Answer the question
In order to leave comments, you need to log in
A
A
Anton Parfenov2016-02-02 00:59:47
Anton Parfenov, 2016-02-02 00:59:47
The process loads the processor under 100%, how to get rid of it?
Guys, there is a VPS server with Centos 6.7 and so such a trouble appeared, every 5 times a day a process appears from the user (ispmanager on which the sites hang) the process loads the usr/bin/host file. According to htop, there are 10-20 of them, but the top one loads both cores at 100% of which and the sites fall.
It seems to me that someone uses a server for their own purposes for ddos, for example, what can be done, has anyone come across?
UPD: screenshot https://yadi.sk/i/1IIJxP6hoCUet
2 answer(s)
@tech22
@inkvizitor68sl
A
Anton Chernousov, 2016-02-02 @tech22
Here, frankly speaking, you can’t say anything so quickly and you need to look in detail on the spot, but you can see what this process does in general by connecting to it using strace.
# strace -p xxxxxx -s 80 -o /tmp/debug.txt
-p is the pid of the process.
The file will contain a carload of information, after analyzing which you can understand what is happening there.
V
Vlad Zhivotnev, 2016-02-02 @inkvizitor68sl
usr/bin/host is a well-known virus, it either sends spam, or brutes ssh, I don’t remember offhand.
ls -la /proc/$pid/fd , then kill the process and fix your broken sites. Well, check that proftpd is not full of holes, right away.
Similar questions
B
E
E
I
S
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question