core dump uploads and cracked/hacker - urgent help needs

claudio

Well-Known Member
Jul 31, 2004
201
0
166
Hi

If someone kindly can help me thanks a lot...

Well my server is crashing and stoping on sundays and i need to ask 3 times for manual reboots to the datacenter...

I looked at the logs and many notfound errors appeared in error_logs

many named.lamedserver resolution errors too

and last time i tried to flush apf and some core dumps appeared

running rkhunter it appeared either and when i tried to use shell command to reboot

it attempt to reboot and failed and i asked again to a manual reboot...

Well i am afraid that can it be memory error because (servers bandwidth is extremally low)

a client has a phpupload application and receives many uploads???

Or kernel panicked errors ? or is it cracked or hacked?? how can i know or fix it???

well ssh is no rootlogin, every users are jailed accounts, no telnet or imap used, ports are closed just some cpanel ports are opened, securitymod is installed and apfados installed, clamav installed, apf (off course) and why???

help please i am freaking out : (

Claudio
 

claudio

Well-Known Member
Jul 31, 2004
201
0
166
major memory problems

Your system has problems booting up. It is giving me some major memory
errors, I will run memx86 on it and will get back to you shortly.


The above was said by the datacenter staff

once they changed my ram memory because it has some hardware issues

i hope that this memory issue was something related to rams hardware and not software

and i guess you all know why....

please reply me with your impressions..


regards and thanks in advance

claudio
 

StevenC

Well-Known Member
Jan 1, 2004
252
0
166
THat is very interesting, it should be core dumping unless it is a problem with iptables.
 

claudio

Well-Known Member
Jul 31, 2004
201
0
166
iptables

well iptables really crashed and caused memory reboot problems

i turned it on to see if it minimize this situations (before it was perfect and chkconfig --off) as apf used iptables inside the kernel, it worked that way for more than a month...

about the rkhunter that core dumped messages to me they were shell fork or some bugs within apf and rkhunter together because when i runned rkhunter in this morning just a little bit after cpanel crons and apf restarts cron it worked fine without errors, dumps, false positives : )))

this kind of weird

regards

Claudio