해킹인지 좀 봐주세요!!ㅠ.ㅠ
작성자 정보
- 홍석범 작성
- 작성일
컨텐츠 정보
- 2,986 조회
- 0 추천
- 목록
본문
안녕하십니까? 오늘과내일의 홍석범입니다.
어떤 부분이 이상하신지요?
아래 내용만으로는 정확힌 진단할 수 없지만 일단 내용만으로는 특별한 이상은 없는듯 합니다. 일단 불필요한 데몬들이 많이 보이는데 꼭 필요한 서비스외는 모두 내리시는 것이 좋습니다. 일단 리눅스는 현재까지 커널 버전만 2.4.29 / 2.6.11 이상이시기만 하면 root 권한을 빼앗길 일은 없습니다.
감사합니다.
박광오 님의 글
해킹되었는지 부탁합니다..서버가 계속 버벅거려요..
서버팀장이 멀리 가시는 바람에....죽겠씁니다.
ps -aux 입니다.
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.4 2676 564 ? S 21:34 0:01 init [3]
root 2 0.0 0.0 0 0 ? SN 21:34 0:00 [ksoftirqd/0]
root 3 0.0 0.0 0 0 ? S< 21:34 0:00 [events/0]
root 4 0.0 0.0 0 0 ? S< 21:34 0:00 [khelper]
root 5 0.0 0.0 0 0 ? S< 21:34 0:00 [kblockd/0]
root 6 0.0 0.0 0 0 ? S 21:34 0:00 [khubd]
root 29 0.0 0.0 0 0 ? S 21:34 0:00 [pdflush]
root 30 0.0 0.0 0 0 ? S 21:34 0:00 [pdflush]
root 27 0.0 0.0 0 0 ? S 21:34 0:00 [kapmd]
root 31 0.0 0.0 0 0 ? S 21:34 0:00 [kswapd0]
root 32 0.0 0.0 0 0 ? S< 21:34 0:00 [aio/0]
root 105 0.0 0.0 0 0 ? S 21:34 0:00 [kseriod]
root 183 0.0 0.0 0 0 ? S 20:23 0:00 [kjournald]
root 1137 0.0 0.3 1724 496 ? Sroot 1401 0.0 0.0 0 0 ? S 20:24 0:00 [kjournald]
root 1402 0.0 0.0 0 0 ? S 20:24 0:00 [kjournald]
root 1762 0.0 0.4 3268 580 ? Ss 20:24 0:00 syslogd -m 0
root 1766 0.0 0.3 2804 464 ? Ss 20:24 0:00 klogd -x
rpc 1783 0.0 0.5 2484 636 ? Ss 20:24 0:00 portmap
rpcuser 1803 0.0 0.6 2168 760 ? Ss 20:24 0:00 rpc.statd
root 1833 0.0 0.4 2868 588 ? Ss 20:24 0:00 rpc.idmapd
root 1863 0.0 0.3 2824 484 ? Ss 20:24 0:00 /usr/sbin/apmd -p 10 -w 5 -W -P /etc/sysconfig/apm-scripts/apmscript
root 1899 0.1 0.4 3912 536 ? Ss 20:24 0:01 nifd -n
root 1908 0.0 0.6 2416 812 ? S 20:24 0:00 /usr/sbin/smartd
root 1923 0.0 1.7 10264 2184 ? Ss 20:24 0:00 cupsd
root 1976 0.0 1.2 4400 1524 ? Ss 20:24 0:00 /usr/sbin/sshd
root 1994 0.0 0.6 3328 824 ? Ss 20:24 0:00 xinetd -stayalive -pidfile /var/run/xinetd.pid
root 2013 0.0 2.3 9216 2996 ? Ss 20:24 0:00 sendmail: accepting connections
smmsp 2023 0.0 2.0 8488 2588 ? Ss 20:24 0:00 sendmail: Queue runner@01:00:00 for /var/spool/clientmqueue
root 2033 0.0 0.4 2264 532 ? Ss 20:24 0:00 gpm -m /dev/input/mice -t imps2
htt 2060 0.0 0.2 3456 328 ? Ss 20:24 0:00 /usr/sbin/htt -retryonerror 0
htt 2061 0.0 1.8 6596 2296 ? S 20:24 0:00 htt_server -nodaemon
root 2070 0.0 0.6 6316 852 ? Ss 20:24 0:00 crond
daemon 2107 0.0 0.5 2160 644 ? Ss 20:24 0:00 /usr/sbin/atd
dbus 2116 0.0 0.9 3500 1196 ? Ss 20:24 0:00 dbus-daemon-1 --system
root 2127 0.2 2.9 6472 3752 ? Ss 20:24 0:02 hald
nobody 2134 0.0 0.8 3016 1104 ? Ss 20:24 0:00 proftpd: (accepting connections)
root 2135 0.0 1.0 7324 1280 ? S 20:24 0:00 /bin/sh /usr/local/mysql/bin/safe_mysqld --language=korean
mysql 2155 0.0 8.9 30628 11260 ? S 20:24 0:00 /usr/local/mysql/bin/mysqld --basedir=/usr/local/mysql --datadir=/usr
mysql 2188 0.0 8.9 30628 11260 ? S 20:24 0:00 /usr/local/mysql/bin/mysqld --basedir=/usr/local/mysql --datadir=/usr
mysql 2189 0.0 8.9 30628 11260 ? S 20:24 0:00 /usr/local/mysql/bin/mysqld --basedir=/usr/local/mysql --datadir=/usr
mysql 2190 0.0 8.9 30628 11260 ? S 20:24 0:00 /usr/local/mysql/bin/mysqld --basedir=/usr/local/mysql --datadir=/usr
mysql 2191 0.0 8.9 30628 11260 ? S 20:24 0:00 /usr/local/mysql/bin/mysqld --basedir=/usr/local/mysql --datadir=/usr
mysql 2192 0.0 8.9 30628 11260 ? S 20:24 0:00 /usr/local/mysql/bin/mysqld --basedir=/usr/local/mysql --datadir=/usr
root 2201 0.0 3.3 11540 4220 ? Ss 20:24 0:00 /usr/local/apache/bin/httpd
nobody 2203 0.0 3.8 11780 4800 ? S 20:24 0:00 /usr/local/apache/bin/httpd
nobody 2204 0.0 3.7 11780 4684 ? S 20:24 0:00 /usr/local/apache/bin/httpd
nobody 2205 0.0 3.6 11672 4632 ? S 20:24 0:00 /usr/local/apache/bin/httpd
nobody 2206 0.0 3.7 11692 4684 ? S 20:24 0:00 /usr/local/apache/bin/httpd
nobody 2207 0.2 4.7 12968 6032 ? S 20:24 0:02 /usr/local/apache/bin/httpd
mysql 2225 0.1 8.9 30628 11260 ? S 20:24 0:01 /usr/local/mysql/bin/mysqld --basedir=/usr/local/mysql --datadir=/usr
mysql 2226 0.1 8.9 30628 11260 ? S 20:24 0:01 /usr/local/mysql/bin/mysqld --basedir=/usr/local/mysql --datadir=/usr
mysql 2227 0.0 8.9 30628 11260 ? S 20:24 0:00 /usr/local/mysql/bin/mysqld --basedir=/usr/local/mysql --datadir=/usr
mysql 2228 0.0 8.9 30628 11260 ? S 20:24 0:00 /usr/local/mysql/bin/mysqld --basedir=/usr/local/mysql --datadir=/usr
root 2254 0.2 11.3 46828 14340 ? Sl 20:25 0:02 gij -Dpg=mserver -Djava.library.path=/usr/local/mserver/lib -classpat
root 2260 0.0 0.3 2568 408 tty1 Ss+ 20:25 0:00 /sbin/mingetty tty1
root 2261 0.0 0.3 3024 408 tty2 Ss+ 20:25 0:00 /sbin/mingetty tty2
root 2262 0.0 0.3 2968 408 tty3 Ss+ 20:25 0:00 /sbin/mingetty tty3
root 2263 0.0 0.3 3220 408 tty4 Ss+ 20:25 0:00 /sbin/mingetty tty4
root 2264 0.0 0.3 2524 404 tty5 Ss+ 20:25 0:00 /sbin/mingetty tty5
root 2265 0.0 0.3 2772 408 tty6 Ss+ 20:25 0:00 /sbin/mingetty tty6
root 2596 0.0 1.5 8116 1956 ? Ss 20:25 0:00 sshd: pko2000 [priv]
pko2000 2598 0.1 1.6 8264 2040 ? S 20:25 0:01 sshd: pko2000@pts/0
pko2000 2599 0.0 1.1 6396 1460 pts/0 Ss 20:25 0:00 -bash
root 2623 0.0 0.9 6796 1152 pts/0 S 20:25 0:00 su -
root 2624 0.0 1.2 6284 1540 pts/0 S 20:25 0:00 -bash
nobody 2655 0.1 4.7 12988 6024 ? S 20:25 0:01 /usr/local/apache/bin/httpd
nobody 2657 0.0 3.7 11716 4736 ? S 20:25 0:00 /usr/local/apache/bin/httpd
nobody 2658 0.0 3.7 11692 4720 ? S 20:25 0:00 /usr/local/apache/bin/httpd
root 2716 0.0 0.6 3444 768 pts/0 R+ 20:41 0:00 ps -aux
관련자료
-
이전
-
다음
