Hello, Today I discovery a user executing a script to kill process Netskope.He´s Admin local of computer (Macbook). Exist some way of block this script through of panel?if [ "$EUID" -ne 0 ] then echo "Please run as root" exitfiNETSKOPE_PIDS="`ps aux | grep -i /opt/netskope | awk '{print $2}' | sed '$d'`"for line in $NETSKOPE_PIDSdo kill -9 $linedone

kill Netskope Client

Hello,

Today I discovery a user executing a script to kill process Netskope.

He´s Admin local of computer (Macbook). Exist some way of block this script through of panel?

if f "$EUID" -ne 0 ]
  then echo "Please run as root"
  exit
fi

NETSKOPE_PIDS="`ps aux | grep -i /opt/netskope | awk '{print $2}' | sed '$d'`"

for line in $NETSKOPE_PIDS
do
  kill -9 $line
done

Page 1 / 1

It seems Netskope now uses the endpoint security extension (as opposed to the Network extension), "systemextensionsctl list"

That being said, if you enable SIP, the netskope process is protected and cannot be terminated.

Reply

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded