النتائج 1 إلى 2 من 2

الموضوع: lfd on xxxx.net: Suspicious process running under user cpanel

  1. 20-06-2010 #1
    عضو نشيط جدا
    Dea
    تاريخ التسجيل
    Apr 2004
    المشاركات
    583

    lfd on xxxx.net: Suspicious process running under user cpanel



    السلام عليكم ورحمة الله وبركاته

    اخواني انا ركبت برنامج csf على سيرفر vps ويصلني على البريد مثل هذا التحذير كل يوم ماهو سبب المشكلة وما هو الحل

    كود PHP:
    Executable:

    /    usr/local/bin/perl


    Command Line     (often faked in exploits):

    interchange


    Network connections by the process     (if any):

    tcp0.0.0.0:7786 -> 0.0.0.0:0


    Files open by the process     (if any):

    /    dev/null
    /dev/null
    /usr/local/cpanel/3rdparty/interchange/bin/interchange
    /usr/local/cpanel/3rdparty/interchange/lib/Vend/Config.pm
    /usr/local/cpanel/3rdparty/interchange/etc/interchange.pid
    /usr/local/lib/perl5/site_perl/5.8.8/Net/LDAP/Constant.pm
    /dev/null


    Memory maps by the process     (if any):

    08048000-0804a000 r-xp 00000000 08:05 199132649 /usr/local/bin/perl
    0804a000    -0804b000 rw-p 00001000 08:05 199132649 /usr/local/bin/perl
    09be4000    -0b48b000 rw-p 09be4000 00:00 0 [heap]
    b78fb000-b792e000 r--p 00000000 08:05 199199832 /usr/lib/locale/sv_SE/LC_CTYPE
    b792e000    -b792f000 r--p 00000000 08:05 199197156 /usr/lib/locale/sv_SE/LC_NUMERIC
    b792f000    -b7930000 r--p 00000000 08:05 199197155 /usr/lib/locale/sv_SE/LC_TIME
    b7930000    -b7935000 r--p 00000000 08:05 199198902 /usr/lib/locale/sv_SE/LC_COLLATE
    b7935000    -b7936000 r--p 00000000 08:05 199197152 /usr/lib/locale/sv_SE/LC_MONETARY
    b7936000    -b7937000 r--p 00000000 08:05 199196737 /usr/lib/locale/sv_SE/LC_MESSAGES/SYS_LC_MESSAGES
    b7937000    -b7938000 r--p 00000000 08:05 199196761 /usr/lib/locale/sv_SE/LC_PAPER
    b7938000    -b7939000 r--p 00000000 08:05 199197944 /usr/lib/locale/sv_SE/LC_NAME
    b7939000    -b793a000 r--p 00000000 08:05 199198903 /usr/lib/locale/sv_SE/LC_ADDRESS
    b793a000    -b793b000 r--p 00000000 08:05 199197153 /usr/lib/locale/sv_SE/LC_TELEPHONE
    b793b000    -b793c000 r--p 00000000 08:05 199199831 /usr/lib/locale/sv_SE/LC_MEASUREMENT
    b793c000    -b793d000 r--p 00000000 08:05 199198905 /usr/lib/locale/sv_SE/LC_IDENTIFICATION
    b793d000    -b7970000 r--p 00000000 08:05 199199832 /usr/lib/locale/pt_BR/LC_CTYPE
    b7970000    -b7971000 r--p 00000000 08:05 199199789 /usr/lib/locale/pt_BR/LC_NUMERIC
    b7971000    -b7972000 r--p 00000000 08:05 199197359 /usr/lib/locale/pt_BR/LC_TIME
    b7972000    -b7977000 r--p 00000000 08:05 199197412 /usr/lib/locale/pt_BR/LC_COLLATE
    b7977000    -b7978000 r--p 00000000 08:05 199198843 /usr/lib/locale/pt_BR/LC_MONETARY
    b7978000    -b7979000 r--p 00000000 08:05 199197567 /usr/lib/locale/pt_BR/LC_MESSAGES/SYS_LC_MESSAGES
    b7979000    -b797a000 r--p 00000000 08:05 199196761 /usr/lib/locale/pt_BR/LC_PAPER
    b797a000    -b797b000 r--p 00000000 08:05 199197944 /usr/lib/locale/pt_BR/LC_NAME
    b797b000    -b797c000 r--p 00000000 08:05 199198842 /usr/lib/locale/pt_BR/LC_ADDRESS
    b797c000    -b797d000 r--p 00000000 08:05 199197358 /usr/lib/locale/pt_BR/LC_TELEPHONE
    b797d000    -b797e000 r--p 00000000 08:05 199199831 /usr/lib/locale/pt_BR/LC_MEASUREMENT
    b797e000    -b797f000 r--p 00000000 08:05 199198841 /usr/lib/locale/pt_BR/LC_IDENTIFICATION
    b797f000    -b79b2000 r--p 00000000 08:05 199199832 /usr/lib/locale/nl_NL/LC_CTYPE
    b79b2000    -b79b3000 r--p 00000000 08:05 199199789 /usr/lib/locale/nl_NL/LC_NUMERIC
    b79b3000    -b79b4000 r--p 00000000 08:05 199165730 /usr/lib/locale/nl_NL/LC_TIME
    b79b4000    -b79b9000 r--p 00000000 08:05 199197412 /usr/lib/locale/nl_NL/LC_COLLATE
    b79b9000    -b79ba000 r--p 00000000 08:05 199166097 /usr/lib/locale/nl_NL/LC_MONETARY
    b79ba000    -b79bb000 r--p 00000000 08:05 199196737 /usr/lib/locale/nl_NL/LC_MESSAGES/SYS_LC_MESSAGES
    b79bb000    -b79bc000 r--p 00000000 08:05 199196761 /usr/lib/locale/nl_NL/LC_PAPER
    b79bc000    -b79bd000 r--p 00000000 08:05 199197944 /usr/lib/locale/nl_NL/LC_NAME
    b79bd000    -b79be000 r--p 00000000 08:05 199166019 /usr/lib/locale/nl_NL/LC_ADDRESS
    b79be000    -b79bf000 r--p 00000000 08:05 199166122 /usr/lib/locale/nl_NL/LC_TELEPHONE
    b79bf000    -b79c0000 r--p 00000000 08:05 199199831 /usr/lib/locale/nl_NL/LC_MEASUREMENT
    b79c0000    -b79c1000 r--p 00000000 08:05 199166023 /usr/lib/locale/nl_NL/LC_IDENTIFICATION
    b79c1000    -b7a3e000 r--p 00000000 08:05 199198406 /usr/lib/locale/ja_JP.eucjp/LC_CTYPE
    b7a3e000    -b7a3f000 r--p 00000000 08:05 199197110 /usr/lib/locale/ja_JP.eucjp/LC_NUMERIC
    b7a3f000    -b7a41000 r--p 00000000 08:05 199197121 /usr/lib/locale/ja_JP.eucjp/LC_TIME
    b7a41000    -b7aa4000 r--p 00000000 08:05 199197999 /usr/lib/locale/ja_JP.eucjp/LC_COLLATE
    b7aa4000    -b7aa5000 r--p 00000000 08:05 199197112 /usr/lib/locale/ja_JP.eucjp/LC_MONETARY
    b7aa5000    -b7aa6000 r--p 00000000 08:05 199197113 /usr/lib/locale/ja_JP.eucjp/LC_MESSAGES/SYS_LC_MESSAGES
    b7aa6000    -b7aa7000 r--p 00000000 08:05 199197117 /usr/lib/locale/ja_JP.eucjp/LC_PAPER
    b7aa7000    -b7aa8000 r--p 00000000 08:05 199197115 /usr/lib/locale/ja_JP.eucjp/LC_NAME
    b7aa8000    -b7aa9000 r--p 00000000 08:05 199196886 /usr/lib/locale/ja_JP.eucjp/LC_ADDRESS
    b7aa9000    -b7aaa000 r--p 00000000 08:05 199197118 /usr/lib/locale/ja_JP.eucjp/LC_TELEPHONE
    b7aaa000    -b7aab000 r--p 00000000 08:05 199197119 /usr/lib/locale/ja_JP.eucjp/LC_MEASUREMENT
    b7aab000    -b7ab2000 r--s 00000000 08:05 199165513 /usr/lib/gconv/gconv-modules.cache
    b7ab2000    -b7ab3000 r--p 00000000 08:05 199197111 /usr/lib/locale/ja_JP.eucjp/LC_IDENTIFICATION
    b7ab3000    -b7ae6000 r--p 00000000 08:05 199199832 /usr/lib/locale/it_IT/LC_CTYPE
    b7ae6000    -b7ae7000 r--p 00000000 08:05 199199789 /usr/lib/locale/it_IT/LC_NUMERIC
    b7ae7000    -b7ae8000 r--p 00000000 08:05 199165814 /usr/lib/locale/it_IT/LC_TIME
    b7ae8000    -b7aed000 r--p 00000000 08:05 199197412 /usr/lib/locale/it_IT/LC_COLLATE
    b7aed000    -b7aee000 r--p 00000000 08:05 199165775 /usr/lib/locale/it_IT/LC_MONETARY
    b7aee000    -b7aef000 r--p 00000000 08:05 199165806 /usr/lib/locale/it_IT/LC_MESSAGES/SYS_LC_MESSAGES
    b7aef000    -b7af0000 r--p 00000000 08:05 199196761 /usr/lib/locale/it_IT/LC_PAPER
    b7af0000    -b7af1000 r--p 00000000 08:05 199197944 /usr/lib/locale/it_IT/LC_NAME
    b7af1000    -b7af2000 r--p 00000000 08:05 199166180 /usr/lib/locale/it_IT/LC_ADDRESS
    b7af2000    -b7af3000 r--p 00000000 08:05 199166181 /usr/lib/locale/it_IT/LC_TELEPHONE
    b7af3000    -b7af4000 r--p 00000000 08:05 199199831 /usr/lib/locale/it_IT/LC_MEASUREMENT
    b7af4000    -b7af5000 r--p 00000000 08:05 199166179 /usr/lib/locale/it_IT/LC_IDENTIFICATION
    b7af5000    -b7b28000 r--p 00000000 08:05 199197828 /usr/lib/locale/he_IL/LC_CTYPE
    b7b28000    -b7b29000 r--p 00000000 08:05 199197831 /usr/lib/locale/he_IL/LC_NUMERIC
    b7b29000    -b7b2a000 r--p 00000000 08:05 199198152 /usr/lib/locale/he_IL/LC_TIME
    b7b2a000    -b7b2f000 r--p 00000000 08:05 199197821 /usr/lib/locale/he_IL/LC_COLLATE
    b7b2f000    -b7b30000 r--p 00000000 08:05 199197825 /usr/lib/locale/he_IL/LC_MONETARY
    b7b30000    -b7b31000 r--p 00000000 08:05 199197832 /usr/lib/locale/he_IL/LC_MESSAGES/SYS_LC_MESSAGES
    b7b31000    -b7b32000 r--p 00000000 08:05 199197079 /usr/lib/locale/he_IL/LC_PAPER
    b7b32000    -b7b33000 r--p 00000000 08:05 199197827 /usr/lib/locale/he_IL/LC_NAME
    b7b33000    -b7b34000 r--p 00000000 08:05 199197826 /usr/lib/locale/he_IL/LC_ADDRESS
    b7b34000    -b7b35000 r--p 00000000 08:05 199197080 /usr/lib/locale/he_IL/LC_TELEPHONE
    b7b35000    -b7b36000 r--p 00000000 08:05 199197829 /usr/lib/locale/he_IL/LC_MEASUREMENT
    b7b36000    -b7b37000 r--p 00000000 08:05 199198280 /usr/lib/locale/he_IL/LC_IDENTIFICATION
    b7b37000    -b7b6a000 r--p 00000000 08:05 199199832 /usr/lib/locale/es_ES/LC_CTYPE
    b7b6a000    -b7b6b000 r--p 00000000 08:05 199199789 /usr/lib/locale/es_ES/LC_NUMERIC
    b7b6b000    -b7b6c000 r--p 00000000 08:05 199196720 /usr/lib/locale/es_ES/LC_TIME
    b7b6c000    -b7b71000 r--p 00000000 08:05 199196767 /usr/lib/locale/es_ES/LC_COLLATE
    b7b71000    -b7b72000 r--p 00000000 08:05 199165775 /usr/lib/locale/es_ES/LC_MONETARY
    b7b72000    -b7b73000 r--p 00000000 08:05 199165806 /usr/lib/locale/es_ES/LC_MESSAGES/SYS_LC_MESSAGES
    b7b73000    -b7b74000 r--p 00000000 08:05 199196761 /usr/lib/locale/es_ES/LC_PAPER
    b7b74000    -b7b75000 r--p 00000000 08:05 199197944 /usr/lib/locale/es_ES/LC_NAME
    b7b75000    -b7b76000 r--p 00000000 08:05 199196765 /usr/lib/locale/es_ES/LC_ADDRESS
    b7b76000    -b7b77000 r--p 00000000 08:05 199197205 /usr/lib/locale/es_ES/LC_TELEPHONE
    b7b77000    -b7b78000 r--p 00000000 08:05 199199831 /usr/lib/locale/es_ES/LC_MEASUREMENT
    b7b78000    -b7b79000 r--p 00000000 08:05 199196714 /usr/lib/locale/es_ES/LC_IDENTIFICATION
    b7b79000    -b7bac000 r--p 00000000 08:05 199199832 /usr/lib/locale/en_US/LC_CTYPE
    b7bac000    -b7bad000 r--p 00000000 08:05 199205354 /usr/lib/locale/en_US/LC_NUMERIC
    b7bad000    -b7bae000 r--p 00000000 08:05 199197124 /usr/lib/locale/en_US/LC_TIME
    b7bae000    -b7bb3000 r--p 00000000 08:05 199197412 /usr/lib/locale/en_US/LC_COLLATE
    b7bb3000    -b7bb4000 r--p 00000000 08:05 199198135 /usr/lib/locale/en_US/LC_MONETARY
    b7bb4000    -b7bb5000 r--p 00000000 08:05 199199763 /usr/lib/locale/en_US/LC_MESSAGES/SYS_LC_MESSAGES
    b7bb5000    -b7bb6000 r--p 00000000 08:05 199199752 /usr/lib/locale/en_US/LC_PAPER
    b7bb6000    -b7bb7000 r--p 00000000 08:05 199198516 /usr/lib/locale/en_US/LC_NAME
    b7bb7000    -b7bb8000 r--p 00000000 08:05 199198131 /usr/lib/locale/en_US/LC_ADDRESS
    b7bb8000    -b7bb9000 r--p 00000000 08:05 199197354 /usr/lib/locale/en_US/LC_TELEPHONE
    b7bb9000    -b7bba000 r--p 00000000 08:05 199196716 /usr/lib/locale/en_US/LC_MEASUREMENT
    b7bba000    -b7bbb000 r--p 00000000 08:05 199198133 /usr/lib/locale/en_US/LC_IDENTIFICATION
    b7bbb000    -b7bee000 r--p 00000000 08:05 199196733 /usr/lib/locale/de_DE/LC_CTYPE
    b7bee000    -b7bef000 r--p 00000000 08:05 199165745 /usr/lib/locale/de_DE/LC_NUMERIC
    b7bef000    -b7bf0000 r--p 00000000 08:05 199197800 /usr/lib/locale/de_DE/LC_TIME
    b7bf0000    -b7bf5000 r--p 00000000 08:05 199197412 /usr/lib/locale/de_DE/LC_COLLATE
    b7bf5000    -b7bf6000 r--p 00000000 08:05 199196692 /usr/lib/locale/de_DE/LC_MONETARY
    b7bf6000    -b7bf7000 r--p 00000000 08:05 199196737 /usr/lib/locale/de_DE/LC_MESSAGES/SYS_LC_MESSAGES
    b7bf7000    -b7bf8000 r--p 00000000 08:05 199196761 /usr/lib/locale/de_DE/LC_PAPER
    b7bf8000    -b7bf9000 r--p 00000000 08:05 199198340 /usr/lib/locale/de_DE/LC_NAME
    b7bf9000    -b7bfa000 r--p 00000000 08:05 199198338 /usr/lib/locale/de_DE/LC_ADDRESS
    b7bfa000    -b7bfb000 r--p 00000000 08:05 199197799 /usr/lib/locale/de_DE/LC_TELEPHONE
    b7bfb000    -b7bfc000 r--p 00000000 08:05 199199831 /usr/lib/locale/de_DE/LC_MEASUREMENT
    b7bfc000    -b7bfd000 r--p 00000000 08:05 199198339 /usr/lib/locale/de_DE/LC_IDENTIFICATION
    b7bfd000    -b7c30000 r--p 00000000 08:05 199196735 /usr/lib/locale/da_DK/LC_CTYPE
    b7c30000    -b7c31000 r--p 00000000 08:05 199165745 /usr/lib/locale/da_DK/LC_NUMERIC
    b7c31000    -b7c32000 r--p 00000000 08:05 199165944 /usr/lib/locale/da_DK/LC_TIME
    b7c32000    -b7c37000 r--p 00000000 08:05 199199775 /usr/lib/locale/da_DK/LC_COLLATE
    b7c37000    -b7c41000 r-xp 00000000 08:05 199298022 /lib/libnss_files-2.5.so
    b7c41000    -b7c42000 r--p 00009000 08:05 199298022 /lib/libnss_files-2.5.so
    b7c42000    -b7c43000 rw-p 0000a000 08:05 199298022 /lib/libnss_files-2.5.so
    b7c43000    -b7c44000 r--p 00000000 08:05 199196732 /usr/lib/locale/da_DK/LC_MONETARY
    b7c44000    -b7c45000 r--p 00000000 08:05 199165838 /usr/lib/locale/da_DK/LC_MESSAGES/SYS_LC_MESSAGES
    b7c45000    -b7c46000 r--p 00000000 08:05 199196761 /usr/lib/locale/da_DK/LC_PAPER
    b7c46000    -b7c47000 r--p 00000000 08:05 199197944 /usr/lib/locale/da_DK/LC_NAME
    b7c47000    -b7c48000 r--p 00000000 08:05 199199776 /usr/lib/locale/da_DK/LC_ADDRESS
    b7c48000    -b7c49000 r--p 00000000 08:05 199196803 /usr/lib/locale/da_DK/LC_TELEPHONE
    b7c49000    -b7c4b000 r-xp 00000000 08:05 199560557 /usr/local/lib/perl5/5.8.8/i686-linux/auto/Cwd/Cwd.so
    b7c4b000    -b7c4c000 rw-p 00001000 08:05 199560557 /usr/local/lib/perl5/5.8.8/i686-linux/auto/Cwd/Cwd.so
    b7c4c000    -b7c4f000 r-xp 00000000 08:05 199590178 /usr/local/lib/perl5/5.8.8/i686-linux/auto/File/Glob/Glob.so
    b7c4f000    -b7c50000 rw-p 00002000 08:05 199590178 /usr/local/lib/perl5/5.8.8/i686-linux/auto/File/Glob/Glob.so
    b7c50000    -b7c52000 r-xp 00000000 08:05 199726717 /usr/local/lib/perl5/site_perl/5.8.8/i686-linux/auto/Safe/Hole/Hole.so
    b7c52000    -b7c53000 rw-p 00001000 08:05 199726717 /usr/local/lib/perl5/site_perl/5.8.8/i686-linux/auto/Safe/Hole/Hole.so
    b7c53000    -b7c55000 r-xp 00000000 08:05 199594150 /usr/local/lib/perl5/5.8.8/i686-linux/auto/MIME/Base64/Base64.so
    b7c55000    -b7c56000 rw-p 00001000 08:05 199594150 /usr/local/lib/perl5/5.8.8/i686-linux/auto/MIME/Base64/Base64.so
    b7c56000    -b7c69000 r-xp 00000000 08:05 199590134 /usr/local/lib/perl5/5.8.8/i686-linux/auto/POSIX/POSIX.so
    b7c69000    -b7c6a000 rw-p 00013000 08:05 199590134 /usr/local/lib/perl5/5.8.8/i686-linux/auto/POSIX/POSIX.so
    b7c6a000    -b7c6f000 r-xp 00000000 08:05 161024014 /usr/local/lib/perl5/5.8.8/i686-linux/auto/Data/Dumper/Dumper.so
    b7c6f000    -b7c70000 rw-p 00004000 08:05 161024014 /usr/local/lib/perl5/5.8.8/i686-linux/auto/Data/Dumper/Dumper.so
    b7c70000    -b7c7e000 r-xp 00000000 08:05 199594152 /usr/local/lib/perl5/5.8.8/i686-linux/auto/Storable/Storable.so
    b7c7e000    -b7c7f000 rw-p 0000d000 08:05 199594152 /usr/local/lib/perl5/5.8.8/i686-linux/auto/Storable/Storable.so
    b7c7f000    -b7c82000 r-xp 00000000 08:05 199562463 /usr/local/lib/perl5/5.8.8/i686-linux/auto/Digest/MD5/MD5.so
    b7c82000    -b7c83000 rw-p 00002000 08:05 199562463 /usr/local/lib/perl5/5.8.8/i686-linux/auto/Digest/MD5/MD5.so
    b7c83000    -b7c8b000 r-xp 00000000 08:05 199658111 /usr/local/lib/perl5/site_perl/5.8.8/i686-linux/auto/HTML/Parser/Parser.so
    b7c8b000    -b7c8c000 rw-p 00007000 08:05 199658111 /usr/local/lib/perl5/site_perl/5.8.8/i686-linux/auto/HTML/Parser/Parser.so
    b7c8c000    -b7c90000 r-xp 00000000 08:05 199590169 /usr/local/lib/perl5/5.8.8/i686-linux/auto/Opcode/Opcode.so
    b7c90000    -b7c91000 rw-p 00003000 08:05 199590169 /usr/local/lib/perl5/5.8.8/i686-linux/auto/Opcode/Opcode.so
    b7c91000    -b7c97000 r-xp 00000000 08:05 199133163 /usr/lib/libgdbm.so.2.0.0
    b7c97000    -b7c98000 rw-p 00005000 08:05 199133163 /usr/lib/libgdbm.so.2.0.0
    b7c98000    -b7c9d000 r-xp 00000000 08:05 199589958 /usr/local/lib/perl5/5.8.8/i686-linux/auto/GDBM_File/GDBM_File.so
    b7c9d000    -b7c9e000 rw-p 00004000 08:05 199589958 /usr/local/lib/perl5/5.8.8/i686-linux/auto/GDBM_File/GDBM_File.so
    b7c9e000    -b7ca4000 r-xp 00000000 08:05 199560611 /usr/local/lib/perl5/5.8.8/i686-linux/auto/Encode/Encode.so
    b7ca4000    -b7ca5000 rw-p 00005000 08:05 199560611 /usr/local/lib/perl5/5.8.8/i686-linux/auto/Encode/Encode.so
    b7ca5000    -b7ca9000 r-xp 00000000 08:05 199589936 /usr/local/lib/perl5/5.8.8/i686-linux/auto/Socket/Socket.so
    b7ca9000    -b7caa000 rw-p 00003000 08:05 199589936 /usr/local/lib/perl5/5.8.8/i686-linux/auto/Socket/Socket.so
    b7caa000    -b7cad000 r-xp 00000000 08:05 199562475 /usr/local/lib/perl5/5.8.8/i686-linux/auto/IO/IO.so
    b7cad000    -b7cae000 rw-p 00002000 08:05 199562475 /usr/local/lib/perl5/5.8.8/i686-linux/auto/IO/IO.so
    b7cae000    -b7cb2000 r-xp 00000000 08:05 199560559 /usr/local/lib/perl5/5.8.8/i686-linux/auto/List/Util/Util.so
    b7cb2000    -b7cb3000 rw-p 00004000 08:05 199560559 /usr/local/lib/perl5/5.8.8/i686-linux/auto/List/Util/Util.so
    b7cb3000    -b7cc9000 r-xp 00000000 08:05 182585693 /usr/local/lib/perl5/site_perl/5.8.8/i686-linux/auto/DBI/DBI.so
    b7cc9000    -b7cca000 rw-p 00015000 08:05 182585693 /usr/local/lib/perl5/site_perl/5.8.8/i686-linux/auto/DBI/DBI.so
    b7cca000    -b7ccb000 rw-p b7cca000 00:00 0 
    b7ccb000    -b7e1d000 r-xp 00000000 08:05 199295054 /lib/libc-2.5.so
    b7e1d000    -b7e1f000 r--p 00152000 08:05 199295054 /lib/libc-2.5.so
    b7e1f000    -b7e20000 rw-p 00154000 08:05 199295054 /lib/libc-2.5.so
    b7e20000    -b7e24000 rw-p b7e20000 00:00 0 
    b7e24000    -b7e26000 r-xp 00000000 08:05 199295074 /lib/libutil-2.5.so
    b7e26000    -b7e27000 r--p 00001000 08:05 199295074 /lib/libutil-2.5.so
    b7e27000    -b7e28000 rw-p 00002000 08:05 199295074 /lib/libutil-2.5.so
    b7e28000    -b7e31000 r-xp 00000000 08:05 199295046 /lib/libcrypt-2.5.so
    b7e31000    -b7e32000 r--p 00008000 08:05 199295046 /lib/libcrypt-2.5.so
    b7e32000    -b7e33000 rw-p 00009000 08:05 199295046 /lib/libcrypt-2.5.so
    b7e33000    -b7e5a000 rw-p b7e33000 00:00 0 
    b7e5a000    -b7e81000 r-xp 00000000 08:05 199297971 /lib/libm-2.5.so
    b7e81000    -b7e82000 r--p 00026000 08:05 199297971 /lib/libm-2.5.so
    b7e82000    -b7e83000 rw-p 00027000 08:05 199297971 /lib/libm-2.5.so
    b7e83000    -b7e86000 r-xp 00000000 08:05 199297964 /lib/libdl-2.5.so
    b7e86000    -b7e87000 r--p 00002000 08:05 199297964 /lib/libdl-2.5.so
    b7e87000    -b7e88000 rw-p 00003000 08:05 199297964 /lib/libdl-2.5.so
    b7e88000    -b7e9d000 r-xp 00000000 08:05 199297986 /lib/libnsl-2.5.so
    b7e9d000    -b7e9e000 r--p 00014000 08:05 199297986 /lib/libnsl-2.5.so
    b7e9e000    -b7e9f000 rw-p 00015000 08:05 199297986 /lib/libnsl-2.5.so
    b7e9f000    -b7ea1000 rw-p b7e9f000 00:00 0 
    b7ea1000    -b7ea2000 r--p 00000000 08:05 199199831 /usr/lib/locale/da_DK/LC_MEASUREMENT
    b7ea2000    -b7ea3000 r--p 00000000 08:05 199165837 /usr/lib/locale/da_DK/LC_IDENTIFICATION
    b7ea3000    -b7ea6000 r-xp 00000000 08:05 199589911 /usr/local/lib/perl5/5.8.8/i686-linux/auto/Fcntl/Fcntl.so
    b7ea6000    -b7ea7000 rw-p 00002000 08:05 199589911 /usr/local/lib/perl5/5.8.8/i686-linux/auto/Fcntl/Fcntl.so
    b7ea7000    -b7f78000 r-xp 00000000 08:05 199591026 /usr/local/lib/perl5/5.8.8/i686-linux/CORE/libperl.so
    b7f78000    -b7f7d000 rw-p 000d0000 08:05 199591026 /usr/local/lib/perl5/5.8.8/i686-linux/CORE/libperl.so
    b7f7d000    -b7f81000 rw-p b7f7d000 00:00 0 
    b7f81000    -b7f9c000 r-xp 00000000 08:05 199295065 /lib/ld-2.5.so
    b7f9c000    -b7f9d000 r--p 0001a000 08:05 199295065 /lib/ld-2.5.so
    b7f9d000    -b7f9e000 rw-p 0001b000 08:05 199295065 /lib/ld-2.5.so
    bfa59000    -bfa9a000 rw-p 7ffffffbe000 00:00 0 [stack






    التعديل الأخير تم بواسطة Dea ; 20-06-2010 الساعة 10:41 AM
    رد مع اقتباس رد مع اقتباس Dea غير متواجد حالياً

  2. 21-06-2010 #2
    عضو نشيط
    HuMaN-BiEnG
    تاريخ التسجيل
    May 2010
    المشاركات
    219


    السلام عليكم ,

    اخى الكريم Dea

    فى الغالب الرسالة التى تأتى من ال         csf بعنوان Suspicious process , هى رسائل تحذيرية لاسكربتات مشكوك بامرها وتحتاج منك التاكد من صلاحيتها ,

    ومن النتائج الهامة ايضا فى محتوى الرسالة هو رقم المنفذ     port المستخدم بواسطة الاسكربت ,

    قم بعمل الاتى عند وصول مثل هذا التنبيه اليك مجددا :

    cat /etc/services | grep port-number

    و فى الرسالة التى تاتى اليك فان المنفذ المستخدم من قبل الاسكربت هو     7786 ,

    cat /etc/services | grep 7786

    سيظهر لك اسم الخدمة التى تستخدم المنفذ ,والتى اسمها MiniVend وهو اسكربت يستخدم لعمليات الشراء عبر الويب Shopping Cart وايضا يدعم خاصية ال SSL


    اما اذا لم تجد منفذ الاسكربت فى الملف /etc/services     فهذا يستدعى الى تحرى الامر اكثر لكون الاسكربت المستخدم غير شرعى

    شكرا لك ,,





    __________________
    NoThing I$ ImPo$$ible
    رد مع اقتباس رد مع اقتباس HuMaN-BiEnG غير متواجد حالياً




« مساعدة : اريد تفاصيل عن ويندوز سيرفر | هل يمكن تثبيت svn على vps ؟ »

ضوابط المشاركة

  • لا تستطيع إضافة مواضيع جديدة
  • لا تستطيع الرد على المواضيع
  • لا تستطيع إرفاق ملفات
  • لا تستطيع تعديل مشاركاتك
  •  

قوانين المنتدى


أضف موقعك هنا| اخبار السيارات | حراج | شقق للايجار في الكويت | بيوت للبيع في الكويت | دليل الكويت العقاري | مقروء | شركة كشف تسربات المياه | شركة عزل اسطح بالرياض | عزل فوم بالرياض| عزل اسطح بالرياض | كشف تسربات المياة بالرياض | شركة عزل اسطح بالرياض