] FRSExec Hi Folks, Any idea what is the role of the FRSExec.exe file in the AWs? Is this a required package for the normal operation of the AW? Who uses it? Any parameters/arguments are passed to it? I am almost sure this is a service/task to allow/enable some transfer services, and I am wondering is this could cause some breach in security (Cyber Security) and, if so, if is can be hardened or removed. Thanks in advance Ricardo _______________________________________________________________________ This mailing list is neither sponsored nor endorsed by Invensys Process Systems (formerly The Foxboro Company). Use the info you obtain here at your own risks. Read http://www.thecassandraproject.org/disclaimer.html foxboro mailing list: //www.freelists.org/list/foxboro to subscribe: mailto:foxboro-request@xxxxxxxxxxxxx?subject=join to unsubscribe: mailto:foxboro-request@xxxxxxxxxxxxx?subject=leave