Repeated emails coming from CSF, and LFD

[SidedTech]

I really used Google, and did not find a proper solution for this specific issue. I don't need or want these emails. I know the system is highly secure.

I receive the email:

Subject:
lfd on xxx.xxxxxxx.com: Suspicious process running under user avahi

Body:
Time: Sun May 29 19:00:31 2016 +0000
PID: 3144 (Parent PID:3144)
Account: avahi
Uptime: 133816 seconds


Executable:

/usr/sbin/avahi-daemon


Command Line (often faked in exploits):

avahi-daemon: running [panel.local]


Network connections by the process (if any):

udp: 0.0.0.0:5353 -> 0.0.0.0:0
udp: 0.0.0.0:55561 -> 0.0.0.0:0


Files open by the process (if any):

/dev/null
anon_inode:inotify


Memory maps by the process (if any):

563765a5b000-563765a7a000 r-xp 00000000 08:00 13669 /usr/sbin/avahi-daemon

(truncated because I don't need the whole message for this question)

Is there ANY WAY to just shut off this email? I also receive others, but this one is the most annoying.

 

[24x7server]

Yes, If you want to disable above mail alert then you need to update /etc/csf/csf.pignore file on your server with the following line, so that CSF will ignore this process and you will not get any alert for this process.

exe:/usr/sbin/avahi-daemon

 

[Infopro]

I don't need or want these emails

IMHO, you do.

In WHM > CSF, at top, first button is for Check Server Security. Once that has ran, at bottom choose Run Again and Display Checks. Using just this one message you're getting for an example, avahi-daemon, read the checks close to find this message:

Check server startup for avahi-daemon - On most servers avahi-daemon is not needed and should be stopped and disabled from starting if it is not required. This service is currently enabled in init and can usually be disabled using:
service avahi-daemon stop
chkconfig avahi-daemon off

With the Info in mind you can end the emails for the service by disabling that service.