The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Security Problem?

Discussion in 'Security' started by ZachICU, Feb 22, 2004.

  1. ZachICU

    ZachICU Well-Known Member

    Joined:
    Aug 11, 2001
    Messages:
    130
    Likes Received:
    0
    Trophy Points:
    16
    Im looking at the CPU Usuage in WHM and see one account with 5% usuage using lynx -dump www.domain.com/mail.php

    Im think this is a bad sign, but how would they be runing lynx if they dont have shell access??

    Thanks
    Zach
     
  2. casey

    casey Well-Known Member

    Joined:
    Jan 17, 2003
    Messages:
    2,303
    Likes Received:
    0
    Trophy Points:
    36
    Location:
    If there is trouble, it will find me
    They're doing it via cron.

    crontab -u USERNAME -l

    will show you what they've got in the cron.
     
  3. ZachICU

    ZachICU Well-Known Member

    Joined:
    Aug 11, 2001
    Messages:
    130
    Likes Received:
    0
    Trophy Points:
    16
    Thanks.

    What would be the point of doing lynx -dump to a php file on a different server?


    (The reason I ask is the server load on this one box is really high suddenly trying to figure out why)
     
  4. casey

    casey Well-Known Member

    Joined:
    Jan 17, 2003
    Messages:
    2,303
    Likes Received:
    0
    Trophy Points:
    36
    Location:
    If there is trouble, it will find me
    I'm not sure. You could disable the cron for a while and see what happens. Did you look through the suexec logs, too?
     
  5. qbert1987

    qbert1987 Well-Known Member

    Joined:
    Dec 22, 2003
    Messages:
    130
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Canberra, Australia
    whats the command to see what recorces each user is useing?
     
Loading...

Share This Page