Hello
I have a problem. My outgoing bandwidth on 80 port is too high last month. I had an intruder.
What to do?
I have attached the proccess tree.
Thank you
Problem with intruder. Outgoing bandwidth on port 8 too high
-
- Posts: 1
- Joined: 2015/11/28 00:48:41
Problem with intruder. Outgoing bandwidth on port 8 too high
- Attachments
-
- process2.PNG (11.93 KiB) Viewed 1665 times
-
- Process Top
- process.PNG (31.8 KiB) Viewed 1665 times
Re: Problem with intruder. Outgoing bandwidth on port 8 too
If you really believe that you had an intruder in your system, then you need to wipe it and reinstall from scratch.endritshehu wrote:Hello
I have a problem. My outgoing bandwidth on 80 port is too high last month. I had an intruder.
What to do?
I have attached the proccess tree.
Thank you
Re: Problem with intruder. Outgoing bandwidth on port 8 too
In addition you have processes running there called cwpsrv and these sound like they probably belong to something called CentOS Web Panel which has nothing whatsoever to do with the CentOS project apart from having hijacked its name without authorisation. You need to seek support from CWP if so.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Re: Problem with intruder. Outgoing bandwidth on port 8 too
Instead of listing processes using CPU memory, etc. how about what is using port 80 (probably httpd process) and having a look in it's logs.
BTW, mysql should be using a "big" (resource-wise) consumer. The maldet process is (apparently) a malware detector (see https://www.rfxn.com/projects/linux-malware-detect/) - so if you installed it, it's probably doing what it should be doing.
You havemn't posted anything to do with the reported problem (bandwidth) and if you are using cpanel, ask them.
BTW, mysql should be using a "big" (resource-wise) consumer. The maldet process is (apparently) a malware detector (see https://www.rfxn.com/projects/linux-malware-detect/) - so if you installed it, it's probably doing what it should be doing.
You havemn't posted anything to do with the reported problem (bandwidth) and if you are using cpanel, ask them.