The CMON program is not an HP-supplied process, however, no system should run without a $CMON process. When a $CMON process is present on the system messages are sent to the $CMON process to verify logon requests and process start requests.

If the $CMON message does not block the action or the wait for $CMON does not exceed the timeout parameter, processing continues. If the $CMON process returns a message blocking the action, the action is denied and an error is returned to whomever originated the action.

The $CMON process can perform many functions for both security reasons and performance reasons, such as:

Control the CPU and priority of the request

Control who can logon to a port

Verify a userid's ability to run a requested program

Log the request

RISK If a $CMON is not present, an unauthorized $CMON can be added to the system. This $CMON might merely monitor system activity, but it could be designed with malicious intent.

RISK A 'malicious' $CMON could deny service entirely or force processes into the most inefficient mode in order to slow service, costing both user time and system resources.

RISK If an authorized $CMON is present and the process is not properly secured, the process can be stopped or debugged by an unauthorized party, causing timeout problems during the period when the process is unavailable.

RISK If unauthorized users are able to stop $CMON, it could be stopped and an unauthorized version started...