Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

find an httpd explode

Discussion in 'General Discussion' started by mahdionline, Dec 25, 2004.

  1. mahdionline

    mahdionline Well-Known Member

    Joined:
    Oct 18, 2003
    Messages:
    127
    Likes Received:
    0
    Trophy Points:
    166
    Hi

    I find out a explode happen on our server, a user usr /usr/bin/perl to run a task , and this task make our cpu very busy.

    how can I findout which file (of which user) make this problem ?

    or

    when I have the PID of a task , how can trace it ?

    Regard
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. haze

    haze Well-Known Member

    Joined:
    Dec 21, 2001
    Messages:
    1,550
    Likes Received:
    3
    Trophy Points:
    318
    It sounds to me like the phpBB worm making the rounds. Have a search on this forum for phpBB and maybe phpbb worm you should find some info from those threads on how to trace and remove and lock down the account.

    A quick way to see what it is and where it was executed etc is to go to /proc/PIDID and cat the files in that directory.

    Also check your tmp directories for suspicious files.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice