Host 103.179.190.35
Vietnam
CHT Compamy Ltd
-
CheckMK monitoring endpoint publicly available
An open CheckMK agent is publicly available.
This could leak sensitive information such as :
- Process list ( maybe credentials )
- Network interfaces
- Running services
- Firewall rules
- Internal OS configuration
https://docs.checkmk.com/latest/en/wato_monitoringagents.html
First seen 2022-06-17 22:52
Last seen 2024-12-22 00:59
Open for 918 days-
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadf28f25685Found public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-fs-nfsd.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled var-lib-nfs-rpc_pipefs.mount static brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2745.scope static acpid.service enabled aibolit-resident.service enabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled auth-rpcgss-module.service static autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled gssproxy.service disabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-blkmap.service disabled nfs-config.service static nfs-idmap.service static nfs-idmapd.service static nfs-lock.service static nfs-mountd.service static nfs-rquotad.service disabled nfs-secure.service static nfs-server.service disabled nfs-utils.service static nfs.service disabled nfslock.service static nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-gssd.service static rpc-rquotad.service disabled rpc-statd-notify.service static rpc-statd.service static rpcbind.service enabled rpcgssd.service static rpcidmapd.service static rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nfs-client.target enabled nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpc_pipefs.target static rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 322 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-fs-nfsd.mount loaded inactive dead NFSD configuration filesystem proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-lib-nfs-rpc_pipefs.mount loaded inactive dead RPC Pipe File System var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service auth-rpcgss-module.service loaded inactive dead Kernel Module supporting RPCSEC_GSS * check_mk@104625-103.179.190.34:6556-194.165.16.76:65294.service loaded failed failed Check_MK * check_mk@120978-103.179.190.34:6556-194.165.16.76:65441.service loaded failed failed Check_MK * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK * check_mk@172347-103.179.190.35:6556-45.227.254.48:65517.service loaded failed failed Check_MK * check_mk@197230-103.179.190.34:6556-167.94.138.124:40940.service loaded failed failed Check_MK * check_mk@210696-103.179.190.35:6556-194.165.16.76:65106.service loaded failed failed Check_MK * check_mk@228110-103.179.190.35:6556-194.165.16.76:65495.service loaded failed failed Check_MK * check_mk@232223-103.179.190.35:6556-194.165.16.72:65253.service loaded failed failed Check_MK * check_mk@240753-103.179.190.35:6556-194.165.16.72:65204.service loaded failed failed Check_MK check_mk@274533-103.179.190.35:6556-142.93.0.66:44070.service loaded activating start start Check_MK (142.93.0.66:44070) * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK * check_mk@62547-103.179.190.34:6556-103.83.81.110:58694.service loaded failed failed Check_MK * check_mk@62548-103.179.190.35:6556-103.83.81.110:64910.service loaded failed failed Check_MK * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK * check_mk@81701-103.179.190.34:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@81702-103.179.190.35:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 gssproxy.service loaded inactive dead GSSAPI Proxy Daemon httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.39 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nfs-config.service loaded inactive dead Preprocess NFS configuration nfs-idmapd.service loaded inactive dead NFSv4 ID-name mapping service nfs-mountd.service loaded inactive dead NFS Mount Daemon * nfs-secure-server.service not-found inactive dead nfs-secure-server.service nfs-server.service loaded inactive dead NFS server and services nfs-utils.service loaded inactive dead NFS server and client services nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpc-gssd.service loaded inactive dead RPC security service for NFS client and server rpc-statd-notify.service loaded inactive dead Notify NFS peers of a restart rpc-statd.service loaded inactive dead NFS status monitor for NFSv2/3 locking. rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WP Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WP Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice Imunify-notifier.slice loaded active active Imunify-notifier.slice Imunify-Scan-aibolit.slice loaded inactive dead Imunify-Scan-aibolit.slice Imunify-Scan.slice loaded inactive dead Imunify-Scan.slice Imunify.slice loaded active active Imunify.slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nfs-client.target loaded inactive dead NFS client services nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpc_pipefs.target loaded inactive dead rpc_pipefs.target rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191516 3660 22:13:47 988-11:12:37 1 /usr/lib/systemd/systemd --system --deserialize 18 - root 0 0 00:00:07 988-11:12:37 2 [kthreadd] - root 0 0 00:00:00 988-11:12:37 4 [kworker/0:0H] - root 0 0 00:03:50 988-11:12:37 6 [ksoftirqd/0] - root 0 0 00:00:44 988-11:12:37 7 [migration/0] - root 0 0 00:00:00 988-11:12:37 8 [rcu_bh] - root 0 0 1-00:18:57 988-11:12:37 9 [rcu_sched] - root 0 0 00:00:00 988-11:12:37 10 [lru-add-drain] - root 0 0 00:06:22 988-11:12:37 11 [watchdog/0] - root 0 0 00:05:58 988-11:12:37 12 [watchdog/1] - root 0 0 00:09:00 988-11:12:37 13 [migration/1] - root 0 0 00:03:04 988-11:12:37 14 [ksoftirqd/1] - root 0 0 00:00:00 988-11:12:37 16 [kworker/1:0H] - root 0 0 00:05:35 988-11:12:37 17 [watchdog/2] - root 0 0 00:01:23 988-11:12:37 18 [migration/2] - root 0 0 00:02:34 988-11:12:37 19 [ksoftirqd/2] - root 0 0 00:00:00 988-11:12:37 21 [kworker/2:0H] - root 0 0 00:05:34 988-11:12:37 22 [watchdog/3] - root 0 0 00:01:02 988-11:12:37 23 [migration/3] - root 0 0 00:05:10 988-11:12:37 24 [ksoftirqd/3] - root 0 0 00:00:00 988-11:12:37 26 [kworker/3:0H] - root 0 0 00:05:20 988-11:12:37 27 [watchdog/4] - root 0 0 00:04:51 988-11:12:37 28 [migration/4] - root 0 0 00:06:30 988-11:12:37 29 [ksoftirqd/4] - root 0 0 00:00:00 988-11:12:37 31 [kworker/4:0H] - root 0 0 00:06:36 988-11:12:37 32 [watchdog/5] - root 0 0 00:01:25 988-11:12:37 33 [migration/5] - root 0 0 00:38:26 988-11:12:37 34 [ksoftirqd/5] - root 0 0 00:00:00 988-11:12:37 36 [kworker/5:0H] - root 0 0 00:00:00 988-11:12:37 38 [kdevtmpfs] - root 0 0 00:00:00 988-11:12:37 39 [netns] - root 0 0 00:00:43 988-11:12:37 40 [khungtaskd] - root 0 0 00:00:00 988-11:12:37 41 [writeback] - root 0 0 00:00:00 988-11:12:37 42 [kintegrityd] - root 0 0 00:00:00 988-11:12:37 43 [bioset] - root 0 0 00:00:00 988-11:12:37 44 [bioset] - root 0 0 00:00:00 988-11:12:37 45 [bioset] - root 0 0 00:00:00 988-11:12:37 46 [kblockd] - root 0 0 00:00:00 988-11:12:37 47 [md] - root 0 0 00:00:00 988-11:12:37 48 [edac-poller] - root 0 0 00:00:00 988-11:12:37 49 [watchdogd] - root 0 0 00:31:57 988-11:12:37 55 [kswapd0] - root 0 0 00:00:00 988-11:12:37 56 [ksmd] - root 0 0 00:03:04 988-11:12:37 57 [khugepaged] - root 0 0 00:00:00 988-11:12:37 58 [crypto] - root 0 0 00:00:00 988-11:12:37 66 [kthrotld] - root 0 0 00:00:00 988-11:12:37 68 [kmpath_rdacd] - root 0 0 00:00:00 988-11:12:37 69 [kaluad] - root 0 0 00:00:00 988-11:12:37 70 [kpsmoused] - root 0 0 00:00:00 988-11:12:36 72 [ipv6_addrconf] - root 0 0 00:00:00 988-11:12:36 86 [deferwq] - root 0 0 00:57:07 988-11:12:36 197 [kauditd] - root 0 0 00:00:00 988-11:12:36 262 [ata_sff] - root 0 0 00:00:00 988-11:12:36 276 [ttm_swap] - root 0 0 00:00:00 988-11:12:36 280 [scsi_eh_0] - root 0 0 00:00:00 988-11:12:36 281 [scsi_tmf_0] - root 0 0 00:00:00 988-11:12:36 282 [scsi_eh_1] - root 0 0 00:00:00 988-11:12:36 283 [scsi_tmf_1] - root 0 0 00:17:13 988-11:12:36 289 [kworker/3:1H] - root 0 0 00:29:14 988-11:12:36 294 [kworker/0:1H] - root 0 0 00:17:04 988-11:12:36 301 [kworker/4:1H] - root 0 0 03:49:23 988-11:12:36 302 [jbd2/vda1-8] - root 0 0 00:00:00 988-11:12:36 303 [ext4-rsv-conver] - root 0 0 00:02:24 988-11:12:36 309 [kworker/2:1H] - root 0 0 00:18:17 988-11:12:35 372 [kworker/5:1H] - root 0 0 00:04:02 988-11:12:35 374 [kworker/1:1H] 8:memory:/system.slice,6:devices:/system.slice/auditd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/auditd.service root 55532 732 02:05:25 988-11:12:34 458 /sbin/auditd 8:memory:/system.slice,6:devices:/system.slice/dbus.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dbus.service dbus 58296 1412 05:07:02 988-11:12:34 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation - root 0 0 00:23:03 988-11:12:33 671 [loop0] - root 0 0 00:08:59 988-11:12:33 672 [jbd2/loop0-8] - root 0 0 00:00:00 988-11:12:33 673 [ext4-rsv-conver] 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1440 00:00:00 987-09:12:39 1006 nano pdns.conf 8:memory:/system.slice,6:devices:/system.slice/dnsadmin.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dnsadmin.service root 167448 4264 00:43:20 988-11:12:22 1491 dnsadmin - dormant mode 8:memory:/system.slice,6:devices:/system.slice/cpdavd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpdavd.service root 262240 24492 01:30:03 988-11:12:22 1494 cpdavd - accepting connections on: 2091, 2077, 2078 8:memory:/system.slice,6:devices:/system.slice/tailwatchd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/tailwatchd.service root 212484 22572 02:17:44 988-11:12:22 1495 tailwatchd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 190324 12468 05:13:06 988-11:12:22 1497 cPhulkd - processor - root 0 0 00:00:00 04:39:31 4745 [kworker/3:1] 8:memory:/system.slice,6:devices:/system.slice/sw-engine.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sw-engine.service root 443168 11664 00:04:00 183-05:45:13 6136 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-background-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 402256 34572 02:19:30 183-05:45:09 6219 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 385704 18500 00:04:13 183-05:45:09 6223 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/cpanel.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel.service root 255736 29104 07:10:00 954-01:49:06 8935 cpsrvd (SSL) - waiting for connections 8:memory:/system.slice,6:devices:/system.slice/pdns.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pdns.service named 851208 52360 00:15:41 94-06:40:34 12713 /usr/sbin/pdns_server --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no - root 0 0 00:00:00 09:11:14 15142 [kworker/u12:0] - root 0 0 00:00:03 2-16:24:31 17477 [kworker/4:0] - root 0 0 00:00:11 2-15:58:31 20042 [kworker/0:0] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 804 00:00:00 187-06:40:05 20921 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1564 01:01:39 187-06:40:05 20922 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1384 00:00:01 187-06:40:05 20923 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1348 00:00:01 187-06:40:05 20924 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1372 00:00:01 187-06:40:05 20925 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1220 00:22:43 187-06:40:05 20926 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] - root 0 0 00:00:00 01:29:30 21514 [kworker/u12:1] - root 0 0 00:00:00 01:28:17 21592 [kworker/2:0] - root 0 0 00:00:00 01:16:31 22675 [kworker/4:2] - root 0 0 00:00:00 59:31 24076 [kworker/5:1] - root 0 0 00:00:01 14:28:21 24149 [kworker/5:0] - root 0 0 00:00:00 49:31 24781 [kworker/0:2] - root 0 0 00:00:00 39:31 25460 [kworker/1:2] 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257732 126372 00:00:10 06:38:49 26197 /usr/local/cpanel/3rdparty/perl/536/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236764 13460 00:00:00 28:22 26314 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236844 13076 00:00:00 25:25 26549 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236624 13048 00:00:00 25:23 26558 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236876 13340 00:00:00 24:18 26622 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237076 13540 00:00:00 24:17 26623 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236632 12588 00:00:00 24:17 26624 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236804 13328 00:00:00 24:16 26625 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236632 13308 00:00:00 24:16 26626 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236640 12764 00:00:00 24:16 26627 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236632 12940 00:00:00 24:16 26628 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 259008 123812 00:00:06 06:27:22 27000 spamd child 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257732 122128 00:00:00 06:27:22 27001 spamd child 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 41196 2920 00:00:00 12:23 27427 dovecot/auth - root 0 0 00:00:00 09:30 27697 [kworker/3:2] - root 0 0 00:00:02 1-09:39:31 27755 [kworker/2:1] 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 60816 4492 00:00:00 01:57 28103 dovecot/lmtp 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 4232 00:00:00 00:58 28253 sshd: [accepted] 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service sshd 115644 2628 00:00:00 00:56 28254 sshd: [net] 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89516 10116 00:00:00 00:12 28279 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 190324 11284 00:00:00 00:03 28281 cPhulkd - processor - http socket 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89192 9392 00:00:00 00:02 28282 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 4228 00:00:00 00:01 28380 sshd: [accepted] 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service sshd 115644 2620 00:00:00 00:01 28381 sshd: [net] 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@274533-103.179.190.35:6556-142.93.0.66:44070.service root 113560 1864 00:00:00 00:00 28424 /bin/bash /usr/bin/check_mk_agent - root 0 0 00:00:08 13:39:31 28427 [kworker/1:0] 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@274533-103.179.190.35:6556-142.93.0.66:44070.service root 49820 1560 00:00:00 00:00 28448 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 8:memory:/system.slice,6:devices:/system.slice/queueprocd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/queueprocd.service root 224744 15228 00:01:52 10-06:41:10 30637 queueprocd - waiting up to 60s to process a task 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 230604 9184 00:01:20 8-05:22:53 30870 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12728 1040 00:00:25 8-05:22:53 30871 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12728 1052 00:00:20 8-05:22:53 30872 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 53340 11776 00:00:00 8-05:22:53 30873 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 51564 2216 00:00:12 8-05:22:53 30884 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47144 4484 00:00:02 8-05:22:52 30885 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47240 4628 00:00:03 8-05:22:52 30886 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 10320 1084 00:00:03 8-05:22:52 30887 dovecot/anvil 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 10452 1272 00:00:04 8-05:22:52 30888 dovecot/log 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47240 4724 00:00:03 8-05:22:52 30889 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47256 4612 00:00:03 8-05:22:52 30890 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 18096 4928 00:00:11 8-05:22:52 30891 dovecot/config 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 13568 1288 00:00:05 8-05:22:52 30892 dovecot/stats 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89048 12480 00:00:30 8-05:22:52 30922 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 8:memory:/system.slice,6:devices:/system.slice/pure-authd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-authd.service root 152776 2036 00:00:02 8-05:22:52 30941 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth 8:memory:/system.slice,6:devices:/system.slice/pure-ftpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-ftpd.service root 153400 3064 00:00:02 8-05:22:52 30942 pure-ftpd (SERVER) 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 153216 11632 00:05:57 10-06:40:50 31021 cPhulkd - dbprocessor 8:memory:/system.slice,6:devices:/system.slice/p0f.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 9952 3396 00:43:50 10-06:40:50 31034 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 8:memory:/system.slice,6:devices:/system.slice/nscd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/nscd.service nscd 1873132 3004 00:03:24 10-06:40:50 31053 /usr/sbin/nscd 8:memory:/system.slice,6:devices:/system.slice/cpanellogd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanellogd.service root 130412 2788 00:00:06 10-06:40:50 31054 cpanellogd - sleeping for logs 8:memory:/system.slice,6:devices:/system.slice/cpanel_php_fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel_php_fpm.service root 298732 5836 00:00:55 10-06:40:47 31127 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 608600 17076 00:53:25 193-06:39:44 31387 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/qemu-guest-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 348 00:00:00 193-06:38:44 31521 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 8:memory:/system.slice,6:devices:/system.slice/chronyd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/chronyd.service chrony 121048 1240 00:00:38 193-06:38:43 31540 /usr/sbin/chronyd 8:memory:/system.slice,6:devices:/system.slice/xinetd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/xinetd.service root 27380 248 00:00:00 193-06:38:42 31609 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 8:memory:/system.slice,6:devices:/system.slice/system-serial\x2dgetty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 112 00:00:00 193-06:38:42 31640 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 8:memory:/system.slice,6:devices:/system.slice/smartd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/smartd.service root 52852 1088 00:00:02 193-06:38:42 31655 /usr/sbin/smartd -n -q never 8:memory:/system.slice,6:devices:/system.slice/memcached.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/memcached.service memcached 80044 612 00:14:02 193-06:38:42 31670 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 8:memory:/system.slice,6:devices:/system.slice/atd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/atd.service root 24208 192 00:00:00 193-06:38:42 31690 /usr/sbin/atd -f 8:memory:/system.slice,6:devices:/system.slice/systemd-logind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-logind.service root 25228 1832 00:27:51 193-06:38:42 31705 /usr/lib/systemd/systemd-logind 8:memory:/system.slice,6:devices:/system.slice/mariadb.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/mariadb.service mysql 3881328 664632 1-08:14:02 193-06:38:40 31762 /usr/sbin/mysqld 8:memory:/system.slice,6:devices:/system.slice/system-getty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 112 00:00:00 193-06:38:39 31810 /sbin/agetty --noclear tty1 linux 8:memory:/system.slice,6:devices:/system.slice/rsyslog.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rsyslog.service root 515340 3356 01:00:27 193-06:38:39 31840 /usr/sbin/rsyslogd -n 8:memory:/system.slice,6:devices:/system.slice/systemd-udevd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-udevd.service root 43532 416 00:00:00 193-06:38:36 31961 /usr/lib/systemd/systemd-udevd 8:memory:/system.slice,6:devices:/system.slice/systemd-journald.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-journald.service root 40224 2576 01:32:02 193-06:38:36 31976 /usr/lib/systemd/systemd-journald 8:memory:/system.slice,6:devices:/system.slice/rpcbind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rpcbind.service rpc 69320 1052 00:00:50 193-06:38:36 31993 /sbin/rpcbind -w 8:memory:/system.slice,6:devices:/system.slice/acpid.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/acpid.service root 4388 140 00:00:00 193-06:38:36 32009 /usr/sbin/acpid 8:memory:/system.slice,6:devices:/system.slice/crond.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/crond.service root 124504 1080 00:02:59 193-06:38:36 32032 /usr/sbin/crond -n 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 1364 00:23:24 193-06:38:35 32045 /usr/sbin/sshd -D 8:memory:/system.slice,6:devices:/system.slice/polkit.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/polkit.service polkitd 610540 9076 00:19:03 193-06:38:35 32131 /usr/lib/polkit-1/polkitd --no-debug 8:memory:/system.slice,6:devices:/system.slice/irqbalance.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/irqbalance.service root 21540 508 00:22:28 193-06:38:34 32156 /usr/sbin/irqbalance --foreground Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2024-12-22 00:59 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadf0b0a7613Found public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-fs-nfsd.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled var-lib-nfs-rpc_pipefs.mount static brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2745.scope static acpid.service enabled aibolit-resident.service enabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled auth-rpcgss-module.service static autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled gssproxy.service disabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-blkmap.service disabled nfs-config.service static nfs-idmap.service static nfs-idmapd.service static nfs-lock.service static nfs-mountd.service static nfs-rquotad.service disabled nfs-secure.service static nfs-server.service disabled nfs-utils.service static nfs.service disabled nfslock.service static nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-gssd.service static rpc-rquotad.service disabled rpc-statd-notify.service static rpc-statd.service static rpcbind.service enabled rpcgssd.service static rpcidmapd.service static rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nfs-client.target enabled nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpc_pipefs.target static rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 322 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-fs-nfsd.mount loaded inactive dead NFSD configuration filesystem proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-lib-nfs-rpc_pipefs.mount loaded inactive dead RPC Pipe File System var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service auth-rpcgss-module.service loaded inactive dead Kernel Module supporting RPCSEC_GSS * check_mk@104625-103.179.190.34:6556-194.165.16.76:65294.service loaded failed failed Check_MK * check_mk@120978-103.179.190.34:6556-194.165.16.76:65441.service loaded failed failed Check_MK * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK * check_mk@172347-103.179.190.35:6556-45.227.254.48:65517.service loaded failed failed Check_MK * check_mk@197230-103.179.190.34:6556-167.94.138.124:40940.service loaded failed failed Check_MK * check_mk@210696-103.179.190.35:6556-194.165.16.76:65106.service loaded failed failed Check_MK * check_mk@228110-103.179.190.35:6556-194.165.16.76:65495.service loaded failed failed Check_MK * check_mk@232223-103.179.190.35:6556-194.165.16.72:65253.service loaded failed failed Check_MK * check_mk@240753-103.179.190.35:6556-194.165.16.72:65204.service loaded failed failed Check_MK check_mk@273959-103.179.190.35:6556-159.89.12.166:53736.service loaded activating start start Check_MK (159.89.12.166:53736) * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK * check_mk@62547-103.179.190.34:6556-103.83.81.110:58694.service loaded failed failed Check_MK * check_mk@62548-103.179.190.35:6556-103.83.81.110:64910.service loaded failed failed Check_MK * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK * check_mk@81701-103.179.190.34:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@81702-103.179.190.35:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 gssproxy.service loaded inactive dead GSSAPI Proxy Daemon httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.39 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nfs-config.service loaded inactive dead Preprocess NFS configuration nfs-idmapd.service loaded inactive dead NFSv4 ID-name mapping service nfs-mountd.service loaded inactive dead NFS Mount Daemon * nfs-secure-server.service not-found inactive dead nfs-secure-server.service nfs-server.service loaded inactive dead NFS server and services nfs-utils.service loaded inactive dead NFS server and client services nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpc-gssd.service loaded inactive dead RPC security service for NFS client and server rpc-statd-notify.service loaded inactive dead Notify NFS peers of a restart rpc-statd.service loaded inactive dead NFS status monitor for NFSv2/3 locking. rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WP Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WP Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice Imunify-notifier.slice loaded active active Imunify-notifier.slice Imunify-Scan-aibolit.slice loaded inactive dead Imunify-Scan-aibolit.slice Imunify-Scan.slice loaded inactive dead Imunify-Scan.slice Imunify.slice loaded active active Imunify.slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nfs-client.target loaded inactive dead NFS client services nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpc_pipefs.target loaded inactive dead rpc_pipefs.target rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191516 3656 22:10:55 986-10:48:35 1 /usr/lib/systemd/systemd --system --deserialize 18 - root 0 0 00:00:07 986-10:48:35 2 [kthreadd] - root 0 0 00:00:00 986-10:48:35 4 [kworker/0:0H] - root 0 0 00:03:49 986-10:48:35 6 [ksoftirqd/0] - root 0 0 00:00:43 986-10:48:35 7 [migration/0] - root 0 0 00:00:00 986-10:48:35 8 [rcu_bh] - root 0 0 1-00:15:36 986-10:48:35 9 [rcu_sched] - root 0 0 00:00:00 986-10:48:35 10 [lru-add-drain] - root 0 0 00:06:21 986-10:48:35 11 [watchdog/0] - root 0 0 00:05:57 986-10:48:35 12 [watchdog/1] - root 0 0 00:08:59 986-10:48:35 13 [migration/1] - root 0 0 00:03:04 986-10:48:35 14 [ksoftirqd/1] - root 0 0 00:00:00 986-10:48:35 16 [kworker/1:0H] - root 0 0 00:05:34 986-10:48:35 17 [watchdog/2] - root 0 0 00:01:22 986-10:48:35 18 [migration/2] - root 0 0 00:02:34 986-10:48:35 19 [ksoftirqd/2] - root 0 0 00:00:00 986-10:48:35 21 [kworker/2:0H] - root 0 0 00:05:34 986-10:48:35 22 [watchdog/3] - root 0 0 00:01:02 986-10:48:35 23 [migration/3] - root 0 0 00:05:09 986-10:48:35 24 [ksoftirqd/3] - root 0 0 00:00:00 986-10:48:35 26 [kworker/3:0H] - root 0 0 00:05:20 986-10:48:35 27 [watchdog/4] - root 0 0 00:04:50 986-10:48:35 28 [migration/4] - root 0 0 00:06:29 986-10:48:35 29 [ksoftirqd/4] - root 0 0 00:00:00 986-10:48:35 31 [kworker/4:0H] - root 0 0 00:06:35 986-10:48:35 32 [watchdog/5] - root 0 0 00:01:25 986-10:48:35 33 [migration/5] - root 0 0 00:38:22 986-10:48:35 34 [ksoftirqd/5] - root 0 0 00:00:00 986-10:48:35 36 [kworker/5:0H] - root 0 0 00:00:00 986-10:48:35 38 [kdevtmpfs] - root 0 0 00:00:00 986-10:48:35 39 [netns] - root 0 0 00:00:43 986-10:48:35 40 [khungtaskd] - root 0 0 00:00:00 986-10:48:35 41 [writeback] - root 0 0 00:00:00 986-10:48:35 42 [kintegrityd] - root 0 0 00:00:00 986-10:48:35 43 [bioset] - root 0 0 00:00:00 986-10:48:35 44 [bioset] - root 0 0 00:00:00 986-10:48:35 45 [bioset] - root 0 0 00:00:00 986-10:48:35 46 [kblockd] - root 0 0 00:00:00 986-10:48:35 47 [md] - root 0 0 00:00:00 986-10:48:35 48 [edac-poller] - root 0 0 00:00:00 986-10:48:35 49 [watchdogd] - root 0 0 00:31:45 986-10:48:35 55 [kswapd0] - root 0 0 00:00:00 986-10:48:35 56 [ksmd] - root 0 0 00:03:04 986-10:48:35 57 [khugepaged] - root 0 0 00:00:00 986-10:48:35 58 [crypto] - root 0 0 00:00:00 986-10:48:35 66 [kthrotld] - root 0 0 00:00:00 986-10:48:35 68 [kmpath_rdacd] - root 0 0 00:00:00 986-10:48:35 69 [kaluad] - root 0 0 00:00:00 986-10:48:35 70 [kpsmoused] - root 0 0 00:00:00 986-10:48:34 72 [ipv6_addrconf] - root 0 0 00:00:00 986-10:48:34 86 [deferwq] - root 0 0 00:57:00 986-10:48:34 197 [kauditd] - root 0 0 00:00:00 986-10:48:34 262 [ata_sff] - root 0 0 00:00:00 986-10:48:34 276 [ttm_swap] - root 0 0 00:00:00 986-10:48:34 280 [scsi_eh_0] - root 0 0 00:00:00 986-10:48:34 281 [scsi_tmf_0] - root 0 0 00:00:00 986-10:48:34 282 [scsi_eh_1] - root 0 0 00:00:00 986-10:48:34 283 [scsi_tmf_1] - root 0 0 00:17:10 986-10:48:34 289 [kworker/3:1H] - root 0 0 00:29:10 986-10:48:34 294 [kworker/0:1H] - root 0 0 00:17:01 986-10:48:34 301 [kworker/4:1H] - root 0 0 03:48:47 986-10:48:34 302 [jbd2/vda1-8] - root 0 0 00:00:00 986-10:48:34 303 [ext4-rsv-conver] - root 0 0 00:02:23 986-10:48:34 309 [kworker/2:1H] - root 0 0 00:18:14 986-10:48:33 372 [kworker/5:1H] - root 0 0 00:04:01 986-10:48:33 374 [kworker/1:1H] 8:memory:/system.slice,6:devices:/system.slice/auditd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/auditd.service root 55532 732 02:05:10 986-10:48:32 458 /sbin/auditd 8:memory:/system.slice,6:devices:/system.slice/dbus.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dbus.service dbus 58296 1412 05:06:23 986-10:48:32 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation - root 0 0 00:22:59 986-10:48:31 671 [loop0] - root 0 0 00:08:57 986-10:48:31 672 [jbd2/loop0-8] - root 0 0 00:00:00 986-10:48:31 673 [ext4-rsv-conver] 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1440 00:00:00 985-08:48:37 1006 nano pdns.conf 8:memory:/system.slice,6:devices:/system.slice/dnsadmin.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dnsadmin.service root 167448 4260 00:43:13 986-10:48:20 1491 dnsadmin - dormant mode 8:memory:/system.slice,6:devices:/system.slice/cpdavd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpdavd.service root 183896 6680 01:29:51 986-10:48:20 1494 cpdavd - accepting connections on: 2091, 2077, 2078 (dormant) 8:memory:/system.slice,6:devices:/system.slice/tailwatchd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/tailwatchd.service root 212484 22696 02:17:24 986-10:48:20 1495 tailwatchd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 190324 12504 05:12:29 986-10:48:20 1497 cPhulkd - processor - root 0 0 00:00:00 02:05:29 2966 [kworker/2:0] 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257612 126260 00:00:47 2-06:16:06 3500 /usr/local/cpanel/3rdparty/perl/536/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 - root 0 0 00:00:00 01:45:29 5555 [kworker/1:0] 8:memory:/system.slice,6:devices:/system.slice/sw-engine.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sw-engine.service root 443168 11664 00:03:57 181-05:21:11 6136 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-background-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 402256 34572 02:17:49 181-05:21:07 6219 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 385704 18500 00:04:09 181-05:21:07 6223 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 258980 123644 00:00:00 17:54:27 6586 spamd child 8:memory:/system.slice,6:devices:/system.slice/cpanel.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel.service root 255736 29072 07:08:47 952-01:25:04 8935 cpsrvd (SSL) - waiting for connections 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236888 14056 00:00:00 59:35 9615 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237012 13896 00:00:00 55:32 10251 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236848 13836 00:00:00 55:32 10256 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236912 13844 00:00:00 55:30 10301 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236984 14056 00:00:00 54:21 10367 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236788 13560 00:00:00 54:21 10368 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236928 14124 00:00:00 54:20 10370 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236828 13828 00:00:00 54:20 10371 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236856 14056 00:00:00 54:20 10372 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236772 13912 00:00:00 54:17 10374 /usr/sbin/httpd -k start - root 0 0 00:00:00 36:53 11712 [kworker/u12:1] - root 0 0 00:00:00 35:29 11923 [kworker/2:1] - root 0 0 00:00:00 25:29 12649 [kworker/3:0] 8:memory:/system.slice,6:devices:/system.slice/pdns.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pdns.service named 851208 52168 00:15:19 92-06:16:32 12713 /usr/sbin/pdns_server --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no - root 0 0 00:00:00 15:29 13300 [kworker/4:1] 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257612 122016 00:00:00 10:18 13613 spamd child - root 0 0 00:00:00 05:29 14009 [kworker/5:0] 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service hicorp 617572 45560 00:00:00 00:23 14494 php-fpm: pool hicorp_vn 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 41196 2924 00:00:00 00:06 14522 dovecot/auth 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 60816 4492 00:00:00 00:05 14546 dovecot/lmtp 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 193020 11848 00:00:00 00:05 14552 cPhulkd - processor - http socket 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 41196 2716 00:00:00 00:05 14553 dovecot/auth -w - root 0 0 00:00:00 00:04 14582 [dnsadmin - dorm] <defunct> - root 0 0 00:00:00 00:04 14587 [whostmgrd - ser] <defunct> 8:memory:/system.slice,6:devices:/system.slice/cpanel_php_fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel_php_fpm.service cpanelphpmyadmin 298284 6684 00:00:00 00:04 14602 php-fpm: pool cpanelphpmyadmin 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@273959-103.179.190.35:6556-159.89.12.166:53736.service root 113416 1592 00:00:00 00:00 14749 /bin/bash /usr/bin/check_mk_agent 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@273959-103.179.190.35:6556-159.89.12.166:53736.service root 49820 1560 00:00:00 00:00 14772 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 - root 0 0 00:00:00 16:00:29 17477 [kworker/4:0] - root 0 0 00:00:02 15:34:29 20042 [kworker/0:0] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 804 00:00:00 185-06:16:03 20921 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1564 01:00:55 185-06:16:03 20922 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1384 00:00:01 185-06:16:03 20923 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1356 00:00:01 185-06:16:03 20924 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1384 00:00:01 185-06:16:03 20925 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1220 00:22:27 185-06:16:03 20926 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] - root 0 0 00:00:02 04:33:19 21335 [kworker/1:1] - root 0 0 00:00:00 03:56:43 26377 [kworker/u12:0] - root 0 0 00:00:00 09:25:29 26889 [kworker/3:1] - root 0 0 00:00:00 03:05:30 30310 [kworker/0:2] 8:memory:/system.slice,6:devices:/system.slice/queueprocd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/queueprocd.service root 224744 15424 00:01:31 8-06:17:08 30637 queueprocd - waiting up to 60s to process a task 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 230604 9548 00:01:03 6-04:58:51 30870 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12748 1372 00:00:20 6-04:58:51 30871 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12764 1384 00:00:16 6-04:58:51 30872 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 53340 11864 00:00:00 6-04:58:51 30873 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 51564 2452 00:00:09 6-04:58:51 30884 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47144 4900 00:00:01 6-04:58:50 30885 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47080 5060 00:00:02 6-04:58:50 30886 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 10320 1324 00:00:02 6-04:58:50 30887 dovecot/anvil 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 10452 1520 00:00:03 6-04:58:50 30888 dovecot/log 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47240 5120 00:00:02 6-04:58:50 30889 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47120 5040 00:00:02 6-04:58:50 30890 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 18096 5180 00:00:08 6-04:58:50 30891 dovecot/config 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 13568 1536 00:00:03 6-04:58:50 30892 dovecot/stats 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89016 12476 00:00:21 6-04:58:50 30922 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 8:memory:/system.slice,6:devices:/system.slice/pure-authd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-authd.service root 152776 2036 00:00:01 6-04:58:50 30941 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth 8:memory:/system.slice,6:devices:/system.slice/pure-ftpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-ftpd.service root 153400 3136 00:00:02 6-04:58:50 30942 pure-ftpd (SERVER) 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 153220 11592 00:04:53 8-06:16:48 31021 cPhulkd - dbprocessor 8:memory:/system.slice,6:devices:/system.slice/p0f.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 9960 3412 00:35:28 8-06:16:48 31034 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 8:memory:/system.slice,6:devices:/system.slice/nscd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/nscd.service nscd 1873132 2984 00:02:43 8-06:16:48 31053 /usr/sbin/nscd 8:memory:/system.slice,6:devices:/system.slice/cpanellogd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanellogd.service root 130412 2788 00:00:05 8-06:16:48 31054 cpanellogd - sleeping for logs 8:memory:/system.slice,6:devices:/system.slice/cpanel_php_fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel_php_fpm.service root 298732 5840 00:00:44 8-06:16:45 31127 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 608600 20132 00:52:50 191-06:15:42 31387 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/qemu-guest-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 348 00:00:00 191-06:14:42 31521 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 8:memory:/system.slice,6:devices:/system.slice/chronyd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/chronyd.service chrony 121048 1272 00:00:38 191-06:14:41 31540 /usr/sbin/chronyd 8:memory:/system.slice,6:devices:/system.slice/xinetd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/xinetd.service root 27380 248 00:00:00 191-06:14:40 31609 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 8:memory:/system.slice,6:devices:/system.slice/system-serial\x2dgetty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 112 00:00:00 191-06:14:40 31640 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 8:memory:/system.slice,6:devices:/system.slice/smartd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/smartd.service root 52852 924 00:00:02 191-06:14:40 31655 /usr/sbin/smartd -n -q never 8:memory:/system.slice,6:devices:/system.slice/memcached.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/memcached.service memcached 80044 612 00:13:52 191-06:14:40 31670 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 8:memory:/system.slice,6:devices:/system.slice/atd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/atd.service root 24208 208 00:00:00 191-06:14:40 31690 /usr/sbin/atd -f 8:memory:/system.slice,6:devices:/system.slice/systemd-logind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-logind.service root 25228 1836 00:27:32 191-06:14:40 31705 /usr/lib/systemd/systemd-logind 8:memory:/system.slice,6:devices:/system.slice/mariadb.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/mariadb.service mysql 3881328 663944 1-07:52:02 191-06:14:38 31762 /usr/sbin/mysqld 8:memory:/system.slice,6:devices:/system.slice/system-getty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 112 00:00:00 191-06:14:37 31810 /sbin/agetty --noclear tty1 linux 8:memory:/system.slice,6:devices:/system.slice/rsyslog.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rsyslog.service root 539148 16208 00:59:46 191-06:14:37 31840 /usr/sbin/rsyslogd -n 8:memory:/system.slice,6:devices:/system.slice/systemd-udevd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-udevd.service root 43532 416 00:00:00 191-06:14:34 31961 /usr/lib/systemd/systemd-udevd 8:memory:/system.slice,6:devices:/system.slice/systemd-journald.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-journald.service root 64800 24780 01:31:01 191-06:14:34 31976 /usr/lib/systemd/systemd-journald 8:memory:/system.slice,6:devices:/system.slice/rpcbind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rpcbind.service rpc 69320 1052 00:00:50 191-06:14:34 31993 /sbin/rpcbind -w 8:memory:/system.slice,6:devices:/system.slice/acpid.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/acpid.service root 4388 140 00:00:00 191-06:14:34 32009 /usr/sbin/acpid 8:memory:/system.slice,6:devices:/system.slice/crond.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/crond.service root 124504 1084 00:02:57 191-06:14:34 32032 /usr/sbin/crond -n 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 1364 00:23:09 191-06:14:33 32045 /usr/sbin/sshd -D - root 0 0 00:00:03 1-12:55:29 32076 [kworker/5:1] 8:memory:/system.slice,6:devices:/system.slice/polkit.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/polkit.service polkitd 610540 9080 00:18:50 191-06:14:33 32131 /usr/lib/polkit-1/polkitd --no-debug 8:memory:/system.slice,6:devices:/system.slice/irqbalance.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/irqbalance.service root 21540 508 00:22:14 191-06:14:32 32156 /usr/sbin/irqbalance --foreground Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2024-12-20 00:35 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadfb958a949Found public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-fs-nfsd.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled var-lib-nfs-rpc_pipefs.mount static brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2745.scope static acpid.service enabled aibolit-resident.service enabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled auth-rpcgss-module.service static autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled gssproxy.service disabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-blkmap.service disabled nfs-config.service static nfs-idmap.service static nfs-idmapd.service static nfs-lock.service static nfs-mountd.service static nfs-rquotad.service disabled nfs-secure.service static nfs-server.service disabled nfs-utils.service static nfs.service disabled nfslock.service static nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-gssd.service static rpc-rquotad.service disabled rpc-statd-notify.service static rpc-statd.service static rpcbind.service enabled rpcgssd.service static rpcidmapd.service static rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nfs-client.target enabled nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpc_pipefs.target static rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 322 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-fs-nfsd.mount loaded inactive dead NFSD configuration filesystem proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-lib-nfs-rpc_pipefs.mount loaded inactive dead RPC Pipe File System var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service auth-rpcgss-module.service loaded inactive dead Kernel Module supporting RPCSEC_GSS * check_mk@104625-103.179.190.34:6556-194.165.16.76:65294.service loaded failed failed Check_MK * check_mk@120978-103.179.190.34:6556-194.165.16.76:65441.service loaded failed failed Check_MK * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK * check_mk@172347-103.179.190.35:6556-45.227.254.48:65517.service loaded failed failed Check_MK * check_mk@197230-103.179.190.34:6556-167.94.138.124:40940.service loaded failed failed Check_MK * check_mk@210696-103.179.190.35:6556-194.165.16.76:65106.service loaded failed failed Check_MK * check_mk@228110-103.179.190.35:6556-194.165.16.76:65495.service loaded failed failed Check_MK * check_mk@232223-103.179.190.35:6556-194.165.16.72:65253.service loaded failed failed Check_MK * check_mk@240753-103.179.190.35:6556-194.165.16.72:65204.service loaded failed failed Check_MK check_mk@273096-103.179.190.35:6556-209.38.208.202:40670.service loaded activating start start Check_MK (209.38.208.202:40670) * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK * check_mk@62547-103.179.190.34:6556-103.83.81.110:58694.service loaded failed failed Check_MK * check_mk@62548-103.179.190.35:6556-103.83.81.110:64910.service loaded failed failed Check_MK * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK * check_mk@81701-103.179.190.34:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@81702-103.179.190.35:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 gssproxy.service loaded inactive dead GSSAPI Proxy Daemon httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.39 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nfs-config.service loaded inactive dead Preprocess NFS configuration nfs-idmapd.service loaded inactive dead NFSv4 ID-name mapping service nfs-mountd.service loaded inactive dead NFS Mount Daemon * nfs-secure-server.service not-found inactive dead nfs-secure-server.service nfs-server.service loaded inactive dead NFS server and services nfs-utils.service loaded inactive dead NFS server and client services nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpc-gssd.service loaded inactive dead RPC security service for NFS client and server rpc-statd-notify.service loaded inactive dead Notify NFS peers of a restart rpc-statd.service loaded inactive dead NFS status monitor for NFSv2/3 locking. rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WP Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WP Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice Imunify-notifier.slice loaded active active Imunify-notifier.slice Imunify-Scan-aibolit.slice loaded inactive dead Imunify-Scan-aibolit.slice Imunify-Scan.slice loaded inactive dead Imunify-Scan.slice Imunify.slice loaded active active Imunify.slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nfs-client.target loaded inactive dead NFS client services nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpc_pipefs.target loaded inactive dead rpc_pipefs.target rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191516 3656 22:07:29 984-12:01:56 1 /usr/lib/systemd/systemd --system --deserialize 18 - root 0 0 00:00:07 984-12:01:56 2 [kthreadd] - root 0 0 00:00:00 984-12:01:56 4 [kworker/0:0H] - root 0 0 00:03:49 984-12:01:56 6 [ksoftirqd/0] - root 0 0 00:00:43 984-12:01:56 7 [migration/0] - root 0 0 00:00:00 984-12:01:56 8 [rcu_bh] - root 0 0 1-00:11:52 984-12:01:56 9 [rcu_sched] - root 0 0 00:00:00 984-12:01:56 10 [lru-add-drain] - root 0 0 00:06:20 984-12:01:56 11 [watchdog/0] - root 0 0 00:05:57 984-12:01:56 12 [watchdog/1] - root 0 0 00:08:57 984-12:01:56 13 [migration/1] - root 0 0 00:03:03 984-12:01:56 14 [ksoftirqd/1] - root 0 0 00:00:00 984-12:01:56 16 [kworker/1:0H] - root 0 0 00:05:33 984-12:01:56 17 [watchdog/2] - root 0 0 00:01:22 984-12:01:56 18 [migration/2] - root 0 0 00:02:33 984-12:01:56 19 [ksoftirqd/2] - root 0 0 00:00:00 984-12:01:56 21 [kworker/2:0H] - root 0 0 00:05:33 984-12:01:56 22 [watchdog/3] - root 0 0 00:01:02 984-12:01:56 23 [migration/3] - root 0 0 00:05:09 984-12:01:56 24 [ksoftirqd/3] - root 0 0 00:00:00 984-12:01:56 26 [kworker/3:0H] - root 0 0 00:05:19 984-12:01:56 27 [watchdog/4] - root 0 0 00:04:49 984-12:01:56 28 [migration/4] - root 0 0 00:06:28 984-12:01:56 29 [ksoftirqd/4] - root 0 0 00:00:00 984-12:01:56 31 [kworker/4:0H] - root 0 0 00:06:34 984-12:01:56 32 [watchdog/5] - root 0 0 00:01:24 984-12:01:56 33 [migration/5] - root 0 0 00:38:18 984-12:01:56 34 [ksoftirqd/5] - root 0 0 00:00:00 984-12:01:56 36 [kworker/5:0H] - root 0 0 00:00:00 984-12:01:56 38 [kdevtmpfs] - root 0 0 00:00:00 984-12:01:56 39 [netns] - root 0 0 00:00:43 984-12:01:56 40 [khungtaskd] - root 0 0 00:00:00 984-12:01:56 41 [writeback] - root 0 0 00:00:00 984-12:01:56 42 [kintegrityd] - root 0 0 00:00:00 984-12:01:56 43 [bioset] - root 0 0 00:00:00 984-12:01:56 44 [bioset] - root 0 0 00:00:00 984-12:01:56 45 [bioset] - root 0 0 00:00:00 984-12:01:56 46 [kblockd] - root 0 0 00:00:00 984-12:01:56 47 [md] - root 0 0 00:00:00 984-12:01:56 48 [edac-poller] - root 0 0 00:00:00 984-12:01:56 49 [watchdogd] - root 0 0 00:31:45 984-12:01:56 55 [kswapd0] - root 0 0 00:00:00 984-12:01:56 56 [ksmd] - root 0 0 00:03:03 984-12:01:56 57 [khugepaged] - root 0 0 00:00:00 984-12:01:56 58 [crypto] - root 0 0 00:00:00 984-12:01:56 66 [kthrotld] - root 0 0 00:00:00 984-12:01:56 68 [kmpath_rdacd] - root 0 0 00:00:00 984-12:01:56 69 [kaluad] - root 0 0 00:00:00 984-12:01:56 70 [kpsmoused] - root 0 0 00:00:00 984-12:01:55 72 [ipv6_addrconf] - root 0 0 00:00:00 984-12:01:55 86 [deferwq] - root 0 0 00:56:53 984-12:01:55 197 [kauditd] - root 0 0 00:00:00 984-12:01:55 262 [ata_sff] - root 0 0 00:00:00 984-12:01:55 276 [ttm_swap] - root 0 0 00:00:00 984-12:01:55 280 [scsi_eh_0] - root 0 0 00:00:00 984-12:01:55 281 [scsi_tmf_0] - root 0 0 00:00:00 984-12:01:55 282 [scsi_eh_1] - root 0 0 00:00:00 984-12:01:55 283 [scsi_tmf_1] - root 0 0 00:17:07 984-12:01:55 289 [kworker/3:1H] - root 0 0 00:29:06 984-12:01:55 294 [kworker/0:1H] - root 0 0 00:16:59 984-12:01:55 301 [kworker/4:1H] - root 0 0 03:48:12 984-12:01:55 302 [jbd2/vda1-8] - root 0 0 00:00:00 984-12:01:55 303 [ext4-rsv-conver] - root 0 0 00:02:23 984-12:01:55 309 [kworker/2:1H] - root 0 0 00:18:12 984-12:01:54 372 [kworker/5:1H] - root 0 0 00:04:01 984-12:01:54 374 [kworker/1:1H] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236900 14104 00:00:00 02:19:28 456 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/auditd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/auditd.service root 55532 732 02:04:54 984-12:01:53 458 /sbin/auditd 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 241224 15000 00:00:00 02:18:39 540 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237080 14384 00:00:00 02:18:38 541 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236912 14200 00:00:00 02:18:38 542 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236976 13988 00:00:00 02:18:37 543 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237020 14076 00:00:00 02:18:37 544 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 241116 14944 00:00:00 02:18:37 545 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237000 14296 00:00:00 02:18:37 546 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/dbus.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dbus.service dbus 58296 1412 05:05:44 984-12:01:53 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation - root 0 0 00:22:56 984-12:01:52 671 [loop0] - root 0 0 00:08:56 984-12:01:52 672 [jbd2/loop0-8] - root 0 0 00:00:00 984-12:01:52 673 [ext4-rsv-conver] 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1440 00:00:00 983-10:01:58 1006 nano pdns.conf 8:memory:/system.slice,6:devices:/system.slice/dnsadmin.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dnsadmin.service root 167448 4264 00:43:06 984-12:01:41 1491 dnsadmin - dormant mode 8:memory:/system.slice,6:devices:/system.slice/cpdavd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpdavd.service root 183896 6680 01:29:38 984-12:01:41 1494 cpdavd - accepting connections on: 2091, 2077, 2078 (dormant) 8:memory:/system.slice,6:devices:/system.slice/tailwatchd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/tailwatchd.service root 212484 22664 02:17:08 984-12:01:41 1495 tailwatchd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 190324 12504 05:11:52 984-12:01:41 1497 cPhulkd - processor 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257612 126256 00:00:11 07:29:27 3500 /usr/local/cpanel/3rdparty/perl/536/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 258920 123724 00:00:08 07:14:50 4672 spamd child 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257612 121988 00:00:00 07:14:50 4673 spamd child - root 0 0 00:00:01 1-02:13:49 5274 [kworker/3:1] 8:memory:/system.slice,6:devices:/system.slice/sw-engine.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sw-engine.service root 443168 11664 00:03:54 179-06:34:32 6136 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-background-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 402256 34572 02:16:12 179-06:34:28 6219 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 385704 18500 00:04:06 179-06:34:28 6223 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php - root 0 0 00:00:00 01:08:49 6624 [kworker/2:1] - root 0 0 00:00:00 48:50 8444 [kworker/3:2] - root 0 0 00:00:00 48:50 8451 [kworker/0:2] 8:memory:/system.slice,6:devices:/system.slice/cpanel.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel.service root 255736 29076 07:07:31 950-02:38:25 8935 cpsrvd (SSL) - waiting for connections - root 0 0 00:00:00 38:50 9285 [kworker/4:2] - root 0 0 00:00:00 18:50 10612 [kworker/1:2] - root 0 0 00:00:00 17:42 10705 [kworker/5:2] 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 41196 2920 00:00:00 02:54 11803 dovecot/auth 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 60816 4492 00:00:00 01:12 11921 dovecot/lmtp 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89440 8664 00:00:00 00:14 12103 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid - root 0 0 00:00:28 1-18:17:46 12127 [kworker/1:1] 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@273096-103.179.190.35:6556-209.38.208.202:40670.service root 113416 1592 00:00:00 00:00 12244 /bin/bash /usr/bin/check_mk_agent 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@273096-103.179.190.35:6556-209.38.208.202:40670.service root 49820 1560 00:00:00 00:00 12267 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 8:memory:/system.slice,6:devices:/system.slice/pdns.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pdns.service named 851208 52160 00:14:57 90-07:29:53 12713 /usr/sbin/pdns_server --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no - root 0 0 00:00:00 05:45:36 13611 [kworker/4:0] - root 0 0 00:00:00 04:48:50 20403 [kworker/0:1] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 804 00:00:00 183-07:29:24 20921 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1564 01:00:14 183-07:29:24 20922 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1384 00:00:01 183-07:29:24 20923 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1356 00:00:01 183-07:29:24 20924 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1384 00:00:01 183-07:29:24 20925 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1220 00:22:11 183-07:29:24 20926 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237192 14676 00:00:00 04:35:58 21611 /usr/sbin/httpd -k start - root 0 0 00:00:00 10:05:54 23250 [kworker/u12:2] - root 0 0 00:00:02 1-04:18:49 27537 [kworker/2:0] - root 0 0 00:00:00 08:58:29 28128 [kworker/u12:0] 8:memory:/system.slice,6:devices:/system.slice/queueprocd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/queueprocd.service root 224744 15432 00:01:09 6-07:30:29 30637 queueprocd - waiting up to 60s to process a task 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 230604 9548 00:00:38 4-06:12:12 30870 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12760 1372 00:00:12 4-06:12:12 30871 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12764 1384 00:00:10 4-06:12:12 30872 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 53340 11864 00:00:00 4-06:12:12 30873 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 51564 2448 00:00:06 4-06:12:12 30884 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 46992 4904 00:00:01 4-06:12:11 30885 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47008 4972 00:00:01 4-06:12:11 30886 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 10320 1324 00:00:01 4-06:12:11 30887 dovecot/anvil 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 10452 1520 00:00:02 4-06:12:11 30888 dovecot/log 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47240 5124 00:00:01 4-06:12:11 30889 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47120 5044 00:00:02 4-06:12:11 30890 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 18096 5180 00:00:05 4-06:12:11 30891 dovecot/config 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 13568 1536 00:00:02 4-06:12:11 30892 dovecot/stats 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89016 12480 00:00:14 4-06:12:11 30922 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 8:memory:/system.slice,6:devices:/system.slice/pure-authd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-authd.service root 152776 2036 00:00:01 4-06:12:11 30941 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth 8:memory:/system.slice,6:devices:/system.slice/pure-ftpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-ftpd.service root 153400 3136 00:00:01 4-06:12:11 30942 pure-ftpd (SERVER) 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 153088 11536 00:03:54 6-07:30:09 31021 cPhulkd - dbprocessor 8:memory:/system.slice,6:devices:/system.slice/p0f.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 9924 3260 00:27:23 6-07:30:09 31034 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 8:memory:/system.slice,6:devices:/system.slice/nscd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/nscd.service nscd 1873132 2984 00:02:06 6-07:30:09 31053 /usr/sbin/nscd 8:memory:/system.slice,6:devices:/system.slice/cpanellogd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanellogd.service root 130412 2788 00:00:04 6-07:30:09 31054 cpanellogd - sleeping for logs 8:memory:/system.slice,6:devices:/system.slice/cpanel_php_fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel_php_fpm.service root 298732 5840 00:00:33 6-07:30:06 31127 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 608600 20168 00:52:08 189-07:29:03 31387 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/qemu-guest-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 348 00:00:00 189-07:28:03 31521 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 8:memory:/system.slice,6:devices:/system.slice/chronyd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/chronyd.service chrony 121048 1272 00:00:37 189-07:28:02 31540 /usr/sbin/chronyd 8:memory:/system.slice,6:devices:/system.slice/xinetd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/xinetd.service root 27380 248 00:00:00 189-07:28:01 31609 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 8:memory:/system.slice,6:devices:/system.slice/system-serial\x2dgetty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 112 00:00:00 189-07:28:01 31640 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 8:memory:/system.slice,6:devices:/system.slice/smartd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/smartd.service root 52852 924 00:00:02 189-07:28:01 31655 /usr/sbin/smartd -n -q never 8:memory:/system.slice,6:devices:/system.slice/memcached.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/memcached.service memcached 80044 612 00:13:42 189-07:28:01 31670 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 8:memory:/system.slice,6:devices:/system.slice/atd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/atd.service root 24208 208 00:00:00 189-07:28:01 31690 /usr/sbin/atd -f 8:memory:/system.slice,6:devices:/system.slice/systemd-logind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-logind.service root 25228 1836 00:27:14 189-07:28:01 31705 /usr/lib/systemd/systemd-logind 8:memory:/system.slice,6:devices:/system.slice/mariadb.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/mariadb.service mysql 3881328 661560 1-07:26:14 189-07:27:59 31762 /usr/sbin/mysqld 8:memory:/system.slice,6:devices:/system.slice/system-getty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 112 00:00:00 189-07:27:58 31810 /sbin/agetty --noclear tty1 linux 8:memory:/system.slice,6:devices:/system.slice/rsyslog.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rsyslog.service root 531908 14604 00:59:06 189-07:27:58 31840 /usr/sbin/rsyslogd -n 8:memory:/system.slice,6:devices:/system.slice/systemd-udevd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-udevd.service root 43532 416 00:00:00 189-07:27:55 31961 /usr/lib/systemd/systemd-udevd 8:memory:/system.slice,6:devices:/system.slice/systemd-journald.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-journald.service root 56572 20580 01:29:59 189-07:27:55 31976 /usr/lib/systemd/systemd-journald 8:memory:/system.slice,6:devices:/system.slice/rpcbind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rpcbind.service rpc 69320 1052 00:00:49 189-07:27:55 31993 /sbin/rpcbind -w 8:memory:/system.slice,6:devices:/system.slice/acpid.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/acpid.service root 4388 140 00:00:00 189-07:27:55 32009 /usr/sbin/acpid 8:memory:/system.slice,6:devices:/system.slice/crond.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/crond.service root 124504 1084 00:02:55 189-07:27:55 32032 /usr/sbin/crond -n 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 1364 00:22:54 189-07:27:54 32045 /usr/sbin/sshd -D 8:memory:/system.slice,6:devices:/system.slice/polkit.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/polkit.service polkitd 610540 9080 00:18:38 189-07:27:54 32131 /usr/lib/polkit-1/polkitd --no-debug 8:memory:/system.slice,6:devices:/system.slice/irqbalance.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/irqbalance.service root 21540 508 00:21:59 189-07:27:53 32156 /usr/sbin/irqbalance --foreground - root 0 0 00:00:01 14:28:49 32584 [kworker/5:1] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237020 14216 00:00:00 02:22:49 32702 /usr/sbin/httpd -k start Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2024-12-18 01:48 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadff052fff2Found public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-fs-nfsd.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled var-lib-nfs-rpc_pipefs.mount static brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2745.scope static acpid.service enabled aibolit-resident.service enabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled auth-rpcgss-module.service static autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled gssproxy.service disabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-blkmap.service disabled nfs-config.service static nfs-idmap.service static nfs-idmapd.service static nfs-lock.service static nfs-mountd.service static nfs-rquotad.service disabled nfs-secure.service static nfs-server.service disabled nfs-utils.service static nfs.service disabled nfslock.service static nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-gssd.service static rpc-rquotad.service disabled rpc-statd-notify.service static rpc-statd.service static rpcbind.service enabled rpcgssd.service static rpcidmapd.service static rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nfs-client.target enabled nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpc_pipefs.target static rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 322 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-fs-nfsd.mount loaded inactive dead NFSD configuration filesystem proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-lib-nfs-rpc_pipefs.mount loaded inactive dead RPC Pipe File System var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service auth-rpcgss-module.service loaded inactive dead Kernel Module supporting RPCSEC_GSS * check_mk@104625-103.179.190.34:6556-194.165.16.76:65294.service loaded failed failed Check_MK * check_mk@120978-103.179.190.34:6556-194.165.16.76:65441.service loaded failed failed Check_MK * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK * check_mk@172347-103.179.190.35:6556-45.227.254.48:65517.service loaded failed failed Check_MK * check_mk@197230-103.179.190.34:6556-167.94.138.124:40940.service loaded failed failed Check_MK * check_mk@210696-103.179.190.35:6556-194.165.16.76:65106.service loaded failed failed Check_MK * check_mk@228110-103.179.190.35:6556-194.165.16.76:65495.service loaded failed failed Check_MK * check_mk@232223-103.179.190.35:6556-194.165.16.72:65253.service loaded failed failed Check_MK * check_mk@240753-103.179.190.35:6556-194.165.16.72:65204.service loaded failed failed Check_MK check_mk@272330-103.179.190.35:6556-188.166.108.93:53544.service loaded activating start start Check_MK (188.166.108.93:53544) * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK * check_mk@62547-103.179.190.34:6556-103.83.81.110:58694.service loaded failed failed Check_MK * check_mk@62548-103.179.190.35:6556-103.83.81.110:64910.service loaded failed failed Check_MK * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK * check_mk@81701-103.179.190.34:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@81702-103.179.190.35:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 gssproxy.service loaded inactive dead GSSAPI Proxy Daemon httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.39 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nfs-config.service loaded inactive dead Preprocess NFS configuration nfs-idmapd.service loaded inactive dead NFSv4 ID-name mapping service nfs-mountd.service loaded inactive dead NFS Mount Daemon * nfs-secure-server.service not-found inactive dead nfs-secure-server.service nfs-server.service loaded inactive dead NFS server and services nfs-utils.service loaded inactive dead NFS server and client services nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpc-gssd.service loaded inactive dead RPC security service for NFS client and server rpc-statd-notify.service loaded inactive dead Notify NFS peers of a restart rpc-statd.service loaded inactive dead NFS status monitor for NFSv2/3 locking. rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WP Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WP Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice Imunify-notifier.slice loaded active active Imunify-notifier.slice Imunify-Scan-aibolit.slice loaded inactive dead Imunify-Scan-aibolit.slice Imunify-Scan.slice loaded inactive dead Imunify-Scan.slice Imunify.slice loaded active active Imunify.slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nfs-client.target loaded inactive dead NFS client services nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpc_pipefs.target loaded inactive dead rpc_pipefs.target rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191516 3656 22:04:05 982-10:07:10 1 /usr/lib/systemd/systemd --system --deserialize 18 - root 0 0 00:00:07 982-10:07:10 2 [kthreadd] - root 0 0 00:00:00 982-10:07:10 4 [kworker/0:0H] - root 0 0 00:03:48 982-10:07:10 6 [ksoftirqd/0] - root 0 0 00:00:43 982-10:07:10 7 [migration/0] - root 0 0 00:00:00 982-10:07:10 8 [rcu_bh] - root 0 0 1-00:08:00 982-10:07:10 9 [rcu_sched] - root 0 0 00:00:00 982-10:07:10 10 [lru-add-drain] - root 0 0 00:06:19 982-10:07:10 11 [watchdog/0] - root 0 0 00:05:56 982-10:07:10 12 [watchdog/1] - root 0 0 00:08:56 982-10:07:10 13 [migration/1] - root 0 0 00:03:03 982-10:07:10 14 [ksoftirqd/1] - root 0 0 00:00:00 982-10:07:10 16 [kworker/1:0H] - root 0 0 00:05:33 982-10:07:10 17 [watchdog/2] - root 0 0 00:01:22 982-10:07:10 18 [migration/2] - root 0 0 00:02:33 982-10:07:10 19 [ksoftirqd/2] - root 0 0 00:00:00 982-10:07:10 21 [kworker/2:0H] - root 0 0 00:05:32 982-10:07:10 22 [watchdog/3] - root 0 0 00:01:02 982-10:07:10 23 [migration/3] - root 0 0 00:05:08 982-10:07:10 24 [ksoftirqd/3] - root 0 0 00:00:00 982-10:07:10 26 [kworker/3:0H] - root 0 0 00:05:18 982-10:07:10 27 [watchdog/4] - root 0 0 00:04:49 982-10:07:10 28 [migration/4] - root 0 0 00:06:27 982-10:07:10 29 [ksoftirqd/4] - root 0 0 00:00:00 982-10:07:10 31 [kworker/4:0H] - root 0 0 00:06:33 982-10:07:10 32 [watchdog/5] - root 0 0 00:01:24 982-10:07:10 33 [migration/5] - root 0 0 00:38:14 982-10:07:10 34 [ksoftirqd/5] - root 0 0 00:00:00 982-10:07:10 36 [kworker/5:0H] - root 0 0 00:00:00 982-10:07:10 38 [kdevtmpfs] - root 0 0 00:00:00 982-10:07:10 39 [netns] - root 0 0 00:00:43 982-10:07:10 40 [khungtaskd] - root 0 0 00:00:00 982-10:07:10 41 [writeback] - root 0 0 00:00:00 982-10:07:10 42 [kintegrityd] - root 0 0 00:00:00 982-10:07:10 43 [bioset] - root 0 0 00:00:00 982-10:07:10 44 [bioset] - root 0 0 00:00:00 982-10:07:10 45 [bioset] - root 0 0 00:00:00 982-10:07:10 46 [kblockd] - root 0 0 00:00:00 982-10:07:10 47 [md] - root 0 0 00:00:00 982-10:07:10 48 [edac-poller] - root 0 0 00:00:00 982-10:07:10 49 [watchdogd] - root 0 0 00:31:45 982-10:07:10 55 [kswapd0] - root 0 0 00:00:00 982-10:07:10 56 [ksmd] - root 0 0 00:03:03 982-10:07:10 57 [khugepaged] - root 0 0 00:00:00 982-10:07:10 58 [crypto] - root 0 0 00:00:00 982-10:07:10 66 [kthrotld] - root 0 0 00:00:00 982-10:07:10 68 [kmpath_rdacd] - root 0 0 00:00:00 982-10:07:10 69 [kaluad] - root 0 0 00:00:00 982-10:07:10 70 [kpsmoused] - root 0 0 00:00:00 982-10:07:09 72 [ipv6_addrconf] - root 0 0 00:00:00 982-10:07:09 86 [deferwq] - root 0 0 00:56:44 982-10:07:09 197 [kauditd] - root 0 0 00:00:00 982-10:07:09 262 [ata_sff] - root 0 0 00:00:00 982-10:07:09 276 [ttm_swap] - root 0 0 00:00:00 982-10:07:09 280 [scsi_eh_0] - root 0 0 00:00:00 982-10:07:09 281 [scsi_tmf_0] - root 0 0 00:00:00 982-10:07:09 282 [scsi_eh_1] - root 0 0 00:00:00 982-10:07:09 283 [scsi_tmf_1] - root 0 0 00:17:05 982-10:07:09 289 [kworker/3:1H] - root 0 0 00:29:02 982-10:07:09 294 [kworker/0:1H] - root 0 0 00:16:57 982-10:07:09 301 [kworker/4:1H] - root 0 0 03:47:37 982-10:07:09 302 [jbd2/vda1-8] - root 0 0 00:00:00 982-10:07:09 303 [ext4-rsv-conver] - root 0 0 00:02:23 982-10:07:09 309 [kworker/2:1H] - root 0 0 00:18:09 982-10:07:08 372 [kworker/5:1H] - root 0 0 00:04:00 982-10:07:08 374 [kworker/1:1H] 8:memory:/system.slice,6:devices:/system.slice/auditd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/auditd.service root 55532 732 02:04:35 982-10:07:07 458 /sbin/auditd 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 41196 2924 00:00:00 02:08 503 dovecot/auth 8:memory:/system.slice,6:devices:/system.slice/dbus.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dbus.service dbus 58296 1412 05:05:02 982-10:07:07 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation - root 0 0 00:22:51 982-10:07:06 671 [loop0] - root 0 0 00:08:54 982-10:07:06 672 [jbd2/loop0-8] - root 0 0 00:00:00 982-10:07:06 673 [ext4-rsv-conver] 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89440 8664 00:00:00 00:01 804 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@272330-103.179.190.35:6556-188.166.108.93:53544.service root 113416 1588 00:00:00 00:00 862 /bin/bash /usr/bin/check_mk_agent 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@272330-103.179.190.35:6556-188.166.108.93:53544.service root 49820 1564 00:00:00 00:00 885 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1440 00:00:00 981-08:07:12 1006 nano pdns.conf 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237064 14748 00:00:00 05:48:03 1070 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/dnsadmin.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dnsadmin.service root 167448 4264 00:42:59 982-10:06:55 1491 dnsadmin - dormant mode 8:memory:/system.slice,6:devices:/system.slice/cpdavd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpdavd.service root 183896 6680 01:29:24 982-10:06:55 1494 cpdavd - accepting connections on: 2091, 2077, 2078 (dormant) 8:memory:/system.slice,6:devices:/system.slice/tailwatchd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/tailwatchd.service root 212352 22504 02:16:53 982-10:06:55 1495 tailwatchd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 190324 12504 05:11:08 982-10:06:55 1497 cPhulkd - processor 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257664 126284 00:00:09 05:34:48 2646 /usr/local/cpanel/3rdparty/perl/536/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 258972 123748 00:00:06 05:20:01 3634 spamd child 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257664 122032 00:00:00 05:20:01 3635 spamd child - root 0 0 00:00:02 1-01:27:16 3922 [kworker/2:0] 8:memory:/system.slice,6:devices:/system.slice/sw-engine.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sw-engine.service root 443168 11664 00:03:51 177-04:39:46 6136 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-background-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 402256 34572 02:14:27 177-04:39:42 6219 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 385704 18500 00:04:03 177-04:39:42 6223 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237120 14588 00:00:00 04:18:55 7856 /usr/sbin/httpd -k start - root 0 0 00:00:01 17:24:03 8274 [kworker/5:0] 8:memory:/system.slice,6:devices:/system.slice/cpanel.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel.service root 168356 4904 07:06:05 948-00:43:39 8935 cpsrvd (SSL) - dormant mode - accepting connections - root 0 0 00:00:00 03:56:21 10358 [kworker/u12:0] 8:memory:/system.slice,6:devices:/system.slice/pdns.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pdns.service named 851208 52160 00:14:34 88-05:35:07 12713 /usr/sbin/pdns_server --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237116 14396 00:00:00 03:01:37 17655 /usr/sbin/httpd -k start - root 0 0 00:00:00 02:40:10 19224 [kworker/u12:1] - root 0 0 00:00:00 02:23:03 20747 [kworker/5:1] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236876 14348 00:00:00 02:22:14 20781 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 804 00:00:00 181-05:34:38 20921 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1564 00:59:29 181-05:34:38 20922 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1384 00:00:01 181-05:34:38 20923 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1356 00:00:01 181-05:34:38 20924 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1384 00:00:01 181-05:34:38 20925 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1220 00:21:54 181-05:34:38 20926 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236876 14176 00:00:00 02:20:32 20993 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236876 14068 00:00:00 02:20:23 20994 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237080 14444 00:00:00 02:20:12 20996 /usr/sbin/httpd -k start - root 0 0 00:00:09 14:34:03 21931 [kworker/1:1] - root 0 0 00:00:00 07:53:03 22521 [kworker/3:2] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236996 14088 00:00:00 01:55:45 23622 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237088 14408 00:00:00 01:55:30 23628 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236928 14064 00:00:00 01:53:54 23776 /usr/sbin/httpd -k start - root 0 0 00:00:00 01:44:03 24556 [kworker/3:0] - root 0 0 00:00:00 01:34:03 25231 [kworker/4:0] - root 0 0 00:00:02 13:53:02 25513 [kworker/0:0] - root 0 0 00:00:00 01:04:03 27727 [kworker/4:1] - root 0 0 00:00:00 54:03 28446 [kworker/1:2] 8:memory:/system.slice,6:devices:/system.slice/queueprocd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/queueprocd.service root 224744 15432 00:00:45 4-05:35:43 30637 queueprocd - waiting up to 60s to process a task - root 0 0 00:00:00 24:03 30856 [kworker/2:2] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 230604 9548 00:00:16 2-04:17:26 30870 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12744 1372 00:00:04 2-04:17:26 30871 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12752 1384 00:00:03 2-04:17:26 30872 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 53340 11864 00:00:00 2-04:17:26 30873 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 51564 2444 00:00:03 2-04:17:26 30884 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 46904 4576 00:00:00 2-04:17:25 30885 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 46912 4576 00:00:00 2-04:17:25 30886 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 10320 1328 00:00:00 2-04:17:25 30887 dovecot/anvil 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 10452 1524 00:00:01 2-04:17:25 30888 dovecot/log 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47044 4836 00:00:00 2-04:17:25 30889 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47056 4832 00:00:01 2-04:17:25 30890 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 18096 5224 00:00:03 2-04:17:25 30891 dovecot/config 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 13568 1564 00:00:01 2-04:17:25 30892 dovecot/stats 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89016 12480 00:00:07 2-04:17:25 30922 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 8:memory:/system.slice,6:devices:/system.slice/pure-authd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-authd.service root 152776 2040 00:00:00 2-04:17:25 30941 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth 8:memory:/system.slice,6:devices:/system.slice/pure-ftpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-ftpd.service root 153400 3140 00:00:00 2-04:17:25 30942 pure-ftpd (SERVER) 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 153088 11536 00:02:41 4-05:35:23 31021 cPhulkd - dbprocessor 8:memory:/system.slice,6:devices:/system.slice/p0f.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 9924 3260 00:18:45 4-05:35:23 31034 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 8:memory:/system.slice,6:devices:/system.slice/nscd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/nscd.service nscd 1873132 2956 00:01:25 4-05:35:23 31053 /usr/sbin/nscd 8:memory:/system.slice,6:devices:/system.slice/cpanellogd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanellogd.service root 130412 2788 00:00:02 4-05:35:23 31054 cpanellogd - sleeping for logs 8:memory:/system.slice,6:devices:/system.slice/cpanel_php_fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel_php_fpm.service root 298732 5840 00:00:22 4-05:35:20 31127 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 608600 20176 00:51:27 187-05:34:17 31387 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/qemu-guest-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 348 00:00:00 187-05:33:17 31521 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 8:memory:/system.slice,6:devices:/system.slice/chronyd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/chronyd.service chrony 121048 1260 00:00:37 187-05:33:16 31540 /usr/sbin/chronyd 8:memory:/system.slice,6:devices:/system.slice/xinetd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/xinetd.service root 27380 248 00:00:00 187-05:33:15 31609 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 8:memory:/system.slice,6:devices:/system.slice/system-serial\x2dgetty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 112 00:00:00 187-05:33:15 31640 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 8:memory:/system.slice,6:devices:/system.slice/smartd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/smartd.service root 52852 924 00:00:02 187-05:33:15 31655 /usr/sbin/smartd -n -q never 8:memory:/system.slice,6:devices:/system.slice/memcached.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/memcached.service memcached 80044 612 00:13:32 187-05:33:15 31670 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 8:memory:/system.slice,6:devices:/system.slice/atd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/atd.service root 24208 208 00:00:00 187-05:33:15 31690 /usr/sbin/atd -f 8:memory:/system.slice,6:devices:/system.slice/systemd-logind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-logind.service root 25228 1836 00:26:54 187-05:33:15 31705 /usr/lib/systemd/systemd-logind 8:memory:/system.slice,6:devices:/system.slice/mariadb.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/mariadb.service mysql 3881328 659984 1-07:01:01 187-05:33:13 31762 /usr/sbin/mysqld 8:memory:/system.slice,6:devices:/system.slice/system-getty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 112 00:00:00 187-05:33:12 31810 /sbin/agetty --noclear tty1 linux 8:memory:/system.slice,6:devices:/system.slice/rsyslog.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rsyslog.service root 525252 11120 00:58:19 187-05:33:12 31840 /usr/sbin/rsyslogd -n 8:memory:/system.slice,6:devices:/system.slice/systemd-udevd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-udevd.service root 43532 416 00:00:00 187-05:33:09 31961 /usr/lib/systemd/systemd-udevd 8:memory:/system.slice,6:devices:/system.slice/systemd-journald.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-journald.service root 48380 13664 01:28:44 187-05:33:09 31976 /usr/lib/systemd/systemd-journald - root 0 0 00:00:00 14:03 31979 [kworker/0:1] 8:memory:/system.slice,6:devices:/system.slice/rpcbind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rpcbind.service rpc 69320 1052 00:00:49 187-05:33:09 31993 /sbin/rpcbind -w 8:memory:/system.slice,6:devices:/system.slice/acpid.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/acpid.service root 4388 140 00:00:00 187-05:33:09 32009 /usr/sbin/acpid 8:memory:/system.slice,6:devices:/system.slice/crond.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/crond.service root 124504 1084 00:02:52 187-05:33:09 32032 /usr/sbin/crond -n 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 1364 00:22:35 187-05:33:08 32045 /usr/sbin/sshd -D 8:memory:/system.slice,6:devices:/system.slice/polkit.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/polkit.service polkitd 610540 9080 00:18:25 187-05:33:08 32131 /usr/lib/polkit-1/polkitd --no-debug 8:memory:/system.slice,6:devices:/system.slice/irqbalance.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/irqbalance.service root 21540 508 00:21:42 187-05:33:07 32156 /usr/sbin/irqbalance --foreground Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2024-12-15 23:54 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadf34d44820Found public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-fs-nfsd.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled var-lib-nfs-rpc_pipefs.mount static brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2745.scope static acpid.service enabled aibolit-resident.service enabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled auth-rpcgss-module.service static autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled gssproxy.service disabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-blkmap.service disabled nfs-config.service static nfs-idmap.service static nfs-idmapd.service static nfs-lock.service static nfs-mountd.service static nfs-rquotad.service disabled nfs-secure.service static nfs-server.service disabled nfs-utils.service static nfs.service disabled nfslock.service static nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-gssd.service static rpc-rquotad.service disabled rpc-statd-notify.service static rpc-statd.service static rpcbind.service enabled rpcgssd.service static rpcidmapd.service static rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nfs-client.target enabled nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpc_pipefs.target static rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 322 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-fs-nfsd.mount loaded inactive dead NFSD configuration filesystem proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-lib-nfs-rpc_pipefs.mount loaded inactive dead RPC Pipe File System var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service auth-rpcgss-module.service loaded inactive dead Kernel Module supporting RPCSEC_GSS * check_mk@104625-103.179.190.34:6556-194.165.16.76:65294.service loaded failed failed Check_MK * check_mk@120978-103.179.190.34:6556-194.165.16.76:65441.service loaded failed failed Check_MK * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK * check_mk@172347-103.179.190.35:6556-45.227.254.48:65517.service loaded failed failed Check_MK * check_mk@197230-103.179.190.34:6556-167.94.138.124:40940.service loaded failed failed Check_MK * check_mk@210696-103.179.190.35:6556-194.165.16.76:65106.service loaded failed failed Check_MK * check_mk@228110-103.179.190.35:6556-194.165.16.76:65495.service loaded failed failed Check_MK * check_mk@232223-103.179.190.35:6556-194.165.16.72:65253.service loaded failed failed Check_MK * check_mk@240753-103.179.190.35:6556-194.165.16.72:65204.service loaded failed failed Check_MK check_mk@271704-103.179.190.35:6556-159.89.12.166:49202.service loaded activating start start Check_MK (159.89.12.166:49202) * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK * check_mk@62547-103.179.190.34:6556-103.83.81.110:58694.service loaded failed failed Check_MK * check_mk@62548-103.179.190.35:6556-103.83.81.110:64910.service loaded failed failed Check_MK * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK * check_mk@81701-103.179.190.34:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@81702-103.179.190.35:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 gssproxy.service loaded inactive dead GSSAPI Proxy Daemon httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.39 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nfs-config.service loaded inactive dead Preprocess NFS configuration nfs-idmapd.service loaded inactive dead NFSv4 ID-name mapping service nfs-mountd.service loaded inactive dead NFS Mount Daemon * nfs-secure-server.service not-found inactive dead nfs-secure-server.service nfs-server.service loaded inactive dead NFS server and services nfs-utils.service loaded inactive dead NFS server and client services nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpc-gssd.service loaded inactive dead RPC security service for NFS client and server rpc-statd-notify.service loaded inactive dead Notify NFS peers of a restart rpc-statd.service loaded inactive dead NFS status monitor for NFSv2/3 locking. rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WP Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WP Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice Imunify-notifier.slice loaded active active Imunify-notifier.slice Imunify-Scan-aibolit.slice loaded inactive dead Imunify-Scan-aibolit.slice Imunify-Scan.slice loaded inactive dead Imunify-Scan.slice Imunify.slice loaded active active Imunify.slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nfs-client.target loaded inactive dead NFS client services nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpc_pipefs.target loaded inactive dead rpc_pipefs.target rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191516 3656 22:01:05 980-10:16:31 1 /usr/lib/systemd/systemd --system --deserialize 18 - root 0 0 00:00:07 980-10:16:31 2 [kthreadd] - root 0 0 00:00:00 980-10:16:31 4 [kworker/0:0H] - root 0 0 00:03:47 980-10:16:31 6 [ksoftirqd/0] - root 0 0 00:00:43 980-10:16:31 7 [migration/0] - root 0 0 00:00:00 980-10:16:31 8 [rcu_bh] - root 0 0 1-00:04:30 980-10:16:31 9 [rcu_sched] - root 0 0 00:00:00 980-10:16:31 10 [lru-add-drain] - root 0 0 00:06:19 980-10:16:31 11 [watchdog/0] - root 0 0 00:05:55 980-10:16:31 12 [watchdog/1] - root 0 0 00:08:55 980-10:16:31 13 [migration/1] - root 0 0 00:03:02 980-10:16:31 14 [ksoftirqd/1] - root 0 0 00:00:00 980-10:16:31 16 [kworker/1:0H] - root 0 0 00:05:32 980-10:16:31 17 [watchdog/2] - root 0 0 00:01:22 980-10:16:31 18 [migration/2] - root 0 0 00:02:33 980-10:16:31 19 [ksoftirqd/2] - root 0 0 00:00:00 980-10:16:31 21 [kworker/2:0H] - root 0 0 00:05:31 980-10:16:31 22 [watchdog/3] - root 0 0 00:01:02 980-10:16:31 23 [migration/3] - root 0 0 00:05:08 980-10:16:31 24 [ksoftirqd/3] - root 0 0 00:00:00 980-10:16:31 26 [kworker/3:0H] - root 0 0 00:05:18 980-10:16:31 27 [watchdog/4] - root 0 0 00:04:48 980-10:16:31 28 [migration/4] - root 0 0 00:06:27 980-10:16:31 29 [ksoftirqd/4] - root 0 0 00:00:00 980-10:16:31 31 [kworker/4:0H] - root 0 0 00:06:32 980-10:16:31 32 [watchdog/5] - root 0 0 00:01:24 980-10:16:31 33 [migration/5] - root 0 0 00:38:10 980-10:16:31 34 [ksoftirqd/5] - root 0 0 00:00:00 980-10:16:31 36 [kworker/5:0H] - root 0 0 00:00:00 980-10:16:31 38 [kdevtmpfs] - root 0 0 00:00:00 980-10:16:31 39 [netns] - root 0 0 00:00:43 980-10:16:31 40 [khungtaskd] - root 0 0 00:00:00 980-10:16:31 41 [writeback] - root 0 0 00:00:00 980-10:16:31 42 [kintegrityd] - root 0 0 00:00:00 980-10:16:31 43 [bioset] - root 0 0 00:00:00 980-10:16:31 44 [bioset] - root 0 0 00:00:00 980-10:16:31 45 [bioset] - root 0 0 00:00:00 980-10:16:31 46 [kblockd] - root 0 0 00:00:00 980-10:16:31 47 [md] - root 0 0 00:00:00 980-10:16:31 48 [edac-poller] - root 0 0 00:00:00 980-10:16:31 49 [watchdogd] - root 0 0 00:31:43 980-10:16:31 55 [kswapd0] - root 0 0 00:00:00 980-10:16:31 56 [ksmd] - root 0 0 00:03:03 980-10:16:31 57 [khugepaged] - root 0 0 00:00:00 980-10:16:31 58 [crypto] - root 0 0 00:00:00 980-10:16:31 66 [kthrotld] - root 0 0 00:00:00 980-10:16:31 68 [kmpath_rdacd] - root 0 0 00:00:00 980-10:16:31 69 [kaluad] - root 0 0 00:00:00 980-10:16:31 70 [kpsmoused] - root 0 0 00:00:00 980-10:16:30 72 [ipv6_addrconf] - root 0 0 00:00:00 980-10:16:30 86 [deferwq] - root 0 0 00:56:36 980-10:16:30 197 [kauditd] - root 0 0 00:00:00 980-10:16:30 262 [ata_sff] - root 0 0 00:00:00 980-10:16:30 276 [ttm_swap] - root 0 0 00:00:00 980-10:16:30 280 [scsi_eh_0] - root 0 0 00:00:00 980-10:16:30 281 [scsi_tmf_0] - root 0 0 00:00:00 980-10:16:30 282 [scsi_eh_1] - root 0 0 00:00:00 980-10:16:30 283 [scsi_tmf_1] - root 0 0 00:17:03 980-10:16:30 289 [kworker/3:1H] - root 0 0 00:28:59 980-10:16:30 294 [kworker/0:1H] - root 0 0 00:16:55 980-10:16:30 301 [kworker/4:1H] - root 0 0 03:47:10 980-10:16:30 302 [jbd2/vda1-8] - root 0 0 00:00:00 980-10:16:30 303 [ext4-rsv-conver] - root 0 0 00:02:22 980-10:16:30 309 [kworker/2:1H] - root 0 0 00:18:07 980-10:16:29 372 [kworker/5:1H] - root 0 0 00:04:00 980-10:16:29 374 [kworker/1:1H] 8:memory:/system.slice,6:devices:/system.slice/auditd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/auditd.service root 55532 728 02:04:17 980-10:16:28 458 /sbin/auditd 8:memory:/system.slice,6:devices:/system.slice/dbus.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dbus.service dbus 58296 1412 05:04:22 980-10:16:28 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation - root 0 0 00:22:49 980-10:16:27 671 [loop0] - root 0 0 00:08:53 980-10:16:27 672 [jbd2/loop0-8] - root 0 0 00:00:00 980-10:16:27 673 [ext4-rsv-conver] 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1440 00:00:00 979-08:16:33 1006 nano pdns.conf - root 0 0 00:00:01 10:03:24 1039 [kworker/5:1] 8:memory:/system.slice,6:devices:/system.slice/dnsadmin.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dnsadmin.service root 167448 4264 00:42:52 980-10:16:16 1491 dnsadmin - dormant mode 8:memory:/system.slice,6:devices:/system.slice/cpdavd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpdavd.service root 183896 6680 01:29:12 980-10:16:16 1494 cpdavd - accepting connections on: 2091, 2077, 2078 (dormant) 8:memory:/system.slice,6:devices:/system.slice/tailwatchd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/tailwatchd.service root 207036 19232 02:16:36 980-10:16:16 1495 tailwatchd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 190324 12504 05:10:26 980-10:16:16 1497 cPhulkd - processor - root 0 0 00:00:00 09:33:23 4041 [kworker/4:2] - root 0 0 00:00:00 03:43:24 4050 [kworker/0:1] - root 0 0 00:00:02 03:28:24 6084 [kworker/1:2] 8:memory:/system.slice,6:devices:/system.slice/sw-engine.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sw-engine.service root 443168 11664 00:03:48 175-04:49:07 6136 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-background-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 402256 34464 02:12:45 175-04:49:03 6219 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 385704 18396 00:03:59 175-04:49:03 6223 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php - root 0 0 00:00:00 02:58:46 8373 [kworker/u12:1] 8:memory:/system.slice,6:devices:/system.slice/cpanel.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel.service root 168356 4904 07:04:49 946-00:53:00 8935 cpsrvd (SSL) - dormant mode - accepting connections 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236912 14216 00:00:00 02:35:12 10179 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236868 14040 00:00:00 02:32:12 10416 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236972 14232 00:00:00 02:31:55 10431 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237116 14328 00:00:00 02:31:55 10432 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236996 14204 00:00:00 02:31:08 10516 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237308 14620 00:00:00 02:29:34 10779 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236900 14136 00:00:00 02:29:07 10824 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236864 14100 00:00:00 02:26:33 10982 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/pdns.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pdns.service named 851208 51668 00:14:11 86-05:44:28 12713 /usr/sbin/pdns_server --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no - root 0 0 00:00:00 01:43:24 14728 [kworker/4:1] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237044 14008 00:00:00 01:33:26 15370 /usr/sbin/httpd -k start - root 0 0 00:00:00 01:28:23 15849 [kworker/u12:0] - root 0 0 00:00:00 01:07:36 17317 [kworker/5:0] - root 0 0 00:00:00 06:37:30 18875 [kworker/3:1] - root 0 0 00:00:00 33:24 19500 [kworker/3:2] - root 0 0 00:00:00 23:14 20126 [kworker/1:1] - root 0 0 00:00:00 13:24 20740 [kworker/2:1] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 804 00:00:00 179-05:43:59 20921 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1564 00:58:46 179-05:43:59 20922 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1304 00:00:00 179-05:43:59 20923 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1356 00:00:00 179-05:43:59 20924 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1320 00:00:00 179-05:43:59 20925 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1220 00:21:38 179-05:43:59 20926 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] - root 0 0 00:00:00 03:24 21535 [kworker/2:2] 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 4232 00:00:00 01:57 21636 sshd: [accepted] 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@271704-103.179.190.35:6556-159.89.12.166:49202.service root 113416 1592 00:00:00 00:00 21915 /bin/bash /usr/bin/check_mk_agent 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@271704-103.179.190.35:6556-159.89.12.166:49202.service root 49820 1560 00:00:00 00:00 21938 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 - root 0 0 00:00:02 1-03:57:32 22227 [kworker/2:0] 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257152 124556 00:00:10 05:43:00 24212 /usr/local/cpanel/3rdparty/perl/536/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 258440 123200 00:00:06 05:29:48 25189 spamd child 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257152 121528 00:00:00 05:29:48 25190 spamd child 8:memory:/system.slice,6:devices:/system.slice/queueprocd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/queueprocd.service root 224744 15352 00:00:24 2-05:45:04 30637 queueprocd - waiting up to 60s to process a task - root 0 0 00:00:00 04:26:47 30834 [kworker/0:2] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 230604 9704 00:00:01 04:26:47 30870 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12772 1416 00:00:00 04:26:47 30871 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12792 1424 00:00:00 04:26:47 30872 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 53340 11864 00:00:00 04:26:47 30873 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 51564 2476 00:00:00 04:26:47 30884 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 46904 3784 00:00:00 04:26:46 30885 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 46912 4580 00:00:00 04:26:46 30886 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 10320 1328 00:00:00 04:26:46 30887 dovecot/anvil 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 10452 1528 00:00:00 04:26:46 30888 dovecot/log 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 46904 4048 00:00:00 04:26:46 30889 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 46912 4572 00:00:00 04:26:46 30890 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 17964 5248 00:00:00 04:26:46 30891 dovecot/config 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 13568 1568 00:00:00 04:26:46 30892 dovecot/stats 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89008 9512 00:00:00 04:26:46 30922 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 8:memory:/system.slice,6:devices:/system.slice/pure-authd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-authd.service root 152776 2040 00:00:00 04:26:46 30941 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth 8:memory:/system.slice,6:devices:/system.slice/pure-ftpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-ftpd.service root 153400 3204 00:00:00 04:26:46 30942 pure-ftpd (SERVER) 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237080 14696 00:00:01 04:26:39 30954 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 152968 11428 00:01:30 2-05:44:44 31021 cPhulkd - dbprocessor 8:memory:/system.slice,6:devices:/system.slice/p0f.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 9924 3260 00:10:18 2-05:44:44 31034 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 8:memory:/system.slice,6:devices:/system.slice/nscd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/nscd.service nscd 1873132 2864 00:00:47 2-05:44:44 31053 /usr/sbin/nscd 8:memory:/system.slice,6:devices:/system.slice/cpanellogd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanellogd.service root 130412 2788 00:00:01 2-05:44:44 31054 cpanellogd - sleeping for logs 8:memory:/system.slice,6:devices:/system.slice/cpanel_php_fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel_php_fpm.service root 298732 5840 00:00:11 2-05:44:41 31127 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 608600 21600 00:50:56 185-05:43:38 31387 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/qemu-guest-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 348 00:00:00 185-05:42:38 31521 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 8:memory:/system.slice,6:devices:/system.slice/chronyd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/chronyd.service chrony 121048 1236 00:00:36 185-05:42:37 31540 /usr/sbin/chronyd 8:memory:/system.slice,6:devices:/system.slice/xinetd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/xinetd.service root 27380 248 00:00:00 185-05:42:36 31609 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 8:memory:/system.slice,6:devices:/system.slice/system-serial\x2dgetty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 112 00:00:00 185-05:42:36 31640 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 8:memory:/system.slice,6:devices:/system.slice/smartd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/smartd.service root 52852 924 00:00:02 185-05:42:36 31655 /usr/sbin/smartd -n -q never 8:memory:/system.slice,6:devices:/system.slice/memcached.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/memcached.service memcached 80044 612 00:13:22 185-05:42:36 31670 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 8:memory:/system.slice,6:devices:/system.slice/atd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/atd.service root 24208 208 00:00:00 185-05:42:36 31690 /usr/sbin/atd -f 8:memory:/system.slice,6:devices:/system.slice/systemd-logind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-logind.service root 25228 1836 00:26:35 185-05:42:36 31705 /usr/lib/systemd/systemd-logind 8:memory:/system.slice,6:devices:/system.slice/mariadb.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/mariadb.service mysql 3881328 654328 1-06:43:15 185-05:42:34 31762 /usr/sbin/mysqld 8:memory:/system.slice,6:devices:/system.slice/system-getty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 112 00:00:00 185-05:42:33 31810 /sbin/agetty --noclear tty1 linux 8:memory:/system.slice,6:devices:/system.slice/rsyslog.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rsyslog.service root 541880 16352 00:57:35 185-05:42:33 31840 /usr/sbin/rsyslogd -n 8:memory:/system.slice,6:devices:/system.slice/systemd-udevd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-udevd.service root 43532 416 00:00:00 185-05:42:30 31961 /usr/lib/systemd/systemd-udevd 8:memory:/system.slice,6:devices:/system.slice/systemd-journald.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-journald.service root 64800 24928 01:27:36 185-05:42:30 31976 /usr/lib/systemd/systemd-journald 8:memory:/system.slice,6:devices:/system.slice/rpcbind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rpcbind.service rpc 69320 1040 00:00:48 185-05:42:30 31993 /sbin/rpcbind -w 8:memory:/system.slice,6:devices:/system.slice/acpid.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/acpid.service root 4388 140 00:00:00 185-05:42:30 32009 /usr/sbin/acpid 8:memory:/system.slice,6:devices:/system.slice/crond.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/crond.service root 124504 1084 00:02:50 185-05:42:30 32032 /usr/sbin/crond -n 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 1364 00:22:17 185-05:42:29 32045 /usr/sbin/sshd -D 8:memory:/system.slice,6:devices:/system.slice/polkit.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/polkit.service polkitd 610540 9080 00:18:12 185-05:42:29 32131 /usr/lib/polkit-1/polkitd --no-debug 8:memory:/system.slice,6:devices:/system.slice/irqbalance.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/irqbalance.service root 21540 508 00:21:27 185-05:42:28 32156 /usr/sbin/irqbalance --foreground Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2024-12-14 00:03 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadf632241e6Found public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-fs-nfsd.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled var-lib-nfs-rpc_pipefs.mount static brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2462272.scope static session-2745.scope static acpid.service enabled aibolit-resident.service enabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled auth-rpcgss-module.service static autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled gssproxy.service disabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-blkmap.service disabled nfs-config.service static nfs-idmap.service static nfs-idmapd.service static nfs-lock.service static nfs-mountd.service static nfs-rquotad.service disabled nfs-secure.service static nfs-server.service disabled nfs-utils.service static nfs.service disabled nfslock.service static nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-gssd.service static rpc-rquotad.service disabled rpc-statd-notify.service static rpc-statd.service static rpcbind.service enabled rpcgssd.service static rpcidmapd.service static rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nfs-client.target enabled nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpc_pipefs.target static rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 323 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-fs-nfsd.mount loaded inactive dead NFSD configuration filesystem proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-lib-nfs-rpc_pipefs.mount loaded inactive dead RPC Pipe File System var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2462272.scope loaded active running Session 2462272 of user root session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service auth-rpcgss-module.service loaded inactive dead Kernel Module supporting RPCSEC_GSS * check_mk@104625-103.179.190.34:6556-194.165.16.76:65294.service loaded failed failed Check_MK * check_mk@120978-103.179.190.34:6556-194.165.16.76:65441.service loaded failed failed Check_MK * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK * check_mk@172347-103.179.190.35:6556-45.227.254.48:65517.service loaded failed failed Check_MK * check_mk@197230-103.179.190.34:6556-167.94.138.124:40940.service loaded failed failed Check_MK * check_mk@210696-103.179.190.35:6556-194.165.16.76:65106.service loaded failed failed Check_MK * check_mk@228110-103.179.190.35:6556-194.165.16.76:65495.service loaded failed failed Check_MK * check_mk@232223-103.179.190.35:6556-194.165.16.72:65253.service loaded failed failed Check_MK * check_mk@240753-103.179.190.35:6556-194.165.16.72:65204.service loaded failed failed Check_MK check_mk@270861-103.179.190.35:6556-164.92.244.132:36662.service loaded activating start start Check_MK (164.92.244.132:36662) * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK * check_mk@62547-103.179.190.34:6556-103.83.81.110:58694.service loaded failed failed Check_MK * check_mk@62548-103.179.190.35:6556-103.83.81.110:64910.service loaded failed failed Check_MK * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK * check_mk@81701-103.179.190.34:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@81702-103.179.190.35:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 gssproxy.service loaded inactive dead GSSAPI Proxy Daemon httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.39 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nfs-config.service loaded inactive dead Preprocess NFS configuration nfs-idmapd.service loaded inactive dead NFSv4 ID-name mapping service nfs-mountd.service loaded inactive dead NFS Mount Daemon * nfs-secure-server.service not-found inactive dead nfs-secure-server.service nfs-server.service loaded inactive dead NFS server and services nfs-utils.service loaded inactive dead NFS server and client services nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpc-gssd.service loaded inactive dead RPC security service for NFS client and server rpc-statd-notify.service loaded inactive dead Notify NFS peers of a restart rpc-statd.service loaded inactive dead NFS status monitor for NFSv2/3 locking. rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WP Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WP Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice Imunify-notifier.slice loaded active active Imunify-notifier.slice Imunify-Scan-aibolit.slice loaded inactive dead Imunify-Scan-aibolit.slice Imunify-Scan.slice loaded inactive dead Imunify-Scan.slice Imunify.slice loaded active active Imunify.slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nfs-client.target loaded inactive dead NFS client services nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpc_pipefs.target loaded inactive dead rpc_pipefs.target rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191516 3724 21:57:43 978-11:13:38 1 /usr/lib/systemd/systemd --system --deserialize 18 - root 0 0 00:00:07 978-11:13:38 2 [kthreadd] - root 0 0 00:00:00 978-11:13:38 4 [kworker/0:0H] - root 0 0 00:03:46 978-11:13:38 6 [ksoftirqd/0] - root 0 0 00:00:43 978-11:13:38 7 [migration/0] - root 0 0 00:00:00 978-11:13:38 8 [rcu_bh] - root 0 0 1-00:00:16 978-11:13:38 9 [rcu_sched] - root 0 0 00:00:00 978-11:13:38 10 [lru-add-drain] - root 0 0 00:06:18 978-11:13:38 11 [watchdog/0] - root 0 0 00:05:54 978-11:13:38 12 [watchdog/1] - root 0 0 00:08:53 978-11:13:38 13 [migration/1] - root 0 0 00:03:02 978-11:13:38 14 [ksoftirqd/1] - root 0 0 00:00:00 978-11:13:38 16 [kworker/1:0H] - root 0 0 00:05:31 978-11:13:38 17 [watchdog/2] - root 0 0 00:01:22 978-11:13:38 18 [migration/2] - root 0 0 00:02:32 978-11:13:38 19 [ksoftirqd/2] - root 0 0 00:00:00 978-11:13:38 21 [kworker/2:0H] - root 0 0 00:05:31 978-11:13:38 22 [watchdog/3] - root 0 0 00:01:01 978-11:13:38 23 [migration/3] - root 0 0 00:05:07 978-11:13:38 24 [ksoftirqd/3] - root 0 0 00:00:00 978-11:13:38 26 [kworker/3:0H] - root 0 0 00:05:17 978-11:13:38 27 [watchdog/4] - root 0 0 00:04:47 978-11:13:38 28 [migration/4] - root 0 0 00:06:25 978-11:13:38 29 [ksoftirqd/4] - root 0 0 00:00:00 978-11:13:38 31 [kworker/4:0H] - root 0 0 00:06:31 978-11:13:38 32 [watchdog/5] - root 0 0 00:01:24 978-11:13:38 33 [migration/5] - root 0 0 00:38:05 978-11:13:38 34 [ksoftirqd/5] - root 0 0 00:00:00 978-11:13:38 36 [kworker/5:0H] - root 0 0 00:00:00 978-11:13:38 38 [kdevtmpfs] - root 0 0 00:00:00 978-11:13:38 39 [netns] - root 0 0 00:00:42 978-11:13:38 40 [khungtaskd] - root 0 0 00:00:00 978-11:13:38 41 [writeback] - root 0 0 00:00:00 978-11:13:38 42 [kintegrityd] - root 0 0 00:00:00 978-11:13:38 43 [bioset] - root 0 0 00:00:00 978-11:13:38 44 [bioset] - root 0 0 00:00:00 978-11:13:38 45 [bioset] - root 0 0 00:00:00 978-11:13:38 46 [kblockd] - root 0 0 00:00:00 978-11:13:38 47 [md] - root 0 0 00:00:00 978-11:13:38 48 [edac-poller] - root 0 0 00:00:00 978-11:13:38 49 [watchdogd] - root 0 0 00:31:31 978-11:13:38 55 [kswapd0] - root 0 0 00:00:00 978-11:13:38 56 [ksmd] - root 0 0 00:03:02 978-11:13:38 57 [khugepaged] - root 0 0 00:00:00 978-11:13:38 58 [crypto] - root 0 0 00:00:00 978-11:13:38 66 [kthrotld] - root 0 0 00:00:00 978-11:13:38 68 [kmpath_rdacd] - root 0 0 00:00:00 978-11:13:38 69 [kaluad] - root 0 0 00:00:00 978-11:13:38 70 [kpsmoused] - root 0 0 00:00:00 978-11:13:37 72 [ipv6_addrconf] - root 0 0 00:00:00 978-11:13:37 86 [deferwq] - root 0 0 00:56:27 978-11:13:37 197 [kauditd] - root 0 0 00:00:00 978-11:13:37 262 [ata_sff] - root 0 0 00:00:00 978-11:13:37 276 [ttm_swap] - root 0 0 00:00:00 978-11:13:37 280 [scsi_eh_0] - root 0 0 00:00:00 978-11:13:37 281 [scsi_tmf_0] - root 0 0 00:00:00 978-11:13:37 282 [scsi_eh_1] - root 0 0 00:00:00 978-11:13:37 283 [scsi_tmf_1] - root 0 0 00:17:00 978-11:13:37 289 [kworker/3:1H] - root 0 0 00:28:54 978-11:13:37 294 [kworker/0:1H] - root 0 0 00:16:52 978-11:13:37 301 [kworker/4:1H] - root 0 0 03:46:30 978-11:13:37 302 [jbd2/vda1-8] - root 0 0 00:00:00 978-11:13:37 303 [ext4-rsv-conver] - root 0 0 00:02:21 978-11:13:37 309 [kworker/2:1H] - root 0 0 00:18:04 978-11:13:36 372 [kworker/5:1H] - root 0 0 00:03:59 978-11:13:36 374 [kworker/1:1H] 8:memory:/system.slice,6:devices:/system.slice/auditd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/auditd.service root 55532 732 02:03:57 978-11:13:35 458 /sbin/auditd 8:memory:/system.slice,6:devices:/system.slice/dbus.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dbus.service dbus 58296 1412 05:03:44 978-11:13:35 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation - root 0 0 00:22:45 978-11:13:34 671 [loop0] - root 0 0 00:08:52 978-11:13:34 672 [jbd2/loop0-8] - root 0 0 00:00:00 978-11:13:34 673 [ext4-rsv-conver] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237316 14716 00:00:00 01:00:44 795 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 258988 123780 00:00:07 06:24:51 887 spamd child 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257680 122076 00:00:00 06:24:51 888 spamd child 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1440 00:00:00 977-09:13:40 1006 nano pdns.conf 8:memory:/system.slice,6:devices:/system.slice/dnsadmin.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dnsadmin.service root 167448 4264 00:42:45 978-11:13:23 1491 dnsadmin - dormant mode 8:memory:/system.slice,6:devices:/system.slice/cpdavd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpdavd.service root 262276 24492 01:29:00 978-11:13:23 1494 cpdavd - accepting connections on: 2091, 2077, 2078 8:memory:/system.slice,6:devices:/system.slice/tailwatchd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/tailwatchd.service root 207196 19800 02:16:23 978-11:13:23 1495 tailwatchd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 190324 12932 05:09:41 978-11:13:23 1497 cPhulkd - processor 8:memory:/system.slice,6:devices:/system.slice/pure-authd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-authd.service root 152776 2036 00:00:11 41-06:41:57 1535 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth 8:memory:/system.slice,6:devices:/system.slice/pure-ftpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-ftpd.service root 153400 2984 00:00:12 41-06:41:57 1536 pure-ftpd (SERVER) - root 0 0 00:00:00 50:30 1753 [kworker/0:2] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237208 14456 00:00:00 44:54 2248 /usr/sbin/httpd -k start - root 0 0 00:00:00 40:30 2638 [kworker/3:2] - root 0 0 00:00:01 17:46:07 2919 [kworker/3:1] - root 0 0 00:00:01 11:37:39 3041 [kworker/5:0] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237280 14444 00:00:00 25:20 4137 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237280 14340 00:00:00 25:19 4141 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237248 14436 00:00:00 23:45 4357 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237288 14236 00:00:00 23:29 4391 /usr/sbin/httpd -k start - root 0 0 00:00:00 20:30 4628 [kworker/5:2] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237196 13820 00:00:00 13:16 5362 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237276 13860 00:00:00 07:43 5775 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47328 4640 00:00:05 17-00:55:56 5918 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47680 4948 00:00:08 17-00:55:56 5919 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 10452 1128 00:00:07 17-00:55:56 5920 dovecot/log 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47588 4980 00:00:06 17-00:55:56 5921 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47448 4864 00:00:06 17-00:55:56 5922 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 18164 5016 00:00:21 17-00:55:56 5923 dovecot/config 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 13568 1096 00:00:09 17-00:55:56 5924 dovecot/stats 8:memory:/system.slice,6:devices:/system.slice/sw-engine.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sw-engine.service root 443168 11664 00:03:45 173-05:46:14 6136 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 41196 2924 00:00:00 02:47 6146 dovecot/auth 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-background-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 402256 34572 02:11:09 173-05:46:10 6219 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 385704 18504 00:03:56 173-05:46:10 6223 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237244 13444 00:00:00 00:35 6404 /usr/sbin/httpd -k start 8:memory:/user.slice,6:devices:/user.slice,5:cpuacct,cpu:/user.slice,3:blkio:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2462272.scope root 185004 2584 00:00:00 00:30 6423 /usr/sbin/CROND -n 8:memory:/user.slice,6:devices:/user.slice,5:cpuacct,cpu:/user.slice,3:blkio:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2462272.scope root 113280 1208 00:00:00 00:30 6432 /bin/sh -c bash -c "sleep $((RANDOM % 60))" ; /opt/imunify360/venv/share/imunify360/scripts/check-detached.py > /dev/null 2>&1 || : 8:memory:/user.slice,6:devices:/user.slice,5:cpuacct,cpu:/user.slice,3:blkio:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2462272.scope root 108052 356 00:00:00 00:30 6436 sleep 47 - root 0 0 00:00:00 00:30 6444 [kworker/2:2] - root 0 0 00:00:00 00:30 6452 [kworker/3:0] 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89504 8664 00:00:00 00:16 6459 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service hilink 726388 66332 00:00:01 00:09 6464 php-fpm: pool hilink_vn 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service hilink 654504 65524 00:00:00 00:08 6466 php-fpm: pool hilink_vn 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89236 8664 00:00:00 00:08 6467 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service hicorp 617504 44168 00:00:00 00:03 6470 php-fpm: pool hicorp_vn 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 162132 5840 00:00:00 00:03 6471 sshd: hifund [priv] 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service sshd 115644 2620 00:00:00 00:03 6472 sshd: hifund [net] 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@270861-103.179.190.35:6556-164.92.244.132:36662.service root 113552 1864 00:00:00 00:00 6613 /bin/bash /usr/bin/check_mk_agent 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@270861-103.179.190.35:6556-164.92.244.132:36662.service root 49820 1560 00:00:00 00:00 6636 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 8:memory:/system.slice,6:devices:/system.slice/cpanel.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel.service root 168356 4904 07:03:33 944-01:50:07 8935 cpsrvd (SSL) - dormant mode - accepting connections 8:memory:/system.slice,6:devices:/system.slice/pdns.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pdns.service named 851208 52072 00:13:50 84-06:41:35 12713 /usr/sbin/pdns_server --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no - root 0 0 00:00:00 04:30:30 13354 [kworker/4:1] - root 0 0 00:00:22 1-13:40:30 13565 [kworker/1:0] - root 0 0 00:00:00 08:59:30 18893 [kworker/2:1] - root 0 0 00:00:06 1-12:40:30 19884 [kworker/0:0] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 230924 13168 00:06:13 58-18:03:20 20033 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 51680 2244 00:01:15 58-18:03:19 20057 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 10320 976 00:00:16 58-18:03:19 20060 dovecot/anvil 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 804 00:00:00 177-06:41:06 20921 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1564 00:58:05 177-06:41:06 20922 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1312 00:00:00 177-06:41:06 20923 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1364 00:00:00 177-06:41:06 20924 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1328 00:00:00 177-06:41:06 20925 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1220 00:21:22 177-06:41:06 20926 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] - root 0 0 00:00:00 02:40:31 23470 [kworker/4:2] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237320 15244 00:00:01 02:07:36 26739 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237388 15160 00:00:01 01:34:07 30209 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/queueprocd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/queueprocd.service root 224352 16844 00:00:03 06:42:11 30637 queueprocd - waiting up to 60s to process a task 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89048 9512 00:00:01 06:41:57 30808 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12744 1416 00:00:00 06:41:57 30849 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12748 1424 00:00:00 06:41:57 30850 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 53340 11860 00:00:00 06:41:57 30851 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 152844 11400 00:00:10 06:41:51 31021 cPhulkd - dbprocessor 8:memory:/system.slice,6:devices:/system.slice/p0f.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 9924 3320 00:01:25 06:41:51 31034 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 - root 0 0 00:00:00 06:41:51 31046 [kworker/u12:2] - root 0 0 00:00:00 06:41:51 31047 [kworker/u12:3] 8:memory:/system.slice,6:devices:/system.slice/nscd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/nscd.service nscd 926900 2192 00:00:04 06:41:51 31053 /usr/sbin/nscd 8:memory:/system.slice,6:devices:/system.slice/cpanellogd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanellogd.service root 130412 2820 00:00:00 06:41:51 31054 cpanellogd - sleeping for logs 8:memory:/system.slice,6:devices:/system.slice/cpanel_php_fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel_php_fpm.service root 298732 6132 00:00:01 06:41:48 31127 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 608600 13108 00:50:17 183-06:40:45 31387 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) - root 0 0 00:00:00 01:20:31 31451 [kworker/2:0] 8:memory:/system.slice,6:devices:/system.slice/qemu-guest-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 348 00:00:00 183-06:39:45 31521 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 8:memory:/system.slice,6:devices:/system.slice/chronyd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/chronyd.service chrony 121048 1184 00:00:36 183-06:39:44 31540 /usr/sbin/chronyd 8:memory:/system.slice,6:devices:/system.slice/xinetd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/xinetd.service root 27380 248 00:00:00 183-06:39:43 31609 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 8:memory:/system.slice,6:devices:/system.slice/system-serial\x2dgetty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 112 00:00:00 183-06:39:43 31640 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 8:memory:/system.slice,6:devices:/system.slice/smartd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/smartd.service root 52852 964 00:00:02 183-06:39:43 31655 /usr/sbin/smartd -n -q never 8:memory:/system.slice,6:devices:/system.slice/memcached.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/memcached.service memcached 80044 612 00:13:13 183-06:39:43 31670 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 8:memory:/system.slice,6:devices:/system.slice/atd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/atd.service root 24208 192 00:00:00 183-06:39:43 31690 /usr/sbin/atd -f 8:memory:/system.slice,6:devices:/system.slice/systemd-logind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-logind.service root 25228 1836 00:26:17 183-06:39:43 31705 /usr/lib/systemd/systemd-logind 8:memory:/system.slice,6:devices:/system.slice/mariadb.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/mariadb.service mysql 3881328 654504 1-06:18:15 183-06:39:41 31762 /usr/sbin/mysqld 8:memory:/system.slice,6:devices:/system.slice/system-getty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 112 00:00:00 183-06:39:40 31810 /sbin/agetty --noclear tty1 linux 8:memory:/system.slice,6:devices:/system.slice/rsyslog.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rsyslog.service root 532928 12104 00:56:50 183-06:39:40 31840 /usr/sbin/rsyslogd -n 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257680 126296 00:00:09 06:40:42 31862 /usr/local/cpanel/3rdparty/perl/536/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 8:memory:/system.slice,6:devices:/system.slice/systemd-udevd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-udevd.service root 43532 416 00:00:00 183-06:39:37 31961 /usr/lib/systemd/systemd-udevd 8:memory:/system.slice,6:devices:/system.slice/systemd-journald.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-journald.service root 56572 16408 01:26:23 183-06:39:37 31976 /usr/lib/systemd/systemd-journald 8:memory:/system.slice,6:devices:/system.slice/rpcbind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rpcbind.service rpc 69320 1060 00:00:48 183-06:39:37 31993 /sbin/rpcbind -w 8:memory:/system.slice,6:devices:/system.slice/acpid.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/acpid.service root 4388 140 00:00:00 183-06:39:37 32009 /usr/sbin/acpid 8:memory:/system.slice,6:devices:/system.slice/crond.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/crond.service root 124504 1084 00:02:48 183-06:39:37 32032 /usr/sbin/crond -n 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 1364 00:21:57 183-06:39:36 32045 /usr/sbin/sshd -D 8:memory:/system.slice,6:devices:/system.slice/polkit.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/polkit.service polkitd 610540 9084 00:18:00 183-06:39:36 32131 /usr/lib/polkit-1/polkitd --no-debug 8:memory:/system.slice,6:devices:/system.slice/irqbalance.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/irqbalance.service root 21540 508 00:21:12 183-06:39:35 32156 /usr/sbin/irqbalance --foreground - root 0 0 00:00:00 01:10:30 32400 [kworker/1:1] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2024-12-12 01:00 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadffb72e586Found public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-fs-nfsd.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled var-lib-nfs-rpc_pipefs.mount static brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2745.scope static acpid.service enabled aibolit-resident.service enabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled auth-rpcgss-module.service static autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled gssproxy.service disabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-blkmap.service disabled nfs-config.service static nfs-idmap.service static nfs-idmapd.service static nfs-lock.service static nfs-mountd.service static nfs-rquotad.service disabled nfs-secure.service static nfs-server.service disabled nfs-utils.service static nfs.service disabled nfslock.service static nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-gssd.service static rpc-rquotad.service disabled rpc-statd-notify.service static rpc-statd.service static rpcbind.service enabled rpcgssd.service static rpcidmapd.service static rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nfs-client.target enabled nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpc_pipefs.target static rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 322 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-fs-nfsd.mount loaded inactive dead NFSD configuration filesystem proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-lib-nfs-rpc_pipefs.mount loaded inactive dead RPC Pipe File System var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service auth-rpcgss-module.service loaded inactive dead Kernel Module supporting RPCSEC_GSS * check_mk@104625-103.179.190.34:6556-194.165.16.76:65294.service loaded failed failed Check_MK * check_mk@120978-103.179.190.34:6556-194.165.16.76:65441.service loaded failed failed Check_MK * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK * check_mk@172347-103.179.190.35:6556-45.227.254.48:65517.service loaded failed failed Check_MK * check_mk@197230-103.179.190.34:6556-167.94.138.124:40940.service loaded failed failed Check_MK * check_mk@210696-103.179.190.35:6556-194.165.16.76:65106.service loaded failed failed Check_MK * check_mk@228110-103.179.190.35:6556-194.165.16.76:65495.service loaded failed failed Check_MK * check_mk@232223-103.179.190.35:6556-194.165.16.72:65253.service loaded failed failed Check_MK * check_mk@240753-103.179.190.35:6556-194.165.16.72:65204.service loaded failed failed Check_MK check_mk@270039-103.179.190.35:6556-64.226.65.160:55824.service loaded activating start start Check_MK (64.226.65.160:55824) * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK * check_mk@62547-103.179.190.34:6556-103.83.81.110:58694.service loaded failed failed Check_MK * check_mk@62548-103.179.190.35:6556-103.83.81.110:64910.service loaded failed failed Check_MK * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK * check_mk@81701-103.179.190.34:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@81702-103.179.190.35:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 gssproxy.service loaded inactive dead GSSAPI Proxy Daemon httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.39 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nfs-config.service loaded inactive dead Preprocess NFS configuration nfs-idmapd.service loaded inactive dead NFSv4 ID-name mapping service nfs-mountd.service loaded inactive dead NFS Mount Daemon * nfs-secure-server.service not-found inactive dead nfs-secure-server.service nfs-server.service loaded inactive dead NFS server and services nfs-utils.service loaded inactive dead NFS server and client services nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpc-gssd.service loaded inactive dead RPC security service for NFS client and server rpc-statd-notify.service loaded inactive dead Notify NFS peers of a restart rpc-statd.service loaded inactive dead NFS status monitor for NFSv2/3 locking. rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WP Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WP Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice Imunify-notifier.slice loaded active active Imunify-notifier.slice Imunify-Scan-aibolit.slice loaded inactive dead Imunify-Scan-aibolit.slice Imunify-Scan.slice loaded inactive dead Imunify-Scan.slice Imunify.slice loaded active active Imunify.slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nfs-client.target loaded inactive dead NFS client services nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpc_pipefs.target loaded inactive dead rpc_pipefs.target rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191516 3644 21:54:34 976-11:17:02 1 /usr/lib/systemd/systemd --system --deserialize 18 - root 0 0 00:00:07 976-11:17:02 2 [kthreadd] - root 0 0 00:00:00 976-11:17:02 4 [kworker/0:0H] - root 0 0 00:03:46 976-11:17:02 6 [ksoftirqd/0] - root 0 0 00:00:43 976-11:17:02 7 [migration/0] - root 0 0 00:00:00 976-11:17:02 8 [rcu_bh] - root 0 0 23:56:12 976-11:17:02 9 [rcu_sched] - root 0 0 00:00:00 976-11:17:02 10 [lru-add-drain] - root 0 0 00:06:17 976-11:17:02 11 [watchdog/0] - root 0 0 00:05:54 976-11:17:02 12 [watchdog/1] - root 0 0 00:08:52 976-11:17:02 13 [migration/1] - root 0 0 00:03:01 976-11:17:02 14 [ksoftirqd/1] - root 0 0 00:00:00 976-11:17:02 16 [kworker/1:0H] - root 0 0 00:05:30 976-11:17:02 17 [watchdog/2] - root 0 0 00:01:21 976-11:17:02 18 [migration/2] - root 0 0 00:02:32 976-11:17:02 19 [ksoftirqd/2] - root 0 0 00:00:00 976-11:17:02 21 [kworker/2:0H] - root 0 0 00:05:30 976-11:17:02 22 [watchdog/3] - root 0 0 00:01:01 976-11:17:02 23 [migration/3] - root 0 0 00:05:06 976-11:17:02 24 [ksoftirqd/3] - root 0 0 00:00:00 976-11:17:02 26 [kworker/3:0H] - root 0 0 00:05:16 976-11:17:02 27 [watchdog/4] - root 0 0 00:04:46 976-11:17:02 28 [migration/4] - root 0 0 00:06:25 976-11:17:02 29 [ksoftirqd/4] - root 0 0 00:00:00 976-11:17:02 31 [kworker/4:0H] - root 0 0 00:06:30 976-11:17:02 32 [watchdog/5] - root 0 0 00:01:24 976-11:17:02 33 [migration/5] - root 0 0 00:38:00 976-11:17:02 34 [ksoftirqd/5] - root 0 0 00:00:00 976-11:17:02 36 [kworker/5:0H] - root 0 0 00:00:00 976-11:17:02 38 [kdevtmpfs] - root 0 0 00:00:00 976-11:17:02 39 [netns] - root 0 0 00:00:42 976-11:17:02 40 [khungtaskd] - root 0 0 00:00:00 976-11:17:02 41 [writeback] - root 0 0 00:00:00 976-11:17:02 42 [kintegrityd] - root 0 0 00:00:00 976-11:17:02 43 [bioset] - root 0 0 00:00:00 976-11:17:02 44 [bioset] - root 0 0 00:00:00 976-11:17:02 45 [bioset] - root 0 0 00:00:00 976-11:17:02 46 [kblockd] - root 0 0 00:00:00 976-11:17:02 47 [md] - root 0 0 00:00:00 976-11:17:02 48 [edac-poller] - root 0 0 00:00:00 976-11:17:02 49 [watchdogd] - root 0 0 00:31:30 976-11:17:02 55 [kswapd0] - root 0 0 00:00:00 976-11:17:02 56 [ksmd] - root 0 0 00:03:02 976-11:17:02 57 [khugepaged] - root 0 0 00:00:00 976-11:17:02 58 [crypto] - root 0 0 00:00:00 976-11:17:02 66 [kthrotld] - root 0 0 00:00:00 976-11:17:02 68 [kmpath_rdacd] - root 0 0 00:00:00 976-11:17:02 69 [kaluad] - root 0 0 00:00:00 976-11:17:02 70 [kpsmoused] - root 0 0 00:00:00 976-11:17:01 72 [ipv6_addrconf] - root 0 0 00:00:00 976-11:17:01 86 [deferwq] - root 0 0 00:56:19 976-11:17:01 197 [kauditd] - root 0 0 00:00:00 976-11:17:01 262 [ata_sff] - root 0 0 00:00:00 976-11:17:01 276 [ttm_swap] - root 0 0 00:00:00 976-11:17:01 280 [scsi_eh_0] - root 0 0 00:00:00 976-11:17:01 281 [scsi_tmf_0] - root 0 0 00:00:00 976-11:17:01 282 [scsi_eh_1] - root 0 0 00:00:00 976-11:17:01 283 [scsi_tmf_1] - root 0 0 00:16:58 976-11:17:01 289 [kworker/3:1H] - root 0 0 00:28:50 976-11:17:01 294 [kworker/0:1H] - root 0 0 00:16:50 976-11:17:01 301 [kworker/4:1H] - root 0 0 03:45:54 976-11:17:01 302 [jbd2/vda1-8] - root 0 0 00:00:00 976-11:17:01 303 [ext4-rsv-conver] - root 0 0 00:02:21 976-11:17:01 309 [kworker/2:1H] - root 0 0 00:18:01 976-11:17:00 372 [kworker/5:1H] - root 0 0 00:03:58 976-11:17:00 374 [kworker/1:1H] 8:memory:/system.slice,6:devices:/system.slice/auditd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/auditd.service root 55532 732 02:03:39 976-11:16:59 458 /sbin/auditd 8:memory:/system.slice,6:devices:/system.slice/dbus.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dbus.service dbus 58296 1412 05:03:07 976-11:16:59 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation - root 0 0 00:22:42 976-11:16:58 671 [loop0] - root 0 0 00:08:50 976-11:16:58 672 [jbd2/loop0-8] - root 0 0 00:00:00 976-11:16:58 673 [ext4-rsv-conver] 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1440 00:00:00 975-09:17:04 1006 nano pdns.conf 8:memory:/system.slice,6:devices:/system.slice/dnsadmin.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dnsadmin.service root 167448 4264 00:42:39 976-11:16:47 1491 dnsadmin - dormant mode 8:memory:/system.slice,6:devices:/system.slice/cpdavd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpdavd.service root 262240 24588 01:28:46 976-11:16:47 1494 cpdavd - accepting connections on: 2091, 2077, 2078 8:memory:/system.slice,6:devices:/system.slice/tailwatchd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/tailwatchd.service root 212528 22624 02:16:09 976-11:16:47 1495 tailwatchd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 190432 12560 05:08:57 976-11:16:47 1497 cPhulkd - processor 8:memory:/system.slice,6:devices:/system.slice/pure-authd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-authd.service root 152776 2036 00:00:10 39-06:45:21 1535 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth 8:memory:/system.slice,6:devices:/system.slice/pure-ftpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-ftpd.service root 153400 2984 00:00:11 39-06:45:21 1536 pure-ftpd (SERVER) 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47328 4640 00:00:04 15-00:59:20 5918 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47404 4684 00:00:07 15-00:59:20 5919 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 10452 1128 00:00:07 15-00:59:20 5920 dovecot/log 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47588 4980 00:00:06 15-00:59:20 5921 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47308 4704 00:00:06 15-00:59:20 5922 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 18164 5016 00:00:19 15-00:59:20 5923 dovecot/config 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 13568 1096 00:00:08 15-00:59:20 5924 dovecot/stats 8:memory:/system.slice,6:devices:/system.slice/sw-engine.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sw-engine.service root 443168 11664 00:03:42 171-05:49:38 6136 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-background-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 402256 34572 02:09:39 171-05:49:34 6219 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 385704 18504 00:03:53 171-05:49:34 6223 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php - root 0 0 00:00:03 2-01:08:37 6291 [kworker/2:0] 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 153492 11892 00:08:26 12-10:09:32 6970 cPhulkd - dbprocessor 8:memory:/system.slice,6:devices:/system.slice/cpanel.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel.service root 255736 29156 07:02:18 942-01:53:31 8935 cpsrvd (SSL) - waiting for connections - root 0 0 00:00:00 02:33:54 10458 [kworker/0:2] - root 0 0 00:00:00 02:32:07 10640 [kworker/3:0] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237460 15064 00:00:00 02:18:54 11644 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237548 15124 00:00:00 02:18:54 11645 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237752 15184 00:00:00 02:18:53 11658 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237496 15084 00:00:00 02:18:53 11660 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/pdns.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pdns.service named 851208 52060 00:13:30 82-06:44:59 12713 /usr/sbin/pdns_server --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no - root 0 0 00:00:24 1-17:13:54 13541 [kworker/1:1] - root 0 0 00:00:00 01:58:51 13595 [kworker/5:2] 8:memory:/system.slice,6:devices:/system.slice/queueprocd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/queueprocd.service root 224736 15308 00:02:27 13-06:45:19 13938 queueprocd - waiting up to 60s to process a task 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12740 960 00:00:26 13-06:45:07 14096 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12744 968 00:00:21 13-06:45:07 14097 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 53340 11792 00:00:00 13-06:45:07 14098 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect 8:memory:/system.slice,6:devices:/system.slice/p0f.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 9968 3364 01:00:40 13-06:45:00 14278 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 8:memory:/system.slice,6:devices:/system.slice/cpanellogd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanellogd.service root 130412 2796 00:00:07 13-06:45:00 14293 cpanellogd - sleeping for logs 8:memory:/system.slice,6:devices:/system.slice/nscd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/nscd.service nscd 1467604 2736 00:04:17 13-06:45:00 14310 /usr/sbin/nscd 8:memory:/system.slice,6:devices:/system.slice/cpanel_php_fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel_php_fpm.service root 298732 5808 00:01:06 13-06:44:57 14368 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) - root 0 0 00:00:00 06:53:28 15534 [kworker/5:1] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237784 14884 00:00:00 01:29:25 16415 /usr/sbin/httpd -k start - root 0 0 00:00:00 01:28:54 16468 [kworker/0:1] 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257696 126328 00:00:10 06:44:24 16940 /usr/local/cpanel/3rdparty/perl/536/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237424 14732 00:00:00 01:17:33 17397 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 259000 123788 00:00:06 06:32:34 18050 spamd child 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257696 122088 00:00:00 06:32:34 18051 spamd child - root 0 0 00:00:00 53:54 19425 [kworker/3:2] - root 0 0 00:00:00 12:08:55 19496 [kworker/4:2] - root 0 0 00:00:00 52:01 19500 [kworker/u12:0] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 230924 11132 00:05:52 56-18:06:44 20033 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 51680 2244 00:01:13 56-18:06:43 20057 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 10320 976 00:00:15 56-18:06:43 20060 dovecot/anvil 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89008 12456 00:02:53 56-18:06:42 20100 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid - root 0 0 00:00:00 43:54 20200 [kworker/2:2] - root 0 0 00:00:00 37:54 20596 [kworker/1:2] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 804 00:00:00 175-06:44:30 20921 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1564 00:57:26 175-06:44:30 20922 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1312 00:00:00 175-06:44:30 20923 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1364 00:00:00 175-06:44:30 20924 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1328 00:00:00 175-06:44:30 20925 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1220 00:21:07 175-06:44:30 20926 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237216 14240 00:00:00 28:51 21380 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237388 13900 00:00:00 10:46 22669 /usr/sbin/httpd -k start - root 0 0 00:00:00 07:30 23011 [kworker/u12:1] - root 0 0 00:00:00 03:54 23180 [kworker/1:0] - root 0 0 00:00:00 03:54 23189 [kworker/5:0] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237232 13932 00:00:00 01:28 23469 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237228 13244 00:00:00 01:28 23470 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service hilink 746776 86296 00:00:01 00:17 23500 php-fpm: pool hilink_vn 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service hilink 609708 22588 00:00:00 00:16 23503 php-fpm: pool hilink_vn 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service hilink 732244 73552 00:00:01 00:16 23505 php-fpm: pool hilink_vn 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89436 8632 00:00:00 00:12 23516 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid - root 0 0 00:00:00 00:01 23601 [kworker/2:1] 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@270039-103.179.190.35:6556-64.226.65.160:55824.service root 113584 1864 00:00:00 00:00 23669 /bin/bash /usr/bin/check_mk_agent 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@270039-103.179.190.35:6556-64.226.65.160:55824.service root 49820 1564 00:00:00 00:00 23692 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 608600 13108 00:49:42 181-06:44:09 31387 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/qemu-guest-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 348 00:00:00 181-06:43:09 31521 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 8:memory:/system.slice,6:devices:/system.slice/chronyd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/chronyd.service chrony 121048 1172 00:00:35 181-06:43:08 31540 /usr/sbin/chronyd - root 0 0 00:00:00 04:33:54 31552 [kworker/4:1] 8:memory:/system.slice,6:devices:/system.slice/xinetd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/xinetd.service root 27380 248 00:00:00 181-06:43:07 31609 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 8:memory:/system.slice,6:devices:/system.slice/system-serial\x2dgetty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 112 00:00:00 181-06:43:07 31640 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 8:memory:/system.slice,6:devices:/system.slice/smartd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/smartd.service root 52852 964 00:00:02 181-06:43:07 31655 /usr/sbin/smartd -n -q never 8:memory:/system.slice,6:devices:/system.slice/memcached.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/memcached.service memcached 80044 612 00:13:04 181-06:43:07 31670 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 8:memory:/system.slice,6:devices:/system.slice/atd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/atd.service root 24208 192 00:00:00 181-06:43:07 31690 /usr/sbin/atd -f 8:memory:/system.slice,6:devices:/system.slice/systemd-logind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-logind.service root 25228 1836 00:26:00 181-06:43:07 31705 /usr/lib/systemd/systemd-logind 8:memory:/system.slice,6:devices:/system.slice/mariadb.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/mariadb.service mysql 3881328 654388 1-05:56:05 181-06:43:05 31762 /usr/sbin/mysqld 8:memory:/system.slice,6:devices:/system.slice/system-getty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 112 00:00:00 181-06:43:04 31810 /sbin/agetty --noclear tty1 linux 8:memory:/system.slice,6:devices:/system.slice/rsyslog.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rsyslog.service root 533412 14604 00:56:10 181-06:43:04 31840 /usr/sbin/rsyslogd -n 8:memory:/system.slice,6:devices:/system.slice/systemd-udevd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-udevd.service root 43532 416 00:00:00 181-06:43:01 31961 /usr/lib/systemd/systemd-udevd 8:memory:/system.slice,6:devices:/system.slice/systemd-journald.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-journald.service root 56612 21052 01:25:19 181-06:43:01 31976 /usr/lib/systemd/systemd-journald 8:memory:/system.slice,6:devices:/system.slice/rpcbind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rpcbind.service rpc 69320 1072 00:00:47 181-06:43:01 31993 /sbin/rpcbind -w 8:memory:/system.slice,6:devices:/system.slice/acpid.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/acpid.service root 4388 140 00:00:00 181-06:43:01 32009 /usr/sbin/acpid 8:memory:/system.slice,6:devices:/system.slice/crond.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/crond.service root 124504 1084 00:02:47 181-06:43:01 32032 /usr/sbin/crond -n 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 1364 00:21:38 181-06:43:00 32045 /usr/sbin/sshd -D 8:memory:/system.slice,6:devices:/system.slice/polkit.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/polkit.service polkitd 610540 9084 00:17:48 181-06:43:00 32131 /usr/lib/polkit-1/polkitd --no-debug 8:memory:/system.slice,6:devices:/system.slice/irqbalance.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/irqbalance.service root 21540 508 00:20:59 181-06:42:59 32156 /usr/sbin/irqbalance --foreground Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2024-12-10 01:03 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadf9695635aFound public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-fs-nfsd.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled var-lib-nfs-rpc_pipefs.mount static brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2745.scope static acpid.service enabled aibolit-resident.service enabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled auth-rpcgss-module.service static autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled gssproxy.service disabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-blkmap.service disabled nfs-config.service static nfs-idmap.service static nfs-idmapd.service static nfs-lock.service static nfs-mountd.service static nfs-rquotad.service disabled nfs-secure.service static nfs-server.service disabled nfs-utils.service static nfs.service disabled nfslock.service static nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-gssd.service static rpc-rquotad.service disabled rpc-statd-notify.service static rpc-statd.service static rpcbind.service enabled rpcgssd.service static rpcidmapd.service static rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nfs-client.target enabled nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpc_pipefs.target static rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 322 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-fs-nfsd.mount loaded inactive dead NFSD configuration filesystem proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-lib-nfs-rpc_pipefs.mount loaded inactive dead RPC Pipe File System var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service auth-rpcgss-module.service loaded inactive dead Kernel Module supporting RPCSEC_GSS * check_mk@104625-103.179.190.34:6556-194.165.16.76:65294.service loaded failed failed Check_MK * check_mk@120978-103.179.190.34:6556-194.165.16.76:65441.service loaded failed failed Check_MK * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK * check_mk@172347-103.179.190.35:6556-45.227.254.48:65517.service loaded failed failed Check_MK * check_mk@197230-103.179.190.34:6556-167.94.138.124:40940.service loaded failed failed Check_MK * check_mk@210696-103.179.190.35:6556-194.165.16.76:65106.service loaded failed failed Check_MK * check_mk@228110-103.179.190.35:6556-194.165.16.76:65495.service loaded failed failed Check_MK * check_mk@232223-103.179.190.35:6556-194.165.16.72:65253.service loaded failed failed Check_MK * check_mk@240753-103.179.190.35:6556-194.165.16.72:65204.service loaded failed failed Check_MK check_mk@269350-103.179.190.35:6556-139.59.136.184:42060.service loaded activating start start Check_MK (139.59.136.184:42060) * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK * check_mk@62547-103.179.190.34:6556-103.83.81.110:58694.service loaded failed failed Check_MK * check_mk@62548-103.179.190.35:6556-103.83.81.110:64910.service loaded failed failed Check_MK * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK * check_mk@81701-103.179.190.34:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@81702-103.179.190.35:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 gssproxy.service loaded inactive dead GSSAPI Proxy Daemon httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.39 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nfs-config.service loaded inactive dead Preprocess NFS configuration nfs-idmapd.service loaded inactive dead NFSv4 ID-name mapping service nfs-mountd.service loaded inactive dead NFS Mount Daemon * nfs-secure-server.service not-found inactive dead nfs-secure-server.service nfs-server.service loaded inactive dead NFS server and services nfs-utils.service loaded inactive dead NFS server and client services nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpc-gssd.service loaded inactive dead RPC security service for NFS client and server rpc-statd-notify.service loaded inactive dead Notify NFS peers of a restart rpc-statd.service loaded inactive dead NFS status monitor for NFSv2/3 locking. rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WP Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WP Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice Imunify-notifier.slice loaded active active Imunify-notifier.slice Imunify-Scan-aibolit.slice loaded inactive dead Imunify-Scan-aibolit.slice Imunify-Scan.slice loaded inactive dead Imunify-Scan.slice Imunify.slice loaded active active Imunify.slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nfs-client.target loaded inactive dead NFS client services nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpc_pipefs.target loaded inactive dead rpc_pipefs.target rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191516 3644 21:51:41 974-11:04:22 1 /usr/lib/systemd/systemd --system --deserialize 18 - root 0 0 00:00:07 974-11:04:22 2 [kthreadd] - root 0 0 00:00:00 974-11:04:22 4 [kworker/0:0H] - root 0 0 00:03:45 974-11:04:22 6 [ksoftirqd/0] - root 0 0 00:00:43 974-11:04:22 7 [migration/0] - root 0 0 00:00:00 974-11:04:22 8 [rcu_bh] - root 0 0 23:52:10 974-11:04:22 9 [rcu_sched] - root 0 0 00:00:00 974-11:04:22 10 [lru-add-drain] - root 0 0 00:06:16 974-11:04:22 11 [watchdog/0] - root 0 0 00:05:53 974-11:04:22 12 [watchdog/1] - root 0 0 00:08:51 974-11:04:22 13 [migration/1] - root 0 0 00:03:01 974-11:04:22 14 [ksoftirqd/1] - root 0 0 00:00:00 974-11:04:22 16 [kworker/1:0H] - root 0 0 00:05:30 974-11:04:22 17 [watchdog/2] - root 0 0 00:01:21 974-11:04:22 18 [migration/2] - root 0 0 00:02:32 974-11:04:22 19 [ksoftirqd/2] - root 0 0 00:00:00 974-11:04:22 21 [kworker/2:0H] - root 0 0 00:05:29 974-11:04:22 22 [watchdog/3] - root 0 0 00:01:01 974-11:04:22 23 [migration/3] - root 0 0 00:05:05 974-11:04:22 24 [ksoftirqd/3] - root 0 0 00:00:00 974-11:04:22 26 [kworker/3:0H] - root 0 0 00:05:16 974-11:04:22 27 [watchdog/4] - root 0 0 00:04:46 974-11:04:22 28 [migration/4] - root 0 0 00:06:24 974-11:04:22 29 [ksoftirqd/4] - root 0 0 00:00:00 974-11:04:22 31 [kworker/4:0H] - root 0 0 00:06:29 974-11:04:22 32 [watchdog/5] - root 0 0 00:01:23 974-11:04:22 33 [migration/5] - root 0 0 00:37:56 974-11:04:22 34 [ksoftirqd/5] - root 0 0 00:00:00 974-11:04:22 36 [kworker/5:0H] - root 0 0 00:00:00 974-11:04:22 38 [kdevtmpfs] - root 0 0 00:00:00 974-11:04:22 39 [netns] - root 0 0 00:00:42 974-11:04:22 40 [khungtaskd] - root 0 0 00:00:00 974-11:04:22 41 [writeback] - root 0 0 00:00:00 974-11:04:22 42 [kintegrityd] - root 0 0 00:00:00 974-11:04:22 43 [bioset] - root 0 0 00:00:00 974-11:04:22 44 [bioset] - root 0 0 00:00:00 974-11:04:22 45 [bioset] - root 0 0 00:00:00 974-11:04:22 46 [kblockd] - root 0 0 00:00:00 974-11:04:22 47 [md] - root 0 0 00:00:00 974-11:04:22 48 [edac-poller] - root 0 0 00:00:00 974-11:04:22 49 [watchdogd] - root 0 0 00:31:29 974-11:04:22 55 [kswapd0] - root 0 0 00:00:00 974-11:04:22 56 [ksmd] - root 0 0 00:03:02 974-11:04:22 57 [khugepaged] - root 0 0 00:00:00 974-11:04:22 58 [crypto] - root 0 0 00:00:00 974-11:04:22 66 [kthrotld] - root 0 0 00:00:00 974-11:04:22 68 [kmpath_rdacd] - root 0 0 00:00:00 974-11:04:22 69 [kaluad] - root 0 0 00:00:00 974-11:04:22 70 [kpsmoused] - root 0 0 00:00:00 974-11:04:21 72 [ipv6_addrconf] - root 0 0 00:00:00 974-11:04:21 86 [deferwq] - root 0 0 00:56:10 974-11:04:21 197 [kauditd] - root 0 0 00:00:00 974-11:04:21 262 [ata_sff] - root 0 0 00:00:00 974-11:04:21 276 [ttm_swap] - root 0 0 00:00:00 974-11:04:21 280 [scsi_eh_0] - root 0 0 00:00:00 974-11:04:21 281 [scsi_tmf_0] - root 0 0 00:00:00 974-11:04:21 282 [scsi_eh_1] - root 0 0 00:00:00 974-11:04:21 283 [scsi_tmf_1] - root 0 0 00:16:56 974-11:04:21 289 [kworker/3:1H] - root 0 0 00:28:46 974-11:04:21 294 [kworker/0:1H] - root 0 0 00:16:48 974-11:04:21 301 [kworker/4:1H] - root 0 0 03:45:24 974-11:04:21 302 [jbd2/vda1-8] - root 0 0 00:00:00 974-11:04:21 303 [ext4-rsv-conver] - root 0 0 00:02:21 974-11:04:21 309 [kworker/2:1H] - root 0 0 00:17:59 974-11:04:20 372 [kworker/5:1H] - root 0 0 00:03:58 974-11:04:20 374 [kworker/1:1H] 8:memory:/system.slice,6:devices:/system.slice/auditd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/auditd.service root 55532 732 02:03:19 974-11:04:19 458 /sbin/auditd 8:memory:/system.slice,6:devices:/system.slice/dbus.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dbus.service dbus 58296 1412 05:02:31 974-11:04:19 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation - root 0 0 00:22:39 974-11:04:18 671 [loop0] - root 0 0 00:08:49 974-11:04:18 672 [jbd2/loop0-8] - root 0 0 00:00:00 974-11:04:18 673 [ext4-rsv-conver] 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1440 00:00:00 973-09:04:24 1006 nano pdns.conf 8:memory:/system.slice,6:devices:/system.slice/dnsadmin.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dnsadmin.service root 167448 4260 00:42:33 974-11:04:07 1491 dnsadmin - dormant mode 8:memory:/system.slice,6:devices:/system.slice/cpdavd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpdavd.service root 183896 6680 01:28:29 974-11:04:07 1494 cpdavd - accepting connections on: 2091, 2077, 2078 (dormant) 8:memory:/system.slice,6:devices:/system.slice/tailwatchd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/tailwatchd.service root 212396 22524 02:15:54 974-11:04:07 1495 tailwatchd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 190432 12576 05:08:08 974-11:04:07 1497 cPhulkd - processor 8:memory:/system.slice,6:devices:/system.slice/pure-authd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-authd.service root 152776 2036 00:00:09 37-06:32:41 1535 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth 8:memory:/system.slice,6:devices:/system.slice/pure-ftpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-ftpd.service root 153400 2984 00:00:10 37-06:32:41 1536 pure-ftpd (SERVER) - root 0 0 00:00:00 01:41:14 2075 [kworker/5:2] - root 0 0 00:00:00 01:19:30 4091 [kworker/3:1] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237196 14260 00:00:00 01:09:39 5005 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47328 4384 00:00:04 13-00:46:40 5918 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47404 4428 00:00:06 13-00:46:40 5919 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 10452 1128 00:00:06 13-00:46:40 5920 dovecot/log 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47484 4756 00:00:05 13-00:46:40 5921 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47308 4704 00:00:05 13-00:46:40 5922 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 18164 4904 00:00:16 13-00:46:40 5923 dovecot/config 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 13568 1096 00:00:07 13-00:46:40 5924 dovecot/stats 8:memory:/system.slice,6:devices:/system.slice/sw-engine.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sw-engine.service root 443168 11664 00:03:40 169-05:36:58 6136 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-background-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 402256 34572 02:08:07 169-05:36:54 6219 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 385704 18500 00:03:50 169-05:36:54 6223 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php - root 0 0 00:00:00 55:57 6291 [kworker/2:0] 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 153492 11892 00:07:02 10-09:56:52 6970 cPhulkd - dbprocessor - root 0 0 00:00:00 41:14 7343 [kworker/1:2] 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257832 126468 00:00:10 06:30:39 7718 /usr/local/cpanel/3rdparty/perl/536/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 - root 0 0 00:00:00 31:14 8027 [kworker/4:1] 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 259140 123936 00:00:06 06:19:40 8529 spamd child 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257832 122196 00:00:00 06:19:40 8530 spamd child 8:memory:/system.slice,6:devices:/system.slice/cpanel.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel.service root 168356 4904 07:01:02 940-01:40:51 8935 cpsrvd (SSL) - dormant mode - accepting connections - root 0 0 00:00:00 11:14 9594 [kworker/0:2] 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 41196 2904 00:00:00 03:24 10035 dovecot/auth - root 0 0 00:00:00 02:14 10279 [kworker/0:0] - root 0 0 00:00:00 01:14 10317 [kworker/1:1] 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@269350-103.179.190.35:6556-139.59.136.184:42060.service root 113416 1592 00:00:00 00:01 10490 /bin/bash /usr/bin/check_mk_agent 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@269350-103.179.190.35:6556-139.59.136.184:42060.service root 49820 1564 00:00:00 00:00 10513 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 8:memory:/system.slice,6:devices:/system.slice/pdns.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pdns.service named 851208 52060 00:13:10 80-06:32:19 12713 /usr/sbin/pdns_server --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no - root 0 0 00:00:00 05:19:53 13609 [kworker/u12:1] 8:memory:/system.slice,6:devices:/system.slice/queueprocd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/queueprocd.service root 224736 15304 00:02:06 11-06:32:39 13938 queueprocd - waiting up to 60s to process a task 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12760 956 00:00:22 11-06:32:27 14096 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12776 968 00:00:17 11-06:32:27 14097 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 53340 11792 00:00:00 11-06:32:27 14098 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect 8:memory:/system.slice,6:devices:/system.slice/p0f.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 9968 3364 00:51:47 11-06:32:20 14278 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 8:memory:/system.slice,6:devices:/system.slice/cpanellogd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanellogd.service root 130412 2796 00:00:06 11-06:32:20 14293 cpanellogd - sleeping for logs 8:memory:/system.slice,6:devices:/system.slice/nscd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/nscd.service nscd 1400016 2608 00:03:37 11-06:32:20 14310 /usr/sbin/nscd 8:memory:/system.slice,6:devices:/system.slice/cpanel_php_fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel_php_fpm.service root 298732 5808 00:00:56 11-06:32:17 14368 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 230924 11132 00:05:40 54-17:54:04 20033 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 51680 2236 00:01:10 54-17:54:03 20057 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 10320 976 00:00:15 54-17:54:03 20060 dovecot/anvil 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89008 12456 00:02:47 54-17:54:02 20100 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237248 15200 00:00:01 04:31:56 20219 /usr/sbin/httpd -k start - root 0 0 00:00:01 10:19:26 20500 [kworker/5:0] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 804 00:00:00 173-06:31:50 20921 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1564 00:56:47 173-06:31:50 20922 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1312 00:00:00 173-06:31:50 20923 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1364 00:00:00 173-06:31:50 20924 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1328 00:00:00 173-06:31:50 20925 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1220 00:20:53 173-06:31:50 20926 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] - root 0 0 00:00:09 16:01:13 20967 [kworker/1:0] - root 0 0 00:00:00 04:15:15 21766 [kworker/0:1] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237140 14964 00:00:01 04:04:33 22612 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237276 15036 00:00:01 04:00:31 22874 /usr/sbin/httpd -k start - root 0 0 00:00:00 09:34:33 24405 [kworker/u12:0] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237224 14724 00:00:01 03:28:09 25524 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237308 14720 00:00:01 03:28:07 25538 /usr/sbin/httpd -k start - root 0 0 00:00:01 1-03:21:14 27103 [kworker/4:2] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237264 14696 00:00:01 02:46:19 28828 /usr/sbin/httpd -k start - root 0 0 00:00:01 20:19:31 29665 [kworker/2:2] - root 0 0 00:00:00 02:21:13 30787 [kworker/3:0] 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 608600 13108 00:49:11 179-06:31:29 31387 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/qemu-guest-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 348 00:00:00 179-06:30:29 31521 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 8:memory:/system.slice,6:devices:/system.slice/chronyd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/chronyd.service chrony 121048 1116 00:00:35 179-06:30:28 31540 /usr/sbin/chronyd 8:memory:/system.slice,6:devices:/system.slice/xinetd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/xinetd.service root 27380 248 00:00:00 179-06:30:27 31609 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 8:memory:/system.slice,6:devices:/system.slice/system-serial\x2dgetty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 112 00:00:00 179-06:30:27 31640 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 8:memory:/system.slice,6:devices:/system.slice/smartd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/smartd.service root 52852 964 00:00:02 179-06:30:27 31655 /usr/sbin/smartd -n -q never 8:memory:/system.slice,6:devices:/system.slice/memcached.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/memcached.service memcached 80044 612 00:12:55 179-06:30:27 31670 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 8:memory:/system.slice,6:devices:/system.slice/atd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/atd.service root 24208 192 00:00:00 179-06:30:27 31690 /usr/sbin/atd -f 8:memory:/system.slice,6:devices:/system.slice/systemd-logind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-logind.service root 25228 1836 00:25:43 179-06:30:27 31705 /usr/lib/systemd/systemd-logind 8:memory:/system.slice,6:devices:/system.slice/mariadb.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/mariadb.service mysql 3881328 654320 1-05:36:50 179-06:30:25 31762 /usr/sbin/mysqld 8:memory:/system.slice,6:devices:/system.slice/system-getty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 112 00:00:00 179-06:30:24 31810 /sbin/agetty --noclear tty1 linux 8:memory:/system.slice,6:devices:/system.slice/rsyslog.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rsyslog.service root 518380 5748 00:55:26 179-06:30:24 31840 /usr/sbin/rsyslogd -n 8:memory:/system.slice,6:devices:/system.slice/systemd-udevd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-udevd.service root 43532 416 00:00:00 179-06:30:21 31961 /usr/lib/systemd/systemd-udevd 8:memory:/system.slice,6:devices:/system.slice/systemd-journald.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-journald.service root 40188 5176 01:24:07 179-06:30:21 31976 /usr/lib/systemd/systemd-journald 8:memory:/system.slice,6:devices:/system.slice/rpcbind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rpcbind.service rpc 69320 1068 00:00:47 179-06:30:21 31993 /sbin/rpcbind -w 8:memory:/system.slice,6:devices:/system.slice/acpid.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/acpid.service root 4388 140 00:00:00 179-06:30:21 32009 /usr/sbin/acpid 8:memory:/system.slice,6:devices:/system.slice/crond.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/crond.service root 124504 1084 00:02:45 179-06:30:21 32032 /usr/sbin/crond -n 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 1364 00:21:17 179-06:30:20 32045 /usr/sbin/sshd -D 8:memory:/system.slice,6:devices:/system.slice/polkit.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/polkit.service polkitd 610540 9084 00:17:37 179-06:30:20 32131 /usr/lib/polkit-1/polkitd --no-debug 8:memory:/system.slice,6:devices:/system.slice/irqbalance.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/irqbalance.service root 21540 508 00:20:45 179-06:30:19 32156 /usr/sbin/irqbalance --foreground 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237116 14432 00:00:00 02:00:39 32511 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237224 14256 00:00:00 02:00:37 32516 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237080 14340 00:00:00 02:00:37 32517 /usr/sbin/httpd -k start Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2024-12-08 00:51 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadf4e3edc1eFound public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-fs-nfsd.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled var-lib-nfs-rpc_pipefs.mount static brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2745.scope static acpid.service enabled aibolit-resident.service enabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled auth-rpcgss-module.service static autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled gssproxy.service disabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-blkmap.service disabled nfs-config.service static nfs-idmap.service static nfs-idmapd.service static nfs-lock.service static nfs-mountd.service static nfs-rquotad.service disabled nfs-secure.service static nfs-server.service disabled nfs-utils.service static nfs.service disabled nfslock.service static nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-gssd.service static rpc-rquotad.service disabled rpc-statd-notify.service static rpc-statd.service static rpcbind.service enabled rpcgssd.service static rpcidmapd.service static rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nfs-client.target enabled nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpc_pipefs.target static rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 322 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-fs-nfsd.mount loaded inactive dead NFSD configuration filesystem proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-lib-nfs-rpc_pipefs.mount loaded inactive dead RPC Pipe File System var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service auth-rpcgss-module.service loaded inactive dead Kernel Module supporting RPCSEC_GSS * check_mk@104625-103.179.190.34:6556-194.165.16.76:65294.service loaded failed failed Check_MK * check_mk@120978-103.179.190.34:6556-194.165.16.76:65441.service loaded failed failed Check_MK * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK * check_mk@172347-103.179.190.35:6556-45.227.254.48:65517.service loaded failed failed Check_MK * check_mk@197230-103.179.190.34:6556-167.94.138.124:40940.service loaded failed failed Check_MK * check_mk@210696-103.179.190.35:6556-194.165.16.76:65106.service loaded failed failed Check_MK * check_mk@228110-103.179.190.35:6556-194.165.16.76:65495.service loaded failed failed Check_MK * check_mk@232223-103.179.190.35:6556-194.165.16.72:65253.service loaded failed failed Check_MK * check_mk@240753-103.179.190.35:6556-194.165.16.72:65204.service loaded failed failed Check_MK check_mk@268685-103.179.190.35:6556-206.189.225.181:46272.service loaded activating start start Check_MK (206.189.225.181:46272) * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK * check_mk@62547-103.179.190.34:6556-103.83.81.110:58694.service loaded failed failed Check_MK * check_mk@62548-103.179.190.35:6556-103.83.81.110:64910.service loaded failed failed Check_MK * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK * check_mk@81701-103.179.190.34:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@81702-103.179.190.35:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 gssproxy.service loaded inactive dead GSSAPI Proxy Daemon httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.39 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nfs-config.service loaded inactive dead Preprocess NFS configuration nfs-idmapd.service loaded inactive dead NFSv4 ID-name mapping service nfs-mountd.service loaded inactive dead NFS Mount Daemon * nfs-secure-server.service not-found inactive dead nfs-secure-server.service nfs-server.service loaded inactive dead NFS server and services nfs-utils.service loaded inactive dead NFS server and client services nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpc-gssd.service loaded inactive dead RPC security service for NFS client and server rpc-statd-notify.service loaded inactive dead Notify NFS peers of a restart rpc-statd.service loaded inactive dead NFS status monitor for NFSv2/3 locking. rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WP Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WP Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice Imunify-notifier.slice loaded active active Imunify-notifier.slice Imunify-Scan-aibolit.slice loaded inactive dead Imunify-Scan-aibolit.slice Imunify-Scan.slice loaded inactive dead Imunify-Scan.slice Imunify.slice loaded active active Imunify.slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nfs-client.target loaded inactive dead NFS client services nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpc_pipefs.target loaded inactive dead rpc_pipefs.target rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191516 3644 21:48:49 972-11:15:14 1 /usr/lib/systemd/systemd --system --deserialize 18 - root 0 0 00:00:07 972-11:15:14 2 [kthreadd] - root 0 0 00:00:00 972-11:15:14 4 [kworker/0:0H] - root 0 0 00:03:45 972-11:15:14 6 [ksoftirqd/0] - root 0 0 00:00:43 972-11:15:14 7 [migration/0] - root 0 0 00:00:00 972-11:15:14 8 [rcu_bh] - root 0 0 23:48:29 972-11:15:14 9 [rcu_sched] - root 0 0 00:00:00 972-11:15:14 10 [lru-add-drain] - root 0 0 00:06:16 972-11:15:14 11 [watchdog/0] - root 0 0 00:05:52 972-11:15:14 12 [watchdog/1] - root 0 0 00:08:49 972-11:15:14 13 [migration/1] - root 0 0 00:03:01 972-11:15:14 14 [ksoftirqd/1] - root 0 0 00:00:00 972-11:15:14 16 [kworker/1:0H] - root 0 0 00:05:29 972-11:15:14 17 [watchdog/2] - root 0 0 00:01:21 972-11:15:14 18 [migration/2] - root 0 0 00:02:32 972-11:15:14 19 [ksoftirqd/2] - root 0 0 00:00:00 972-11:15:14 21 [kworker/2:0H] - root 0 0 00:05:29 972-11:15:14 22 [watchdog/3] - root 0 0 00:01:01 972-11:15:14 23 [migration/3] - root 0 0 00:05:05 972-11:15:14 24 [ksoftirqd/3] - root 0 0 00:00:00 972-11:15:14 26 [kworker/3:0H] - root 0 0 00:05:15 972-11:15:14 27 [watchdog/4] - root 0 0 00:04:45 972-11:15:14 28 [migration/4] - root 0 0 00:06:23 972-11:15:14 29 [ksoftirqd/4] - root 0 0 00:00:00 972-11:15:14 31 [kworker/4:0H] - root 0 0 00:06:29 972-11:15:14 32 [watchdog/5] - root 0 0 00:01:23 972-11:15:14 33 [migration/5] - root 0 0 00:37:51 972-11:15:14 34 [ksoftirqd/5] - root 0 0 00:00:00 972-11:15:14 36 [kworker/5:0H] - root 0 0 00:00:00 972-11:15:14 38 [kdevtmpfs] - root 0 0 00:00:00 972-11:15:14 39 [netns] - root 0 0 00:00:42 972-11:15:14 40 [khungtaskd] - root 0 0 00:00:00 972-11:15:14 41 [writeback] - root 0 0 00:00:00 972-11:15:14 42 [kintegrityd] - root 0 0 00:00:00 972-11:15:14 43 [bioset] - root 0 0 00:00:00 972-11:15:14 44 [bioset] - root 0 0 00:00:00 972-11:15:14 45 [bioset] - root 0 0 00:00:00 972-11:15:14 46 [kblockd] - root 0 0 00:00:00 972-11:15:14 47 [md] - root 0 0 00:00:00 972-11:15:14 48 [edac-poller] - root 0 0 00:00:00 972-11:15:14 49 [watchdogd] - root 0 0 00:31:16 972-11:15:14 55 [kswapd0] - root 0 0 00:00:00 972-11:15:14 56 [ksmd] - root 0 0 00:03:01 972-11:15:14 57 [khugepaged] - root 0 0 00:00:00 972-11:15:14 58 [crypto] - root 0 0 00:00:00 972-11:15:14 66 [kthrotld] - root 0 0 00:00:00 972-11:15:14 68 [kmpath_rdacd] - root 0 0 00:00:00 972-11:15:14 69 [kaluad] - root 0 0 00:00:00 972-11:15:14 70 [kpsmoused] - root 0 0 00:00:00 972-11:15:13 72 [ipv6_addrconf] - root 0 0 00:00:00 972-11:15:13 86 [deferwq] - root 0 0 00:56:00 972-11:15:13 197 [kauditd] - root 0 0 00:00:00 972-11:15:13 262 [ata_sff] - root 0 0 00:00:00 972-11:15:13 276 [ttm_swap] - root 0 0 00:00:00 972-11:15:13 280 [scsi_eh_0] - root 0 0 00:00:00 972-11:15:13 281 [scsi_tmf_0] - root 0 0 00:00:00 972-11:15:13 282 [scsi_eh_1] - root 0 0 00:00:00 972-11:15:13 283 [scsi_tmf_1] - root 0 0 00:16:53 972-11:15:13 289 [kworker/3:1H] - root 0 0 00:28:41 972-11:15:13 294 [kworker/0:1H] - root 0 0 00:16:45 972-11:15:13 301 [kworker/4:1H] - root 0 0 03:44:53 972-11:15:13 302 [jbd2/vda1-8] - root 0 0 00:00:00 972-11:15:13 303 [ext4-rsv-conver] - root 0 0 00:02:20 972-11:15:13 309 [kworker/2:1H] - root 0 0 00:17:57 972-11:15:12 372 [kworker/5:1H] - root 0 0 00:03:56 972-11:15:12 374 [kworker/1:1H] 8:memory:/system.slice,6:devices:/system.slice/auditd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/auditd.service root 55532 732 02:02:57 972-11:15:11 458 /sbin/auditd 8:memory:/system.slice,6:devices:/system.slice/dbus.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dbus.service dbus 58296 1412 05:01:54 972-11:15:11 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation - root 0 0 00:22:36 972-11:15:10 671 [loop0] - root 0 0 00:08:48 972-11:15:10 672 [jbd2/loop0-8] - root 0 0 00:00:00 972-11:15:10 673 [ext4-rsv-conver] 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 258996 123764 00:00:07 06:29:26 978 spamd child 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257692 122064 00:00:00 06:29:26 979 spamd child 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1440 00:00:00 971-09:15:16 1006 nano pdns.conf - root 0 0 00:00:00 01:24:06 1052 [kworker/4:0] 8:memory:/system.slice,6:devices:/system.slice/dnsadmin.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dnsadmin.service root 167448 4264 00:42:26 972-11:14:59 1491 dnsadmin - dormant mode 8:memory:/system.slice,6:devices:/system.slice/cpdavd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpdavd.service root 183896 6684 01:28:18 972-11:14:59 1494 cpdavd - accepting connections on: 2091, 2077, 2078 (dormant) 8:memory:/system.slice,6:devices:/system.slice/tailwatchd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/tailwatchd.service root 212396 22552 02:15:42 972-11:14:59 1495 tailwatchd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 190432 12560 05:07:18 972-11:14:59 1497 cPhulkd - processor 8:memory:/system.slice,6:devices:/system.slice/pure-authd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-authd.service root 152776 2036 00:00:08 35-06:43:33 1535 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth 8:memory:/system.slice,6:devices:/system.slice/pure-ftpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-ftpd.service root 153400 3080 00:00:09 35-06:43:33 1536 pure-ftpd (SERVER) - root 0 0 00:00:00 01:12:05 2035 [kworker/3:2] - root 0 0 00:00:01 23:02:04 2900 [kworker/4:1] - root 0 0 00:00:00 01:02:05 2992 [kworker/0:0] - root 0 0 00:00:00 05:50:09 4438 [kworker/u12:2] 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47328 5192 00:00:03 11-00:57:32 5918 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47272 5016 00:00:06 11-00:57:32 5919 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 10452 1524 00:00:05 11-00:57:32 5920 dovecot/log 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47360 5228 00:00:04 11-00:57:32 5921 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47308 5232 00:00:04 11-00:57:32 5922 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 18164 5380 00:00:14 11-00:57:32 5923 dovecot/config 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 13568 1524 00:00:06 11-00:57:32 5924 dovecot/stats 8:memory:/system.slice,6:devices:/system.slice/sw-engine.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sw-engine.service root 443168 11664 00:03:37 167-05:47:50 6136 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-background-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 402256 34576 02:06:37 167-05:47:46 6219 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 385704 18496 00:03:47 167-05:47:46 6223 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php - root 0 0 00:00:00 22:06 6657 [kworker/2:0] 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 153380 11876 00:05:32 8-10:07:44 6970 cPhulkd - dbprocessor - root 0 0 00:00:03 2-03:05:44 7300 [kworker/2:2] - root 0 0 00:00:00 15:06 7361 [kworker/5:0] - root 0 0 00:00:00 08:05 8156 [kworker/1:1] - root 0 0 00:00:00 16:02:05 8337 [kworker/3:0] - root 0 0 00:00:00 02:06 8707 [kworker/5:2] - root 0 0 00:00:00 02:06 8714 [kworker/4:2] 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 4228 00:00:00 01:46 8728 sshd: [accepted] 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 41196 2924 00:00:00 01:09 8751 dovecot/auth 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 60816 4492 00:00:00 01:08 8794 dovecot/lmtp - root 0 0 00:00:00 01:05 8878 [kworker/3:1] 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 4228 00:00:00 00:45 8886 sshd: [accepted] 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service sshd 115644 2624 00:00:00 00:44 8887 sshd: [net] 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 4236 00:00:00 00:43 8888 sshd: [accepted] 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 4400 00:00:00 00:09 8907 sshd: [accepted] 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service sshd 115644 2888 00:00:00 00:09 8908 sshd: [net] 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 162132 5840 00:00:00 00:06 8910 sshd: root [priv] 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service sshd 115644 2884 00:00:00 00:06 8911 sshd: root [net] 8:memory:/system.slice,6:devices:/system.slice/cpanel.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel.service root 255736 29088 06:59:47 938-01:51:43 8935 cpsrvd (SSL) - waiting for connections 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 4220 00:00:00 00:01 9004 sshd: [accepted] 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@268685-103.179.190.35:6556-206.189.225.181:46272.service root 113552 1584 00:00:00 00:01 9062 /bin/bash /usr/bin/check_mk_agent 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@268685-103.179.190.35:6556-206.189.225.181:46272.service root 49820 1564 00:00:00 00:00 9085 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 8:memory:/system.slice,6:devices:/system.slice/pdns.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pdns.service named 851208 52168 00:12:50 78-06:43:11 12713 /usr/sbin/pdns_server --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no - root 0 0 00:00:00 10:02:04 12887 [kworker/5:1] - root 0 0 00:00:01 10:01:05 13021 [kworker/0:2] 8:memory:/system.slice,6:devices:/system.slice/queueprocd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/queueprocd.service root 224736 15364 00:01:44 9-06:43:31 13938 queueprocd - waiting up to 60s to process a task 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12760 1032 00:00:18 9-06:43:19 14096 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12772 1044 00:00:14 9-06:43:19 14097 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 53340 11796 00:00:00 9-06:43:19 14098 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect 8:memory:/system.slice,6:devices:/system.slice/p0f.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 9968 3376 00:42:57 9-06:43:12 14278 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 8:memory:/system.slice,6:devices:/system.slice/cpanellogd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanellogd.service root 130412 2796 00:00:05 9-06:43:12 14293 cpanellogd - sleeping for logs 8:memory:/system.slice,6:devices:/system.slice/nscd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/nscd.service nscd 1400016 2724 00:03:00 9-06:43:12 14310 /usr/sbin/nscd 8:memory:/system.slice,6:devices:/system.slice/cpanel_php_fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel_php_fpm.service root 298732 5844 00:00:46 9-06:43:09 14368 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 230924 11484 00:05:25 52-18:04:56 20033 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 51680 2328 00:01:08 52-18:04:55 20057 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 10320 1008 00:00:14 52-18:04:55 20060 dovecot/anvil 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89008 12476 00:02:41 52-18:04:54 20100 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 804 00:00:00 171-06:42:42 20921 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1564 00:56:07 171-06:42:42 20922 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1320 00:00:00 171-06:42:42 20923 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1372 00:00:00 171-06:42:42 20924 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1336 00:00:00 171-06:42:42 20925 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1220 00:20:38 171-06:42:42 20926 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] - root 0 0 00:00:15 1-01:27:04 21682 [kworker/1:0] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237384 14852 00:00:00 03:10:28 22344 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237524 14992 00:00:00 03:05:31 22971 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237272 14724 00:00:00 03:05:30 22972 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237336 14796 00:00:00 02:22:44 27689 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237372 14772 00:00:00 02:11:21 28846 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237256 14716 00:00:00 02:10:42 28899 /usr/sbin/httpd -k start - root 0 0 00:00:00 01:47:00 31102 [kworker/u12:1] 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 608600 13156 00:48:45 177-06:42:21 31387 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/qemu-guest-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 348 00:00:00 177-06:41:21 31521 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 8:memory:/system.slice,6:devices:/system.slice/chronyd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/chronyd.service chrony 121048 1236 00:00:35 177-06:41:20 31540 /usr/sbin/chronyd 8:memory:/system.slice,6:devices:/system.slice/xinetd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/xinetd.service root 27380 248 00:00:00 177-06:41:19 31609 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 8:memory:/system.slice,6:devices:/system.slice/system-serial\x2dgetty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 112 00:00:00 177-06:41:19 31640 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 8:memory:/system.slice,6:devices:/system.slice/smartd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/smartd.service root 52852 1004 00:00:02 177-06:41:19 31655 /usr/sbin/smartd -n -q never 8:memory:/system.slice,6:devices:/system.slice/memcached.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/memcached.service memcached 80044 612 00:12:46 177-06:41:19 31670 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 8:memory:/system.slice,6:devices:/system.slice/atd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/atd.service root 24208 192 00:00:00 177-06:41:19 31690 /usr/sbin/atd -f 8:memory:/system.slice,6:devices:/system.slice/systemd-logind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-logind.service root 25228 1836 00:25:26 177-06:41:19 31705 /usr/lib/systemd/systemd-logind 8:memory:/system.slice,6:devices:/system.slice/mariadb.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/mariadb.service mysql 3881328 654488 1-05:18:46 177-06:41:17 31762 /usr/sbin/mysqld 8:memory:/system.slice,6:devices:/system.slice/system-getty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 112 00:00:00 177-06:41:16 31810 /sbin/agetty --noclear tty1 linux 8:memory:/system.slice,6:devices:/system.slice/rsyslog.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rsyslog.service root 533824 14776 00:54:42 177-06:41:16 31840 /usr/sbin/rsyslogd -n 8:memory:/system.slice,6:devices:/system.slice/systemd-udevd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-udevd.service root 43532 416 00:00:00 177-06:41:13 31961 /usr/lib/systemd/systemd-udevd 8:memory:/system.slice,6:devices:/system.slice/systemd-journald.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-journald.service root 56552 20820 01:22:54 177-06:41:13 31976 /usr/lib/systemd/systemd-journald 8:memory:/system.slice,6:devices:/system.slice/rpcbind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rpcbind.service rpc 69320 1036 00:00:46 177-06:41:13 31993 /sbin/rpcbind -w 8:memory:/system.slice,6:devices:/system.slice/acpid.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/acpid.service root 4388 140 00:00:00 177-06:41:13 32009 /usr/sbin/acpid 8:memory:/system.slice,6:devices:/system.slice/crond.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/crond.service root 124504 1084 00:02:43 177-06:41:13 32032 /usr/sbin/crond -n 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 1364 00:20:55 177-06:41:12 32045 /usr/sbin/sshd -D 8:memory:/system.slice,6:devices:/system.slice/polkit.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/polkit.service polkitd 610540 9088 00:17:25 177-06:41:12 32131 /usr/lib/polkit-1/polkitd --no-debug 8:memory:/system.slice,6:devices:/system.slice/irqbalance.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/irqbalance.service root 21540 508 00:20:30 177-06:41:11 32156 /usr/sbin/irqbalance --foreground 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257692 126304 00:00:09 06:42:50 32440 /usr/local/cpanel/3rdparty/perl/536/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237152 14120 00:00:00 01:32:29 32559 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237436 14648 00:00:00 01:32:28 32561 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237124 14336 00:00:00 01:32:27 32564 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237332 14736 00:00:00 01:32:27 32565 /usr/sbin/httpd -k start Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2024-12-06 01:02 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadffc244edfFound public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-fs-nfsd.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled var-lib-nfs-rpc_pipefs.mount static brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2745.scope static acpid.service enabled aibolit-resident.service enabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled auth-rpcgss-module.service static autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled gssproxy.service disabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-blkmap.service disabled nfs-config.service static nfs-idmap.service static nfs-idmapd.service static nfs-lock.service static nfs-mountd.service static nfs-rquotad.service disabled nfs-secure.service static nfs-server.service disabled nfs-utils.service static nfs.service disabled nfslock.service static nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-gssd.service static rpc-rquotad.service disabled rpc-statd-notify.service static rpc-statd.service static rpcbind.service enabled rpcgssd.service static rpcidmapd.service static rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nfs-client.target enabled nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpc_pipefs.target static rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 322 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-fs-nfsd.mount loaded inactive dead NFSD configuration filesystem proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-lib-nfs-rpc_pipefs.mount loaded inactive dead RPC Pipe File System var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service auth-rpcgss-module.service loaded inactive dead Kernel Module supporting RPCSEC_GSS * check_mk@104625-103.179.190.34:6556-194.165.16.76:65294.service loaded failed failed Check_MK * check_mk@120978-103.179.190.34:6556-194.165.16.76:65441.service loaded failed failed Check_MK * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK * check_mk@172347-103.179.190.35:6556-45.227.254.48:65517.service loaded failed failed Check_MK * check_mk@197230-103.179.190.34:6556-167.94.138.124:40940.service loaded failed failed Check_MK * check_mk@210696-103.179.190.35:6556-194.165.16.76:65106.service loaded failed failed Check_MK * check_mk@228110-103.179.190.35:6556-194.165.16.76:65495.service loaded failed failed Check_MK * check_mk@232223-103.179.190.35:6556-194.165.16.72:65253.service loaded failed failed Check_MK * check_mk@240753-103.179.190.35:6556-194.165.16.72:65204.service loaded failed failed Check_MK check_mk@267862-103.179.190.35:6556-142.93.143.8:51526.service loaded activating start start Check_MK (142.93.143.8:51526) * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK * check_mk@62547-103.179.190.34:6556-103.83.81.110:58694.service loaded failed failed Check_MK * check_mk@62548-103.179.190.35:6556-103.83.81.110:64910.service loaded failed failed Check_MK * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK * check_mk@81701-103.179.190.34:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@81702-103.179.190.35:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 gssproxy.service loaded inactive dead GSSAPI Proxy Daemon httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.39 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nfs-config.service loaded inactive dead Preprocess NFS configuration nfs-idmapd.service loaded inactive dead NFSv4 ID-name mapping service nfs-mountd.service loaded inactive dead NFS Mount Daemon * nfs-secure-server.service not-found inactive dead nfs-secure-server.service nfs-server.service loaded inactive dead NFS server and services nfs-utils.service loaded inactive dead NFS server and client services nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpc-gssd.service loaded inactive dead RPC security service for NFS client and server rpc-statd-notify.service loaded inactive dead Notify NFS peers of a restart rpc-statd.service loaded inactive dead NFS status monitor for NFSv2/3 locking. rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WP Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WP Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice Imunify-notifier.slice loaded active active Imunify-notifier.slice Imunify-Scan-aibolit.slice loaded inactive dead Imunify-Scan-aibolit.slice Imunify-Scan.slice loaded inactive dead Imunify-Scan.slice Imunify.slice loaded active active Imunify.slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nfs-client.target loaded inactive dead NFS client services nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpc_pipefs.target loaded inactive dead rpc_pipefs.target rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191516 3644 21:45:39 970-11:09:14 1 /usr/lib/systemd/systemd --system --deserialize 18 - root 0 0 00:00:07 970-11:09:14 2 [kthreadd] - root 0 0 00:00:00 970-11:09:14 4 [kworker/0:0H] - root 0 0 00:03:44 970-11:09:14 6 [ksoftirqd/0] - root 0 0 00:00:43 970-11:09:14 7 [migration/0] - root 0 0 00:00:00 970-11:09:14 8 [rcu_bh] - root 0 0 23:45:07 970-11:09:14 9 [rcu_sched] - root 0 0 00:00:00 970-11:09:14 10 [lru-add-drain] - root 0 0 00:06:15 970-11:09:14 11 [watchdog/0] - root 0 0 00:05:51 970-11:09:14 12 [watchdog/1] - root 0 0 00:08:48 970-11:09:14 13 [migration/1] - root 0 0 00:03:00 970-11:09:14 14 [ksoftirqd/1] - root 0 0 00:00:00 970-11:09:14 16 [kworker/1:0H] - root 0 0 00:05:29 970-11:09:14 17 [watchdog/2] - root 0 0 00:01:21 970-11:09:14 18 [migration/2] - root 0 0 00:02:31 970-11:09:14 19 [ksoftirqd/2] - root 0 0 00:00:00 970-11:09:14 21 [kworker/2:0H] - root 0 0 00:05:28 970-11:09:14 22 [watchdog/3] - root 0 0 00:01:01 970-11:09:14 23 [migration/3] - root 0 0 00:05:04 970-11:09:14 24 [ksoftirqd/3] - root 0 0 00:00:00 970-11:09:14 26 [kworker/3:0H] - root 0 0 00:05:14 970-11:09:14 27 [watchdog/4] - root 0 0 00:04:45 970-11:09:14 28 [migration/4] - root 0 0 00:06:22 970-11:09:14 29 [ksoftirqd/4] - root 0 0 00:00:00 970-11:09:14 31 [kworker/4:0H] - root 0 0 00:06:28 970-11:09:14 32 [watchdog/5] - root 0 0 00:01:23 970-11:09:14 33 [migration/5] - root 0 0 00:37:47 970-11:09:14 34 [ksoftirqd/5] - root 0 0 00:00:00 970-11:09:14 36 [kworker/5:0H] - root 0 0 00:00:00 970-11:09:14 38 [kdevtmpfs] - root 0 0 00:00:00 970-11:09:14 39 [netns] - root 0 0 00:00:42 970-11:09:14 40 [khungtaskd] - root 0 0 00:00:00 970-11:09:14 41 [writeback] - root 0 0 00:00:00 970-11:09:14 42 [kintegrityd] - root 0 0 00:00:00 970-11:09:14 43 [bioset] - root 0 0 00:00:00 970-11:09:14 44 [bioset] - root 0 0 00:00:00 970-11:09:14 45 [bioset] - root 0 0 00:00:00 970-11:09:14 46 [kblockd] - root 0 0 00:00:00 970-11:09:14 47 [md] - root 0 0 00:00:00 970-11:09:14 48 [edac-poller] - root 0 0 00:00:00 970-11:09:14 49 [watchdogd] - root 0 0 00:31:16 970-11:09:14 55 [kswapd0] - root 0 0 00:00:00 970-11:09:14 56 [ksmd] - root 0 0 00:03:01 970-11:09:14 57 [khugepaged] - root 0 0 00:00:00 970-11:09:14 58 [crypto] - root 0 0 00:00:00 970-11:09:14 66 [kthrotld] - root 0 0 00:00:00 970-11:09:14 68 [kmpath_rdacd] - root 0 0 00:00:00 970-11:09:14 69 [kaluad] - root 0 0 00:00:00 970-11:09:14 70 [kpsmoused] - root 0 0 00:00:00 970-11:09:13 72 [ipv6_addrconf] - root 0 0 00:00:00 970-11:09:13 86 [deferwq] - root 0 0 00:55:51 970-11:09:13 197 [kauditd] - root 0 0 00:00:00 970-11:09:13 262 [ata_sff] - root 0 0 00:00:00 970-11:09:13 276 [ttm_swap] - root 0 0 00:00:00 970-11:09:13 280 [scsi_eh_0] - root 0 0 00:00:00 970-11:09:13 281 [scsi_tmf_0] - root 0 0 00:00:00 970-11:09:13 282 [scsi_eh_1] - root 0 0 00:00:00 970-11:09:13 283 [scsi_tmf_1] - root 0 0 00:16:51 970-11:09:13 289 [kworker/3:1H] - root 0 0 00:28:37 970-11:09:13 294 [kworker/0:1H] - root 0 0 00:16:43 970-11:09:13 301 [kworker/4:1H] - root 0 0 03:44:18 970-11:09:13 302 [jbd2/vda1-8] - root 0 0 00:00:00 970-11:09:13 303 [ext4-rsv-conver] - root 0 0 00:02:20 970-11:09:13 309 [kworker/2:1H] - root 0 0 00:17:54 970-11:09:12 372 [kworker/5:1H] - root 0 0 00:03:56 970-11:09:12 374 [kworker/1:1H] 8:memory:/system.slice,6:devices:/system.slice/auditd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/auditd.service root 55532 732 02:02:36 970-11:09:11 458 /sbin/auditd - root 0 0 00:00:02 04:21:05 563 [kworker/1:1] 8:memory:/system.slice,6:devices:/system.slice/dbus.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dbus.service dbus 58296 1412 05:01:18 970-11:09:11 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation - root 0 0 00:22:32 970-11:09:10 671 [loop0] - root 0 0 00:08:47 970-11:09:10 672 [jbd2/loop0-8] - root 0 0 00:00:00 970-11:09:10 673 [ext4-rsv-conver] 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1440 00:00:00 969-09:09:16 1006 nano pdns.conf 8:memory:/system.slice,6:devices:/system.slice/dnsadmin.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dnsadmin.service root 167448 4264 00:42:20 970-11:08:59 1491 dnsadmin - dormant mode 8:memory:/system.slice,6:devices:/system.slice/cpdavd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpdavd.service root 183896 6676 01:28:07 970-11:08:59 1494 cpdavd - accepting connections on: 2091, 2077, 2078 (dormant) 8:memory:/system.slice,6:devices:/system.slice/tailwatchd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/tailwatchd.service root 211868 22004 02:15:27 970-11:08:59 1495 tailwatchd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 190432 12560 05:06:30 970-11:08:59 1497 cPhulkd - processor 8:memory:/system.slice,6:devices:/system.slice/pure-authd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-authd.service root 152776 2036 00:00:07 33-06:37:33 1535 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth 8:memory:/system.slice,6:devices:/system.slice/pure-ftpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-ftpd.service root 153400 3080 00:00:09 33-06:37:33 1536 pure-ftpd (SERVER) 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237256 14728 00:00:00 03:45:32 3334 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237368 14716 00:00:00 03:45:32 3335 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47224 4944 00:00:02 9-00:51:32 5918 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47272 5016 00:00:05 9-00:51:32 5919 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 10452 1524 00:00:04 9-00:51:32 5920 dovecot/log 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47232 5040 00:00:03 9-00:51:32 5921 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47308 5232 00:00:03 9-00:51:32 5922 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 18164 5380 00:00:11 9-00:51:32 5923 dovecot/config 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 13568 1524 00:00:05 9-00:51:32 5924 dovecot/stats 8:memory:/system.slice,6:devices:/system.slice/sw-engine.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sw-engine.service root 443168 11664 00:03:34 165-05:41:50 6136 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-background-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 402256 34576 02:05:07 165-05:41:46 6219 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 385704 18496 00:03:44 165-05:41:46 6223 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 153380 11824 00:04:05 6-10:01:44 6970 cPhulkd - dbprocessor - root 0 0 00:00:00 02:59:44 7300 [kworker/2:2] 8:memory:/system.slice,6:devices:/system.slice/cpanel.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel.service root 255736 29096 06:58:32 936-01:45:43 8935 cpsrvd (SSL) - waiting for connections - root 0 0 00:00:00 02:16:05 10573 [kworker/3:2] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237200 14364 00:00:00 02:03:39 11529 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237240 14380 00:00:00 02:03:39 11530 /usr/sbin/httpd -k start - root 0 0 00:00:00 01:56:06 12449 [kworker/2:1] - root 0 0 00:00:00 01:56:06 12459 [kworker/4:2] - root 0 0 00:00:00 01:55:05 12519 [kworker/5:2] 8:memory:/system.slice,6:devices:/system.slice/pdns.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pdns.service named 851208 52172 00:12:30 76-06:37:11 12713 /usr/sbin/pdns_server --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no 8:memory:/system.slice,6:devices:/system.slice/queueprocd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/queueprocd.service root 224736 15376 00:01:22 7-06:37:31 13938 queueprocd - waiting up to 60s to process a task 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12744 1032 00:00:14 7-06:37:19 14096 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12748 1044 00:00:11 7-06:37:19 14097 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 53340 11796 00:00:00 7-06:37:19 14098 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect 8:memory:/system.slice,6:devices:/system.slice/p0f.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 9968 3376 00:34:11 7-06:37:12 14278 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 8:memory:/system.slice,6:devices:/system.slice/cpanellogd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanellogd.service root 130412 2796 00:00:04 7-06:37:12 14293 cpanellogd - sleeping for logs 8:memory:/system.slice,6:devices:/system.slice/nscd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/nscd.service nscd 1400016 2692 00:02:22 7-06:37:12 14310 /usr/sbin/nscd 8:memory:/system.slice,6:devices:/system.slice/cpanel_php_fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel_php_fpm.service root 298732 5844 00:00:37 7-06:37:09 14368 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) - root 0 0 00:00:00 07:30:14 15729 [kworker/u12:2] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237436 15268 00:00:01 07:21:50 16218 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237484 15304 00:00:01 07:21:49 16220 /usr/sbin/httpd -k start - root 0 0 00:00:00 01:06:05 17124 [kworker/1:2] - root 0 0 00:00:00 06:56:04 17934 [kworker/3:0] - root 0 0 00:00:02 14:06:05 17985 [kworker/0:0] - root 0 0 00:00:00 36:05 19792 [kworker/4:1] 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257776 126400 00:00:09 06:36:45 19807 /usr/local/cpanel/3rdparty/perl/536/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237008 13928 00:00:00 34:28 19927 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237060 14360 00:00:00 34:27 19928 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237140 13912 00:00:00 34:27 19929 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 230924 11484 00:05:12 50-17:58:56 20033 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 51680 2328 00:01:05 50-17:58:55 20057 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 10320 1008 00:00:14 50-17:58:55 20060 dovecot/anvil 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89008 12476 00:02:34 50-17:58:54 20100 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 259100 123884 00:00:06 06:22:03 20858 spamd child 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257776 122164 00:00:00 06:22:03 20859 spamd child 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 804 00:00:00 169-06:36:42 20921 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1564 00:55:27 169-06:36:42 20922 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1320 00:00:00 169-06:36:42 20923 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1372 00:00:00 169-06:36:42 20924 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1336 00:00:00 169-06:36:42 20925 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1220 00:20:24 169-06:36:42 20926 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] - root 0 0 00:00:00 21:05 21170 [kworker/5:1] - root 0 0 00:00:00 16:05 21605 [kworker/0:1] 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 4220 00:00:00 01:36 22656 sshd: [accepted] 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 41196 2924 00:00:00 01:21 22683 dovecot/auth 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 60816 4496 00:00:00 01:20 22707 dovecot/lmtp 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89312 8656 00:00:00 00:02 22888 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 4228 00:00:00 00:02 22898 sshd: [accepted] 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@267862-103.179.190.35:6556-142.93.143.8:51526.service root 113576 1860 00:00:00 00:01 23029 /bin/bash /usr/bin/check_mk_agent 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@267862-103.179.190.35:6556-142.93.143.8:51526.service root 49820 1564 00:00:00 00:00 23052 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237496 15204 00:00:00 05:50:09 23243 /usr/sbin/httpd -k start - root 0 0 00:00:00 05:02:28 27065 [kworker/u12:0] 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 608600 13156 00:48:15 175-06:36:21 31387 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/qemu-guest-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 348 00:00:00 175-06:35:21 31521 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 8:memory:/system.slice,6:devices:/system.slice/chronyd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/chronyd.service chrony 121048 1184 00:00:34 175-06:35:20 31540 /usr/sbin/chronyd 8:memory:/system.slice,6:devices:/system.slice/xinetd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/xinetd.service root 27380 248 00:00:00 175-06:35:19 31609 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 8:memory:/system.slice,6:devices:/system.slice/system-serial\x2dgetty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 112 00:00:00 175-06:35:19 31640 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 8:memory:/system.slice,6:devices:/system.slice/smartd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/smartd.service root 52852 1004 00:00:02 175-06:35:19 31655 /usr/sbin/smartd -n -q never 8:memory:/system.slice,6:devices:/system.slice/memcached.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/memcached.service memcached 80044 612 00:12:38 175-06:35:19 31670 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 8:memory:/system.slice,6:devices:/system.slice/atd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/atd.service root 24208 192 00:00:00 175-06:35:19 31690 /usr/sbin/atd -f 8:memory:/system.slice,6:devices:/system.slice/systemd-logind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-logind.service root 25228 1836 00:25:09 175-06:35:19 31705 /usr/lib/systemd/systemd-logind 8:memory:/system.slice,6:devices:/system.slice/mariadb.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/mariadb.service mysql 3881328 654472 1-05:01:07 175-06:35:17 31762 /usr/sbin/mysqld 8:memory:/system.slice,6:devices:/system.slice/system-getty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 112 00:00:00 175-06:35:16 31810 /sbin/agetty --noclear tty1 linux 8:memory:/system.slice,6:devices:/system.slice/rsyslog.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rsyslog.service root 516488 7628 00:53:59 175-06:35:16 31840 /usr/sbin/rsyslogd -n 8:memory:/system.slice,6:devices:/system.slice/systemd-udevd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-udevd.service root 43532 416 00:00:00 175-06:35:13 31961 /usr/lib/systemd/systemd-udevd 8:memory:/system.slice,6:devices:/system.slice/systemd-journald.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-journald.service root 40188 7364 01:21:44 175-06:35:13 31976 /usr/lib/systemd/systemd-journald 8:memory:/system.slice,6:devices:/system.slice/rpcbind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rpcbind.service rpc 69320 1036 00:00:46 175-06:35:13 31993 /sbin/rpcbind -w 8:memory:/system.slice,6:devices:/system.slice/acpid.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/acpid.service root 4388 140 00:00:00 175-06:35:13 32009 /usr/sbin/acpid 8:memory:/system.slice,6:devices:/system.slice/crond.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/crond.service root 124504 1084 00:02:41 175-06:35:13 32032 /usr/sbin/crond -n 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 1364 00:20:34 175-06:35:12 32045 /usr/sbin/sshd -D 8:memory:/system.slice,6:devices:/system.slice/polkit.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/polkit.service polkitd 610540 9088 00:17:13 175-06:35:12 32131 /usr/lib/polkit-1/polkitd --no-debug 8:memory:/system.slice,6:devices:/system.slice/irqbalance.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/irqbalance.service root 21540 508 00:20:16 175-06:35:11 32156 /usr/sbin/irqbalance --foreground Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2024-12-04 00:56 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadfa1be5b8fFound public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-fs-nfsd.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled var-lib-nfs-rpc_pipefs.mount static brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2745.scope static acpid.service enabled aibolit-resident.service enabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled auth-rpcgss-module.service static autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled gssproxy.service disabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-blkmap.service disabled nfs-config.service static nfs-idmap.service static nfs-idmapd.service static nfs-lock.service static nfs-mountd.service static nfs-rquotad.service disabled nfs-secure.service static nfs-server.service disabled nfs-utils.service static nfs.service disabled nfslock.service static nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-gssd.service static rpc-rquotad.service disabled rpc-statd-notify.service static rpc-statd.service static rpcbind.service enabled rpcgssd.service static rpcidmapd.service static rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nfs-client.target enabled nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpc_pipefs.target static rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 322 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-fs-nfsd.mount loaded inactive dead NFSD configuration filesystem proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-lib-nfs-rpc_pipefs.mount loaded inactive dead RPC Pipe File System var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service auth-rpcgss-module.service loaded inactive dead Kernel Module supporting RPCSEC_GSS * check_mk@104625-103.179.190.34:6556-194.165.16.76:65294.service loaded failed failed Check_MK * check_mk@120978-103.179.190.34:6556-194.165.16.76:65441.service loaded failed failed Check_MK * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK * check_mk@172347-103.179.190.35:6556-45.227.254.48:65517.service loaded failed failed Check_MK * check_mk@197230-103.179.190.34:6556-167.94.138.124:40940.service loaded failed failed Check_MK * check_mk@210696-103.179.190.35:6556-194.165.16.76:65106.service loaded failed failed Check_MK * check_mk@228110-103.179.190.35:6556-194.165.16.76:65495.service loaded failed failed Check_MK * check_mk@232223-103.179.190.35:6556-194.165.16.72:65253.service loaded failed failed Check_MK * check_mk@240753-103.179.190.35:6556-194.165.16.72:65204.service loaded failed failed Check_MK check_mk@267195-103.179.190.35:6556-206.81.24.74:56648.service loaded activating start start Check_MK (206.81.24.74:56648) * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK * check_mk@62547-103.179.190.34:6556-103.83.81.110:58694.service loaded failed failed Check_MK * check_mk@62548-103.179.190.35:6556-103.83.81.110:64910.service loaded failed failed Check_MK * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK * check_mk@81701-103.179.190.34:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@81702-103.179.190.35:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 gssproxy.service loaded inactive dead GSSAPI Proxy Daemon httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.39 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nfs-config.service loaded inactive dead Preprocess NFS configuration nfs-idmapd.service loaded inactive dead NFSv4 ID-name mapping service nfs-mountd.service loaded inactive dead NFS Mount Daemon * nfs-secure-server.service not-found inactive dead nfs-secure-server.service nfs-server.service loaded inactive dead NFS server and services nfs-utils.service loaded inactive dead NFS server and client services nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpc-gssd.service loaded inactive dead RPC security service for NFS client and server rpc-statd-notify.service loaded inactive dead Notify NFS peers of a restart rpc-statd.service loaded inactive dead NFS status monitor for NFSv2/3 locking. rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WP Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WP Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice Imunify-notifier.slice loaded active active Imunify-notifier.slice Imunify-Scan-aibolit.slice loaded inactive dead Imunify-Scan-aibolit.slice Imunify-Scan.slice loaded inactive dead Imunify-Scan.slice Imunify.slice loaded active active Imunify.slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nfs-client.target loaded inactive dead NFS client services nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpc_pipefs.target loaded inactive dead rpc_pipefs.target rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191516 3644 21:42:47 968-11:55:34 1 /usr/lib/systemd/systemd --system --deserialize 18 - root 0 0 00:00:07 968-11:55:34 2 [kthreadd] - root 0 0 00:00:00 968-11:55:34 4 [kworker/0:0H] - root 0 0 00:03:44 968-11:55:34 6 [ksoftirqd/0] - root 0 0 00:00:42 968-11:55:34 7 [migration/0] - root 0 0 00:00:00 968-11:55:34 8 [rcu_bh] - root 0 0 23:41:59 968-11:55:34 9 [rcu_sched] - root 0 0 00:00:00 968-11:55:34 10 [lru-add-drain] - root 0 0 00:06:14 968-11:55:34 11 [watchdog/0] - root 0 0 00:05:51 968-11:55:34 12 [watchdog/1] - root 0 0 00:08:47 968-11:55:34 13 [migration/1] - root 0 0 00:03:00 968-11:55:34 14 [ksoftirqd/1] - root 0 0 00:00:00 968-11:55:34 16 [kworker/1:0H] - root 0 0 00:05:28 968-11:55:34 17 [watchdog/2] - root 0 0 00:01:21 968-11:55:34 18 [migration/2] - root 0 0 00:02:31 968-11:55:34 19 [ksoftirqd/2] - root 0 0 00:00:00 968-11:55:34 21 [kworker/2:0H] - root 0 0 00:05:27 968-11:55:34 22 [watchdog/3] - root 0 0 00:01:01 968-11:55:34 23 [migration/3] - root 0 0 00:05:04 968-11:55:34 24 [ksoftirqd/3] - root 0 0 00:00:00 968-11:55:34 26 [kworker/3:0H] - root 0 0 00:05:14 968-11:55:34 27 [watchdog/4] - root 0 0 00:04:44 968-11:55:34 28 [migration/4] - root 0 0 00:06:22 968-11:55:34 29 [ksoftirqd/4] - root 0 0 00:00:00 968-11:55:34 31 [kworker/4:0H] - root 0 0 00:06:27 968-11:55:34 32 [watchdog/5] - root 0 0 00:01:23 968-11:55:34 33 [migration/5] - root 0 0 00:37:43 968-11:55:34 34 [ksoftirqd/5] - root 0 0 00:00:00 968-11:55:34 36 [kworker/5:0H] - root 0 0 00:00:00 968-11:55:34 38 [kdevtmpfs] - root 0 0 00:00:00 968-11:55:34 39 [netns] - root 0 0 00:00:42 968-11:55:34 40 [khungtaskd] - root 0 0 00:00:00 968-11:55:34 41 [writeback] - root 0 0 00:00:00 968-11:55:34 42 [kintegrityd] - root 0 0 00:00:00 968-11:55:34 43 [bioset] - root 0 0 00:00:00 968-11:55:34 44 [bioset] - root 0 0 00:00:00 968-11:55:34 45 [bioset] - root 0 0 00:00:00 968-11:55:34 46 [kblockd] - root 0 0 00:00:00 968-11:55:34 47 [md] - root 0 0 00:00:00 968-11:55:34 48 [edac-poller] - root 0 0 00:00:00 968-11:55:34 49 [watchdogd] - root 0 0 00:31:16 968-11:55:34 55 [kswapd0] - root 0 0 00:00:00 968-11:55:34 56 [ksmd] - root 0 0 00:03:01 968-11:55:34 57 [khugepaged] - root 0 0 00:00:00 968-11:55:34 58 [crypto] - root 0 0 00:00:00 968-11:55:34 66 [kthrotld] - root 0 0 00:00:00 968-11:55:34 68 [kmpath_rdacd] - root 0 0 00:00:00 968-11:55:34 69 [kaluad] - root 0 0 00:00:00 968-11:55:34 70 [kpsmoused] - root 0 0 00:00:00 968-11:55:33 72 [ipv6_addrconf] - root 0 0 00:00:00 968-11:55:33 86 [deferwq] - root 0 0 00:55:43 968-11:55:33 197 [kauditd] - root 0 0 00:00:00 968-11:55:33 262 [ata_sff] - root 0 0 00:00:00 968-11:55:33 276 [ttm_swap] - root 0 0 00:00:00 968-11:55:33 280 [scsi_eh_0] - root 0 0 00:00:00 968-11:55:33 281 [scsi_tmf_0] - root 0 0 00:00:00 968-11:55:33 282 [scsi_eh_1] - root 0 0 00:00:00 968-11:55:33 283 [scsi_tmf_1] - root 0 0 00:16:50 968-11:55:33 289 [kworker/3:1H] - root 0 0 00:28:34 968-11:55:33 294 [kworker/0:1H] - root 0 0 00:16:41 968-11:55:33 301 [kworker/4:1H] - root 0 0 03:43:53 968-11:55:33 302 [jbd2/vda1-8] - root 0 0 00:00:00 968-11:55:33 303 [ext4-rsv-conver] - root 0 0 00:02:19 968-11:55:33 309 [kworker/2:1H] - root 0 0 00:17:52 968-11:55:32 372 [kworker/5:1H] - root 0 0 00:03:55 968-11:55:32 374 [kworker/1:1H] 8:memory:/system.slice,6:devices:/system.slice/auditd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/auditd.service root 55532 732 02:02:19 968-11:55:31 458 /sbin/auditd 8:memory:/system.slice,6:devices:/system.slice/dbus.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dbus.service dbus 58296 1412 05:00:42 968-11:55:31 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation - root 0 0 00:22:30 968-11:55:30 671 [loop0] - root 0 0 00:08:46 968-11:55:30 672 [jbd2/loop0-8] - root 0 0 00:00:00 968-11:55:30 673 [ext4-rsv-conver] - root 0 0 00:00:00 22:25 953 [kworker/4:0] - root 0 0 00:00:00 22:25 954 [kworker/3:0] 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1440 00:00:00 967-09:55:36 1006 nano pdns.conf 8:memory:/system.slice,6:devices:/system.slice/dnsadmin.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dnsadmin.service root 167448 4264 00:42:14 968-11:55:19 1491 dnsadmin - dormant mode 8:memory:/system.slice,6:devices:/system.slice/cpdavd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpdavd.service root 183896 6676 01:27:56 968-11:55:19 1494 cpdavd - accepting connections on: 2091, 2077, 2078 (dormant) 8:memory:/system.slice,6:devices:/system.slice/tailwatchd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/tailwatchd.service root 207144 19392 02:15:11 968-11:55:19 1495 tailwatchd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 190432 12564 05:05:49 968-11:55:19 1497 cPhulkd - processor 8:memory:/system.slice,6:devices:/system.slice/pure-authd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-authd.service root 152776 2036 00:00:07 31-07:23:53 1535 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth 8:memory:/system.slice,6:devices:/system.slice/pure-ftpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-ftpd.service root 153400 3080 00:00:08 31-07:23:53 1536 pure-ftpd (SERVER) - root 0 0 00:00:00 12:25 1864 [kworker/5:0] - root 0 0 00:00:00 10:51 2028 [kworker/1:2] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237140 13512 00:00:00 07:38 2368 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237088 13500 00:00:00 07:37 2370 /usr/sbin/httpd -k start - root 0 0 00:00:00 02:25 2880 [kworker/5:1] 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 4228 00:00:00 01:25 2955 sshd: [accepted] 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 4228 00:00:00 01:05 2966 sshd: [accepted] 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 41196 2928 00:00:00 00:16 3101 dovecot/auth 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 60816 4496 00:00:00 00:16 3127 dovecot/lmtp 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 41196 2712 00:00:00 00:16 3134 dovecot/auth -w - root 0 0 00:00:00 00:15 3170 [whostmgrd - ser] <defunct> 8:memory:/system.slice,6:devices:/system.slice/cpanel_php_fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel_php_fpm.service cpanelphpmyadmin 298284 6684 00:00:00 00:15 3185 php-fpm: pool cpanelphpmyadmin 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 4232 00:00:00 00:02 3199 sshd: [accepted] - root 0 0 00:00:00 00:01 3271 [kworker/2:2] 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@267195-103.179.190.35:6556-206.81.24.74:56648.service root 113416 1592 00:00:00 00:00 3340 /bin/bash /usr/bin/check_mk_agent 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@267195-103.179.190.35:6556-206.81.24.74:56648.service root 49820 1560 00:00:00 00:00 3363 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47224 4944 00:00:02 7-01:37:52 5918 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47272 5016 00:00:04 7-01:37:52 5919 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 10452 1524 00:00:03 7-01:37:52 5920 dovecot/log 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47232 5040 00:00:03 7-01:37:52 5921 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47188 4684 00:00:03 7-01:37:52 5922 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 18164 5380 00:00:09 7-01:37:52 5923 dovecot/config 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 13568 1524 00:00:04 7-01:37:52 5924 dovecot/stats 8:memory:/system.slice,6:devices:/system.slice/sw-engine.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sw-engine.service root 443168 11664 00:03:32 163-06:28:10 6136 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-background-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 402256 34576 02:03:38 163-06:28:06 6219 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 385704 18496 00:03:41 163-06:28:06 6223 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 153380 11788 00:02:53 4-10:48:04 6970 cPhulkd - dbprocessor 8:memory:/system.slice,6:devices:/system.slice/cpanel.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel.service root 256268 29740 06:57:20 934-02:32:03 8935 cpsrvd (SSL) - waiting for connections - root 0 0 00:00:00 04:33:52 11502 [kworker/u12:1] 8:memory:/system.slice,6:devices:/system.slice/pdns.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pdns.service named 851208 51944 00:12:11 74-07:23:31 12713 /usr/sbin/pdns_server --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no - root 0 0 00:00:00 04:12:25 13892 [kworker/0:1] 8:memory:/system.slice,6:devices:/system.slice/queueprocd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/queueprocd.service root 224736 15324 00:01:00 5-07:23:51 13938 queueprocd - waiting up to 60s to process a task 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12756 1032 00:00:11 5-07:23:39 14096 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12760 1044 00:00:09 5-07:23:39 14097 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 53340 11796 00:00:00 5-07:23:39 14098 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect 8:memory:/system.slice,6:devices:/system.slice/p0f.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 9968 3376 00:25:31 5-07:23:32 14278 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 8:memory:/system.slice,6:devices:/system.slice/cpanellogd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanellogd.service root 130412 2796 00:00:03 5-07:23:32 14293 cpanellogd - sleeping for logs 8:memory:/system.slice,6:devices:/system.slice/nscd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/nscd.service nscd 1400016 2692 00:01:48 5-07:23:32 14310 /usr/sbin/nscd 8:memory:/system.slice,6:devices:/system.slice/cpanel_php_fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel_php_fpm.service root 298732 5844 00:00:27 5-07:23:29 14368 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) - root 0 0 00:00:00 03:52:24 15853 [kworker/2:0] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 230924 11484 00:05:00 48-18:45:16 20033 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 51680 2328 00:01:02 48-18:45:15 20057 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 10320 1008 00:00:13 48-18:45:15 20060 dovecot/anvil 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89008 12476 00:02:25 48-18:45:14 20100 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 804 00:00:00 167-07:23:02 20921 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1564 00:54:49 167-07:23:02 20922 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1320 00:00:00 167-07:23:02 20923 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1372 00:00:00 167-07:23:02 20924 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1336 00:00:00 167-07:23:02 20925 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1220 00:20:09 167-07:23:02 20926 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257792 126436 00:00:11 07:22:59 24504 /usr/local/cpanel/3rdparty/perl/536/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 259092 123888 00:00:08 07:08:52 25758 spamd child 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257792 122180 00:00:00 07:08:52 25759 spamd child - root 0 0 00:00:02 19:41:24 25831 [kworker/5:2] - root 0 0 00:00:04 1-01:47:09 27946 [kworker/0:0] - root 0 0 00:00:00 01:22:25 28452 [kworker/4:2] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237288 14416 00:00:00 01:08:38 29570 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237228 14476 00:00:00 01:08:34 29586 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237296 14664 00:00:00 01:08:32 29589 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237316 14692 00:00:00 01:08:32 29590 /usr/sbin/httpd -k start - root 0 0 00:00:00 01:07:25 29762 [kworker/3:1] - root 0 0 00:00:00 55:24 30677 [kworker/2:1] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237356 14188 00:00:00 54:49 30700 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 608600 13156 00:47:50 173-07:22:41 31387 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/qemu-guest-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 348 00:00:00 173-07:21:41 31521 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 8:memory:/system.slice,6:devices:/system.slice/chronyd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/chronyd.service chrony 121048 1184 00:00:34 173-07:21:40 31540 /usr/sbin/chronyd 8:memory:/system.slice,6:devices:/system.slice/xinetd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/xinetd.service root 27380 248 00:00:00 173-07:21:39 31609 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 8:memory:/system.slice,6:devices:/system.slice/system-serial\x2dgetty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 112 00:00:00 173-07:21:39 31640 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 8:memory:/system.slice,6:devices:/system.slice/smartd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/smartd.service root 52852 1004 00:00:02 173-07:21:39 31655 /usr/sbin/smartd -n -q never 8:memory:/system.slice,6:devices:/system.slice/memcached.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/memcached.service memcached 80044 612 00:12:29 173-07:21:39 31670 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 8:memory:/system.slice,6:devices:/system.slice/atd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/atd.service root 24208 192 00:00:00 173-07:21:39 31690 /usr/sbin/atd -f 8:memory:/system.slice,6:devices:/system.slice/systemd-logind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-logind.service root 25228 1836 00:24:52 173-07:21:39 31705 /usr/lib/systemd/systemd-logind 8:memory:/system.slice,6:devices:/system.slice/mariadb.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/mariadb.service mysql 3881328 654448 1-04:48:27 173-07:21:37 31762 /usr/sbin/mysqld 8:memory:/system.slice,6:devices:/system.slice/system-getty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 112 00:00:00 173-07:21:36 31810 /sbin/agetty --noclear tty1 linux 8:memory:/system.slice,6:devices:/system.slice/rsyslog.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rsyslog.service root 524672 10984 00:53:19 173-07:21:36 31840 /usr/sbin/rsyslogd -n 8:memory:/system.slice,6:devices:/system.slice/systemd-udevd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-udevd.service root 43532 416 00:00:00 173-07:21:33 31961 /usr/lib/systemd/systemd-udevd - root 0 0 00:00:00 39:34 31966 [kworker/u12:2] 8:memory:/system.slice,6:devices:/system.slice/systemd-journald.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-journald.service root 48380 13424 01:20:41 173-07:21:33 31976 /usr/lib/systemd/systemd-journald 8:memory:/system.slice,6:devices:/system.slice/rpcbind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rpcbind.service rpc 69320 1036 00:00:45 173-07:21:33 31993 /sbin/rpcbind -w 8:memory:/system.slice,6:devices:/system.slice/acpid.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/acpid.service root 4388 140 00:00:00 173-07:21:33 32009 /usr/sbin/acpid 8:memory:/system.slice,6:devices:/system.slice/crond.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/crond.service root 124504 1084 00:02:39 173-07:21:33 32032 /usr/sbin/crond -n 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 1364 00:20:15 173-07:21:32 32045 /usr/sbin/sshd -D 8:memory:/system.slice,6:devices:/system.slice/polkit.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/polkit.service polkitd 610540 9088 00:17:02 173-07:21:32 32131 /usr/lib/polkit-1/polkitd --no-debug 8:memory:/system.slice,6:devices:/system.slice/irqbalance.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/irqbalance.service root 21540 508 00:20:02 173-07:21:31 32156 /usr/sbin/irqbalance --foreground - root 0 0 00:00:00 35:25 32420 [kworker/1:0] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237552 15460 00:00:01 06:09:30 32431 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 241792 16180 00:00:01 06:09:29 32433 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237404 15292 00:00:01 06:09:29 32436 /usr/sbin/httpd -k start Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2024-12-02 01:42 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadf9997a3f3Found public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-fs-nfsd.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled var-lib-nfs-rpc_pipefs.mount static brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2745.scope static acpid.service enabled aibolit-resident.service enabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled auth-rpcgss-module.service static autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled gssproxy.service disabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-blkmap.service disabled nfs-config.service static nfs-idmap.service static nfs-idmapd.service static nfs-lock.service static nfs-mountd.service static nfs-rquotad.service disabled nfs-secure.service static nfs-server.service disabled nfs-utils.service static nfs.service disabled nfslock.service static nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-gssd.service static rpc-rquotad.service disabled rpc-statd-notify.service static rpc-statd.service static rpcbind.service enabled rpcgssd.service static rpcidmapd.service static rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nfs-client.target enabled nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpc_pipefs.target static rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 322 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-fs-nfsd.mount loaded inactive dead NFSD configuration filesystem proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-lib-nfs-rpc_pipefs.mount loaded inactive dead RPC Pipe File System var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service auth-rpcgss-module.service loaded inactive dead Kernel Module supporting RPCSEC_GSS * check_mk@104625-103.179.190.34:6556-194.165.16.76:65294.service loaded failed failed Check_MK * check_mk@120978-103.179.190.34:6556-194.165.16.76:65441.service loaded failed failed Check_MK * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK * check_mk@172347-103.179.190.35:6556-45.227.254.48:65517.service loaded failed failed Check_MK * check_mk@197230-103.179.190.34:6556-167.94.138.124:40940.service loaded failed failed Check_MK * check_mk@210696-103.179.190.35:6556-194.165.16.76:65106.service loaded failed failed Check_MK * check_mk@228110-103.179.190.35:6556-194.165.16.76:65495.service loaded failed failed Check_MK * check_mk@232223-103.179.190.35:6556-194.165.16.72:65253.service loaded failed failed Check_MK * check_mk@240753-103.179.190.35:6556-194.165.16.72:65204.service loaded failed failed Check_MK check_mk@266567-103.179.190.35:6556-167.99.181.249:34936.service loaded activating start start Check_MK (167.99.181.249:34936) * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK * check_mk@62547-103.179.190.34:6556-103.83.81.110:58694.service loaded failed failed Check_MK * check_mk@62548-103.179.190.35:6556-103.83.81.110:64910.service loaded failed failed Check_MK * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK * check_mk@81701-103.179.190.34:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@81702-103.179.190.35:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 gssproxy.service loaded inactive dead GSSAPI Proxy Daemon httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.39 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nfs-config.service loaded inactive dead Preprocess NFS configuration nfs-idmapd.service loaded inactive dead NFSv4 ID-name mapping service nfs-mountd.service loaded inactive dead NFS Mount Daemon * nfs-secure-server.service not-found inactive dead nfs-secure-server.service nfs-server.service loaded inactive dead NFS server and services nfs-utils.service loaded inactive dead NFS server and client services nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpc-gssd.service loaded inactive dead RPC security service for NFS client and server rpc-statd-notify.service loaded inactive dead Notify NFS peers of a restart rpc-statd.service loaded inactive dead NFS status monitor for NFSv2/3 locking. rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WP Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WP Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice Imunify-notifier.slice loaded active active Imunify-notifier.slice Imunify-Scan-aibolit.slice loaded inactive dead Imunify-Scan-aibolit.slice Imunify-Scan.slice loaded inactive dead Imunify-Scan.slice Imunify.slice loaded active active Imunify.slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nfs-client.target loaded inactive dead NFS client services nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpc_pipefs.target loaded inactive dead rpc_pipefs.target rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191516 3640 21:39:43 966-11:16:49 1 /usr/lib/systemd/systemd --system --deserialize 18 - root 0 0 00:00:07 966-11:16:49 2 [kthreadd] - root 0 0 00:00:00 966-11:16:49 4 [kworker/0:0H] - root 0 0 00:03:43 966-11:16:49 6 [ksoftirqd/0] - root 0 0 00:00:42 966-11:16:49 7 [migration/0] - root 0 0 00:00:00 966-11:16:49 8 [rcu_bh] - root 0 0 23:37:54 966-11:16:49 9 [rcu_sched] - root 0 0 00:00:00 966-11:16:49 10 [lru-add-drain] - root 0 0 00:06:13 966-11:16:49 11 [watchdog/0] - root 0 0 00:05:50 966-11:16:49 12 [watchdog/1] - root 0 0 00:08:45 966-11:16:49 13 [migration/1] - root 0 0 00:03:00 966-11:16:49 14 [ksoftirqd/1] - root 0 0 00:00:00 966-11:16:49 16 [kworker/1:0H] - root 0 0 00:05:27 966-11:16:49 17 [watchdog/2] - root 0 0 00:01:20 966-11:16:49 18 [migration/2] - root 0 0 00:02:31 966-11:16:49 19 [ksoftirqd/2] - root 0 0 00:00:00 966-11:16:49 21 [kworker/2:0H] - root 0 0 00:05:26 966-11:16:49 22 [watchdog/3] - root 0 0 00:01:00 966-11:16:49 23 [migration/3] - root 0 0 00:05:03 966-11:16:49 24 [ksoftirqd/3] - root 0 0 00:00:00 966-11:16:49 26 [kworker/3:0H] - root 0 0 00:05:13 966-11:16:49 27 [watchdog/4] - root 0 0 00:04:43 966-11:16:49 28 [migration/4] - root 0 0 00:06:21 966-11:16:49 29 [ksoftirqd/4] - root 0 0 00:00:00 966-11:16:49 31 [kworker/4:0H] - root 0 0 00:06:26 966-11:16:49 32 [watchdog/5] - root 0 0 00:01:22 966-11:16:49 33 [migration/5] - root 0 0 00:37:37 966-11:16:49 34 [ksoftirqd/5] - root 0 0 00:00:00 966-11:16:49 36 [kworker/5:0H] - root 0 0 00:00:00 966-11:16:49 38 [kdevtmpfs] - root 0 0 00:00:00 966-11:16:49 39 [netns] - root 0 0 00:00:42 966-11:16:49 40 [khungtaskd] - root 0 0 00:00:00 966-11:16:49 41 [writeback] - root 0 0 00:00:00 966-11:16:49 42 [kintegrityd] - root 0 0 00:00:00 966-11:16:49 43 [bioset] - root 0 0 00:00:00 966-11:16:49 44 [bioset] - root 0 0 00:00:00 966-11:16:49 45 [bioset] - root 0 0 00:00:00 966-11:16:49 46 [kblockd] - root 0 0 00:00:00 966-11:16:49 47 [md] - root 0 0 00:00:00 966-11:16:49 48 [edac-poller] - root 0 0 00:00:00 966-11:16:49 49 [watchdogd] - root 0 0 00:31:14 966-11:16:49 55 [kswapd0] - root 0 0 00:00:00 966-11:16:49 56 [ksmd] - root 0 0 00:03:00 966-11:16:49 57 [khugepaged] - root 0 0 00:00:00 966-11:16:49 58 [crypto] - root 0 0 00:00:00 966-11:16:49 66 [kthrotld] - root 0 0 00:00:00 966-11:16:49 68 [kmpath_rdacd] - root 0 0 00:00:00 966-11:16:49 69 [kaluad] - root 0 0 00:00:00 966-11:16:49 70 [kpsmoused] - root 0 0 00:00:00 966-11:16:48 72 [ipv6_addrconf] - root 0 0 00:00:00 966-11:16:48 86 [deferwq] - root 0 0 00:55:31 966-11:16:48 197 [kauditd] - root 0 0 00:00:00 966-11:16:48 262 [ata_sff] - root 0 0 00:00:00 966-11:16:48 276 [ttm_swap] - root 0 0 00:00:00 966-11:16:48 280 [scsi_eh_0] - root 0 0 00:00:00 966-11:16:48 281 [scsi_tmf_0] - root 0 0 00:00:00 966-11:16:48 282 [scsi_eh_1] - root 0 0 00:00:00 966-11:16:48 283 [scsi_tmf_1] - root 0 0 00:16:47 966-11:16:48 289 [kworker/3:1H] - root 0 0 00:28:30 966-11:16:48 294 [kworker/0:1H] - root 0 0 00:16:38 966-11:16:48 301 [kworker/4:1H] - root 0 0 03:43:16 966-11:16:48 302 [jbd2/vda1-8] - root 0 0 00:00:00 966-11:16:48 303 [ext4-rsv-conver] - root 0 0 00:02:19 966-11:16:48 309 [kworker/2:1H] - root 0 0 00:17:49 966-11:16:47 372 [kworker/5:1H] - root 0 0 00:03:55 966-11:16:47 374 [kworker/1:1H] 8:memory:/system.slice,6:devices:/system.slice/auditd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/auditd.service root 55532 732 02:01:55 966-11:16:46 458 /sbin/auditd 8:memory:/system.slice,6:devices:/system.slice/dbus.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dbus.service dbus 58296 1412 04:59:59 966-11:16:46 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation - root 0 0 00:22:27 966-11:16:45 671 [loop0] - root 0 0 00:08:44 966-11:16:45 672 [jbd2/loop0-8] - root 0 0 00:00:00 966-11:16:45 673 [ext4-rsv-conver] 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1440 00:00:00 965-09:16:51 1006 nano pdns.conf - root 0 0 00:00:00 33:39 1372 [kworker/4:1] - root 0 0 00:00:00 33:39 1374 [kworker/2:1] 8:memory:/system.slice,6:devices:/system.slice/dnsadmin.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dnsadmin.service root 167448 4260 00:42:07 966-11:16:34 1491 dnsadmin - dormant mode 8:memory:/system.slice,6:devices:/system.slice/cpdavd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpdavd.service root 262240 24592 01:27:45 966-11:16:34 1494 cpdavd - accepting connections on: 2091, 2077, 2078 8:memory:/system.slice,6:devices:/system.slice/tailwatchd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/tailwatchd.service root 207012 19248 02:14:53 966-11:16:34 1495 tailwatchd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 190316 12452 05:04:59 966-11:16:34 1497 cPhulkd - processor 8:memory:/system.slice,6:devices:/system.slice/pure-authd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-authd.service root 152776 2036 00:00:07 29-06:45:08 1535 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth 8:memory:/system.slice,6:devices:/system.slice/pure-ftpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-ftpd.service root 153400 3080 00:00:08 29-06:45:08 1536 pure-ftpd (SERVER) - root 0 0 00:00:00 32:10 1650 [kworker/1:2] - root 0 0 00:00:00 23:40 2402 [kworker/u12:2] - root 0 0 00:00:00 23:40 2406 [kworker/3:1] - root 0 0 00:00:00 03:39 3935 [kworker/3:2] - root 0 0 00:00:00 03:39 3942 [kworker/4:0] 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 41328 2908 00:00:00 03:08 3985 dovecot/auth 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236824 11728 00:00:00 02:12 4085 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service hapharimex 638348 49828 00:00:01 00:08 4298 php-fpm: pool hapharimex_com 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service hapharimex 632192 43768 00:00:00 00:05 4300 php-fpm: pool hapharimex_com 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@266567-103.179.190.35:6556-167.99.181.249:34936.service root 113416 1588 00:00:00 00:00 4440 /bin/bash /usr/bin/check_mk_agent 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@266567-103.179.190.35:6556-167.99.181.249:34936.service root 49820 1560 00:00:00 00:00 4463 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47224 4688 00:00:01 5-00:59:07 5918 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47228 4960 00:00:02 5-00:59:07 5919 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 10452 1524 00:00:02 5-00:59:07 5920 dovecot/log 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 46988 4384 00:00:02 5-00:59:07 5921 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47188 4684 00:00:02 5-00:59:07 5922 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 18164 5380 00:00:06 5-00:59:07 5923 dovecot/config 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 13568 1524 00:00:02 5-00:59:07 5924 dovecot/stats 8:memory:/system.slice,6:devices:/system.slice/sw-engine.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sw-engine.service root 443168 11664 00:03:29 161-05:49:25 6136 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-background-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 402256 34472 02:01:57 161-05:49:21 6219 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 385704 18400 00:03:38 161-05:49:21 6223 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 153256 11692 00:01:21 2-10:09:19 6970 cPhulkd - dbprocessor - root 0 0 00:00:00 05:00:11 7965 [kworker/3:0] 8:memory:/system.slice,6:devices:/system.slice/cpanel.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel.service root 168356 4904 06:55:58 932-01:53:18 8935 cpsrvd (SSL) - dormant mode - accepting connections - root 0 0 00:00:02 23:29:14 8957 [kworker/5:1] 8:memory:/system.slice,6:devices:/system.slice/pdns.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pdns.service named 851208 51404 00:11:49 72-06:44:46 12713 /usr/sbin/pdns_server --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no - root 0 0 00:00:05 1-04:28:39 12901 [kworker/0:2] - root 0 0 00:00:00 09:46:21 13413 [kworker/2:2] 8:memory:/system.slice,6:devices:/system.slice/queueprocd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/queueprocd.service root 224736 15220 00:00:33 3-06:45:06 13938 queueprocd - waiting up to 60s to process a task 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12744 1032 00:00:07 3-06:44:54 14096 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12752 1044 00:00:05 3-06:44:54 14097 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 53340 11796 00:00:00 3-06:44:54 14098 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect 8:memory:/system.slice,6:devices:/system.slice/p0f.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 9968 3380 00:15:04 3-06:44:47 14278 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 8:memory:/system.slice,6:devices:/system.slice/cpanellogd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanellogd.service root 130412 2796 00:00:01 3-06:44:47 14293 cpanellogd - sleeping for logs 8:memory:/system.slice,6:devices:/system.slice/nscd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/nscd.service nscd 1400016 2532 00:01:04 3-06:44:47 14310 /usr/sbin/nscd 8:memory:/system.slice,6:devices:/system.slice/cpanel_php_fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel_php_fpm.service root 298732 5844 00:00:16 3-06:44:44 14368 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 230924 11484 00:04:47 46-18:06:31 20033 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 51680 2312 00:00:59 46-18:06:30 20057 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 10320 1008 00:00:13 46-18:06:30 20060 dovecot/anvil 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89012 12084 00:02:15 46-18:06:29 20100 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237340 14816 00:00:00 02:44:41 20277 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237224 14672 00:00:00 02:44:40 20282 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237276 14800 00:00:00 02:41:28 20619 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237500 14948 00:00:00 02:41:28 20625 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237184 14572 00:00:00 02:40:20 20683 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237324 14800 00:00:00 02:40:19 20684 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237340 14848 00:00:00 02:40:19 20685 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237392 14840 00:00:00 02:40:18 20687 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237332 14808 00:00:00 02:40:18 20688 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237268 14728 00:00:00 02:40:18 20689 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 804 00:00:00 165-06:44:17 20921 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1564 00:54:05 165-06:44:17 20922 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1320 00:00:00 165-06:44:17 20923 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1372 00:00:00 165-06:44:17 20924 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1336 00:00:00 165-06:44:17 20925 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1220 00:19:53 165-06:44:17 20926 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] - root 0 0 00:00:01 1-07:53:39 23363 [kworker/4:2] - root 0 0 00:00:00 01:43:39 26122 [kworker/5:2] - root 0 0 00:00:00 01:42:39 26215 [kworker/1:1] - root 0 0 00:00:00 07:15:28 27588 [kworker/u12:1] - root 0 0 00:00:00 01:03:39 30934 [kworker/0:1] 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257980 125304 00:00:10 06:42:40 31148 /usr/local/cpanel/3rdparty/perl/536/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 608600 13156 00:47:17 171-06:43:56 31387 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/qemu-guest-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 348 00:00:00 171-06:42:56 31521 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 8:memory:/system.slice,6:devices:/system.slice/chronyd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/chronyd.service chrony 121048 1184 00:00:33 171-06:42:55 31540 /usr/sbin/chronyd 8:memory:/system.slice,6:devices:/system.slice/xinetd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/xinetd.service root 27380 248 00:00:00 171-06:42:54 31609 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 8:memory:/system.slice,6:devices:/system.slice/system-serial\x2dgetty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 112 00:00:00 171-06:42:54 31640 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 8:memory:/system.slice,6:devices:/system.slice/smartd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/smartd.service root 52852 1004 00:00:02 171-06:42:54 31655 /usr/sbin/smartd -n -q never 8:memory:/system.slice,6:devices:/system.slice/memcached.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/memcached.service memcached 80044 612 00:12:19 171-06:42:54 31670 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 8:memory:/system.slice,6:devices:/system.slice/atd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/atd.service root 24208 192 00:00:00 171-06:42:54 31690 /usr/sbin/atd -f 8:memory:/system.slice,6:devices:/system.slice/systemd-logind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-logind.service root 25228 1836 00:24:32 171-06:42:54 31705 /usr/lib/systemd/systemd-logind 8:memory:/system.slice,6:devices:/system.slice/mariadb.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/mariadb.service mysql 3881328 653788 1-04:31:43 171-06:42:52 31762 /usr/sbin/mysqld 8:memory:/system.slice,6:devices:/system.slice/system-getty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 112 00:00:00 171-06:42:51 31810 /sbin/agetty --noclear tty1 linux 8:memory:/system.slice,6:devices:/system.slice/rsyslog.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rsyslog.service root 550528 20156 00:52:30 171-06:42:51 31840 /usr/sbin/rsyslogd -n 8:memory:/system.slice,6:devices:/system.slice/systemd-udevd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-udevd.service root 43532 416 00:00:00 171-06:42:48 31961 /usr/lib/systemd/systemd-udevd 8:memory:/system.slice,6:devices:/system.slice/systemd-journald.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-journald.service root 72992 30688 01:19:21 171-06:42:48 31976 /usr/lib/systemd/systemd-journald 8:memory:/system.slice,6:devices:/system.slice/rpcbind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rpcbind.service rpc 69320 1008 00:00:45 171-06:42:48 31993 /sbin/rpcbind -w 8:memory:/system.slice,6:devices:/system.slice/acpid.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/acpid.service root 4388 140 00:00:00 171-06:42:48 32009 /usr/sbin/acpid 8:memory:/system.slice,6:devices:/system.slice/crond.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/crond.service root 124504 1084 00:02:37 171-06:42:48 32032 /usr/sbin/crond -n 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 1364 00:19:53 171-06:42:47 32045 /usr/sbin/sshd -D 8:memory:/system.slice,6:devices:/system.slice/polkit.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/polkit.service polkitd 610540 9088 00:16:48 171-06:42:47 32131 /usr/lib/polkit-1/polkitd --no-debug 8:memory:/system.slice,6:devices:/system.slice/irqbalance.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/irqbalance.service root 21540 508 00:19:46 171-06:42:46 32156 /usr/sbin/irqbalance --foreground 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 259300 124032 00:00:07 06:27:41 32422 spamd child 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257980 122348 00:00:00 06:27:41 32423 spamd child Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2024-11-30 01:03 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadfbfdaad39Found public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-fs-nfsd.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled var-lib-nfs-rpc_pipefs.mount static brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2745.scope static acpid.service enabled aibolit-resident.service enabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled auth-rpcgss-module.service static autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled gssproxy.service disabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-blkmap.service disabled nfs-config.service static nfs-idmap.service static nfs-idmapd.service static nfs-lock.service static nfs-mountd.service static nfs-rquotad.service disabled nfs-secure.service static nfs-server.service disabled nfs-utils.service static nfs.service disabled nfslock.service static nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-gssd.service static rpc-rquotad.service disabled rpc-statd-notify.service static rpc-statd.service static rpcbind.service enabled rpcgssd.service static rpcidmapd.service static rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nfs-client.target enabled nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpc_pipefs.target static rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 322 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-fs-nfsd.mount loaded inactive dead NFSD configuration filesystem proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-lib-nfs-rpc_pipefs.mount loaded inactive dead RPC Pipe File System var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service auth-rpcgss-module.service loaded inactive dead Kernel Module supporting RPCSEC_GSS * check_mk@104625-103.179.190.34:6556-194.165.16.76:65294.service loaded failed failed Check_MK * check_mk@120978-103.179.190.34:6556-194.165.16.76:65441.service loaded failed failed Check_MK * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK * check_mk@172347-103.179.190.35:6556-45.227.254.48:65517.service loaded failed failed Check_MK * check_mk@197230-103.179.190.34:6556-167.94.138.124:40940.service loaded failed failed Check_MK * check_mk@210696-103.179.190.35:6556-194.165.16.76:65106.service loaded failed failed Check_MK * check_mk@228110-103.179.190.35:6556-194.165.16.76:65495.service loaded failed failed Check_MK * check_mk@232223-103.179.190.35:6556-194.165.16.72:65253.service loaded failed failed Check_MK * check_mk@240753-103.179.190.35:6556-194.165.16.72:65204.service loaded failed failed Check_MK check_mk@265784-103.179.190.35:6556-167.172.232.142:38212.service loaded activating start start Check_MK (167.172.232.142:38212) * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK * check_mk@62547-103.179.190.34:6556-103.83.81.110:58694.service loaded failed failed Check_MK * check_mk@62548-103.179.190.35:6556-103.83.81.110:64910.service loaded failed failed Check_MK * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK * check_mk@81701-103.179.190.34:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@81702-103.179.190.35:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 gssproxy.service loaded inactive dead GSSAPI Proxy Daemon httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.39 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nfs-config.service loaded inactive dead Preprocess NFS configuration nfs-idmapd.service loaded inactive dead NFSv4 ID-name mapping service nfs-mountd.service loaded inactive dead NFS Mount Daemon * nfs-secure-server.service not-found inactive dead nfs-secure-server.service nfs-server.service loaded inactive dead NFS server and services nfs-utils.service loaded inactive dead NFS server and client services nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpc-gssd.service loaded inactive dead RPC security service for NFS client and server rpc-statd-notify.service loaded inactive dead Notify NFS peers of a restart rpc-statd.service loaded inactive dead NFS status monitor for NFSv2/3 locking. rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WP Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WP Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice Imunify-notifier.slice loaded active active Imunify-notifier.slice Imunify-Scan-aibolit.slice loaded inactive dead Imunify-Scan-aibolit.slice Imunify-Scan.slice loaded inactive dead Imunify-Scan.slice Imunify.slice loaded active active Imunify.slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nfs-client.target loaded inactive dead NFS client services nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpc_pipefs.target loaded inactive dead rpc_pipefs.target rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191516 3704 21:36:33 964-11:19:40 1 /usr/lib/systemd/systemd --system --deserialize 18 - root 0 0 00:00:07 964-11:19:40 2 [kthreadd] - root 0 0 00:00:00 964-11:19:40 4 [kworker/0:0H] - root 0 0 00:03:42 964-11:19:40 6 [ksoftirqd/0] - root 0 0 00:00:42 964-11:19:40 7 [migration/0] - root 0 0 00:00:00 964-11:19:40 8 [rcu_bh] - root 0 0 23:34:12 964-11:19:40 9 [rcu_sched] - root 0 0 00:00:00 964-11:19:40 10 [lru-add-drain] - root 0 0 00:06:13 964-11:19:40 11 [watchdog/0] - root 0 0 00:05:49 964-11:19:40 12 [watchdog/1] - root 0 0 00:08:44 964-11:19:40 13 [migration/1] - root 0 0 00:02:59 964-11:19:40 14 [ksoftirqd/1] - root 0 0 00:00:00 964-11:19:40 16 [kworker/1:0H] - root 0 0 00:05:26 964-11:19:40 17 [watchdog/2] - root 0 0 00:01:20 964-11:19:40 18 [migration/2] - root 0 0 00:02:31 964-11:19:40 19 [ksoftirqd/2] - root 0 0 00:00:00 964-11:19:40 21 [kworker/2:0H] - root 0 0 00:05:26 964-11:19:40 22 [watchdog/3] - root 0 0 00:01:00 964-11:19:40 23 [migration/3] - root 0 0 00:05:02 964-11:19:40 24 [ksoftirqd/3] - root 0 0 00:00:00 964-11:19:40 26 [kworker/3:0H] - root 0 0 00:05:12 964-11:19:40 27 [watchdog/4] - root 0 0 00:04:43 964-11:19:40 28 [migration/4] - root 0 0 00:06:20 964-11:19:40 29 [ksoftirqd/4] - root 0 0 00:00:00 964-11:19:40 31 [kworker/4:0H] - root 0 0 00:06:25 964-11:19:40 32 [watchdog/5] - root 0 0 00:01:22 964-11:19:40 33 [migration/5] - root 0 0 00:37:33 964-11:19:40 34 [ksoftirqd/5] - root 0 0 00:00:00 964-11:19:40 36 [kworker/5:0H] - root 0 0 00:00:00 964-11:19:40 38 [kdevtmpfs] - root 0 0 00:00:00 964-11:19:40 39 [netns] - root 0 0 00:00:42 964-11:19:40 40 [khungtaskd] - root 0 0 00:00:00 964-11:19:40 41 [writeback] - root 0 0 00:00:00 964-11:19:40 42 [kintegrityd] - root 0 0 00:00:00 964-11:19:40 43 [bioset] - root 0 0 00:00:00 964-11:19:40 44 [bioset] - root 0 0 00:00:00 964-11:19:40 45 [bioset] - root 0 0 00:00:00 964-11:19:40 46 [kblockd] - root 0 0 00:00:00 964-11:19:40 47 [md] - root 0 0 00:00:00 964-11:19:40 48 [edac-poller] - root 0 0 00:00:00 964-11:19:40 49 [watchdogd] - root 0 0 00:31:03 964-11:19:40 55 [kswapd0] - root 0 0 00:00:00 964-11:19:40 56 [ksmd] - root 0 0 00:03:00 964-11:19:40 57 [khugepaged] - root 0 0 00:00:00 964-11:19:40 58 [crypto] - root 0 0 00:00:00 964-11:19:40 66 [kthrotld] - root 0 0 00:00:00 964-11:19:40 68 [kmpath_rdacd] - root 0 0 00:00:00 964-11:19:40 69 [kaluad] - root 0 0 00:00:00 964-11:19:40 70 [kpsmoused] - root 0 0 00:00:00 964-11:19:39 72 [ipv6_addrconf] - root 0 0 00:00:00 964-11:19:39 86 [deferwq] - root 0 0 00:55:23 964-11:19:39 197 [kauditd] - root 0 0 00:00:00 964-11:19:39 262 [ata_sff] - root 0 0 00:00:00 964-11:19:39 276 [ttm_swap] - root 0 0 00:00:00 964-11:19:39 280 [scsi_eh_0] - root 0 0 00:00:00 964-11:19:39 281 [scsi_tmf_0] - root 0 0 00:00:00 964-11:19:39 282 [scsi_eh_1] - root 0 0 00:00:00 964-11:19:39 283 [scsi_tmf_1] - root 0 0 00:16:44 964-11:19:39 289 [kworker/3:1H] - root 0 0 00:28:25 964-11:19:39 294 [kworker/0:1H] - root 0 0 00:16:36 964-11:19:39 301 [kworker/4:1H] - root 0 0 03:42:39 964-11:19:39 302 [jbd2/vda1-8] - root 0 0 00:00:00 964-11:19:39 303 [ext4-rsv-conver] - root 0 0 00:02:18 964-11:19:39 309 [kworker/2:1H] - root 0 0 00:17:46 964-11:19:38 372 [kworker/5:1H] - root 0 0 00:03:54 964-11:19:38 374 [kworker/1:1H] 8:memory:/system.slice,6:devices:/system.slice/auditd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/auditd.service root 55532 732 02:01:38 964-11:19:37 458 /sbin/auditd 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237260 15040 00:00:01 55:49 561 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/dbus.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dbus.service dbus 58296 1412 04:59:21 964-11:19:37 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237240 15112 00:00:01 55:23 585 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237064 14872 00:00:01 54:06 631 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237212 14828 00:00:00 54:05 632 /usr/sbin/httpd -k start - root 0 0 00:22:23 964-11:19:36 671 [loop0] - root 0 0 00:08:43 964-11:19:36 672 [jbd2/loop0-8] - root 0 0 00:00:00 964-11:19:36 673 [ext4-rsv-conver] 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1440 00:00:00 963-09:19:42 1006 nano pdns.conf 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236960 14592 00:00:01 49:50 1022 /usr/sbin/httpd -k start - root 0 0 00:00:00 46:30 1292 [kworker/4:0] 8:memory:/system.slice,6:devices:/system.slice/dnsadmin.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dnsadmin.service root 167448 4264 00:42:01 964-11:19:25 1491 dnsadmin - dormant mode 8:memory:/system.slice,6:devices:/system.slice/cpdavd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpdavd.service root 262256 24492 01:27:33 964-11:19:25 1494 cpdavd - accepting connections on: 2091, 2077, 2078 8:memory:/system.slice,6:devices:/system.slice/tailwatchd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/tailwatchd.service root 207012 19772 02:14:34 964-11:19:25 1495 tailwatchd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 190208 12768 05:04:20 964-11:19:25 1497 cPhulkd - processor 8:memory:/system.slice,6:devices:/system.slice/pure-authd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-authd.service root 152776 2036 00:00:06 27-06:47:59 1535 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth 8:memory:/system.slice,6:devices:/system.slice/pure-ftpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-ftpd.service root 153400 3084 00:00:07 27-06:47:59 1536 pure-ftpd (SERVER) - root 0 0 00:00:02 1-04:21:10 1638 [kworker/5:2] - root 0 0 00:00:00 40:09 1736 [kworker/u12:1] - root 0 0 00:00:00 17:22:59 1857 [kworker/3:1] - root 0 0 00:00:00 29:30 2695 [kworker/3:0] - root 0 0 00:00:00 26:30 2865 [kworker/5:1] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236996 13888 00:00:00 17:32 3596 /usr/sbin/httpd -k start - root 0 0 00:00:00 16:30 3657 [kworker/0:0] - root 0 0 00:00:00 11:11 4012 [kworker/1:0] - root 0 0 00:00:00 06:30 4430 [kworker/2:2] 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service dothingaynay 662492 75320 00:00:04 00:30 4874 php-fpm: pool dothingaynay_vn 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service dothingaynay 662492 75328 00:00:04 00:28 4876 php-fpm: pool dothingaynay_vn 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89440 8656 00:00:00 00:14 4877 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89440 8656 00:00:00 00:14 4878 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service hilink 733056 73716 00:00:01 00:11 4879 php-fpm: pool hilink_vn 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service hilink 640168 51992 00:00:00 00:11 4882 php-fpm: pool hilink_vn 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service dothingaynay 658396 70968 00:00:01 00:10 4883 php-fpm: pool dothingaynay_vn 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89316 8656 00:00:00 00:08 4884 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service hidc 707872 48696 00:00:00 00:06 4885 php-fpm: pool hidc_vn 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service hidc 632088 44468 00:00:00 00:06 4887 php-fpm: pool hidc_vn 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@265784-103.179.190.35:6556-167.172.232.142:38212.service root 113416 1588 00:00:00 00:00 5027 /bin/bash /usr/bin/check_mk_agent 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@265784-103.179.190.35:6556-167.172.232.142:38212.service root 49820 1560 00:00:00 00:00 5050 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47224 4700 00:00:00 3-01:01:58 5918 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47228 5096 00:00:01 3-01:01:58 5919 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 10452 1532 00:00:01 3-01:01:58 5920 dovecot/log 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 46988 4648 00:00:01 3-01:01:58 5921 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47188 5100 00:00:01 3-01:01:58 5922 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 18164 5460 00:00:03 3-01:01:58 5923 dovecot/config 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 13568 1564 00:00:01 3-01:01:58 5924 dovecot/stats 8:memory:/system.slice,6:devices:/system.slice/sw-engine.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sw-engine.service root 443168 11664 00:03:26 159-05:52:16 6136 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-background-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 402256 34576 02:00:23 159-05:52:12 6219 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 385704 18500 00:03:35 159-05:52:12 6223 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 152640 11188 00:00:12 10:12:10 6970 cPhulkd - dbprocessor 8:memory:/system.slice,6:devices:/system.slice/cpanel.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel.service root 168356 4904 06:54:46 930-01:56:09 8935 cpsrvd (SSL) - dormant mode - accepting connections 8:memory:/system.slice,6:devices:/system.slice/pdns.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pdns.service named 851208 51828 00:11:28 70-06:47:37 12713 /usr/sbin/pdns_server --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no 8:memory:/system.slice,6:devices:/system.slice/queueprocd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/queueprocd.service root 224736 17520 00:00:12 1-06:47:57 13938 queueprocd - waiting up to 60s to process a task 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12764 1420 00:00:03 1-06:47:45 14096 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12768 1432 00:00:02 1-06:47:45 14097 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 53340 11864 00:00:00 1-06:47:45 14098 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect 8:memory:/system.slice,6:devices:/system.slice/p0f.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 9896 3332 00:05:51 1-06:47:38 14278 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 8:memory:/system.slice,6:devices:/system.slice/cpanellogd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanellogd.service root 130412 2820 00:00:00 1-06:47:38 14293 cpanellogd - sleeping for logs 8:memory:/system.slice,6:devices:/system.slice/nscd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/nscd.service nscd 1400016 2716 00:00:24 1-06:47:38 14310 /usr/sbin/nscd 8:memory:/system.slice,6:devices:/system.slice/cpanel_php_fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel_php_fpm.service root 298732 6128 00:00:06 1-06:47:35 14368 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257796 126448 00:00:27 1-06:46:18 15157 /usr/local/cpanel/3rdparty/perl/536/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 - root 0 0 00:00:00 03:36:30 16610 [kworker/4:1] 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 259092 124008 00:00:15 1-06:32:10 16763 spamd child 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 230924 13148 00:04:34 44-18:09:22 20033 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 51680 2344 00:00:57 44-18:09:21 20057 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 10320 1008 00:00:12 44-18:09:21 20060 dovecot/anvil 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89012 12472 00:02:04 44-18:09:20 20100 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 804 00:00:00 163-06:47:08 20921 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1564 00:53:24 163-06:47:08 20922 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1328 00:00:00 163-06:47:08 20923 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1384 00:00:00 163-06:47:08 20924 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1344 00:00:00 163-06:47:08 20925 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1220 00:19:38 163-06:47:08 20926 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257796 122200 00:00:00 13:20:48 22381 spamd child - root 0 0 00:00:01 02:35:01 23994 [kworker/1:1] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237312 15356 00:00:01 02:19:01 25958 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237408 15472 00:00:01 02:18:22 26017 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237352 15416 00:00:01 02:18:21 26019 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237212 15144 00:00:01 02:18:21 26021 /usr/sbin/httpd -k start - root 0 0 00:00:01 18:52:54 26118 [kworker/u12:0] - root 0 0 00:00:05 1-05:04:05 26746 [kworker/0:2] - root 0 0 00:00:01 1-00:05:29 28934 [kworker/2:0] 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 608600 13240 00:46:46 169-06:46:47 31387 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/qemu-guest-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 348 00:00:00 169-06:45:47 31521 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 8:memory:/system.slice,6:devices:/system.slice/chronyd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/chronyd.service chrony 121048 1168 00:00:33 169-06:45:46 31540 /usr/sbin/chronyd 8:memory:/system.slice,6:devices:/system.slice/xinetd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/xinetd.service root 27380 248 00:00:00 169-06:45:45 31609 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 8:memory:/system.slice,6:devices:/system.slice/system-serial\x2dgetty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 112 00:00:00 169-06:45:45 31640 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 8:memory:/system.slice,6:devices:/system.slice/smartd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/smartd.service root 52852 1044 00:00:02 169-06:45:45 31655 /usr/sbin/smartd -n -q never 8:memory:/system.slice,6:devices:/system.slice/memcached.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/memcached.service memcached 80044 612 00:12:11 169-06:45:45 31670 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 8:memory:/system.slice,6:devices:/system.slice/atd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/atd.service root 24208 192 00:00:00 169-06:45:45 31690 /usr/sbin/atd -f 8:memory:/system.slice,6:devices:/system.slice/systemd-logind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-logind.service root 25228 1836 00:24:14 169-06:45:45 31705 /usr/lib/systemd/systemd-logind 8:memory:/system.slice,6:devices:/system.slice/mariadb.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/mariadb.service mysql 3881328 654648 1-04:08:53 169-06:45:43 31762 /usr/sbin/mysqld 8:memory:/system.slice,6:devices:/system.slice/system-getty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 112 00:00:00 169-06:45:42 31810 /sbin/agetty --noclear tty1 linux 8:memory:/system.slice,6:devices:/system.slice/rsyslog.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rsyslog.service root 518148 7972 00:51:48 169-06:45:42 31840 /usr/sbin/rsyslogd -n 8:memory:/system.slice,6:devices:/system.slice/systemd-udevd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-udevd.service root 43532 416 00:00:00 169-06:45:39 31961 /usr/lib/systemd/systemd-udevd 8:memory:/system.slice,6:devices:/system.slice/systemd-journald.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-journald.service root 40188 7664 01:18:16 169-06:45:39 31976 /usr/lib/systemd/systemd-journald 8:memory:/system.slice,6:devices:/system.slice/rpcbind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rpcbind.service rpc 69320 1036 00:00:44 169-06:45:39 31993 /sbin/rpcbind -w 8:memory:/system.slice,6:devices:/system.slice/acpid.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/acpid.service root 4388 140 00:00:00 169-06:45:39 32009 /usr/sbin/acpid 8:memory:/system.slice,6:devices:/system.slice/crond.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/crond.service root 124504 1084 00:02:35 169-06:45:39 32032 /usr/sbin/crond -n 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 1364 00:19:36 169-06:45:38 32045 /usr/sbin/sshd -D 8:memory:/system.slice,6:devices:/system.slice/polkit.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/polkit.service polkitd 610540 9096 00:16:35 169-06:45:38 32131 /usr/lib/polkit-1/polkitd --no-debug 8:memory:/system.slice,6:devices:/system.slice/irqbalance.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/irqbalance.service root 21540 508 00:19:31 169-06:45:37 32156 /usr/sbin/irqbalance --foreground Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2024-11-28 01:06 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadf96c0ba64Found public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-fs-nfsd.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled var-lib-nfs-rpc_pipefs.mount static brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2745.scope static acpid.service enabled aibolit-resident.service enabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled auth-rpcgss-module.service static autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled gssproxy.service disabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-blkmap.service disabled nfs-config.service static nfs-idmap.service static nfs-idmapd.service static nfs-lock.service static nfs-mountd.service static nfs-rquotad.service disabled nfs-secure.service static nfs-server.service disabled nfs-utils.service static nfs.service disabled nfslock.service static nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-gssd.service static rpc-rquotad.service disabled rpc-statd-notify.service static rpc-statd.service static rpcbind.service enabled rpcgssd.service static rpcidmapd.service static rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nfs-client.target enabled nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpc_pipefs.target static rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 322 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-fs-nfsd.mount loaded inactive dead NFSD configuration filesystem proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-lib-nfs-rpc_pipefs.mount loaded inactive dead RPC Pipe File System var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service auth-rpcgss-module.service loaded inactive dead Kernel Module supporting RPCSEC_GSS * check_mk@104625-103.179.190.34:6556-194.165.16.76:65294.service loaded failed failed Check_MK * check_mk@120978-103.179.190.34:6556-194.165.16.76:65441.service loaded failed failed Check_MK * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK * check_mk@172347-103.179.190.35:6556-45.227.254.48:65517.service loaded failed failed Check_MK * check_mk@197230-103.179.190.34:6556-167.94.138.124:40940.service loaded failed failed Check_MK * check_mk@210696-103.179.190.35:6556-194.165.16.76:65106.service loaded failed failed Check_MK * check_mk@228110-103.179.190.35:6556-194.165.16.76:65495.service loaded failed failed Check_MK * check_mk@232223-103.179.190.35:6556-194.165.16.72:65253.service loaded failed failed Check_MK * check_mk@240753-103.179.190.35:6556-194.165.16.72:65204.service loaded failed failed Check_MK check_mk@264840-103.179.190.35:6556-209.38.208.202:48386.service loaded activating start start Check_MK (209.38.208.202:48386) * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK * check_mk@62547-103.179.190.34:6556-103.83.81.110:58694.service loaded failed failed Check_MK * check_mk@62548-103.179.190.35:6556-103.83.81.110:64910.service loaded failed failed Check_MK * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK * check_mk@81701-103.179.190.34:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@81702-103.179.190.35:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 gssproxy.service loaded inactive dead GSSAPI Proxy Daemon httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.39 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nfs-config.service loaded inactive dead Preprocess NFS configuration nfs-idmapd.service loaded inactive dead NFSv4 ID-name mapping service nfs-mountd.service loaded inactive dead NFS Mount Daemon * nfs-secure-server.service not-found inactive dead nfs-secure-server.service nfs-server.service loaded inactive dead NFS server and services nfs-utils.service loaded inactive dead NFS server and client services nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpc-gssd.service loaded inactive dead RPC security service for NFS client and server rpc-statd-notify.service loaded inactive dead Notify NFS peers of a restart rpc-statd.service loaded inactive dead NFS status monitor for NFSv2/3 locking. rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WP Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WP Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice Imunify-notifier.slice loaded active active Imunify-notifier.slice Imunify-Scan-aibolit.slice loaded inactive dead Imunify-Scan-aibolit.slice Imunify-Scan.slice loaded inactive dead Imunify-Scan.slice Imunify.slice loaded active active Imunify.slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nfs-client.target loaded inactive dead NFS client services nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpc_pipefs.target loaded inactive dead rpc_pipefs.target rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191516 3644 21:33:04 962-11:20:59 1 /usr/lib/systemd/systemd --system --deserialize 18 - root 0 0 00:00:07 962-11:20:59 2 [kthreadd] - root 0 0 00:00:00 962-11:20:59 4 [kworker/0:0H] - root 0 0 00:03:42 962-11:20:59 6 [ksoftirqd/0] - root 0 0 00:00:42 962-11:20:59 7 [migration/0] - root 0 0 00:00:00 962-11:20:59 8 [rcu_bh] - root 0 0 23:30:29 962-11:20:59 9 [rcu_sched] - root 0 0 00:00:00 962-11:20:59 10 [lru-add-drain] - root 0 0 00:06:12 962-11:20:59 11 [watchdog/0] - root 0 0 00:05:49 962-11:20:59 12 [watchdog/1] - root 0 0 00:08:42 962-11:20:59 13 [migration/1] - root 0 0 00:02:59 962-11:20:59 14 [ksoftirqd/1] - root 0 0 00:00:00 962-11:20:59 16 [kworker/1:0H] - root 0 0 00:05:26 962-11:20:59 17 [watchdog/2] - root 0 0 00:01:20 962-11:20:59 18 [migration/2] - root 0 0 00:02:30 962-11:20:59 19 [ksoftirqd/2] - root 0 0 00:00:00 962-11:20:59 21 [kworker/2:0H] - root 0 0 00:05:25 962-11:20:59 22 [watchdog/3] - root 0 0 00:01:00 962-11:20:59 23 [migration/3] - root 0 0 00:05:01 962-11:20:59 24 [ksoftirqd/3] - root 0 0 00:00:00 962-11:20:59 26 [kworker/3:0H] - root 0 0 00:05:12 962-11:20:59 27 [watchdog/4] - root 0 0 00:04:42 962-11:20:59 28 [migration/4] - root 0 0 00:06:19 962-11:20:59 29 [ksoftirqd/4] - root 0 0 00:00:00 962-11:20:59 31 [kworker/4:0H] - root 0 0 00:06:24 962-11:20:59 32 [watchdog/5] - root 0 0 00:01:22 962-11:20:59 33 [migration/5] - root 0 0 00:37:28 962-11:20:59 34 [ksoftirqd/5] - root 0 0 00:00:00 962-11:20:59 36 [kworker/5:0H] - root 0 0 00:00:00 962-11:20:59 38 [kdevtmpfs] - root 0 0 00:00:00 962-11:20:59 39 [netns] - root 0 0 00:00:42 962-11:20:59 40 [khungtaskd] - root 0 0 00:00:00 962-11:20:59 41 [writeback] - root 0 0 00:00:00 962-11:20:59 42 [kintegrityd] - root 0 0 00:00:00 962-11:20:59 43 [bioset] - root 0 0 00:00:00 962-11:20:59 44 [bioset] - root 0 0 00:00:00 962-11:20:59 45 [bioset] - root 0 0 00:00:00 962-11:20:59 46 [kblockd] - root 0 0 00:00:00 962-11:20:59 47 [md] - root 0 0 00:00:00 962-11:20:59 48 [edac-poller] - root 0 0 00:00:00 962-11:20:59 49 [watchdogd] - root 0 0 00:31:03 962-11:20:59 55 [kswapd0] - root 0 0 00:00:00 962-11:20:59 56 [ksmd] - root 0 0 00:02:59 962-11:20:59 57 [khugepaged] - root 0 0 00:00:00 962-11:20:59 58 [crypto] - root 0 0 00:00:00 962-11:20:59 66 [kthrotld] - root 0 0 00:00:00 962-11:20:59 68 [kmpath_rdacd] - root 0 0 00:00:00 962-11:20:59 69 [kaluad] - root 0 0 00:00:00 962-11:20:59 70 [kpsmoused] - root 0 0 00:00:00 962-11:20:58 72 [ipv6_addrconf] - root 0 0 00:00:00 962-11:20:58 86 [deferwq] - root 0 0 00:55:13 962-11:20:58 197 [kauditd] - root 0 0 00:00:00 962-11:20:58 262 [ata_sff] - root 0 0 00:00:00 962-11:20:58 276 [ttm_swap] - root 0 0 00:00:00 962-11:20:58 280 [scsi_eh_0] - root 0 0 00:00:00 962-11:20:58 281 [scsi_tmf_0] - root 0 0 00:00:00 962-11:20:58 282 [scsi_eh_1] - root 0 0 00:00:00 962-11:20:58 283 [scsi_tmf_1] - root 0 0 00:16:42 962-11:20:58 289 [kworker/3:1H] - root 0 0 00:28:21 962-11:20:58 294 [kworker/0:1H] - root 0 0 00:16:33 962-11:20:58 301 [kworker/4:1H] - root 0 0 03:42:04 962-11:20:58 302 [jbd2/vda1-8] - root 0 0 00:00:00 962-11:20:58 303 [ext4-rsv-conver] - root 0 0 00:02:18 962-11:20:58 309 [kworker/2:1H] - root 0 0 00:17:43 962-11:20:57 372 [kworker/5:1H] - root 0 0 00:03:53 962-11:20:57 374 [kworker/1:1H] 8:memory:/system.slice,6:devices:/system.slice/auditd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/auditd.service root 55532 732 02:01:16 962-11:20:56 458 /sbin/auditd 8:memory:/system.slice,6:devices:/system.slice/dbus.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dbus.service dbus 58296 1412 04:58:43 962-11:20:56 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation - root 0 0 00:22:19 962-11:20:55 671 [loop0] - root 0 0 00:08:41 962-11:20:55 672 [jbd2/loop0-8] - root 0 0 00:00:00 962-11:20:55 673 [ext4-rsv-conver] 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1440 00:00:00 961-09:21:01 1006 nano pdns.conf 8:memory:/system.slice,6:devices:/system.slice/dnsadmin.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dnsadmin.service root 167448 4268 00:41:54 962-11:20:44 1491 dnsadmin - dormant mode 8:memory:/system.slice,6:devices:/system.slice/cpdavd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpdavd.service root 262240 24492 01:27:21 962-11:20:44 1494 cpdavd - accepting connections on: 2091, 2077, 2078 8:memory:/system.slice,6:devices:/system.slice/tailwatchd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/tailwatchd.service root 211920 21892 02:14:14 962-11:20:44 1495 tailwatchd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 190392 12548 05:03:28 962-11:20:44 1497 cPhulkd - processor 8:memory:/system.slice,6:devices:/system.slice/pure-authd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-authd.service root 152776 2036 00:00:05 25-06:49:18 1535 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth 8:memory:/system.slice,6:devices:/system.slice/pure-ftpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-ftpd.service root 153400 3084 00:00:06 25-06:49:18 1536 pure-ftpd (SERVER) 8:memory:/system.slice,6:devices:/system.slice/queueprocd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/queueprocd.service root 224740 15424 00:03:46 20-06:49:17 3563 queueprocd - waiting up to 60s to process a task 8:memory:/system.slice,6:devices:/system.slice/p0f.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 9956 3368 01:35:34 20-06:48:59 3885 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 8:memory:/system.slice,6:devices:/system.slice/cpanellogd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanellogd.service root 130412 2792 00:00:11 20-06:48:59 3894 cpanellogd - sleeping for logs 8:memory:/system.slice,6:devices:/system.slice/nscd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/nscd.service nscd 2008308 3088 00:06:39 20-06:48:59 3898 /usr/sbin/nscd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 153744 12104 00:14:42 20-06:48:59 3899 cPhulkd - dbprocessor 8:memory:/system.slice,6:devices:/system.slice/cpanel_php_fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel_php_fpm.service root 298732 5792 00:01:42 20-06:48:55 3969 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) - root 0 0 00:00:00 04:10:25 4437 [kworker/u12:0] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12760 1416 00:00:01 1-01:03:17 5909 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12776 1432 00:00:01 1-01:03:17 5910 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 53340 11860 00:00:00 1-01:03:17 5911 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 46900 4572 00:00:00 1-01:03:17 5918 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47228 5096 00:00:00 1-01:03:17 5919 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 10452 1532 00:00:00 1-01:03:17 5920 dovecot/log 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 46900 4572 00:00:00 1-01:03:17 5921 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47188 5100 00:00:00 1-01:03:17 5922 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 18096 5256 00:00:01 1-01:03:17 5923 dovecot/config 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 13568 1564 00:00:00 1-01:03:17 5924 dovecot/stats 8:memory:/system.slice,6:devices:/system.slice/sw-engine.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sw-engine.service root 443168 11664 00:03:23 157-05:53:35 6136 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-background-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 402256 34576 01:58:51 157-05:53:31 6219 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 385704 18500 00:03:32 157-05:53:31 6223 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/cpanel.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel.service root 255732 29072 06:53:34 928-01:57:28 8935 cpsrvd (SSL) - waiting for connections 8:memory:/system.slice,6:devices:/system.slice/pdns.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pdns.service named 851208 51828 00:11:09 68-06:48:56 12713 /usr/sbin/pdns_server --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no - root 0 0 00:00:00 02:37:49 14092 [kworker/5:2] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237260 14272 00:00:00 02:25:48 15404 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237412 14688 00:00:00 02:25:45 15421 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237184 14564 00:00:00 02:11:39 16912 /usr/sbin/httpd -k start - root 0 0 00:00:00 06:49:14 18732 [kworker/4:0] 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257816 126460 00:00:10 06:48:00 19194 /usr/local/cpanel/3rdparty/perl/536/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 230824 13124 00:04:22 42-18:10:41 20033 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 51680 2344 00:00:54 42-18:10:40 20057 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 10320 1008 00:00:12 42-18:10:40 20060 dovecot/anvil 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89012 12480 00:01:53 42-18:10:39 20100 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid - root 0 0 00:00:00 06:38:42 20120 [kworker/u12:1] 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 259108 123876 00:00:06 06:37:37 20272 spamd child 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257816 122228 00:00:00 06:37:37 20273 spamd child 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 804 00:00:00 161-06:48:27 20921 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1564 00:52:45 161-06:48:27 20922 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1328 00:00:00 161-06:48:27 20923 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1384 00:00:00 161-06:48:27 20924 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1344 00:00:00 161-06:48:27 20925 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1220 00:19:24 161-06:48:27 20926 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] - root 0 0 00:00:19 1-13:07:49 21112 [kworker/1:1] - root 0 0 00:00:00 01:27:49 21301 [kworker/3:0] - root 0 0 00:00:01 1-08:17:49 21485 [kworker/2:2] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237224 14496 00:00:00 01:17:00 22374 /usr/sbin/httpd -k start - root 0 0 00:00:00 01:06:49 23196 [kworker/5:0] - root 0 0 00:00:00 57:49 24084 [kworker/4:2] - root 0 0 00:00:00 28:49 27376 [kworker/0:1] - root 0 0 00:00:00 17:48 28668 [kworker/2:0] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237380 15024 00:00:01 05:05:14 28864 /usr/sbin/httpd -k start - root 0 0 00:00:00 07:49 29663 [kworker/1:0] - root 0 0 00:00:00 07:49 29668 [kworker/0:2] - root 0 0 00:00:00 05:04:17 29847 [kworker/3:3] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236968 13092 00:00:00 01:59 30164 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236968 12896 00:00:00 01:59 30165 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236968 13144 00:00:00 01:59 30166 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236968 12892 00:00:00 01:58 30174 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236852 12728 00:00:00 01:57 30179 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 41196 2924 00:00:00 01:18 30232 dovecot/auth 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 60816 4496 00:00:00 01:18 30256 dovecot/lmtp 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@264840-103.179.190.35:6556-209.38.208.202:48386.service root 113576 1860 00:00:00 00:00 30587 /bin/bash /usr/bin/check_mk_agent 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@264840-103.179.190.35:6556-209.38.208.202:48386.service root 49820 1560 00:00:00 00:00 30610 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 608600 13236 00:46:11 167-06:48:06 31387 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/qemu-guest-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 348 00:00:00 167-06:47:06 31521 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 8:memory:/system.slice,6:devices:/system.slice/chronyd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/chronyd.service chrony 121048 1168 00:00:32 167-06:47:05 31540 /usr/sbin/chronyd 8:memory:/system.slice,6:devices:/system.slice/xinetd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/xinetd.service root 27380 248 00:00:00 167-06:47:04 31609 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 8:memory:/system.slice,6:devices:/system.slice/system-serial\x2dgetty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 112 00:00:00 167-06:47:04 31640 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 8:memory:/system.slice,6:devices:/system.slice/smartd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/smartd.service root 52852 1044 00:00:02 167-06:47:04 31655 /usr/sbin/smartd -n -q never 8:memory:/system.slice,6:devices:/system.slice/memcached.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/memcached.service memcached 80044 612 00:12:02 167-06:47:04 31670 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 8:memory:/system.slice,6:devices:/system.slice/atd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/atd.service root 24208 192 00:00:00 167-06:47:04 31690 /usr/sbin/atd -f 8:memory:/system.slice,6:devices:/system.slice/systemd-logind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-logind.service root 25228 1836 00:23:56 167-06:47:04 31705 /usr/lib/systemd/systemd-logind 8:memory:/system.slice,6:devices:/system.slice/mariadb.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/mariadb.service mysql 3881328 654532 1-03:46:13 167-06:47:02 31762 /usr/sbin/mysqld 8:memory:/system.slice,6:devices:/system.slice/system-getty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 112 00:00:00 167-06:47:01 31810 /sbin/agetty --noclear tty1 linux 8:memory:/system.slice,6:devices:/system.slice/rsyslog.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rsyslog.service root 525948 15108 00:51:03 167-06:47:01 31840 /usr/sbin/rsyslogd -n 8:memory:/system.slice,6:devices:/system.slice/systemd-udevd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-udevd.service root 43532 416 00:00:00 167-06:46:58 31961 /usr/lib/systemd/systemd-udevd 8:memory:/system.slice,6:devices:/system.slice/systemd-journald.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-journald.service root 56528 21268 01:17:03 167-06:46:58 31976 /usr/lib/systemd/systemd-journald 8:memory:/system.slice,6:devices:/system.slice/rpcbind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rpcbind.service rpc 69320 1036 00:00:44 167-06:46:58 31993 /sbin/rpcbind -w 8:memory:/system.slice,6:devices:/system.slice/acpid.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/acpid.service root 4388 140 00:00:00 167-06:46:58 32009 /usr/sbin/acpid 8:memory:/system.slice,6:devices:/system.slice/crond.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/crond.service root 124504 1084 00:02:33 167-06:46:58 32032 /usr/sbin/crond -n 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 1364 00:19:13 167-06:46:57 32045 /usr/sbin/sshd -D 8:memory:/system.slice,6:devices:/system.slice/polkit.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/polkit.service polkitd 610540 9096 00:16:23 167-06:46:57 32131 /usr/lib/polkit-1/polkitd --no-debug 8:memory:/system.slice,6:devices:/system.slice/irqbalance.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/irqbalance.service root 21540 508 00:19:17 167-06:46:56 32156 /usr/sbin/irqbalance --foreground Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2024-11-26 01:07 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadf4a473071Found public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-fs-nfsd.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled var-lib-nfs-rpc_pipefs.mount static brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2416853.scope static session-2745.scope static acpid.service enabled aibolit-resident.service enabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled auth-rpcgss-module.service static autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled gssproxy.service disabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-blkmap.service disabled nfs-config.service static nfs-idmap.service static nfs-idmapd.service static nfs-lock.service static nfs-mountd.service static nfs-rquotad.service disabled nfs-secure.service static nfs-server.service disabled nfs-utils.service static nfs.service disabled nfslock.service static nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-gssd.service static rpc-rquotad.service disabled rpc-statd-notify.service static rpc-statd.service static rpcbind.service enabled rpcgssd.service static rpcidmapd.service static rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nfs-client.target enabled nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpc_pipefs.target static rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 323 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-fs-nfsd.mount loaded inactive dead NFSD configuration filesystem proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-lib-nfs-rpc_pipefs.mount loaded inactive dead RPC Pipe File System var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2416853.scope loaded active running Session 2416853 of user root session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service auth-rpcgss-module.service loaded inactive dead Kernel Module supporting RPCSEC_GSS * check_mk@104625-103.179.190.34:6556-194.165.16.76:65294.service loaded failed failed Check_MK * check_mk@120978-103.179.190.34:6556-194.165.16.76:65441.service loaded failed failed Check_MK * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK * check_mk@172347-103.179.190.35:6556-45.227.254.48:65517.service loaded failed failed Check_MK * check_mk@197230-103.179.190.34:6556-167.94.138.124:40940.service loaded failed failed Check_MK * check_mk@210696-103.179.190.35:6556-194.165.16.76:65106.service loaded failed failed Check_MK * check_mk@228110-103.179.190.35:6556-194.165.16.76:65495.service loaded failed failed Check_MK * check_mk@232223-103.179.190.35:6556-194.165.16.72:65253.service loaded failed failed Check_MK * check_mk@240753-103.179.190.35:6556-194.165.16.72:65204.service loaded failed failed Check_MK check_mk@264121-103.179.190.35:6556-165.227.173.41:58108.service loaded activating start start Check_MK (165.227.173.41:58108) * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK * check_mk@62547-103.179.190.34:6556-103.83.81.110:58694.service loaded failed failed Check_MK * check_mk@62548-103.179.190.35:6556-103.83.81.110:64910.service loaded failed failed Check_MK * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK * check_mk@81701-103.179.190.34:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@81702-103.179.190.35:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 gssproxy.service loaded inactive dead GSSAPI Proxy Daemon httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.39 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nfs-config.service loaded inactive dead Preprocess NFS configuration nfs-idmapd.service loaded inactive dead NFSv4 ID-name mapping service nfs-mountd.service loaded inactive dead NFS Mount Daemon * nfs-secure-server.service not-found inactive dead nfs-secure-server.service nfs-server.service loaded inactive dead NFS server and services nfs-utils.service loaded inactive dead NFS server and client services nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpc-gssd.service loaded inactive dead RPC security service for NFS client and server rpc-statd-notify.service loaded inactive dead Notify NFS peers of a restart rpc-statd.service loaded inactive dead NFS status monitor for NFSv2/3 locking. rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WP Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WP Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice Imunify-notifier.slice loaded active active Imunify-notifier.slice Imunify-Scan-aibolit.slice loaded inactive dead Imunify-Scan-aibolit.slice Imunify-Scan.slice loaded inactive dead Imunify-Scan.slice Imunify.slice loaded active active Imunify.slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nfs-client.target loaded inactive dead NFS client services nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpc_pipefs.target loaded inactive dead rpc_pipefs.target rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191516 3644 21:29:53 960-11:03:28 1 /usr/lib/systemd/systemd --system --deserialize 18 - root 0 0 00:00:07 960-11:03:28 2 [kthreadd] - root 0 0 00:00:00 960-11:03:28 4 [kworker/0:0H] - root 0 0 00:03:41 960-11:03:28 6 [ksoftirqd/0] - root 0 0 00:00:42 960-11:03:28 7 [migration/0] - root 0 0 00:00:00 960-11:03:28 8 [rcu_bh] - root 0 0 23:26:32 960-11:03:28 9 [rcu_sched] - root 0 0 00:00:00 960-11:03:28 10 [lru-add-drain] - root 0 0 00:06:11 960-11:03:28 11 [watchdog/0] - root 0 0 00:05:48 960-11:03:28 12 [watchdog/1] - root 0 0 00:08:41 960-11:03:28 13 [migration/1] - root 0 0 00:02:58 960-11:03:28 14 [ksoftirqd/1] - root 0 0 00:00:00 960-11:03:28 16 [kworker/1:0H] - root 0 0 00:05:25 960-11:03:28 17 [watchdog/2] - root 0 0 00:01:20 960-11:03:28 18 [migration/2] - root 0 0 00:02:30 960-11:03:28 19 [ksoftirqd/2] - root 0 0 00:00:00 960-11:03:28 21 [kworker/2:0H] - root 0 0 00:05:24 960-11:03:28 22 [watchdog/3] - root 0 0 00:01:00 960-11:03:28 23 [migration/3] - root 0 0 00:05:01 960-11:03:28 24 [ksoftirqd/3] - root 0 0 00:00:00 960-11:03:28 26 [kworker/3:0H] - root 0 0 00:05:11 960-11:03:28 27 [watchdog/4] - root 0 0 00:04:41 960-11:03:28 28 [migration/4] - root 0 0 00:06:18 960-11:03:28 29 [ksoftirqd/4] - root 0 0 00:00:00 960-11:03:28 31 [kworker/4:0H] - root 0 0 00:06:23 960-11:03:28 32 [watchdog/5] - root 0 0 00:01:22 960-11:03:28 33 [migration/5] - root 0 0 00:37:22 960-11:03:28 34 [ksoftirqd/5] - root 0 0 00:00:00 960-11:03:28 36 [kworker/5:0H] - root 0 0 00:00:00 960-11:03:28 38 [kdevtmpfs] - root 0 0 00:00:00 960-11:03:28 39 [netns] - root 0 0 00:00:42 960-11:03:28 40 [khungtaskd] - root 0 0 00:00:00 960-11:03:28 41 [writeback] - root 0 0 00:00:00 960-11:03:28 42 [kintegrityd] - root 0 0 00:00:00 960-11:03:28 43 [bioset] - root 0 0 00:00:00 960-11:03:28 44 [bioset] - root 0 0 00:00:00 960-11:03:28 45 [bioset] - root 0 0 00:00:00 960-11:03:28 46 [kblockd] - root 0 0 00:00:00 960-11:03:28 47 [md] - root 0 0 00:00:00 960-11:03:28 48 [edac-poller] - root 0 0 00:00:00 960-11:03:28 49 [watchdogd] - root 0 0 00:31:02 960-11:03:28 55 [kswapd0] - root 0 0 00:00:00 960-11:03:28 56 [ksmd] - root 0 0 00:02:59 960-11:03:28 57 [khugepaged] - root 0 0 00:00:00 960-11:03:28 58 [crypto] - root 0 0 00:00:00 960-11:03:28 66 [kthrotld] - root 0 0 00:00:00 960-11:03:28 68 [kmpath_rdacd] - root 0 0 00:00:00 960-11:03:28 69 [kaluad] - root 0 0 00:00:00 960-11:03:28 70 [kpsmoused] - root 0 0 00:00:00 960-11:03:27 72 [ipv6_addrconf] - root 0 0 00:00:00 960-11:03:27 86 [deferwq] - root 0 0 00:54:58 960-11:03:27 197 [kauditd] - root 0 0 00:00:00 960-11:03:27 262 [ata_sff] - root 0 0 00:00:00 960-11:03:27 276 [ttm_swap] - root 0 0 00:00:00 960-11:03:27 280 [scsi_eh_0] - root 0 0 00:00:00 960-11:03:27 281 [scsi_tmf_0] - root 0 0 00:00:00 960-11:03:27 282 [scsi_eh_1] - root 0 0 00:00:00 960-11:03:27 283 [scsi_tmf_1] - root 0 0 00:16:39 960-11:03:27 289 [kworker/3:1H] - root 0 0 00:28:17 960-11:03:27 294 [kworker/0:1H] - root 0 0 00:16:30 960-11:03:27 301 [kworker/4:1H] - root 0 0 03:41:28 960-11:03:27 302 [jbd2/vda1-8] - root 0 0 00:00:00 960-11:03:27 303 [ext4-rsv-conver] - root 0 0 00:02:18 960-11:03:27 309 [kworker/2:1H] - root 0 0 00:17:40 960-11:03:26 372 [kworker/5:1H] - root 0 0 00:03:53 960-11:03:26 374 [kworker/1:1H] 8:memory:/system.slice,6:devices:/system.slice/auditd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/auditd.service root 55532 732 02:00:44 960-11:03:25 458 /sbin/auditd 8:memory:/system.slice,6:devices:/system.slice/dbus.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dbus.service dbus 58296 1412 04:58:03 960-11:03:25 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation - root 0 0 00:22:16 960-11:03:24 671 [loop0] - root 0 0 00:08:40 960-11:03:24 672 [jbd2/loop0-8] - root 0 0 00:00:00 960-11:03:24 673 [ext4-rsv-conver] 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1440 00:00:00 959-09:03:30 1006 nano pdns.conf 8:memory:/system.slice,6:devices:/system.slice/dnsadmin.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dnsadmin.service root 167448 4264 00:41:48 960-11:03:13 1491 dnsadmin - dormant mode 8:memory:/system.slice,6:devices:/system.slice/cpdavd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpdavd.service root 183896 6676 01:27:09 960-11:03:13 1494 cpdavd - accepting connections on: 2091, 2077, 2078 (dormant) 8:memory:/system.slice,6:devices:/system.slice/tailwatchd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/tailwatchd.service root 207120 19336 02:13:53 960-11:03:13 1495 tailwatchd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 190260 12356 05:02:18 960-11:03:13 1497 cPhulkd - processor 8:memory:/system.slice,6:devices:/system.slice/pure-authd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-authd.service root 152776 2036 00:00:05 23-06:31:47 1535 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth 8:memory:/system.slice,6:devices:/system.slice/pure-ftpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-ftpd.service root 153400 3084 00:00:06 23-06:31:47 1536 pure-ftpd (SERVER) 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237328 15408 00:00:01 02:15:02 1740 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237284 15352 00:00:01 02:15:01 1746 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237312 15376 00:00:01 02:15:01 1747 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237388 15532 00:00:03 06:40:59 3127 /usr/sbin/httpd -k start - root 0 0 00:00:04 06:40:17 3267 [kworker/1:2] 8:memory:/system.slice,6:devices:/system.slice/queueprocd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/queueprocd.service root 224740 15216 00:03:24 18-06:31:46 3563 queueprocd - waiting up to 60s to process a task 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12768 952 00:00:39 18-06:31:33 3697 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12784 976 00:00:32 18-06:31:33 3698 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 53268 11800 00:00:00 18-06:31:33 3699 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect 8:memory:/system.slice,6:devices:/system.slice/p0f.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 9956 3368 01:25:03 18-06:31:28 3885 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 8:memory:/system.slice,6:devices:/system.slice/cpanellogd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanellogd.service root 130412 2792 00:00:10 18-06:31:28 3894 cpanellogd - sleeping for logs 8:memory:/system.slice,6:devices:/system.slice/nscd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/nscd.service nscd 2008308 3164 00:05:49 18-06:31:28 3898 /usr/sbin/nscd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 153744 12104 00:12:11 18-06:31:28 3899 cPhulkd - dbprocessor 8:memory:/system.slice,6:devices:/system.slice/cpanel_php_fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel_php_fpm.service root 298732 5792 00:01:31 18-06:31:24 3969 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) - root 0 0 00:00:00 01:52:17 4439 [kworker/2:1] - root 0 0 00:00:00 01:50:17 4601 [kworker/4:2] 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257564 126208 00:00:10 06:29:36 4917 /usr/local/cpanel/3rdparty/perl/536/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 - root 0 0 00:00:00 12:00:17 5199 [kworker/4:1] 8:memory:/system.slice,6:devices:/system.slice/sw-engine.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sw-engine.service root 443168 11664 00:03:20 155-05:36:04 6136 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) - root 0 0 00:00:00 06:17:00 6207 [kworker/2:0] 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-background-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 402256 34576 01:57:15 155-05:36:00 6219 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 385704 18500 00:03:29 155-05:36:00 6223 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 258868 123660 00:00:08 06:13:31 6500 spamd child 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257564 121976 00:00:00 06:13:31 6502 spamd child 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237236 14924 00:00:00 01:26:47 7090 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237448 15584 00:00:03 06:04:58 7339 /usr/sbin/httpd -k start - root 0 0 00:00:01 1-00:40:14 7430 [kworker/3:0] - root 0 0 00:00:00 01:10:18 8899 [kworker/3:1] 8:memory:/system.slice,6:devices:/system.slice/cpanel.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel.service root 255732 29060 06:52:21 926-01:39:57 8935 cpsrvd (SSL) - waiting for connections 8:memory:/system.slice,6:devices:/system.slice/pdns.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pdns.service named 851208 51760 00:10:48 66-06:31:25 12713 /usr/sbin/pdns_server --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no - root 0 0 00:00:00 30:18 12937 [kworker/1:1] - root 0 0 00:00:00 15:17 14554 [kworker/5:2] - root 0 0 00:00:00 10:18 15128 [kworker/0:1] 8:memory:/user.slice,6:devices:/user.slice,5:cpuacct,cpu:/user.slice,3:blkio:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2416853.scope root 185004 2584 00:00:00 00:18 16029 /usr/sbin/CROND -n 8:memory:/user.slice,6:devices:/user.slice,5:cpuacct,cpu:/user.slice,3:blkio:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2416853.scope root 113280 1388 00:00:00 00:18 16032 /bin/sh -c bash -c "sleep $((RANDOM % 60))" ; /opt/imunify360/venv/share/imunify360/scripts/check-detached.py > /dev/null 2>&1 || : - root 0 0 00:00:00 00:18 16052 [kworker/5:1] 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 41196 2924 00:00:00 00:16 16075 dovecot/auth 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 60816 4496 00:00:00 00:15 16099 dovecot/lmtp 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 41196 2716 00:00:00 00:15 16106 dovecot/auth -w - root 0 0 00:00:00 00:14 16141 [whostmgrd - ser] <defunct> 8:memory:/system.slice,6:devices:/system.slice/cpanel_php_fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel_php_fpm.service cpanelphpmyadmin 298284 6688 00:00:00 00:14 16156 php-fpm: pool cpanelphpmyadmin 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service hicorp 638048 50876 00:00:00 00:07 16166 php-fpm: pool hicorp_vn 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89440 8656 00:00:00 00:03 16249 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89440 8656 00:00:00 00:03 16251 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89316 8656 00:00:00 00:02 16252 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 8:memory:/user.slice,6:devices:/user.slice,5:cpuacct,cpu:/user.slice,3:blkio:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2416853.scope root 249288 30604 00:00:00 00:00 16359 /opt/imunify360/venv/bin/python /opt/imunify360/venv/share/imunify360/scripts/check-detached.py 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@264121-103.179.190.35:6556-165.227.173.41:58108.service root 113560 1860 00:00:00 00:00 16386 /bin/bash /usr/bin/check_mk_agent 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@264121-103.179.190.35:6556-165.227.173.41:58108.service root 49820 1560 00:00:00 00:00 16409 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47636 4736 00:00:07 18-09:21:00 19311 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 48024 5236 00:00:08 18-09:21:00 19312 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 10452 1196 00:00:09 18-09:21:00 19314 dovecot/log 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47596 4860 00:00:09 18-09:21:00 19315 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 48764 5988 00:00:14 18-09:21:00 19316 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 18164 5040 00:00:21 18-09:21:00 19317 dovecot/config 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 13568 1192 00:00:09 18-09:21:00 19318 dovecot/stats 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237376 15540 00:00:02 04:31:05 19376 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237780 15752 00:00:02 04:31:04 19378 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 230824 11044 00:04:08 40-17:53:10 20033 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 51680 2284 00:00:51 40-17:53:09 20057 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 10320 1008 00:00:11 40-17:53:09 20060 dovecot/anvil 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89012 12480 00:01:40 40-17:53:08 20100 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 804 00:00:00 159-06:30:56 20921 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1564 00:52:03 159-06:30:56 20922 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1328 00:00:00 159-06:30:56 20923 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1384 00:00:00 159-06:30:56 20924 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1344 00:00:00 159-06:30:56 20925 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1220 00:19:09 159-06:30:56 20926 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] - root 0 0 00:00:00 04:01:34 22583 [kworker/u12:0] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237272 15364 00:00:02 03:48:42 24025 /usr/sbin/httpd -k start - root 0 0 00:00:02 1-03:19:00 26338 [kworker/5:0] - root 0 0 00:00:00 02:50:14 30255 [kworker/u12:1] 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 608600 13236 00:45:42 165-06:30:35 31387 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237388 15448 00:00:01 02:39:03 31476 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/qemu-guest-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 348 00:00:00 165-06:29:35 31521 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 8:memory:/system.slice,6:devices:/system.slice/chronyd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/chronyd.service chrony 121048 1144 00:00:32 165-06:29:34 31540 /usr/sbin/chronyd 8:memory:/system.slice,6:devices:/system.slice/xinetd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/xinetd.service root 27380 248 00:00:00 165-06:29:33 31609 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 8:memory:/system.slice,6:devices:/system.slice/system-serial\x2dgetty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 112 00:00:00 165-06:29:33 31640 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 8:memory:/system.slice,6:devices:/system.slice/smartd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/smartd.service root 52852 1044 00:00:02 165-06:29:33 31655 /usr/sbin/smartd -n -q never 8:memory:/system.slice,6:devices:/system.slice/memcached.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/memcached.service memcached 80044 612 00:11:53 165-06:29:33 31670 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 8:memory:/system.slice,6:devices:/system.slice/atd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/atd.service root 24208 192 00:00:00 165-06:29:33 31690 /usr/sbin/atd -f 8:memory:/system.slice,6:devices:/system.slice/systemd-logind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-logind.service root 25228 1836 00:23:38 165-06:29:33 31705 /usr/lib/systemd/systemd-logind 8:memory:/system.slice,6:devices:/system.slice/mariadb.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/mariadb.service mysql 3881328 653188 1-03:29:46 165-06:29:31 31762 /usr/sbin/mysqld 8:memory:/system.slice,6:devices:/system.slice/system-getty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 112 00:00:00 165-06:29:30 31810 /sbin/agetty --noclear tty1 linux 8:memory:/system.slice,6:devices:/system.slice/rsyslog.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rsyslog.service root 514932 5396 00:50:04 165-06:29:30 31840 /usr/sbin/rsyslogd -n 8:memory:/system.slice,6:devices:/system.slice/systemd-udevd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-udevd.service root 43532 416 00:00:00 165-06:29:27 31961 /usr/lib/systemd/systemd-udevd 8:memory:/system.slice,6:devices:/system.slice/systemd-journald.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-journald.service root 40188 4668 01:15:23 165-06:29:27 31976 /usr/lib/systemd/systemd-journald 8:memory:/system.slice,6:devices:/system.slice/rpcbind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rpcbind.service rpc 69320 1036 00:00:43 165-06:29:27 31993 /sbin/rpcbind -w 8:memory:/system.slice,6:devices:/system.slice/acpid.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/acpid.service root 4388 140 00:00:00 165-06:29:27 32009 /usr/sbin/acpid 8:memory:/system.slice,6:devices:/system.slice/crond.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/crond.service root 124504 1084 00:02:31 165-06:29:27 32032 /usr/sbin/crond -n 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 1364 00:18:40 165-06:29:26 32045 /usr/sbin/sshd -D - root 0 0 00:00:01 07:18:59 32128 [kworker/0:2] 8:memory:/system.slice,6:devices:/system.slice/polkit.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/polkit.service polkitd 610540 9096 00:16:10 165-06:29:26 32131 /usr/lib/polkit-1/polkitd --no-debug 8:memory:/system.slice,6:devices:/system.slice/irqbalance.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/irqbalance.service root 21540 508 00:19:03 165-06:29:25 32156 /usr/sbin/irqbalance --foreground Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2024-11-24 00:50 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadf130b6b0bFound public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-fs-nfsd.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled var-lib-nfs-rpc_pipefs.mount static brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2745.scope static acpid.service enabled aibolit-resident.service enabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled auth-rpcgss-module.service static autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled gssproxy.service disabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-blkmap.service disabled nfs-config.service static nfs-idmap.service static nfs-idmapd.service static nfs-lock.service static nfs-mountd.service static nfs-rquotad.service disabled nfs-secure.service static nfs-server.service disabled nfs-utils.service static nfs.service disabled nfslock.service static nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-gssd.service static rpc-rquotad.service disabled rpc-statd-notify.service static rpc-statd.service static rpcbind.service enabled rpcgssd.service static rpcidmapd.service static rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nfs-client.target enabled nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpc_pipefs.target static rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 322 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-fs-nfsd.mount loaded inactive dead NFSD configuration filesystem proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-lib-nfs-rpc_pipefs.mount loaded inactive dead RPC Pipe File System var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service auth-rpcgss-module.service loaded inactive dead Kernel Module supporting RPCSEC_GSS * check_mk@104625-103.179.190.34:6556-194.165.16.76:65294.service loaded failed failed Check_MK * check_mk@120978-103.179.190.34:6556-194.165.16.76:65441.service loaded failed failed Check_MK * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK * check_mk@172347-103.179.190.35:6556-45.227.254.48:65517.service loaded failed failed Check_MK * check_mk@197230-103.179.190.34:6556-167.94.138.124:40940.service loaded failed failed Check_MK * check_mk@210696-103.179.190.35:6556-194.165.16.76:65106.service loaded failed failed Check_MK * check_mk@228110-103.179.190.35:6556-194.165.16.76:65495.service loaded failed failed Check_MK * check_mk@232223-103.179.190.35:6556-194.165.16.72:65253.service loaded failed failed Check_MK * check_mk@240753-103.179.190.35:6556-194.165.16.72:65204.service loaded failed failed Check_MK check_mk@263610-103.179.190.35:6556-209.38.208.202:41992.service loaded activating start start Check_MK (209.38.208.202:41992) * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK * check_mk@62547-103.179.190.34:6556-103.83.81.110:58694.service loaded failed failed Check_MK * check_mk@62548-103.179.190.35:6556-103.83.81.110:64910.service loaded failed failed Check_MK * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK * check_mk@81701-103.179.190.34:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@81702-103.179.190.35:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 gssproxy.service loaded inactive dead GSSAPI Proxy Daemon httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.39 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nfs-config.service loaded inactive dead Preprocess NFS configuration nfs-idmapd.service loaded inactive dead NFSv4 ID-name mapping service nfs-mountd.service loaded inactive dead NFS Mount Daemon * nfs-secure-server.service not-found inactive dead nfs-secure-server.service nfs-server.service loaded inactive dead NFS server and services nfs-utils.service loaded inactive dead NFS server and client services nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpc-gssd.service loaded inactive dead RPC security service for NFS client and server rpc-statd-notify.service loaded inactive dead Notify NFS peers of a restart rpc-statd.service loaded inactive dead NFS status monitor for NFSv2/3 locking. rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WP Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WP Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice Imunify-notifier.slice loaded active active Imunify-notifier.slice Imunify-Scan-aibolit.slice loaded inactive dead Imunify-Scan-aibolit.slice Imunify-Scan.slice loaded inactive dead Imunify-Scan.slice Imunify.slice loaded active active Imunify.slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nfs-client.target loaded inactive dead NFS client services nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpc_pipefs.target loaded inactive dead rpc_pipefs.target rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191516 3648 21:27:13 958-11:03:54 1 /usr/lib/systemd/systemd --system --deserialize 18 - root 0 0 00:00:07 958-11:03:54 2 [kthreadd] - root 0 0 00:00:00 958-11:03:54 4 [kworker/0:0H] - root 0 0 00:03:41 958-11:03:54 6 [ksoftirqd/0] - root 0 0 00:00:42 958-11:03:54 7 [migration/0] - root 0 0 00:00:00 958-11:03:54 8 [rcu_bh] - root 0 0 23:22:34 958-11:03:54 9 [rcu_sched] - root 0 0 00:00:00 958-11:03:54 10 [lru-add-drain] - root 0 0 00:06:10 958-11:03:54 11 [watchdog/0] - root 0 0 00:05:47 958-11:03:54 12 [watchdog/1] - root 0 0 00:08:39 958-11:03:54 13 [migration/1] - root 0 0 00:02:58 958-11:03:54 14 [ksoftirqd/1] - root 0 0 00:00:00 958-11:03:54 16 [kworker/1:0H] - root 0 0 00:05:24 958-11:03:54 17 [watchdog/2] - root 0 0 00:01:20 958-11:03:54 18 [migration/2] - root 0 0 00:02:29 958-11:03:54 19 [ksoftirqd/2] - root 0 0 00:00:00 958-11:03:54 21 [kworker/2:0H] - root 0 0 00:05:24 958-11:03:54 22 [watchdog/3] - root 0 0 00:01:00 958-11:03:54 23 [migration/3] - root 0 0 00:05:00 958-11:03:54 24 [ksoftirqd/3] - root 0 0 00:00:00 958-11:03:54 26 [kworker/3:0H] - root 0 0 00:05:10 958-11:03:54 27 [watchdog/4] - root 0 0 00:04:41 958-11:03:54 28 [migration/4] - root 0 0 00:06:17 958-11:03:54 29 [ksoftirqd/4] - root 0 0 00:00:00 958-11:03:54 31 [kworker/4:0H] - root 0 0 00:06:22 958-11:03:54 32 [watchdog/5] - root 0 0 00:01:21 958-11:03:54 33 [migration/5] - root 0 0 00:37:17 958-11:03:54 34 [ksoftirqd/5] - root 0 0 00:00:00 958-11:03:54 36 [kworker/5:0H] - root 0 0 00:00:00 958-11:03:54 38 [kdevtmpfs] - root 0 0 00:00:00 958-11:03:54 39 [netns] - root 0 0 00:00:42 958-11:03:54 40 [khungtaskd] - root 0 0 00:00:00 958-11:03:54 41 [writeback] - root 0 0 00:00:00 958-11:03:54 42 [kintegrityd] - root 0 0 00:00:00 958-11:03:54 43 [bioset] - root 0 0 00:00:00 958-11:03:54 44 [bioset] - root 0 0 00:00:00 958-11:03:54 45 [bioset] - root 0 0 00:00:00 958-11:03:54 46 [kblockd] - root 0 0 00:00:00 958-11:03:54 47 [md] - root 0 0 00:00:00 958-11:03:54 48 [edac-poller] - root 0 0 00:00:00 958-11:03:54 49 [watchdogd] - root 0 0 00:30:50 958-11:03:54 55 [kswapd0] - root 0 0 00:00:00 958-11:03:54 56 [ksmd] - root 0 0 00:02:59 958-11:03:54 57 [khugepaged] - root 0 0 00:00:00 958-11:03:54 58 [crypto] - root 0 0 00:00:00 958-11:03:54 66 [kthrotld] - root 0 0 00:00:00 958-11:03:54 68 [kmpath_rdacd] - root 0 0 00:00:00 958-11:03:54 69 [kaluad] - root 0 0 00:00:00 958-11:03:54 70 [kpsmoused] - root 0 0 00:00:00 958-11:03:53 72 [ipv6_addrconf] - root 0 0 00:00:00 958-11:03:53 86 [deferwq] - root 0 0 00:54:47 958-11:03:53 197 [kauditd] - root 0 0 00:00:00 958-11:03:53 262 [ata_sff] - root 0 0 00:00:00 958-11:03:53 276 [ttm_swap] - root 0 0 00:00:00 958-11:03:53 280 [scsi_eh_0] - root 0 0 00:00:00 958-11:03:53 281 [scsi_tmf_0] - root 0 0 00:00:00 958-11:03:53 282 [scsi_eh_1] - root 0 0 00:00:00 958-11:03:53 283 [scsi_tmf_1] - root 0 0 00:16:36 958-11:03:53 289 [kworker/3:1H] - root 0 0 00:28:13 958-11:03:53 294 [kworker/0:1H] - root 0 0 00:16:27 958-11:03:53 301 [kworker/4:1H] - root 0 0 03:40:52 958-11:03:53 302 [jbd2/vda1-8] - root 0 0 00:00:00 958-11:03:53 303 [ext4-rsv-conver] - root 0 0 00:02:17 958-11:03:53 309 [kworker/2:1H] - root 0 0 00:17:36 958-11:03:52 372 [kworker/5:1H] - root 0 0 00:03:52 958-11:03:52 374 [kworker/1:1H] 8:memory:/system.slice,6:devices:/system.slice/auditd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/auditd.service root 55532 732 02:00:21 958-11:03:51 458 /sbin/auditd 8:memory:/system.slice,6:devices:/system.slice/dbus.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dbus.service dbus 58296 1412 04:57:25 958-11:03:51 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation - root 0 0 00:22:13 958-11:03:50 671 [loop0] - root 0 0 00:08:39 958-11:03:50 672 [jbd2/loop0-8] - root 0 0 00:00:00 958-11:03:50 673 [ext4-rsv-conver] 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1440 00:00:00 957-09:03:56 1006 nano pdns.conf 8:memory:/system.slice,6:devices:/system.slice/dnsadmin.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dnsadmin.service root 167448 4264 00:41:42 958-11:03:39 1491 dnsadmin - dormant mode 8:memory:/system.slice,6:devices:/system.slice/cpdavd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpdavd.service root 262240 24588 01:26:58 958-11:03:39 1494 cpdavd - accepting connections on: 2091, 2077, 2078 8:memory:/system.slice,6:devices:/system.slice/tailwatchd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/tailwatchd.service root 207120 19316 02:13:38 958-11:03:39 1495 tailwatchd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 190196 12320 05:01:30 958-11:03:39 1497 cPhulkd - processor 8:memory:/system.slice,6:devices:/system.slice/pure-authd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-authd.service root 152776 2036 00:00:05 21-06:32:13 1535 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth 8:memory:/system.slice,6:devices:/system.slice/pure-ftpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-ftpd.service root 153400 3084 00:00:05 21-06:32:13 1536 pure-ftpd (SERVER) - root 0 0 00:00:00 03:49:42 1665 [kworker/5:2] 8:memory:/system.slice,6:devices:/system.slice/queueprocd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/queueprocd.service root 224740 15232 00:03:04 16-06:32:12 3563 queueprocd - waiting up to 60s to process a task 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12764 952 00:00:35 16-06:31:59 3697 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12796 976 00:00:28 16-06:31:59 3698 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 53268 11804 00:00:00 16-06:31:59 3699 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect - root 0 0 00:00:00 03:30:43 3705 [kworker/0:2] 8:memory:/system.slice,6:devices:/system.slice/p0f.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 9956 3380 01:14:53 16-06:31:54 3885 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 8:memory:/system.slice,6:devices:/system.slice/cpanellogd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanellogd.service root 130412 2792 00:00:09 16-06:31:54 3894 cpanellogd - sleeping for logs 8:memory:/system.slice,6:devices:/system.slice/nscd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/nscd.service nscd 2008308 3156 00:05:06 16-06:31:54 3898 /usr/sbin/nscd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 153624 12004 00:10:37 16-06:31:54 3899 cPhulkd - dbprocessor 8:memory:/system.slice,6:devices:/system.slice/cpanel_php_fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel_php_fpm.service root 298732 5792 00:01:21 16-06:31:50 3969 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/sw-engine.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sw-engine.service root 443168 11664 00:03:18 153-05:36:30 6136 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-background-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 402256 34576 01:55:42 153-05:36:26 6219 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 385704 18500 00:03:26 153-05:36:26 6223 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/cpanel.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel.service root 255732 29072 06:51:08 924-01:40:23 8935 cpsrvd (SSL) - waiting for connections 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 241584 15484 00:00:00 02:23:18 9809 /usr/sbin/httpd -k start - root 0 0 00:00:00 02:19:22 10380 [kworker/3:1] - root 0 0 00:00:01 02:00:42 11890 [kworker/1:2] 8:memory:/system.slice,6:devices:/system.slice/pdns.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pdns.service named 851208 51704 00:10:28 64-06:31:51 12713 /usr/sbin/pdns_server --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no - root 0 0 00:00:00 01:39:58 13689 [kworker/5:1] 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257860 126500 00:00:09 06:31:23 14068 /usr/local/cpanel/3rdparty/perl/536/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 259172 123952 00:00:06 06:16:31 15471 spamd child 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257860 122252 00:00:00 06:16:31 15472 spamd child - root 0 0 00:00:00 05:59:16 17227 [kworker/2:1] - root 0 0 00:00:00 50:43 18000 [kworker/2:2] - root 0 0 00:00:00 49:42 18049 [kworker/4:0] 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47504 5032 00:00:06 16-09:21:26 19311 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 48024 5340 00:00:08 16-09:21:26 19312 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 10452 1200 00:00:08 16-09:21:26 19314 dovecot/log 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47596 4944 00:00:08 16-09:21:26 19315 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 48764 6084 00:00:13 16-09:21:26 19316 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 18164 5056 00:00:19 16-09:21:26 19317 dovecot/config 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 13568 1196 00:00:08 16-09:21:26 19318 dovecot/stats 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237300 14276 00:00:00 31:03 19466 /usr/sbin/httpd -k start - root 0 0 00:00:00 30:39 19599 [kworker/1:0] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 230824 11132 00:03:56 38-17:53:36 20033 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 51680 2284 00:00:48 38-17:53:35 20057 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 10320 776 00:00:10 38-17:53:35 20060 dovecot/anvil 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89012 12480 00:01:31 38-17:53:34 20100 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237080 13948 00:00:00 19:36 20475 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237488 14088 00:00:00 19:35 20477 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237092 13684 00:00:00 19:35 20478 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237156 13664 00:00:00 19:35 20479 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237164 13812 00:00:00 19:34 20486 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237112 14048 00:00:00 19:34 20487 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237084 13732 00:00:00 19:30 20491 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237128 13848 00:00:00 19:29 20492 /usr/sbin/httpd -k start - root 0 0 00:00:00 15:42 20894 [kworker/3:2] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 804 00:00:00 157-06:31:22 20921 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1564 00:51:22 157-06:31:22 20922 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1332 00:00:00 157-06:31:22 20923 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1376 00:00:00 157-06:31:22 20924 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1348 00:00:00 157-06:31:22 20925 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1220 00:18:54 157-06:31:22 20926 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] - root 0 0 00:00:00 10:43 21300 [kworker/0:0] - root 0 0 00:00:00 09:13 21453 [kworker/u12:1] - root 0 0 00:00:00 08:44 21533 [kworker/4:2] 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 41196 2908 00:00:00 05:53 21674 dovecot/auth 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 41196 2716 00:00:00 01:31 22011 dovecot/auth -w 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89144 8880 00:00:00 00:32 22057 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 60816 4492 00:00:00 00:15 22119 dovecot/lmtp 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89440 8656 00:00:00 00:15 22128 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid - root 0 0 00:00:00 00:14 22152 [whostmgrd - ser] <defunct> 8:memory:/system.slice,6:devices:/system.slice/cpanel_php_fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel_php_fpm.service cpanelphpmyadmin 298284 6688 00:00:00 00:14 22167 php-fpm: pool cpanelphpmyadmin 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service hanoigroup 689520 50468 00:00:00 00:06 22173 php-fpm: pool hanoigroup_vn 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service hanoigroup 615632 46692 00:00:00 00:05 22175 php-fpm: pool hanoigroup_vn 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@263610-103.179.190.35:6556-209.38.208.202:41992.service root 113584 1856 00:00:00 00:00 22317 /bin/bash /usr/bin/check_mk_agent 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@263610-103.179.190.35:6556-209.38.208.202:41992.service root 49820 1560 00:00:00 00:00 22340 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 - root 0 0 00:00:00 11:08:26 22446 [kworker/u12:2] 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 608600 13312 00:45:06 163-06:31:01 31387 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/qemu-guest-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 348 00:00:00 163-06:30:01 31521 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 8:memory:/system.slice,6:devices:/system.slice/chronyd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/chronyd.service chrony 121048 1312 00:00:32 163-06:30:00 31540 /usr/sbin/chronyd 8:memory:/system.slice,6:devices:/system.slice/xinetd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/xinetd.service root 27380 248 00:00:00 163-06:29:59 31609 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 8:memory:/system.slice,6:devices:/system.slice/system-serial\x2dgetty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 112 00:00:00 163-06:29:59 31640 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 8:memory:/system.slice,6:devices:/system.slice/smartd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/smartd.service root 52852 1084 00:00:02 163-06:29:59 31655 /usr/sbin/smartd -n -q never 8:memory:/system.slice,6:devices:/system.slice/memcached.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/memcached.service memcached 80044 612 00:11:44 163-06:29:59 31670 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 8:memory:/system.slice,6:devices:/system.slice/atd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/atd.service root 24208 192 00:00:00 163-06:29:59 31690 /usr/sbin/atd -f 8:memory:/system.slice,6:devices:/system.slice/systemd-logind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-logind.service root 25228 1836 00:23:19 163-06:29:59 31705 /usr/lib/systemd/systemd-logind 8:memory:/system.slice,6:devices:/system.slice/mariadb.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/mariadb.service mysql 3881328 647412 1-03:10:38 163-06:29:57 31762 /usr/sbin/mysqld 8:memory:/system.slice,6:devices:/system.slice/system-getty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 112 00:00:00 163-06:29:56 31810 /sbin/agetty --noclear tty1 linux 8:memory:/system.slice,6:devices:/system.slice/rsyslog.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rsyslog.service root 554788 12596 00:49:18 163-06:29:56 31840 /usr/sbin/rsyslogd -n 8:memory:/system.slice,6:devices:/system.slice/systemd-udevd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-udevd.service root 43532 416 00:00:00 163-06:29:53 31961 /usr/lib/systemd/systemd-udevd 8:memory:/system.slice,6:devices:/system.slice/systemd-journald.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-journald.service root 56572 17192 01:14:07 163-06:29:53 31976 /usr/lib/systemd/systemd-journald 8:memory:/system.slice,6:devices:/system.slice/rpcbind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rpcbind.service rpc 69320 1036 00:00:43 163-06:29:53 31993 /sbin/rpcbind -w 8:memory:/system.slice,6:devices:/system.slice/acpid.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/acpid.service root 4388 140 00:00:00 163-06:29:53 32009 /usr/sbin/acpid 8:memory:/system.slice,6:devices:/system.slice/crond.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/crond.service root 124504 1088 00:02:29 163-06:29:53 32032 /usr/sbin/crond -n 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 1364 00:18:18 163-06:29:52 32045 /usr/sbin/sshd -D 8:memory:/system.slice,6:devices:/system.slice/polkit.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/polkit.service polkitd 610540 9100 00:15:58 163-06:29:52 32131 /usr/lib/polkit-1/polkitd --no-debug 8:memory:/system.slice,6:devices:/system.slice/irqbalance.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/irqbalance.service root 21540 508 00:18:48 163-06:29:51 32156 /usr/sbin/irqbalance --foreground Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2024-11-22 00:50 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadf4d6ef4acFound public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-fs-nfsd.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled var-lib-nfs-rpc_pipefs.mount static brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2745.scope static acpid.service enabled aibolit-resident.service enabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled auth-rpcgss-module.service static autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled gssproxy.service disabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-blkmap.service disabled nfs-config.service static nfs-idmap.service static nfs-idmapd.service static nfs-lock.service static nfs-mountd.service static nfs-rquotad.service disabled nfs-secure.service static nfs-server.service disabled nfs-utils.service static nfs.service disabled nfslock.service static nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-gssd.service static rpc-rquotad.service disabled rpc-statd-notify.service static rpc-statd.service static rpcbind.service enabled rpcgssd.service static rpcidmapd.service static rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nfs-client.target enabled nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpc_pipefs.target static rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 322 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-fs-nfsd.mount loaded inactive dead NFSD configuration filesystem proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-lib-nfs-rpc_pipefs.mount loaded inactive dead RPC Pipe File System var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service auth-rpcgss-module.service loaded inactive dead Kernel Module supporting RPCSEC_GSS * check_mk@104625-103.179.190.34:6556-194.165.16.76:65294.service loaded failed failed Check_MK * check_mk@120978-103.179.190.34:6556-194.165.16.76:65441.service loaded failed failed Check_MK * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK * check_mk@172347-103.179.190.35:6556-45.227.254.48:65517.service loaded failed failed Check_MK * check_mk@197230-103.179.190.34:6556-167.94.138.124:40940.service loaded failed failed Check_MK * check_mk@210696-103.179.190.35:6556-194.165.16.76:65106.service loaded failed failed Check_MK * check_mk@228110-103.179.190.35:6556-194.165.16.76:65495.service loaded failed failed Check_MK * check_mk@232223-103.179.190.35:6556-194.165.16.72:65253.service loaded failed failed Check_MK * check_mk@240753-103.179.190.35:6556-194.165.16.72:65204.service loaded failed failed Check_MK check_mk@262716-103.179.190.35:6556-172.105.158.219:38398.service loaded activating start start Check_MK (172.105.158.219:38398) * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK * check_mk@62547-103.179.190.34:6556-103.83.81.110:58694.service loaded failed failed Check_MK * check_mk@62548-103.179.190.35:6556-103.83.81.110:64910.service loaded failed failed Check_MK * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK * check_mk@81701-103.179.190.34:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@81702-103.179.190.35:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 gssproxy.service loaded inactive dead GSSAPI Proxy Daemon httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.39 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nfs-config.service loaded inactive dead Preprocess NFS configuration nfs-idmapd.service loaded inactive dead NFSv4 ID-name mapping service nfs-mountd.service loaded inactive dead NFS Mount Daemon * nfs-secure-server.service not-found inactive dead nfs-secure-server.service nfs-server.service loaded inactive dead NFS server and services nfs-utils.service loaded inactive dead NFS server and client services nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpc-gssd.service loaded inactive dead RPC security service for NFS client and server rpc-statd-notify.service loaded inactive dead Notify NFS peers of a restart rpc-statd.service loaded inactive dead NFS status monitor for NFSv2/3 locking. rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WP Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WP Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice Imunify-notifier.slice loaded active active Imunify-notifier.slice Imunify-Scan-aibolit.slice loaded inactive dead Imunify-Scan-aibolit.slice Imunify-Scan.slice loaded inactive dead Imunify-Scan.slice Imunify.slice loaded active active Imunify.slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nfs-client.target loaded inactive dead NFS client services nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpc_pipefs.target loaded inactive dead rpc_pipefs.target rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191516 3648 21:23:52 956-11:54:52 1 /usr/lib/systemd/systemd --system --deserialize 18 - root 0 0 00:00:07 956-11:54:52 2 [kthreadd] - root 0 0 00:00:00 956-11:54:52 4 [kworker/0:0H] - root 0 0 00:03:40 956-11:54:52 6 [ksoftirqd/0] - root 0 0 00:00:42 956-11:54:52 7 [migration/0] - root 0 0 00:00:00 956-11:54:52 8 [rcu_bh] - root 0 0 23:19:06 956-11:54:52 9 [rcu_sched] - root 0 0 00:00:00 956-11:54:52 10 [lru-add-drain] - root 0 0 00:06:09 956-11:54:52 11 [watchdog/0] - root 0 0 00:05:46 956-11:54:52 12 [watchdog/1] - root 0 0 00:08:38 956-11:54:52 13 [migration/1] - root 0 0 00:02:57 956-11:54:52 14 [ksoftirqd/1] - root 0 0 00:00:00 956-11:54:52 16 [kworker/1:0H] - root 0 0 00:05:24 956-11:54:52 17 [watchdog/2] - root 0 0 00:01:19 956-11:54:52 18 [migration/2] - root 0 0 00:02:29 956-11:54:52 19 [ksoftirqd/2] - root 0 0 00:00:00 956-11:54:52 21 [kworker/2:0H] - root 0 0 00:05:23 956-11:54:52 22 [watchdog/3] - root 0 0 00:01:00 956-11:54:52 23 [migration/3] - root 0 0 00:04:59 956-11:54:52 24 [ksoftirqd/3] - root 0 0 00:00:00 956-11:54:52 26 [kworker/3:0H] - root 0 0 00:05:10 956-11:54:52 27 [watchdog/4] - root 0 0 00:04:40 956-11:54:52 28 [migration/4] - root 0 0 00:06:16 956-11:54:52 29 [ksoftirqd/4] - root 0 0 00:00:00 956-11:54:52 31 [kworker/4:0H] - root 0 0 00:06:21 956-11:54:52 32 [watchdog/5] - root 0 0 00:01:21 956-11:54:52 33 [migration/5] - root 0 0 00:37:12 956-11:54:52 34 [ksoftirqd/5] - root 0 0 00:00:00 956-11:54:52 36 [kworker/5:0H] - root 0 0 00:00:00 956-11:54:52 38 [kdevtmpfs] - root 0 0 00:00:00 956-11:54:52 39 [netns] - root 0 0 00:00:41 956-11:54:52 40 [khungtaskd] - root 0 0 00:00:00 956-11:54:52 41 [writeback] - root 0 0 00:00:00 956-11:54:52 42 [kintegrityd] - root 0 0 00:00:00 956-11:54:52 43 [bioset] - root 0 0 00:00:00 956-11:54:52 44 [bioset] - root 0 0 00:00:00 956-11:54:52 45 [bioset] - root 0 0 00:00:00 956-11:54:52 46 [kblockd] - root 0 0 00:00:00 956-11:54:52 47 [md] - root 0 0 00:00:00 956-11:54:52 48 [edac-poller] - root 0 0 00:00:00 956-11:54:52 49 [watchdogd] - root 0 0 00:30:50 956-11:54:52 55 [kswapd0] - root 0 0 00:00:00 956-11:54:52 56 [ksmd] - root 0 0 00:02:58 956-11:54:52 57 [khugepaged] - root 0 0 00:00:00 956-11:54:52 58 [crypto] - root 0 0 00:00:00 956-11:54:52 66 [kthrotld] - root 0 0 00:00:00 956-11:54:52 68 [kmpath_rdacd] - root 0 0 00:00:00 956-11:54:52 69 [kaluad] - root 0 0 00:00:00 956-11:54:52 70 [kpsmoused] - root 0 0 00:00:00 956-11:54:51 72 [ipv6_addrconf] - root 0 0 00:00:00 956-11:54:51 86 [deferwq] - root 0 0 00:54:40 956-11:54:51 197 [kauditd] - root 0 0 00:00:00 956-11:54:51 262 [ata_sff] - root 0 0 00:00:00 956-11:54:51 276 [ttm_swap] - root 0 0 00:00:00 956-11:54:51 280 [scsi_eh_0] - root 0 0 00:00:00 956-11:54:51 281 [scsi_tmf_0] - root 0 0 00:00:00 956-11:54:51 282 [scsi_eh_1] - root 0 0 00:00:00 956-11:54:51 283 [scsi_tmf_1] - root 0 0 00:16:33 956-11:54:51 289 [kworker/3:1H] - root 0 0 00:28:09 956-11:54:51 294 [kworker/0:1H] - root 0 0 00:16:24 956-11:54:51 301 [kworker/4:1H] - root 0 0 03:40:15 956-11:54:51 302 [jbd2/vda1-8] - root 0 0 00:00:00 956-11:54:51 303 [ext4-rsv-conver] - root 0 0 00:02:17 956-11:54:51 309 [kworker/2:1H] - root 0 0 00:17:33 956-11:54:50 372 [kworker/5:1H] - root 0 0 00:03:52 956-11:54:50 374 [kworker/1:1H] 8:memory:/system.slice,6:devices:/system.slice/auditd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/auditd.service root 55532 732 02:00:06 956-11:54:49 458 /sbin/auditd 8:memory:/system.slice,6:devices:/system.slice/dbus.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dbus.service dbus 58296 1412 04:56:47 956-11:54:49 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation - root 0 0 00:22:09 956-11:54:48 671 [loop0] - root 0 0 00:08:37 956-11:54:48 672 [jbd2/loop0-8] - root 0 0 00:00:00 956-11:54:48 673 [ext4-rsv-conver] 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1440 00:00:00 955-09:54:54 1006 nano pdns.conf 8:memory:/system.slice,6:devices:/system.slice/dnsadmin.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dnsadmin.service root 167448 4264 00:41:35 956-11:54:37 1491 dnsadmin - dormant mode 8:memory:/system.slice,6:devices:/system.slice/cpdavd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpdavd.service root 183896 6684 01:26:45 956-11:54:37 1494 cpdavd - accepting connections on: 2091, 2077, 2078 (dormant) 8:memory:/system.slice,6:devices:/system.slice/tailwatchd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/tailwatchd.service root 207120 19304 02:13:20 956-11:54:37 1495 tailwatchd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 190196 12320 05:00:54 956-11:54:37 1497 cPhulkd - processor 8:memory:/system.slice,6:devices:/system.slice/pure-authd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-authd.service root 152776 2036 00:00:04 19-07:23:11 1535 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth 8:memory:/system.slice,6:devices:/system.slice/pure-ftpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-ftpd.service root 153400 3084 00:00:04 19-07:23:11 1536 pure-ftpd (SERVER) 8:memory:/system.slice,6:devices:/system.slice/queueprocd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/queueprocd.service root 224740 15204 00:02:44 14-07:23:10 3563 queueprocd - waiting up to 60s to process a task 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12764 952 00:00:31 14-07:22:57 3697 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12776 976 00:00:25 14-07:22:57 3698 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 53268 11804 00:00:00 14-07:22:57 3699 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect 8:memory:/system.slice,6:devices:/system.slice/p0f.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 9956 3380 01:05:20 14-07:22:52 3885 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 8:memory:/system.slice,6:devices:/system.slice/cpanellogd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanellogd.service root 130412 2792 00:00:07 14-07:22:52 3894 cpanellogd - sleeping for logs 8:memory:/system.slice,6:devices:/system.slice/nscd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/nscd.service nscd 2008308 3108 00:04:30 14-07:22:52 3898 /usr/sbin/nscd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 153624 11984 00:09:35 14-07:22:52 3899 cPhulkd - dbprocessor 8:memory:/system.slice,6:devices:/system.slice/cpanel_php_fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel_php_fpm.service root 298732 5792 00:01:11 14-07:22:48 3969 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) - root 0 0 00:00:00 03:31:40 4397 [kworker/5:2] - root 0 0 00:00:01 21:31:29 4644 [kworker/u12:1] - root 0 0 00:00:02 21:22:16 5671 [kworker/u12:0] 8:memory:/system.slice,6:devices:/system.slice/sw-engine.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sw-engine.service root 443168 11664 00:03:15 151-06:27:28 6136 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-background-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 402256 34576 01:54:10 151-06:27:24 6219 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 385704 18500 00:03:24 151-06:27:24 6223 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/cpanel.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel.service root 168356 4900 06:50:00 922-02:31:21 8935 cpsrvd (SSL) - dormant mode - accepting connections 8:memory:/system.slice,6:devices:/system.slice/pdns.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pdns.service named 851208 51716 00:10:08 62-07:22:49 12713 /usr/sbin/pdns_server --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no - root 0 0 00:00:00 01:26:36 14333 [kworker/5:0] 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257708 126324 00:00:10 07:22:26 15473 /usr/local/cpanel/3rdparty/perl/536/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 259016 123740 00:00:06 07:10:52 16452 spamd child 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257708 122100 00:00:00 07:10:52 16453 spamd child - root 0 0 00:00:00 01:01:40 16544 [kworker/0:1] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237180 14420 00:00:00 01:00:42 16661 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237084 14416 00:00:00 01:00:20 16689 /usr/sbin/httpd -k start - root 0 0 00:00:00 07:01:37 17468 [kworker/4:0] - root 0 0 00:00:00 41:40 18039 [kworker/2:0] - root 0 0 00:00:00 31:40 18884 [kworker/3:1] 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47504 5032 00:00:05 14-10:12:24 19311 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 48024 5340 00:00:07 14-10:12:24 19312 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 10452 1200 00:00:07 14-10:12:24 19314 dovecot/log 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47532 4896 00:00:07 14-10:12:24 19315 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 48764 6084 00:00:12 14-10:12:24 19316 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 18164 5056 00:00:16 14-10:12:24 19317 dovecot/config 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 13568 1196 00:00:07 14-10:12:24 19318 dovecot/stats 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236956 13784 00:00:00 26:13 19354 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237280 14028 00:00:00 26:00 19360 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237076 13956 00:00:00 22:59 19514 /usr/sbin/httpd -k start - root 0 0 00:00:00 21:40 19696 [kworker/4:2] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 230824 11132 00:03:44 36-18:44:34 20033 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 51680 2284 00:00:46 36-18:44:33 20057 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 10320 776 00:00:10 36-18:44:33 20060 dovecot/anvil 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89012 12480 00:01:21 36-18:44:32 20100 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid - root 0 0 00:00:00 11:40 20420 [kworker/1:2] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 804 00:00:00 155-07:22:20 20921 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1564 00:50:44 155-07:22:20 20922 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1332 00:00:00 155-07:22:20 20923 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1376 00:00:00 155-07:22:20 20924 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1348 00:00:00 155-07:22:20 20925 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1220 00:18:40 155-07:22:20 20926 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 4232 00:00:00 01:51 21217 sshd: [accepted] 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service sshd 115644 2620 00:00:00 01:50 21218 sshd: [net] - root 0 0 00:00:00 01:40 21242 [kworker/0:2] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236840 13040 00:00:00 01:27 21253 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236864 12884 00:00:00 01:26 21254 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236840 13040 00:00:00 01:26 21255 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236860 12900 00:00:00 01:11 21270 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236592 10624 00:00:00 00:20 21308 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89440 8656 00:00:00 00:17 21309 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service hihomes 787672 129512 00:00:02 00:11 21310 php-fpm: pool hihomes_vn 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service hihomes 705444 119460 00:00:03 00:10 21312 php-fpm: pool hihomes_vn 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@262716-103.179.190.35:6556-172.105.158.219:38398.service root 113576 1864 00:00:00 00:00 21452 /bin/bash /usr/bin/check_mk_agent 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@262716-103.179.190.35:6556-172.105.158.219:38398.service root 49820 1560 00:00:00 00:00 21475 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 - root 0 0 00:00:01 1-00:19:31 21502 [kworker/2:2] - root 0 0 00:00:00 05:46:22 23896 [kworker/3:2] - root 0 0 00:00:04 1-12:16:37 25133 [kworker/0:0] 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 608600 13312 00:44:33 161-07:21:59 31387 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/qemu-guest-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 348 00:00:00 161-07:20:59 31521 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 8:memory:/system.slice,6:devices:/system.slice/chronyd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/chronyd.service chrony 121048 1312 00:00:31 161-07:20:58 31540 /usr/sbin/chronyd 8:memory:/system.slice,6:devices:/system.slice/xinetd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/xinetd.service root 27380 248 00:00:00 161-07:20:57 31609 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 8:memory:/system.slice,6:devices:/system.slice/system-serial\x2dgetty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 112 00:00:00 161-07:20:57 31640 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 8:memory:/system.slice,6:devices:/system.slice/smartd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/smartd.service root 52852 1084 00:00:02 161-07:20:57 31655 /usr/sbin/smartd -n -q never 8:memory:/system.slice,6:devices:/system.slice/memcached.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/memcached.service memcached 80044 612 00:11:35 161-07:20:57 31670 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 8:memory:/system.slice,6:devices:/system.slice/atd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/atd.service root 24208 192 00:00:00 161-07:20:57 31690 /usr/sbin/atd -f 8:memory:/system.slice,6:devices:/system.slice/systemd-logind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-logind.service root 25228 1836 00:23:02 161-07:20:57 31705 /usr/lib/systemd/systemd-logind - root 0 0 00:00:05 10:21:40 31721 [kworker/1:0] 8:memory:/system.slice,6:devices:/system.slice/mariadb.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/mariadb.service mysql 3881328 645240 1-02:50:50 161-07:20:55 31762 /usr/sbin/mysqld 8:memory:/system.slice,6:devices:/system.slice/system-getty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 112 00:00:00 161-07:20:54 31810 /sbin/agetty --noclear tty1 linux 8:memory:/system.slice,6:devices:/system.slice/rsyslog.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rsyslog.service root 523560 10140 00:48:39 161-07:20:54 31840 /usr/sbin/rsyslogd -n 8:memory:/system.slice,6:devices:/system.slice/systemd-udevd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-udevd.service root 43532 416 00:00:00 161-07:20:51 31961 /usr/lib/systemd/systemd-udevd 8:memory:/system.slice,6:devices:/system.slice/systemd-journald.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-journald.service root 48380 11864 01:13:08 161-07:20:51 31976 /usr/lib/systemd/systemd-journald 8:memory:/system.slice,6:devices:/system.slice/rpcbind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rpcbind.service rpc 69320 1036 00:00:42 161-07:20:51 31993 /sbin/rpcbind -w 8:memory:/system.slice,6:devices:/system.slice/acpid.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/acpid.service root 4388 140 00:00:00 161-07:20:51 32009 /usr/sbin/acpid 8:memory:/system.slice,6:devices:/system.slice/crond.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/crond.service root 124504 1088 00:02:28 161-07:20:51 32032 /usr/sbin/crond -n 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 1364 00:18:04 161-07:20:50 32045 /usr/sbin/sshd -D 8:memory:/system.slice,6:devices:/system.slice/polkit.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/polkit.service polkitd 610540 9100 00:15:46 161-07:20:50 32131 /usr/lib/polkit-1/polkitd --no-debug 8:memory:/system.slice,6:devices:/system.slice/irqbalance.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/irqbalance.service root 21540 508 00:18:34 161-07:20:49 32156 /usr/sbin/irqbalance --foreground Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2024-11-20 01:41 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadf3e122580Found public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-fs-nfsd.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled var-lib-nfs-rpc_pipefs.mount static brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2745.scope static acpid.service enabled aibolit-resident.service enabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled auth-rpcgss-module.service static autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled gssproxy.service disabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-blkmap.service disabled nfs-config.service static nfs-idmap.service static nfs-idmapd.service static nfs-lock.service static nfs-mountd.service static nfs-rquotad.service disabled nfs-secure.service static nfs-server.service disabled nfs-utils.service static nfs.service disabled nfslock.service static nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-gssd.service static rpc-rquotad.service disabled rpc-statd-notify.service static rpc-statd.service static rpcbind.service enabled rpcgssd.service static rpcidmapd.service static rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nfs-client.target enabled nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpc_pipefs.target static rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 322 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-fs-nfsd.mount loaded inactive dead NFSD configuration filesystem proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-lib-nfs-rpc_pipefs.mount loaded inactive dead RPC Pipe File System var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service auth-rpcgss-module.service loaded inactive dead Kernel Module supporting RPCSEC_GSS * check_mk@104625-103.179.190.34:6556-194.165.16.76:65294.service loaded failed failed Check_MK * check_mk@120978-103.179.190.34:6556-194.165.16.76:65441.service loaded failed failed Check_MK * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK * check_mk@172347-103.179.190.35:6556-45.227.254.48:65517.service loaded failed failed Check_MK * check_mk@197230-103.179.190.34:6556-167.94.138.124:40940.service loaded failed failed Check_MK * check_mk@210696-103.179.190.35:6556-194.165.16.76:65106.service loaded failed failed Check_MK * check_mk@228110-103.179.190.35:6556-194.165.16.76:65495.service loaded failed failed Check_MK * check_mk@232223-103.179.190.35:6556-194.165.16.72:65253.service loaded failed failed Check_MK * check_mk@240753-103.179.190.35:6556-194.165.16.72:65204.service loaded failed failed Check_MK check_mk@261958-103.179.190.35:6556-164.92.244.132:52800.service loaded activating start start Check_MK (164.92.244.132:52800) * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK * check_mk@62547-103.179.190.34:6556-103.83.81.110:58694.service loaded failed failed Check_MK * check_mk@62548-103.179.190.35:6556-103.83.81.110:64910.service loaded failed failed Check_MK * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK * check_mk@81701-103.179.190.34:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@81702-103.179.190.35:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 gssproxy.service loaded inactive dead GSSAPI Proxy Daemon httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.39 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nfs-config.service loaded inactive dead Preprocess NFS configuration nfs-idmapd.service loaded inactive dead NFSv4 ID-name mapping service nfs-mountd.service loaded inactive dead NFS Mount Daemon * nfs-secure-server.service not-found inactive dead nfs-secure-server.service nfs-server.service loaded inactive dead NFS server and services nfs-utils.service loaded inactive dead NFS server and client services nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpc-gssd.service loaded inactive dead RPC security service for NFS client and server rpc-statd-notify.service loaded inactive dead Notify NFS peers of a restart rpc-statd.service loaded inactive dead NFS status monitor for NFSv2/3 locking. rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WP Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WP Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice Imunify-notifier.slice loaded active active Imunify-notifier.slice Imunify-Scan-aibolit.slice loaded inactive dead Imunify-Scan-aibolit.slice Imunify-Scan.slice loaded inactive dead Imunify-Scan.slice Imunify.slice loaded active active Imunify.slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nfs-client.target loaded inactive dead NFS client services nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpc_pipefs.target loaded inactive dead rpc_pipefs.target rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191516 3648 21:20:48 954-11:02:22 1 /usr/lib/systemd/systemd --system --deserialize 18 - root 0 0 00:00:07 954-11:02:22 2 [kthreadd] - root 0 0 00:00:00 954-11:02:22 4 [kworker/0:0H] - root 0 0 00:03:40 954-11:02:22 6 [ksoftirqd/0] - root 0 0 00:00:42 954-11:02:22 7 [migration/0] - root 0 0 00:00:00 954-11:02:22 8 [rcu_bh] - root 0 0 23:15:42 954-11:02:22 9 [rcu_sched] - root 0 0 00:00:00 954-11:02:22 10 [lru-add-drain] - root 0 0 00:06:09 954-11:02:22 11 [watchdog/0] - root 0 0 00:05:46 954-11:02:22 12 [watchdog/1] - root 0 0 00:08:37 954-11:02:22 13 [migration/1] - root 0 0 00:02:57 954-11:02:22 14 [ksoftirqd/1] - root 0 0 00:00:00 954-11:02:22 16 [kworker/1:0H] - root 0 0 00:05:23 954-11:02:22 17 [watchdog/2] - root 0 0 00:01:19 954-11:02:22 18 [migration/2] - root 0 0 00:02:29 954-11:02:22 19 [ksoftirqd/2] - root 0 0 00:00:00 954-11:02:22 21 [kworker/2:0H] - root 0 0 00:05:22 954-11:02:22 22 [watchdog/3] - root 0 0 00:01:00 954-11:02:22 23 [migration/3] - root 0 0 00:04:59 954-11:02:22 24 [ksoftirqd/3] - root 0 0 00:00:00 954-11:02:22 26 [kworker/3:0H] - root 0 0 00:05:09 954-11:02:22 27 [watchdog/4] - root 0 0 00:04:39 954-11:02:22 28 [migration/4] - root 0 0 00:06:15 954-11:02:22 29 [ksoftirqd/4] - root 0 0 00:00:00 954-11:02:22 31 [kworker/4:0H] - root 0 0 00:06:20 954-11:02:22 32 [watchdog/5] - root 0 0 00:01:21 954-11:02:22 33 [migration/5] - root 0 0 00:37:08 954-11:02:22 34 [ksoftirqd/5] - root 0 0 00:00:00 954-11:02:22 36 [kworker/5:0H] - root 0 0 00:00:00 954-11:02:22 38 [kdevtmpfs] - root 0 0 00:00:00 954-11:02:22 39 [netns] - root 0 0 00:00:41 954-11:02:22 40 [khungtaskd] - root 0 0 00:00:00 954-11:02:22 41 [writeback] - root 0 0 00:00:00 954-11:02:22 42 [kintegrityd] - root 0 0 00:00:00 954-11:02:22 43 [bioset] - root 0 0 00:00:00 954-11:02:22 44 [bioset] - root 0 0 00:00:00 954-11:02:22 45 [bioset] - root 0 0 00:00:00 954-11:02:22 46 [kblockd] - root 0 0 00:00:00 954-11:02:22 47 [md] - root 0 0 00:00:00 954-11:02:22 48 [edac-poller] - root 0 0 00:00:00 954-11:02:22 49 [watchdogd] - root 0 0 00:30:49 954-11:02:22 55 [kswapd0] - root 0 0 00:00:00 954-11:02:22 56 [ksmd] - root 0 0 00:02:58 954-11:02:22 57 [khugepaged] - root 0 0 00:00:00 954-11:02:22 58 [crypto] - root 0 0 00:00:00 954-11:02:22 66 [kthrotld] - root 0 0 00:00:00 954-11:02:22 68 [kmpath_rdacd] - root 0 0 00:00:00 954-11:02:22 69 [kaluad] - root 0 0 00:00:00 954-11:02:22 70 [kpsmoused] - root 0 0 00:00:00 954-11:02:21 72 [ipv6_addrconf] - root 0 0 00:00:00 954-11:02:21 86 [deferwq] - root 0 0 00:54:33 954-11:02:21 197 [kauditd] - root 0 0 00:00:00 954-11:02:21 262 [ata_sff] - root 0 0 00:00:00 954-11:02:21 276 [ttm_swap] - root 0 0 00:00:00 954-11:02:21 280 [scsi_eh_0] - root 0 0 00:00:00 954-11:02:21 281 [scsi_tmf_0] - root 0 0 00:00:00 954-11:02:21 282 [scsi_eh_1] - root 0 0 00:00:00 954-11:02:21 283 [scsi_tmf_1] - root 0 0 00:16:31 954-11:02:21 289 [kworker/3:1H] - root 0 0 00:28:06 954-11:02:21 294 [kworker/0:1H] - root 0 0 00:16:22 954-11:02:21 301 [kworker/4:1H] - root 0 0 03:39:43 954-11:02:21 302 [jbd2/vda1-8] - root 0 0 00:00:00 954-11:02:21 303 [ext4-rsv-conver] - root 0 0 00:02:17 954-11:02:21 309 [kworker/2:1H] - root 0 0 00:00:00 04:46:30 369 [kworker/5:2] - root 0 0 00:17:30 954-11:02:20 372 [kworker/5:1H] - root 0 0 00:03:51 954-11:02:20 374 [kworker/1:1H] 8:memory:/system.slice,6:devices:/system.slice/auditd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/auditd.service root 55532 732 01:59:49 954-11:02:19 458 /sbin/auditd 8:memory:/system.slice,6:devices:/system.slice/dbus.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dbus.service dbus 58296 1412 04:56:08 954-11:02:19 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation - root 0 0 00:22:06 954-11:02:18 671 [loop0] - root 0 0 00:08:36 954-11:02:18 672 [jbd2/loop0-8] - root 0 0 00:00:00 954-11:02:18 673 [ext4-rsv-conver] 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1440 00:00:00 953-09:02:24 1006 nano pdns.conf 8:memory:/system.slice,6:devices:/system.slice/dnsadmin.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dnsadmin.service root 167448 4264 00:41:29 954-11:02:07 1491 dnsadmin - dormant mode 8:memory:/system.slice,6:devices:/system.slice/cpdavd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpdavd.service root 262240 24488 01:26:33 954-11:02:07 1494 cpdavd - accepting connections on: 2091, 2077, 2078 8:memory:/system.slice,6:devices:/system.slice/tailwatchd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/tailwatchd.service root 206988 19288 02:13:08 954-11:02:07 1495 tailwatchd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 190196 12320 05:00:17 954-11:02:07 1497 cPhulkd - processor 8:memory:/system.slice,6:devices:/system.slice/pure-authd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-authd.service root 152776 2036 00:00:03 17-06:30:41 1535 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth 8:memory:/system.slice,6:devices:/system.slice/pure-ftpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-ftpd.service root 153400 3084 00:00:04 17-06:30:41 1536 pure-ftpd (SERVER) 8:memory:/system.slice,6:devices:/system.slice/queueprocd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/queueprocd.service root 224740 15220 00:02:21 12-06:30:40 3563 queueprocd - waiting up to 60s to process a task 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12756 952 00:00:27 12-06:30:27 3697 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12768 976 00:00:21 12-06:30:27 3698 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 53268 11804 00:00:00 12-06:30:27 3699 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect 8:memory:/system.slice,6:devices:/system.slice/p0f.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 9956 3380 00:55:39 12-06:30:22 3885 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 8:memory:/system.slice,6:devices:/system.slice/cpanellogd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanellogd.service root 130412 2792 00:00:06 12-06:30:22 3894 cpanellogd - sleeping for logs 8:memory:/system.slice,6:devices:/system.slice/nscd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/nscd.service nscd 2008308 3160 00:03:52 12-06:30:22 3898 /usr/sbin/nscd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 153624 11984 00:08:29 12-06:30:22 3899 cPhulkd - dbprocessor 8:memory:/system.slice,6:devices:/system.slice/cpanel_php_fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel_php_fpm.service root 298732 5792 00:01:01 12-06:30:18 3969 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/sw-engine.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sw-engine.service root 443168 11664 00:03:12 149-05:34:58 6136 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-background-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 402256 34576 01:52:37 149-05:34:54 6219 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 385704 18500 00:03:21 149-05:34:54 6223 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/cpanel.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel.service root 255732 29044 06:48:50 920-01:38:51 8935 cpsrvd (SSL) - waiting for connections 8:memory:/system.slice,6:devices:/system.slice/pdns.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pdns.service named 851208 51748 00:09:48 60-06:30:19 12713 /usr/sbin/pdns_server --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237428 15544 00:00:01 02:24:46 14353 /usr/sbin/httpd -k start - root 0 0 00:00:01 20:17:52 14617 [kworker/u12:0] - root 0 0 00:00:00 02:11:50 16106 [kworker/3:2] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237476 15508 00:00:01 02:11:50 16108 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237196 15200 00:00:01 02:08:35 16418 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237240 15196 00:00:01 02:06:25 16607 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237228 15208 00:00:01 02:05:38 16645 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237404 15380 00:00:01 02:03:41 16967 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237784 15188 00:00:01 01:40:41 19115 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47504 5032 00:00:04 12-09:19:54 19311 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 48024 5340 00:00:06 12-09:19:54 19312 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 10452 1200 00:00:06 12-09:19:54 19314 dovecot/log 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47532 4632 00:00:06 12-09:19:54 19315 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 48764 6084 00:00:10 12-09:19:54 19316 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 18164 5056 00:00:14 12-09:19:54 19317 dovecot/config 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 13568 1196 00:00:06 12-09:19:54 19318 dovecot/stats 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 230824 11132 00:03:31 34-17:52:04 20033 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 51680 2284 00:00:43 34-17:52:03 20057 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 10320 776 00:00:09 34-17:52:03 20060 dovecot/anvil 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89012 12480 00:01:15 34-17:52:02 20100 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid - root 0 0 00:00:00 01:29:10 20330 [kworker/4:0] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 804 00:00:00 153-06:29:50 20921 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1564 00:50:03 153-06:29:50 20922 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1332 00:00:00 153-06:29:50 20923 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1376 00:00:00 153-06:29:50 20924 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1348 00:00:00 153-06:29:50 20925 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1220 00:18:24 153-06:29:50 20926 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] - root 0 0 00:00:01 07:02:15 21778 [kworker/u12:2] - root 0 0 00:00:00 01:09:10 21948 [kworker/5:1] - root 0 0 00:00:00 13:06:15 22648 [kworker/2:0] - root 0 0 00:00:00 49:10 23745 [kworker/1:2] 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257772 126384 00:00:09 06:29:52 24406 /usr/local/cpanel/3rdparty/perl/536/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 - root 0 0 00:00:00 39:10 24968 [kworker/3:0] - root 0 0 00:00:01 1-00:49:10 25082 [kworker/4:1] 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 259084 123852 00:00:06 06:15:56 25208 spamd child 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257772 122088 00:00:00 06:15:56 25209 spamd child - root 0 0 00:00:00 29:10 25910 [kworker/2:2] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237552 14444 00:00:00 25:07 26237 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237244 14100 00:00:00 25:06 26239 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237308 14040 00:00:00 25:06 26240 /usr/sbin/httpd -k start - root 0 0 00:00:00 24:10 26287 [kworker/1:1] - root 0 0 00:00:00 19:10 26797 [kworker/0:2] 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 41304 3092 00:00:00 09:16 27484 dovecot/auth - root 0 0 00:00:03 1-00:14:06 27971 [kworker/0:1] 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 190196 11168 00:00:00 00:10 28184 cPhulkd - processor - http socket 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 41196 2716 00:00:00 00:10 28185 dovecot/auth -w - root 0 0 00:00:00 00:10 28191 [cpsrvd (SSL) - ] <defunct> 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 4416 00:00:00 00:02 28193 sshd: [accepted] 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service sshd 115644 2624 00:00:00 00:02 28194 sshd: [net] 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@261958-103.179.190.35:6556-164.92.244.132:52800.service root 113584 1864 00:00:00 00:00 28334 /bin/bash /usr/bin/check_mk_agent 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@261958-103.179.190.35:6556-164.92.244.132:52800.service root 49820 1560 00:00:00 00:00 28357 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 608600 13312 00:44:01 159-06:29:29 31387 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/qemu-guest-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 348 00:00:00 159-06:28:29 31521 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 8:memory:/system.slice,6:devices:/system.slice/chronyd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/chronyd.service chrony 121048 1312 00:00:31 159-06:28:28 31540 /usr/sbin/chronyd 8:memory:/system.slice,6:devices:/system.slice/xinetd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/xinetd.service root 27380 248 00:00:00 159-06:28:27 31609 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 8:memory:/system.slice,6:devices:/system.slice/system-serial\x2dgetty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 112 00:00:00 159-06:28:27 31640 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 8:memory:/system.slice,6:devices:/system.slice/smartd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/smartd.service root 52852 1084 00:00:02 159-06:28:27 31655 /usr/sbin/smartd -n -q never 8:memory:/system.slice,6:devices:/system.slice/memcached.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/memcached.service memcached 80044 612 00:11:26 159-06:28:27 31670 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 8:memory:/system.slice,6:devices:/system.slice/atd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/atd.service root 24208 192 00:00:00 159-06:28:27 31690 /usr/sbin/atd -f 8:memory:/system.slice,6:devices:/system.slice/systemd-logind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-logind.service root 25228 1836 00:22:44 159-06:28:27 31705 /usr/lib/systemd/systemd-logind 8:memory:/system.slice,6:devices:/system.slice/mariadb.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/mariadb.service mysql 3881328 645180 1-02:34:33 159-06:28:25 31762 /usr/sbin/mysqld 8:memory:/system.slice,6:devices:/system.slice/system-getty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 112 00:00:00 159-06:28:24 31810 /sbin/agetty --noclear tty1 linux 8:memory:/system.slice,6:devices:/system.slice/rsyslog.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rsyslog.service root 523832 15012 00:47:58 159-06:28:24 31840 /usr/sbin/rsyslogd -n 8:memory:/system.slice,6:devices:/system.slice/systemd-udevd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-udevd.service root 43532 416 00:00:00 159-06:28:21 31961 /usr/lib/systemd/systemd-udevd 8:memory:/system.slice,6:devices:/system.slice/systemd-journald.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-journald.service root 56568 21356 01:12:05 159-06:28:21 31976 /usr/lib/systemd/systemd-journald 8:memory:/system.slice,6:devices:/system.slice/rpcbind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rpcbind.service rpc 69320 1036 00:00:42 159-06:28:21 31993 /sbin/rpcbind -w 8:memory:/system.slice,6:devices:/system.slice/acpid.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/acpid.service root 4388 140 00:00:00 159-06:28:21 32009 /usr/sbin/acpid 8:memory:/system.slice,6:devices:/system.slice/crond.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/crond.service root 124504 1088 00:02:26 159-06:28:21 32032 /usr/sbin/crond -n 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 1364 00:17:47 159-06:28:20 32045 /usr/sbin/sshd -D 8:memory:/system.slice,6:devices:/system.slice/polkit.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/polkit.service polkitd 610540 9100 00:15:33 159-06:28:20 32131 /usr/lib/polkit-1/polkitd --no-debug 8:memory:/system.slice,6:devices:/system.slice/irqbalance.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/irqbalance.service root 21540 508 00:18:20 159-06:28:19 32156 /usr/sbin/irqbalance --foreground Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2024-11-18 00:49 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadf51045f3bFound public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-fs-nfsd.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled var-lib-nfs-rpc_pipefs.mount static brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2745.scope static acpid.service enabled aibolit-resident.service enabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled auth-rpcgss-module.service static autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled gssproxy.service disabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-blkmap.service disabled nfs-config.service static nfs-idmap.service static nfs-idmapd.service static nfs-lock.service static nfs-mountd.service static nfs-rquotad.service disabled nfs-secure.service static nfs-server.service disabled nfs-utils.service static nfs.service disabled nfslock.service static nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-gssd.service static rpc-rquotad.service disabled rpc-statd-notify.service static rpc-statd.service static rpcbind.service enabled rpcgssd.service static rpcidmapd.service static rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nfs-client.target enabled nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpc_pipefs.target static rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 322 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-fs-nfsd.mount loaded inactive dead NFSD configuration filesystem proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-lib-nfs-rpc_pipefs.mount loaded inactive dead RPC Pipe File System var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service auth-rpcgss-module.service loaded inactive dead Kernel Module supporting RPCSEC_GSS * check_mk@104625-103.179.190.34:6556-194.165.16.76:65294.service loaded failed failed Check_MK * check_mk@120978-103.179.190.34:6556-194.165.16.76:65441.service loaded failed failed Check_MK * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK * check_mk@172347-103.179.190.35:6556-45.227.254.48:65517.service loaded failed failed Check_MK * check_mk@197230-103.179.190.34:6556-167.94.138.124:40940.service loaded failed failed Check_MK * check_mk@210696-103.179.190.35:6556-194.165.16.76:65106.service loaded failed failed Check_MK * check_mk@228110-103.179.190.35:6556-194.165.16.76:65495.service loaded failed failed Check_MK * check_mk@232223-103.179.190.35:6556-194.165.16.72:65253.service loaded failed failed Check_MK * check_mk@240753-103.179.190.35:6556-194.165.16.72:65204.service loaded failed failed Check_MK check_mk@261435-103.179.190.35:6556-167.99.210.137:56088.service loaded activating start start Check_MK (167.99.210.137:56088) * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK * check_mk@62547-103.179.190.34:6556-103.83.81.110:58694.service loaded failed failed Check_MK * check_mk@62548-103.179.190.35:6556-103.83.81.110:64910.service loaded failed failed Check_MK * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK * check_mk@81701-103.179.190.34:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@81702-103.179.190.35:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 gssproxy.service loaded inactive dead GSSAPI Proxy Daemon httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.39 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nfs-config.service loaded inactive dead Preprocess NFS configuration nfs-idmapd.service loaded inactive dead NFSv4 ID-name mapping service nfs-mountd.service loaded inactive dead NFS Mount Daemon * nfs-secure-server.service not-found inactive dead nfs-secure-server.service nfs-server.service loaded inactive dead NFS server and services nfs-utils.service loaded inactive dead NFS server and client services nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpc-gssd.service loaded inactive dead RPC security service for NFS client and server rpc-statd-notify.service loaded inactive dead Notify NFS peers of a restart rpc-statd.service loaded inactive dead NFS status monitor for NFSv2/3 locking. rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WP Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WP Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice Imunify-notifier.slice loaded active active Imunify-notifier.slice Imunify-Scan-aibolit.slice loaded inactive dead Imunify-Scan-aibolit.slice Imunify-Scan.slice loaded inactive dead Imunify-Scan.slice Imunify.slice loaded active active Imunify.slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nfs-client.target loaded inactive dead NFS client services nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpc_pipefs.target loaded inactive dead rpc_pipefs.target rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191516 3640 21:18:18 952-13:49:14 1 /usr/lib/systemd/systemd --system --deserialize 18 - root 0 0 00:00:07 952-13:49:14 2 [kthreadd] - root 0 0 00:00:00 952-13:49:14 4 [kworker/0:0H] - root 0 0 00:03:40 952-13:49:14 6 [ksoftirqd/0] - root 0 0 00:00:42 952-13:49:14 7 [migration/0] - root 0 0 00:00:00 952-13:49:14 8 [rcu_bh] - root 0 0 23:12:17 952-13:49:14 9 [rcu_sched] - root 0 0 00:00:00 952-13:49:14 10 [lru-add-drain] - root 0 0 00:06:08 952-13:49:14 11 [watchdog/0] - root 0 0 00:05:45 952-13:49:14 12 [watchdog/1] - root 0 0 00:08:35 952-13:49:14 13 [migration/1] - root 0 0 00:02:56 952-13:49:14 14 [ksoftirqd/1] - root 0 0 00:00:00 952-13:49:14 16 [kworker/1:0H] - root 0 0 00:05:22 952-13:49:14 17 [watchdog/2] - root 0 0 00:01:19 952-13:49:14 18 [migration/2] - root 0 0 00:02:29 952-13:49:14 19 [ksoftirqd/2] - root 0 0 00:00:00 952-13:49:14 21 [kworker/2:0H] - root 0 0 00:05:22 952-13:49:14 22 [watchdog/3] - root 0 0 00:00:59 952-13:49:14 23 [migration/3] - root 0 0 00:04:58 952-13:49:14 24 [ksoftirqd/3] - root 0 0 00:00:00 952-13:49:14 26 [kworker/3:0H] - root 0 0 00:05:09 952-13:49:14 27 [watchdog/4] - root 0 0 00:04:39 952-13:49:14 28 [migration/4] - root 0 0 00:06:14 952-13:49:14 29 [ksoftirqd/4] - root 0 0 00:00:00 952-13:49:14 31 [kworker/4:0H] - root 0 0 00:06:19 952-13:49:14 32 [watchdog/5] - root 0 0 00:01:21 952-13:49:14 33 [migration/5] - root 0 0 00:37:04 952-13:49:14 34 [ksoftirqd/5] - root 0 0 00:00:00 952-13:49:14 36 [kworker/5:0H] - root 0 0 00:00:00 952-13:49:14 38 [kdevtmpfs] - root 0 0 00:00:00 952-13:49:14 39 [netns] - root 0 0 00:00:41 952-13:49:14 40 [khungtaskd] - root 0 0 00:00:00 952-13:49:14 41 [writeback] - root 0 0 00:00:00 952-13:49:14 42 [kintegrityd] - root 0 0 00:00:00 952-13:49:14 43 [bioset] - root 0 0 00:00:00 952-13:49:14 44 [bioset] - root 0 0 00:00:00 952-13:49:14 45 [bioset] - root 0 0 00:00:00 952-13:49:14 46 [kblockd] - root 0 0 00:00:00 952-13:49:14 47 [md] - root 0 0 00:00:00 952-13:49:14 48 [edac-poller] - root 0 0 00:00:00 952-13:49:14 49 [watchdogd] - root 0 0 00:30:48 952-13:49:14 55 [kswapd0] - root 0 0 00:00:00 952-13:49:14 56 [ksmd] - root 0 0 00:02:58 952-13:49:14 57 [khugepaged] - root 0 0 00:00:00 952-13:49:14 58 [crypto] - root 0 0 00:00:00 952-13:49:14 66 [kthrotld] - root 0 0 00:00:00 952-13:49:14 68 [kmpath_rdacd] - root 0 0 00:00:00 952-13:49:14 69 [kaluad] - root 0 0 00:00:00 952-13:49:14 70 [kpsmoused] - root 0 0 00:00:00 952-13:49:13 72 [ipv6_addrconf] - root 0 0 00:00:00 952-13:49:13 86 [deferwq] - root 0 0 00:54:24 952-13:49:13 197 [kauditd] - root 0 0 00:00:00 952-13:49:13 262 [ata_sff] - root 0 0 00:00:00 952-13:49:13 276 [ttm_swap] - root 0 0 00:00:00 952-13:49:13 280 [scsi_eh_0] - root 0 0 00:00:00 952-13:49:13 281 [scsi_tmf_0] - root 0 0 00:00:00 952-13:49:13 282 [scsi_eh_1] - root 0 0 00:00:00 952-13:49:13 283 [scsi_tmf_1] - root 0 0 00:16:28 952-13:49:13 289 [kworker/3:1H] - root 0 0 00:28:03 952-13:49:13 294 [kworker/0:1H] - root 0 0 00:16:19 952-13:49:13 301 [kworker/4:1H] - root 0 0 03:39:13 952-13:49:13 302 [jbd2/vda1-8] - root 0 0 00:00:00 952-13:49:13 303 [ext4-rsv-conver] - root 0 0 00:02:17 952-13:49:13 309 [kworker/2:1H] - root 0 0 00:17:27 952-13:49:12 372 [kworker/5:1H] - root 0 0 00:03:51 952-13:49:12 374 [kworker/1:1H] 8:memory:/system.slice,6:devices:/system.slice/auditd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/auditd.service root 55532 732 01:59:32 952-13:49:11 458 /sbin/auditd 8:memory:/system.slice,6:devices:/system.slice/dbus.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dbus.service dbus 58296 1412 04:55:33 952-13:49:11 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation - root 0 0 00:22:02 952-13:49:10 671 [loop0] - root 0 0 00:08:35 952-13:49:10 672 [jbd2/loop0-8] - root 0 0 00:00:00 952-13:49:10 673 [ext4-rsv-conver] 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1440 00:00:00 951-11:49:16 1006 nano pdns.conf 8:memory:/system.slice,6:devices:/system.slice/dnsadmin.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dnsadmin.service root 167448 4264 00:41:24 952-13:48:59 1491 dnsadmin - dormant mode 8:memory:/system.slice,6:devices:/system.slice/cpdavd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpdavd.service root 262276 24592 01:26:22 952-13:48:59 1494 cpdavd - accepting connections on: 2091, 2077, 2078 8:memory:/system.slice,6:devices:/system.slice/tailwatchd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/tailwatchd.service root 206988 19220 02:12:56 952-13:48:59 1495 tailwatchd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 190192 12320 04:59:38 952-13:48:59 1497 cPhulkd - processor 8:memory:/system.slice,6:devices:/system.slice/pure-authd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-authd.service root 152776 2036 00:00:03 15-09:17:33 1535 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth 8:memory:/system.slice,6:devices:/system.slice/pure-ftpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-ftpd.service root 153400 3084 00:00:04 15-09:17:33 1536 pure-ftpd (SERVER) 8:memory:/system.slice,6:devices:/system.slice/queueprocd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/queueprocd.service root 224740 15188 00:01:59 10-09:17:32 3563 queueprocd - waiting up to 60s to process a task 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12740 952 00:00:23 10-09:17:19 3697 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12748 976 00:00:18 10-09:17:19 3698 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 53268 11804 00:00:00 10-09:17:19 3699 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect 8:memory:/system.slice,6:devices:/system.slice/p0f.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 9956 3380 00:46:51 10-09:17:14 3885 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 8:memory:/system.slice,6:devices:/system.slice/cpanellogd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanellogd.service root 130412 2792 00:00:05 10-09:17:14 3894 cpanellogd - sleeping for logs 8:memory:/system.slice,6:devices:/system.slice/nscd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/nscd.service nscd 2008308 2992 00:03:16 10-09:17:14 3898 /usr/sbin/nscd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 153624 11980 00:07:18 10-09:17:14 3899 cPhulkd - dbprocessor 8:memory:/system.slice,6:devices:/system.slice/cpanel_php_fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel_php_fpm.service root 298732 5792 00:00:51 10-09:17:10 3969 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/sw-engine.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sw-engine.service root 443168 11664 00:03:10 147-08:21:50 6136 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-background-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 402256 34472 01:51:11 147-08:21:46 6219 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 385704 18404 00:03:18 147-08:21:46 6223 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php - root 0 0 00:00:01 15:36:02 7007 [kworker/5:2] 8:memory:/system.slice,6:devices:/system.slice/cpanel.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel.service root 255732 29064 06:47:45 918-04:25:43 8935 cpsrvd (SSL) - waiting for connections - root 0 0 00:00:00 02:58:54 11264 [kworker/u12:0] 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257600 125048 00:00:11 09:15:37 12019 /usr/local/cpanel/3rdparty/perl/536/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 8:memory:/system.slice,6:devices:/system.slice/pdns.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pdns.service named 851208 51476 00:09:29 58-09:17:11 12713 /usr/sbin/pdns_server --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no - root 0 0 00:00:00 02:36:01 13264 [kworker/1:0] - root 0 0 00:00:00 02:36:01 13275 [kworker/0:0] 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 258916 123628 00:00:08 09:01:49 13369 spamd child 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257600 121952 00:00:00 09:01:49 13370 spamd child - root 0 0 00:00:00 02:06:01 16181 [kworker/0:2] 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47504 4776 00:00:04 10-12:06:46 19311 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 48024 5340 00:00:05 10-12:06:46 19312 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 10452 1200 00:00:05 10-12:06:46 19314 dovecot/log 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47400 4632 00:00:06 10-12:06:46 19315 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 48764 6084 00:00:09 10-12:06:46 19316 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 18164 5028 00:00:12 10-12:06:46 19317 dovecot/config 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 13568 1196 00:00:05 10-12:06:46 19318 dovecot/stats 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 230824 11132 00:03:19 32-20:38:56 20033 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 51680 2284 00:00:40 32-20:38:55 20057 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 10320 776 00:00:09 32-20:38:55 20060 dovecot/anvil 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89016 12052 00:01:10 32-20:38:54 20100 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid - root 0 0 00:00:03 07:33:29 20465 [kworker/1:2] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 804 00:00:00 151-09:16:42 20921 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1564 00:49:26 151-09:16:42 20922 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1332 00:00:00 151-09:16:42 20923 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1376 00:00:00 151-09:16:42 20924 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1348 00:00:00 151-09:16:42 20925 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1220 00:18:11 151-09:16:42 20926 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] - root 0 0 00:00:00 01:04:56 21375 [kworker/5:1] - root 0 0 00:00:00 12:55:59 21990 [kworker/2:0] - root 0 0 00:00:00 18:04:54 22654 [kworker/3:2] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237376 14416 00:00:00 47:18 22790 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237584 14088 00:00:00 37:55 23626 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237692 14384 00:00:00 36:09 23801 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237372 14444 00:00:00 36:08 23803 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237308 14052 00:00:00 36:08 23804 /usr/sbin/httpd -k start - root 0 0 00:00:00 36:01 23853 [kworker/4:2] - root 0 0 00:00:00 26:01 24684 [kworker/2:1] - root 0 0 00:00:00 16:01 25495 [kworker/3:0] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237544 14036 00:00:00 13:29 25668 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237416 14012 00:00:00 13:28 25670 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237408 13680 00:00:00 13:28 25671 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237408 13816 00:00:00 13:28 25672 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237408 13996 00:00:00 13:28 25673 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 41196 2920 00:00:00 01:55 26353 dovecot/auth 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 60816 4496 00:00:00 01:54 26377 dovecot/lmtp 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 4232 00:00:00 01:35 26432 sshd: [accepted] 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service sshd 115644 2624 00:00:00 01:35 26433 sshd: [net] 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 4220 00:00:00 00:27 26556 sshd: [accepted] 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service sshd 115644 2620 00:00:00 00:27 26557 sshd: [net] 8:memory:/system.slice,6:devices:/system.slice/cpanel.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel.service root 255732 23796 00:00:00 00:21 26563 cpaneld - serving 80.66.83.49 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@261435-103.179.190.35:6556-167.99.210.137:56088.service root 113584 1864 00:00:00 00:00 26717 /bin/bash /usr/bin/check_mk_agent 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@261435-103.179.190.35:6556-167.99.210.137:56088.service root 49820 1560 00:00:00 00:00 26740 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 - root 0 0 00:00:00 05:51:12 30638 [kworker/u12:1] - root 0 0 00:00:00 05:50:59 30668 [kworker/4:0] 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 608600 13312 00:43:30 157-09:16:21 31387 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/qemu-guest-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 348 00:00:00 157-09:15:21 31521 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 8:memory:/system.slice,6:devices:/system.slice/chronyd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/chronyd.service chrony 121048 1228 00:00:31 157-09:15:20 31540 /usr/sbin/chronyd 8:memory:/system.slice,6:devices:/system.slice/xinetd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/xinetd.service root 27380 248 00:00:00 157-09:15:19 31609 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 8:memory:/system.slice,6:devices:/system.slice/system-serial\x2dgetty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 112 00:00:00 157-09:15:19 31640 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 8:memory:/system.slice,6:devices:/system.slice/smartd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/smartd.service root 52852 1084 00:00:02 157-09:15:19 31655 /usr/sbin/smartd -n -q never 8:memory:/system.slice,6:devices:/system.slice/memcached.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/memcached.service memcached 80044 612 00:11:18 157-09:15:19 31670 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 8:memory:/system.slice,6:devices:/system.slice/atd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/atd.service root 24208 192 00:00:00 157-09:15:19 31690 /usr/sbin/atd -f 8:memory:/system.slice,6:devices:/system.slice/systemd-logind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-logind.service root 25228 1836 00:22:27 157-09:15:19 31705 /usr/lib/systemd/systemd-logind 8:memory:/system.slice,6:devices:/system.slice/mariadb.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/mariadb.service mysql 3881328 645012 1-02:17:29 157-09:15:17 31762 /usr/sbin/mysqld 8:memory:/system.slice,6:devices:/system.slice/system-getty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 112 00:00:00 157-09:15:16 31810 /sbin/agetty --noclear tty1 linux 8:memory:/system.slice,6:devices:/system.slice/rsyslog.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rsyslog.service root 514796 4516 00:47:18 157-09:15:16 31840 /usr/sbin/rsyslogd -n 8:memory:/system.slice,6:devices:/system.slice/systemd-udevd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-udevd.service root 43532 416 00:00:00 157-09:15:13 31961 /usr/lib/systemd/systemd-udevd 8:memory:/system.slice,6:devices:/system.slice/systemd-journald.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-journald.service root 40188 3724 01:11:02 157-09:15:13 31976 /usr/lib/systemd/systemd-journald 8:memory:/system.slice,6:devices:/system.slice/rpcbind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rpcbind.service rpc 69320 1036 00:00:41 157-09:15:13 31993 /sbin/rpcbind -w 8:memory:/system.slice,6:devices:/system.slice/acpid.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/acpid.service root 4388 140 00:00:00 157-09:15:13 32009 /usr/sbin/acpid 8:memory:/system.slice,6:devices:/system.slice/crond.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/crond.service root 124504 1088 00:02:24 157-09:15:13 32032 /usr/sbin/crond -n 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 1364 00:17:29 157-09:15:12 32045 /usr/sbin/sshd -D 8:memory:/system.slice,6:devices:/system.slice/polkit.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/polkit.service polkitd 610540 9100 00:15:22 157-09:15:12 32131 /usr/lib/polkit-1/polkitd --no-debug 8:memory:/system.slice,6:devices:/system.slice/irqbalance.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/irqbalance.service root 21540 508 00:18:07 157-09:15:11 32156 /usr/sbin/irqbalance --foreground Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2024-11-16 03:36 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadf339ce053Found public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-fs-nfsd.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled var-lib-nfs-rpc_pipefs.mount static brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2745.scope static acpid.service enabled aibolit-resident.service enabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled auth-rpcgss-module.service static autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled gssproxy.service disabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-blkmap.service disabled nfs-config.service static nfs-idmap.service static nfs-idmapd.service static nfs-lock.service static nfs-mountd.service static nfs-rquotad.service disabled nfs-secure.service static nfs-server.service disabled nfs-utils.service static nfs.service disabled nfslock.service static nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-gssd.service static rpc-rquotad.service disabled rpc-statd-notify.service static rpc-statd.service static rpcbind.service enabled rpcgssd.service static rpcidmapd.service static rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nfs-client.target enabled nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpc_pipefs.target static rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 322 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-fs-nfsd.mount loaded inactive dead NFSD configuration filesystem proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-lib-nfs-rpc_pipefs.mount loaded inactive dead RPC Pipe File System var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service auth-rpcgss-module.service loaded inactive dead Kernel Module supporting RPCSEC_GSS * check_mk@104625-103.179.190.34:6556-194.165.16.76:65294.service loaded failed failed Check_MK * check_mk@120978-103.179.190.34:6556-194.165.16.76:65441.service loaded failed failed Check_MK * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK * check_mk@172347-103.179.190.35:6556-45.227.254.48:65517.service loaded failed failed Check_MK * check_mk@197230-103.179.190.34:6556-167.94.138.124:40940.service loaded failed failed Check_MK * check_mk@210696-103.179.190.35:6556-194.165.16.76:65106.service loaded failed failed Check_MK * check_mk@228110-103.179.190.35:6556-194.165.16.76:65495.service loaded failed failed Check_MK * check_mk@232223-103.179.190.35:6556-194.165.16.72:65253.service loaded failed failed Check_MK * check_mk@240753-103.179.190.35:6556-194.165.16.72:65204.service loaded failed failed Check_MK check_mk@261397-103.179.190.35:6556-143.110.213.72:52020.service loaded activating start start Check_MK (143.110.213.72:52020) * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK * check_mk@62547-103.179.190.34:6556-103.83.81.110:58694.service loaded failed failed Check_MK * check_mk@62548-103.179.190.35:6556-103.83.81.110:64910.service loaded failed failed Check_MK * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK * check_mk@81701-103.179.190.34:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@81702-103.179.190.35:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 gssproxy.service loaded inactive dead GSSAPI Proxy Daemon httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.39 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nfs-config.service loaded inactive dead Preprocess NFS configuration nfs-idmapd.service loaded inactive dead NFSv4 ID-name mapping service nfs-mountd.service loaded inactive dead NFS Mount Daemon * nfs-secure-server.service not-found inactive dead nfs-secure-server.service nfs-server.service loaded inactive dead NFS server and services nfs-utils.service loaded inactive dead NFS server and client services nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpc-gssd.service loaded inactive dead RPC security service for NFS client and server rpc-statd-notify.service loaded inactive dead Notify NFS peers of a restart rpc-statd.service loaded inactive dead NFS status monitor for NFSv2/3 locking. rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WP Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WP Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice Imunify-notifier.slice loaded active active Imunify-notifier.slice Imunify-Scan-aibolit.slice loaded inactive dead Imunify-Scan-aibolit.slice Imunify-Scan.slice loaded inactive dead Imunify-Scan.slice Imunify.slice loaded active active Imunify.slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nfs-client.target loaded inactive dead NFS client services nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpc_pipefs.target loaded inactive dead rpc_pipefs.target rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191516 3640 21:18:10 952-11:41:27 1 /usr/lib/systemd/systemd --system --deserialize 18 - root 0 0 00:00:07 952-11:41:27 2 [kthreadd] - root 0 0 00:00:00 952-11:41:27 4 [kworker/0:0H] - root 0 0 00:03:40 952-11:41:27 6 [ksoftirqd/0] - root 0 0 00:00:42 952-11:41:27 7 [migration/0] - root 0 0 00:00:00 952-11:41:27 8 [rcu_bh] - root 0 0 23:12:08 952-11:41:27 9 [rcu_sched] - root 0 0 00:00:00 952-11:41:27 10 [lru-add-drain] - root 0 0 00:06:08 952-11:41:27 11 [watchdog/0] - root 0 0 00:05:45 952-11:41:27 12 [watchdog/1] - root 0 0 00:08:35 952-11:41:27 13 [migration/1] - root 0 0 00:02:56 952-11:41:27 14 [ksoftirqd/1] - root 0 0 00:00:00 952-11:41:27 16 [kworker/1:0H] - root 0 0 00:05:22 952-11:41:27 17 [watchdog/2] - root 0 0 00:01:19 952-11:41:27 18 [migration/2] - root 0 0 00:02:29 952-11:41:27 19 [ksoftirqd/2] - root 0 0 00:00:00 952-11:41:27 21 [kworker/2:0H] - root 0 0 00:05:22 952-11:41:27 22 [watchdog/3] - root 0 0 00:00:59 952-11:41:27 23 [migration/3] - root 0 0 00:04:58 952-11:41:27 24 [ksoftirqd/3] - root 0 0 00:00:00 952-11:41:27 26 [kworker/3:0H] - root 0 0 00:05:08 952-11:41:27 27 [watchdog/4] - root 0 0 00:04:39 952-11:41:27 28 [migration/4] - root 0 0 00:06:14 952-11:41:27 29 [ksoftirqd/4] - root 0 0 00:00:00 952-11:41:27 31 [kworker/4:0H] - root 0 0 00:06:19 952-11:41:27 32 [watchdog/5] - root 0 0 00:01:21 952-11:41:27 33 [migration/5] - root 0 0 00:37:04 952-11:41:27 34 [ksoftirqd/5] - root 0 0 00:00:00 952-11:41:27 36 [kworker/5:0H] - root 0 0 00:00:00 952-11:41:27 38 [kdevtmpfs] - root 0 0 00:00:00 952-11:41:27 39 [netns] - root 0 0 00:00:41 952-11:41:27 40 [khungtaskd] - root 0 0 00:00:00 952-11:41:27 41 [writeback] - root 0 0 00:00:00 952-11:41:27 42 [kintegrityd] - root 0 0 00:00:00 952-11:41:27 43 [bioset] - root 0 0 00:00:00 952-11:41:27 44 [bioset] - root 0 0 00:00:00 952-11:41:27 45 [bioset] - root 0 0 00:00:00 952-11:41:27 46 [kblockd] - root 0 0 00:00:00 952-11:41:27 47 [md] - root 0 0 00:00:00 952-11:41:27 48 [edac-poller] - root 0 0 00:00:00 952-11:41:27 49 [watchdogd] - root 0 0 00:30:48 952-11:41:27 55 [kswapd0] - root 0 0 00:00:00 952-11:41:27 56 [ksmd] - root 0 0 00:02:58 952-11:41:27 57 [khugepaged] - root 0 0 00:00:00 952-11:41:27 58 [crypto] - root 0 0 00:00:00 952-11:41:27 66 [kthrotld] - root 0 0 00:00:00 952-11:41:27 68 [kmpath_rdacd] - root 0 0 00:00:00 952-11:41:27 69 [kaluad] - root 0 0 00:00:00 952-11:41:27 70 [kpsmoused] - root 0 0 00:00:00 952-11:41:26 72 [ipv6_addrconf] - root 0 0 00:00:00 952-11:41:26 86 [deferwq] - root 0 0 00:54:24 952-11:41:26 197 [kauditd] - root 0 0 00:00:00 952-11:41:26 262 [ata_sff] - root 0 0 00:00:00 952-11:41:26 276 [ttm_swap] - root 0 0 00:00:00 952-11:41:26 280 [scsi_eh_0] - root 0 0 00:00:00 952-11:41:26 281 [scsi_tmf_0] - root 0 0 00:00:00 952-11:41:26 282 [scsi_eh_1] - root 0 0 00:00:00 952-11:41:26 283 [scsi_tmf_1] - root 0 0 00:16:28 952-11:41:26 289 [kworker/3:1H] - root 0 0 00:28:03 952-11:41:26 294 [kworker/0:1H] - root 0 0 00:16:19 952-11:41:26 301 [kworker/4:1H] - root 0 0 03:39:11 952-11:41:26 302 [jbd2/vda1-8] - root 0 0 00:00:00 952-11:41:26 303 [ext4-rsv-conver] - root 0 0 00:02:17 952-11:41:26 309 [kworker/2:1H] - root 0 0 00:17:27 952-11:41:25 372 [kworker/5:1H] - root 0 0 00:03:51 952-11:41:25 374 [kworker/1:1H] 8:memory:/system.slice,6:devices:/system.slice/auditd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/auditd.service root 55532 728 01:59:31 952-11:41:24 458 /sbin/auditd 8:memory:/system.slice,6:devices:/system.slice/dbus.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dbus.service dbus 58296 1412 04:55:31 952-11:41:24 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation - root 0 0 00:22:02 952-11:41:23 671 [loop0] - root 0 0 00:08:35 952-11:41:23 672 [jbd2/loop0-8] - root 0 0 00:00:00 952-11:41:23 673 [ext4-rsv-conver] 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1440 00:00:00 951-09:41:29 1006 nano pdns.conf 8:memory:/system.slice,6:devices:/system.slice/dnsadmin.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dnsadmin.service root 167448 4264 00:41:23 952-11:41:12 1491 dnsadmin - dormant mode 8:memory:/system.slice,6:devices:/system.slice/cpdavd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpdavd.service root 183896 6680 01:26:21 952-11:41:12 1494 cpdavd - accepting connections on: 2091, 2077, 2078 (dormant) 8:memory:/system.slice,6:devices:/system.slice/tailwatchd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/tailwatchd.service root 206988 19212 02:12:55 952-11:41:12 1495 tailwatchd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 190192 12316 04:59:37 952-11:41:12 1497 cPhulkd - processor 8:memory:/system.slice,6:devices:/system.slice/pure-authd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-authd.service root 152776 2036 00:00:03 15-07:09:46 1535 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth 8:memory:/system.slice,6:devices:/system.slice/pure-ftpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-ftpd.service root 153400 3084 00:00:04 15-07:09:46 1536 pure-ftpd (SERVER) 8:memory:/system.slice,6:devices:/system.slice/queueprocd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/queueprocd.service root 224740 15188 00:01:58 10-07:09:45 3563 queueprocd - waiting up to 60s to process a task 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12760 952 00:00:22 10-07:09:32 3697 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12768 976 00:00:18 10-07:09:32 3698 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 53268 11804 00:00:00 10-07:09:32 3699 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237460 15028 00:00:01 02:30:33 3801 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/p0f.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 9956 3380 00:46:27 10-07:09:27 3885 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 8:memory:/system.slice,6:devices:/system.slice/cpanellogd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanellogd.service root 130412 2792 00:00:05 10-07:09:27 3894 cpanellogd - sleeping for logs 8:memory:/system.slice,6:devices:/system.slice/nscd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/nscd.service nscd 2008308 2992 00:03:15 10-07:09:27 3898 /usr/sbin/nscd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 153624 11980 00:07:16 10-07:09:27 3899 cPhulkd - dbprocessor 8:memory:/system.slice,6:devices:/system.slice/cpanel_php_fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel_php_fpm.service root 298732 5792 00:00:51 10-07:09:23 3969 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237268 14748 00:00:01 02:24:25 4277 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237352 14872 00:00:01 02:23:42 4331 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/sw-engine.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sw-engine.service root 443168 11664 00:03:10 147-06:14:03 6136 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-background-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 402256 34472 01:51:07 147-06:13:59 6219 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 385704 18404 00:03:18 147-06:13:59 6223 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php - root 0 0 00:00:01 13:28:15 7007 [kworker/5:2] 8:memory:/system.slice,6:devices:/system.slice/cpanel.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel.service root 255732 29060 06:47:42 918-02:17:56 8935 cpsrvd (SSL) - waiting for connections - root 0 0 00:00:00 07:23:11 9971 [kworker/0:1] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237324 14472 00:00:00 01:10:01 10226 /usr/sbin/httpd -k start - root 0 0 00:00:00 51:07 11264 [kworker/u12:0] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237352 14476 00:00:00 41:49 11954 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237384 14512 00:00:00 41:46 11956 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236956 14168 00:00:00 41:24 11977 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257600 125048 00:00:10 07:07:50 12019 /usr/local/cpanel/3rdparty/perl/536/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236964 13908 00:00:00 37:35 12439 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237016 14008 00:00:00 37:32 12441 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237000 14056 00:00:00 36:22 12578 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/pdns.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pdns.service named 851208 51472 00:09:29 58-07:09:24 12713 /usr/sbin/pdns_server --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no - root 0 0 00:00:00 28:14 13264 [kworker/1:0] - root 0 0 00:00:00 28:14 13268 [kworker/3:1] - root 0 0 00:00:00 28:14 13275 [kworker/0:0] 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 258916 123628 00:00:06 06:54:02 13369 spamd child 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257600 121952 00:00:00 06:54:02 13370 spamd child - root 0 0 00:00:00 21:14 13757 [kworker/4:2] - root 0 0 00:00:00 18:14 13954 [kworker/5:1] - root 0 0 00:00:00 08:14 14763 [kworker/2:1] - root 0 0 00:00:00 02:52 15231 [kworker/5:0] 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 41196 2908 00:00:00 01:59 15593 dovecot/auth 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 41196 2716 00:00:00 01:57 15596 dovecot/auth -w 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 4228 00:00:00 01:02 15659 sshd: [accepted] 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service sshd 115644 2620 00:00:00 01:01 15660 sshd: [net] 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 60816 4496 00:00:00 00:55 15708 dovecot/lmtp 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 4228 00:00:00 00:21 15775 sshd: [accepted] 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@261397-103.179.190.35:6556-143.110.213.72:52020.service root 113560 1860 00:00:00 00:00 15935 /bin/bash /usr/bin/check_mk_agent 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@261397-103.179.190.35:6556-143.110.213.72:52020.service root 49820 1560 00:00:00 00:00 15958 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47504 4776 00:00:04 10-09:58:59 19311 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 48024 5340 00:00:05 10-09:58:59 19312 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 10452 1200 00:00:05 10-09:58:59 19314 dovecot/log 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47400 4632 00:00:05 10-09:58:59 19315 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 48764 6084 00:00:09 10-09:58:59 19316 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 18164 5028 00:00:12 10-09:58:59 19317 dovecot/config 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 13568 1196 00:00:05 10-09:58:59 19318 dovecot/stats 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 230824 11132 00:03:19 32-18:31:09 20033 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 51680 2284 00:00:40 32-18:31:08 20057 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 10320 776 00:00:09 32-18:31:08 20060 dovecot/anvil 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89016 12052 00:01:09 32-18:31:07 20100 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid - root 0 0 00:00:02 05:25:42 20465 [kworker/1:2] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 804 00:00:00 151-07:08:55 20921 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1564 00:49:24 151-07:08:55 20922 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1332 00:00:00 151-07:08:55 20923 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1376 00:00:00 151-07:08:55 20924 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1348 00:00:00 151-07:08:55 20925 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1220 00:18:10 151-07:08:55 20926 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] - root 0 0 00:00:00 10:48:12 21990 [kworker/2:0] - root 0 0 00:00:00 15:57:07 22654 [kworker/3:2] - root 0 0 00:00:00 03:43:25 30638 [kworker/u12:1] - root 0 0 00:00:00 03:43:12 30668 [kworker/4:0] 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 608600 13312 00:43:29 157-07:08:34 31387 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/qemu-guest-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 348 00:00:00 157-07:07:34 31521 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 8:memory:/system.slice,6:devices:/system.slice/chronyd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/chronyd.service chrony 121048 1228 00:00:31 157-07:07:33 31540 /usr/sbin/chronyd 8:memory:/system.slice,6:devices:/system.slice/xinetd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/xinetd.service root 27380 248 00:00:00 157-07:07:32 31609 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 8:memory:/system.slice,6:devices:/system.slice/system-serial\x2dgetty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 112 00:00:00 157-07:07:32 31640 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 8:memory:/system.slice,6:devices:/system.slice/smartd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/smartd.service root 52852 1084 00:00:02 157-07:07:32 31655 /usr/sbin/smartd -n -q never 8:memory:/system.slice,6:devices:/system.slice/memcached.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/memcached.service memcached 80044 612 00:11:17 157-07:07:32 31670 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 8:memory:/system.slice,6:devices:/system.slice/atd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/atd.service root 24208 192 00:00:00 157-07:07:32 31690 /usr/sbin/atd -f 8:memory:/system.slice,6:devices:/system.slice/systemd-logind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-logind.service root 25228 1836 00:22:26 157-07:07:32 31705 /usr/lib/systemd/systemd-logind 8:memory:/system.slice,6:devices:/system.slice/mariadb.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/mariadb.service mysql 3881328 644980 1-02:16:39 157-07:07:30 31762 /usr/sbin/mysqld 8:memory:/system.slice,6:devices:/system.slice/system-getty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 112 00:00:00 157-07:07:29 31810 /sbin/agetty --noclear tty1 linux 8:memory:/system.slice,6:devices:/system.slice/rsyslog.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rsyslog.service root 539376 17004 00:47:17 157-07:07:29 31840 /usr/sbin/rsyslogd -n 8:memory:/system.slice,6:devices:/system.slice/systemd-udevd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-udevd.service root 43532 416 00:00:00 157-07:07:26 31961 /usr/lib/systemd/systemd-udevd 8:memory:/system.slice,6:devices:/system.slice/systemd-journald.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-journald.service root 64804 26076 01:11:00 157-07:07:26 31976 /usr/lib/systemd/systemd-journald 8:memory:/system.slice,6:devices:/system.slice/rpcbind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rpcbind.service rpc 69320 1024 00:00:41 157-07:07:26 31993 /sbin/rpcbind -w 8:memory:/system.slice,6:devices:/system.slice/acpid.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/acpid.service root 4388 140 00:00:00 157-07:07:26 32009 /usr/sbin/acpid 8:memory:/system.slice,6:devices:/system.slice/crond.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/crond.service root 124504 1088 00:02:24 157-07:07:26 32032 /usr/sbin/crond -n 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 1364 00:17:29 157-07:07:25 32045 /usr/sbin/sshd -D 8:memory:/system.slice,6:devices:/system.slice/polkit.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/polkit.service polkitd 610540 9100 00:15:21 157-07:07:25 32131 /usr/lib/polkit-1/polkitd --no-debug 8:memory:/system.slice,6:devices:/system.slice/irqbalance.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/irqbalance.service root 21540 508 00:18:06 157-07:07:24 32156 /usr/sbin/irqbalance --foreground Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2024-11-16 01:28 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadffa518602Found public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-fs-nfsd.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled var-lib-nfs-rpc_pipefs.mount static brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2745.scope static acpid.service enabled aibolit-resident.service enabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled auth-rpcgss-module.service static autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled gssproxy.service disabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-blkmap.service disabled nfs-config.service static nfs-idmap.service static nfs-idmapd.service static nfs-lock.service static nfs-mountd.service static nfs-rquotad.service disabled nfs-secure.service static nfs-server.service disabled nfs-utils.service static nfs.service disabled nfslock.service static nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-gssd.service static rpc-rquotad.service disabled rpc-statd-notify.service static rpc-statd.service static rpcbind.service enabled rpcgssd.service static rpcidmapd.service static rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nfs-client.target enabled nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpc_pipefs.target static rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 322 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-fs-nfsd.mount loaded inactive dead NFSD configuration filesystem proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-lib-nfs-rpc_pipefs.mount loaded inactive dead RPC Pipe File System var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service auth-rpcgss-module.service loaded inactive dead Kernel Module supporting RPCSEC_GSS * check_mk@104625-103.179.190.34:6556-194.165.16.76:65294.service loaded failed failed Check_MK * check_mk@120978-103.179.190.34:6556-194.165.16.76:65441.service loaded failed failed Check_MK * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK * check_mk@172347-103.179.190.35:6556-45.227.254.48:65517.service loaded failed failed Check_MK * check_mk@197230-103.179.190.34:6556-167.94.138.124:40940.service loaded failed failed Check_MK * check_mk@210696-103.179.190.35:6556-194.165.16.76:65106.service loaded failed failed Check_MK * check_mk@228110-103.179.190.35:6556-194.165.16.76:65495.service loaded failed failed Check_MK * check_mk@232223-103.179.190.35:6556-194.165.16.72:65253.service loaded failed failed Check_MK * check_mk@240753-103.179.190.35:6556-194.165.16.72:65204.service loaded failed failed Check_MK check_mk@260611-103.179.190.35:6556-46.101.1.225:36328.service loaded activating start start Check_MK (46.101.1.225:36328) * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK * check_mk@62547-103.179.190.34:6556-103.83.81.110:58694.service loaded failed failed Check_MK * check_mk@62548-103.179.190.35:6556-103.83.81.110:64910.service loaded failed failed Check_MK * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK * check_mk@81701-103.179.190.34:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@81702-103.179.190.35:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 gssproxy.service loaded inactive dead GSSAPI Proxy Daemon httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.39 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nfs-config.service loaded inactive dead Preprocess NFS configuration nfs-idmapd.service loaded inactive dead NFSv4 ID-name mapping service nfs-mountd.service loaded inactive dead NFS Mount Daemon * nfs-secure-server.service not-found inactive dead nfs-secure-server.service nfs-server.service loaded inactive dead NFS server and services nfs-utils.service loaded inactive dead NFS server and client services nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpc-gssd.service loaded inactive dead RPC security service for NFS client and server rpc-statd-notify.service loaded inactive dead Notify NFS peers of a restart rpc-statd.service loaded inactive dead NFS status monitor for NFSv2/3 locking. rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WP Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WP Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice Imunify-notifier.slice loaded active active Imunify-notifier.slice Imunify-Scan-aibolit.slice loaded inactive dead Imunify-Scan-aibolit.slice Imunify-Scan.slice loaded inactive dead Imunify-Scan.slice Imunify.slice loaded active active Imunify.slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nfs-client.target loaded inactive dead NFS client services nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpc_pipefs.target loaded inactive dead rpc_pipefs.target rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191516 3644 21:15:04 950-11:04:17 1 /usr/lib/systemd/systemd --system --deserialize 18 - root 0 0 00:00:07 950-11:04:17 2 [kthreadd] - root 0 0 00:00:00 950-11:04:17 4 [kworker/0:0H] - root 0 0 00:03:39 950-11:04:17 6 [ksoftirqd/0] - root 0 0 00:00:42 950-11:04:17 7 [migration/0] - root 0 0 00:00:00 950-11:04:17 8 [rcu_bh] - root 0 0 23:08:18 950-11:04:17 9 [rcu_sched] - root 0 0 00:00:00 950-11:04:17 10 [lru-add-drain] - root 0 0 00:06:07 950-11:04:17 11 [watchdog/0] - root 0 0 00:05:44 950-11:04:17 12 [watchdog/1] - root 0 0 00:08:34 950-11:04:17 13 [migration/1] - root 0 0 00:02:56 950-11:04:17 14 [ksoftirqd/1] - root 0 0 00:00:00 950-11:04:17 16 [kworker/1:0H] - root 0 0 00:05:22 950-11:04:17 17 [watchdog/2] - root 0 0 00:01:19 950-11:04:17 18 [migration/2] - root 0 0 00:02:28 950-11:04:17 19 [ksoftirqd/2] - root 0 0 00:00:00 950-11:04:17 21 [kworker/2:0H] - root 0 0 00:05:21 950-11:04:17 22 [watchdog/3] - root 0 0 00:00:59 950-11:04:17 23 [migration/3] - root 0 0 00:04:57 950-11:04:17 24 [ksoftirqd/3] - root 0 0 00:00:00 950-11:04:17 26 [kworker/3:0H] - root 0 0 00:05:08 950-11:04:17 27 [watchdog/4] - root 0 0 00:04:38 950-11:04:17 28 [migration/4] - root 0 0 00:06:14 950-11:04:17 29 [ksoftirqd/4] - root 0 0 00:00:00 950-11:04:17 31 [kworker/4:0H] - root 0 0 00:06:18 950-11:04:17 32 [watchdog/5] - root 0 0 00:01:21 950-11:04:17 33 [migration/5] - root 0 0 00:36:59 950-11:04:17 34 [ksoftirqd/5] - root 0 0 00:00:00 950-11:04:17 36 [kworker/5:0H] - root 0 0 00:00:00 950-11:04:17 38 [kdevtmpfs] - root 0 0 00:00:00 950-11:04:17 39 [netns] - root 0 0 00:00:41 950-11:04:17 40 [khungtaskd] - root 0 0 00:00:00 950-11:04:17 41 [writeback] - root 0 0 00:00:00 950-11:04:17 42 [kintegrityd] - root 0 0 00:00:00 950-11:04:17 43 [bioset] - root 0 0 00:00:00 950-11:04:17 44 [bioset] - root 0 0 00:00:00 950-11:04:17 45 [bioset] - root 0 0 00:00:00 950-11:04:17 46 [kblockd] - root 0 0 00:00:00 950-11:04:17 47 [md] - root 0 0 00:00:00 950-11:04:17 48 [edac-poller] - root 0 0 00:00:00 950-11:04:17 49 [watchdogd] - root 0 0 00:30:37 950-11:04:17 55 [kswapd0] - root 0 0 00:00:00 950-11:04:17 56 [ksmd] - root 0 0 00:02:57 950-11:04:17 57 [khugepaged] - root 0 0 00:00:00 950-11:04:17 58 [crypto] - root 0 0 00:00:00 950-11:04:17 66 [kthrotld] - root 0 0 00:00:00 950-11:04:17 68 [kmpath_rdacd] - root 0 0 00:00:00 950-11:04:17 69 [kaluad] - root 0 0 00:00:00 950-11:04:17 70 [kpsmoused] - root 0 0 00:00:00 950-11:04:16 72 [ipv6_addrconf] - root 0 0 00:00:00 950-11:04:16 86 [deferwq] - root 0 0 00:54:14 950-11:04:16 197 [kauditd] - root 0 0 00:00:00 950-11:04:16 262 [ata_sff] - root 0 0 00:00:00 950-11:04:16 276 [ttm_swap] - root 0 0 00:00:00 950-11:04:16 280 [scsi_eh_0] - root 0 0 00:00:00 950-11:04:16 281 [scsi_tmf_0] - root 0 0 00:00:00 950-11:04:16 282 [scsi_eh_1] - root 0 0 00:00:00 950-11:04:16 283 [scsi_tmf_1] - root 0 0 00:16:25 950-11:04:16 289 [kworker/3:1H] - root 0 0 00:27:58 950-11:04:16 294 [kworker/0:1H] - root 0 0 00:16:16 950-11:04:16 301 [kworker/4:1H] - root 0 0 03:38:33 950-11:04:16 302 [jbd2/vda1-8] - root 0 0 00:00:00 950-11:04:16 303 [ext4-rsv-conver] - root 0 0 00:02:16 950-11:04:16 309 [kworker/2:1H] - root 0 0 00:17:24 950-11:04:15 372 [kworker/5:1H] - root 0 0 00:03:50 950-11:04:15 374 [kworker/1:1H] 8:memory:/system.slice,6:devices:/system.slice/auditd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/auditd.service root 55532 732 01:59:10 950-11:04:14 458 /sbin/auditd 8:memory:/system.slice,6:devices:/system.slice/dbus.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dbus.service dbus 58296 1412 04:54:54 950-11:04:14 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation - root 0 0 00:21:58 950-11:04:13 671 [loop0] - root 0 0 00:08:33 950-11:04:13 672 [jbd2/loop0-8] - root 0 0 00:00:00 950-11:04:13 673 [ext4-rsv-conver] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237204 14316 00:00:00 32:42 701 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237140 14308 00:00:00 32:10 825 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237052 14044 00:00:00 32:09 826 /usr/sbin/httpd -k start 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1440 00:00:00 949-09:04:19 1006 nano pdns.conf 8:memory:/system.slice,6:devices:/system.slice/dnsadmin.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dnsadmin.service root 167448 4264 00:41:17 950-11:04:02 1491 dnsadmin - dormant mode 8:memory:/system.slice,6:devices:/system.slice/cpdavd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpdavd.service root 262256 24588 01:26:08 950-11:04:02 1494 cpdavd - accepting connections on: 2091, 2077, 2078 8:memory:/system.slice,6:devices:/system.slice/tailwatchd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/tailwatchd.service root 206988 19208 02:12:42 950-11:04:02 1495 tailwatchd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 190192 12316 04:58:50 950-11:04:02 1497 cPhulkd - processor 8:memory:/system.slice,6:devices:/system.slice/pure-authd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-authd.service root 152776 2040 00:00:03 13-06:32:36 1535 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth 8:memory:/system.slice,6:devices:/system.slice/pure-ftpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-ftpd.service root 153400 3096 00:00:03 13-06:32:36 1536 pure-ftpd (SERVER) - root 0 0 00:00:00 21:04 2053 [kworker/5:1] - root 0 0 00:00:00 16:05 2500 [kworker/2:2] - root 0 0 00:00:00 11:05 2851 [kworker/0:2] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237788 15392 00:00:01 05:10:13 3139 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237416 15224 00:00:01 05:10:13 3140 /usr/sbin/httpd -k start - root 0 0 00:00:00 06:02 3238 [kworker/3:0] 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 41196 2920 00:00:00 04:42 3341 dovecot/auth 8:memory:/system.slice,6:devices:/system.slice/queueprocd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/queueprocd.service root 224740 15244 00:01:35 8-06:32:35 3563 queueprocd - waiting up to 60s to process a task 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12748 964 00:00:18 8-06:32:22 3697 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12752 984 00:00:14 8-06:32:22 3698 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 53268 11808 00:00:00 8-06:32:22 3699 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect - root 0 0 00:00:00 00:08 3815 [cpsrvd (SSL) - ] <defunct> 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 162132 5816 00:00:00 00:07 3817 sshd: root [priv] 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service sshd 115644 2624 00:00:00 00:07 3818 sshd: root [net] 8:memory:/system.slice,6:devices:/system.slice/p0f.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 9956 3392 00:37:16 8-06:32:17 3885 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 8:memory:/system.slice,6:devices:/system.slice/cpanellogd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanellogd.service root 130412 2792 00:00:04 8-06:32:17 3894 cpanellogd - sleeping for logs 8:memory:/system.slice,6:devices:/system.slice/nscd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/nscd.service nscd 2008308 3140 00:02:35 8-06:32:17 3898 /usr/sbin/nscd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 153244 11580 00:05:46 8-06:32:17 3899 cPhulkd - dbprocessor 8:memory:/system.slice,6:devices:/system.slice/cpanel_php_fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel_php_fpm.service root 298732 5800 00:00:41 8-06:32:13 3969 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@260611-103.179.190.35:6556-46.101.1.225:36328.service root 113416 1584 00:00:00 00:00 3984 /bin/bash /usr/bin/check_mk_agent 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@260611-103.179.190.35:6556-46.101.1.225:36328.service root 49820 1560 00:00:00 00:00 4007 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 8:memory:/system.slice,6:devices:/system.slice/sw-engine.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sw-engine.service root 443168 11664 00:03:07 145-05:36:53 6136 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-background-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 402256 34576 01:49:35 145-05:36:49 6219 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 385704 18500 00:03:16 145-05:36:49 6223 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/cpanel.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel.service root 255732 29128 06:46:35 916-01:40:46 8935 cpsrvd (SSL) - waiting for connections - root 0 0 00:00:00 03:55:54 12676 [kworker/4:2] 8:memory:/system.slice,6:devices:/system.slice/pdns.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pdns.service named 851208 51736 00:09:09 56-06:32:14 12713 /usr/sbin/pdns_server --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no - root 0 0 00:00:03 09:41:04 12764 [kworker/1:1] - root 0 0 00:00:01 09:40:05 12996 [kworker/u12:1] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237420 15132 00:00:00 03:49:20 13426 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237252 14936 00:00:00 03:34:21 14906 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237304 14992 00:00:00 03:34:20 14911 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237292 14916 00:00:00 03:34:19 14915 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237248 14892 00:00:00 03:34:19 14917 /usr/sbin/httpd -k start - root 0 0 00:00:00 08:31:05 18336 [kworker/2:1] - root 0 0 00:00:01 08:26:01 18560 [kworker/0:0] 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47236 4664 00:00:03 8-09:21:49 19311 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 48024 5556 00:00:04 8-09:21:49 19312 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 10452 1248 00:00:04 8-09:21:49 19314 dovecot/log 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47400 4708 00:00:05 8-09:21:49 19315 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 48764 6296 00:00:08 8-09:21:49 19316 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 18164 5088 00:00:09 8-09:21:49 19317 dovecot/config 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 13568 1240 00:00:04 8-09:21:49 19318 dovecot/stats 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 230824 11152 00:03:06 30-17:53:59 20033 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 51680 2308 00:00:37 30-17:53:58 20057 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 10320 780 00:00:08 30-17:53:58 20060 dovecot/anvil 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89016 12448 00:01:03 30-17:53:57 20100 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 804 00:00:00 149-06:31:45 20921 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1564 00:48:45 149-06:31:45 20922 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1340 00:00:00 149-06:31:45 20923 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1388 00:00:00 149-06:31:45 20924 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1356 00:00:00 149-06:31:45 20925 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1220 00:17:56 149-06:31:45 20926 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] - root 0 0 00:00:00 01:46:03 26300 [kworker/4:1] - root 0 0 00:00:00 01:31:04 27809 [kworker/1:2] 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257780 126404 00:00:09 06:31:45 28351 /usr/local/cpanel/3rdparty/perl/536/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 259056 123784 00:00:06 06:17:47 29563 spamd child 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257780 122144 00:00:00 06:17:47 29564 spamd child - root 0 0 00:00:00 01:01:05 30618 [kworker/5:2] 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 608600 13340 00:42:56 155-06:31:24 31387 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/qemu-guest-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 348 00:00:00 155-06:30:24 31521 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 8:memory:/system.slice,6:devices:/system.slice/chronyd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/chronyd.service chrony 121048 1188 00:00:30 155-06:30:23 31540 /usr/sbin/chronyd 8:memory:/system.slice,6:devices:/system.slice/xinetd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/xinetd.service root 27380 248 00:00:00 155-06:30:22 31609 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 8:memory:/system.slice,6:devices:/system.slice/system-serial\x2dgetty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 112 00:00:00 155-06:30:22 31640 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 8:memory:/system.slice,6:devices:/system.slice/smartd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/smartd.service root 52852 964 00:00:02 155-06:30:22 31655 /usr/sbin/smartd -n -q never 8:memory:/system.slice,6:devices:/system.slice/memcached.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/memcached.service memcached 80044 612 00:11:09 155-06:30:22 31670 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 8:memory:/system.slice,6:devices:/system.slice/atd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/atd.service root 24208 192 00:00:00 155-06:30:22 31690 /usr/sbin/atd -f 8:memory:/system.slice,6:devices:/system.slice/systemd-logind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-logind.service root 25228 1836 00:22:09 155-06:30:22 31705 /usr/lib/systemd/systemd-logind 8:memory:/system.slice,6:devices:/system.slice/mariadb.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/mariadb.service mysql 3881328 645476 1-01:57:16 155-06:30:20 31762 /usr/sbin/mysqld 8:memory:/system.slice,6:devices:/system.slice/system-getty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 112 00:00:00 155-06:30:19 31810 /sbin/agetty --noclear tty1 linux 8:memory:/system.slice,6:devices:/system.slice/rsyslog.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rsyslog.service root 514832 4228 00:46:31 155-06:30:19 31840 /usr/sbin/rsyslogd -n 8:memory:/system.slice,6:devices:/system.slice/systemd-udevd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-udevd.service root 43532 416 00:00:00 155-06:30:16 31961 /usr/lib/systemd/systemd-udevd 8:memory:/system.slice,6:devices:/system.slice/systemd-journald.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-journald.service root 40188 3352 01:09:45 155-06:30:16 31976 /usr/lib/systemd/systemd-journald 8:memory:/system.slice,6:devices:/system.slice/rpcbind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rpcbind.service rpc 69320 1036 00:00:41 155-06:30:16 31993 /sbin/rpcbind -w 8:memory:/system.slice,6:devices:/system.slice/acpid.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/acpid.service root 4388 140 00:00:00 155-06:30:16 32009 /usr/sbin/acpid 8:memory:/system.slice,6:devices:/system.slice/crond.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/crond.service root 124504 1088 00:02:22 155-06:30:16 32032 /usr/sbin/crond -n 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 1364 00:17:07 155-06:30:15 32045 /usr/sbin/sshd -D 8:memory:/system.slice,6:devices:/system.slice/polkit.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/polkit.service polkitd 610540 9104 00:15:10 155-06:30:15 32131 /usr/lib/polkit-1/polkitd --no-debug 8:memory:/system.slice,6:devices:/system.slice/irqbalance.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/irqbalance.service root 21540 508 00:17:52 155-06:30:14 32156 /usr/sbin/irqbalance --foreground - root 0 0 00:00:00 41:05 32455 [kworker/3:2] - root 0 0 00:00:00 37:49 32651 [kworker/u12:2] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2024-11-14 00:51 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadf81a0f5cfFound public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-fs-nfsd.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled var-lib-nfs-rpc_pipefs.mount static brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2386591.scope static session-2745.scope static acpid.service enabled aibolit-resident.service enabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled auth-rpcgss-module.service static autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled gssproxy.service disabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-blkmap.service disabled nfs-config.service static nfs-idmap.service static nfs-idmapd.service static nfs-lock.service static nfs-mountd.service static nfs-rquotad.service disabled nfs-secure.service static nfs-server.service disabled nfs-utils.service static nfs.service disabled nfslock.service static nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-gssd.service static rpc-rquotad.service disabled rpc-statd-notify.service static rpc-statd.service static rpcbind.service enabled rpcgssd.service static rpcidmapd.service static rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nfs-client.target enabled nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpc_pipefs.target static rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 323 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-fs-nfsd.mount loaded inactive dead NFSD configuration filesystem proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-lib-nfs-rpc_pipefs.mount loaded inactive dead RPC Pipe File System var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2386591.scope loaded active running Session 2386591 of user root session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service auth-rpcgss-module.service loaded inactive dead Kernel Module supporting RPCSEC_GSS * check_mk@104625-103.179.190.34:6556-194.165.16.76:65294.service loaded failed failed Check_MK * check_mk@120978-103.179.190.34:6556-194.165.16.76:65441.service loaded failed failed Check_MK * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK * check_mk@172347-103.179.190.35:6556-45.227.254.48:65517.service loaded failed failed Check_MK * check_mk@197230-103.179.190.34:6556-167.94.138.124:40940.service loaded failed failed Check_MK * check_mk@210696-103.179.190.35:6556-194.165.16.76:65106.service loaded failed failed Check_MK * check_mk@228110-103.179.190.35:6556-194.165.16.76:65495.service loaded failed failed Check_MK * check_mk@232223-103.179.190.35:6556-194.165.16.72:65253.service loaded failed failed Check_MK * check_mk@240753-103.179.190.35:6556-194.165.16.72:65204.service loaded failed failed Check_MK check_mk@260095-103.179.190.35:6556-64.227.70.2:45974.service loaded activating start start Check_MK (64.227.70.2:45974) * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK * check_mk@62547-103.179.190.34:6556-103.83.81.110:58694.service loaded failed failed Check_MK * check_mk@62548-103.179.190.35:6556-103.83.81.110:64910.service loaded failed failed Check_MK * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK * check_mk@81701-103.179.190.34:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@81702-103.179.190.35:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 gssproxy.service loaded inactive dead GSSAPI Proxy Daemon httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.39 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nfs-config.service loaded inactive dead Preprocess NFS configuration nfs-idmapd.service loaded inactive dead NFSv4 ID-name mapping service nfs-mountd.service loaded inactive dead NFS Mount Daemon * nfs-secure-server.service not-found inactive dead nfs-secure-server.service nfs-server.service loaded inactive dead NFS server and services nfs-utils.service loaded inactive dead NFS server and client services nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpc-gssd.service loaded inactive dead RPC security service for NFS client and server rpc-statd-notify.service loaded inactive dead Notify NFS peers of a restart rpc-statd.service loaded inactive dead NFS status monitor for NFSv2/3 locking. rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WP Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WP Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice Imunify-notifier.slice loaded active active Imunify-notifier.slice Imunify-Scan-aibolit.slice loaded inactive dead Imunify-Scan-aibolit.slice Imunify-Scan.slice loaded inactive dead Imunify-Scan.slice Imunify.slice loaded active active Imunify.slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nfs-client.target loaded inactive dead NFS client services nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpc_pipefs.target loaded inactive dead rpc_pipefs.target rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191516 3644 21:12:28 948-11:03:25 1 /usr/lib/systemd/systemd --system --deserialize 18 - root 0 0 00:00:07 948-11:03:25 2 [kthreadd] - root 0 0 00:00:00 948-11:03:25 4 [kworker/0:0H] - root 0 0 00:03:39 948-11:03:25 6 [ksoftirqd/0] - root 0 0 00:00:42 948-11:03:25 7 [migration/0] - root 0 0 00:00:00 948-11:03:25 8 [rcu_bh] - root 0 0 23:04:18 948-11:03:25 9 [rcu_sched] - root 0 0 00:00:00 948-11:03:25 10 [lru-add-drain] - root 0 0 00:06:06 948-11:03:25 11 [watchdog/0] - root 0 0 00:05:44 948-11:03:25 12 [watchdog/1] - root 0 0 00:08:33 948-11:03:25 13 [migration/1] - root 0 0 00:02:56 948-11:03:25 14 [ksoftirqd/1] - root 0 0 00:00:00 948-11:03:25 16 [kworker/1:0H] - root 0 0 00:05:21 948-11:03:25 17 [watchdog/2] - root 0 0 00:01:19 948-11:03:25 18 [migration/2] - root 0 0 00:02:28 948-11:03:25 19 [ksoftirqd/2] - root 0 0 00:00:00 948-11:03:25 21 [kworker/2:0H] - root 0 0 00:05:20 948-11:03:25 22 [watchdog/3] - root 0 0 00:00:59 948-11:03:25 23 [migration/3] - root 0 0 00:04:56 948-11:03:25 24 [ksoftirqd/3] - root 0 0 00:00:00 948-11:03:25 26 [kworker/3:0H] - root 0 0 00:05:07 948-11:03:25 27 [watchdog/4] - root 0 0 00:04:37 948-11:03:25 28 [migration/4] - root 0 0 00:06:12 948-11:03:25 29 [ksoftirqd/4] - root 0 0 00:00:00 948-11:03:25 31 [kworker/4:0H] - root 0 0 00:06:17 948-11:03:25 32 [watchdog/5] - root 0 0 00:01:20 948-11:03:25 33 [migration/5] - root 0 0 00:36:54 948-11:03:25 34 [ksoftirqd/5] - root 0 0 00:00:00 948-11:03:25 36 [kworker/5:0H] - root 0 0 00:00:00 948-11:03:25 38 [kdevtmpfs] - root 0 0 00:00:00 948-11:03:25 39 [netns] - root 0 0 00:00:41 948-11:03:25 40 [khungtaskd] - root 0 0 00:00:00 948-11:03:25 41 [writeback] - root 0 0 00:00:00 948-11:03:25 42 [kintegrityd] - root 0 0 00:00:00 948-11:03:25 43 [bioset] - root 0 0 00:00:00 948-11:03:25 44 [bioset] - root 0 0 00:00:00 948-11:03:25 45 [bioset] - root 0 0 00:00:00 948-11:03:25 46 [kblockd] - root 0 0 00:00:00 948-11:03:25 47 [md] - root 0 0 00:00:00 948-11:03:25 48 [edac-poller] - root 0 0 00:00:00 948-11:03:25 49 [watchdogd] - root 0 0 00:30:37 948-11:03:25 55 [kswapd0] - root 0 0 00:00:00 948-11:03:25 56 [ksmd] - root 0 0 00:02:57 948-11:03:25 57 [khugepaged] - root 0 0 00:00:00 948-11:03:25 58 [crypto] - root 0 0 00:00:00 948-11:03:25 66 [kthrotld] - root 0 0 00:00:00 948-11:03:25 68 [kmpath_rdacd] - root 0 0 00:00:00 948-11:03:25 69 [kaluad] - root 0 0 00:00:00 948-11:03:25 70 [kpsmoused] - root 0 0 00:00:00 948-11:03:24 72 [ipv6_addrconf] - root 0 0 00:00:00 948-11:03:24 86 [deferwq] - root 0 0 00:54:05 948-11:03:24 197 [kauditd] - root 0 0 00:00:00 948-11:03:24 262 [ata_sff] - root 0 0 00:00:00 948-11:03:24 276 [ttm_swap] - root 0 0 00:00:00 948-11:03:24 280 [scsi_eh_0] - root 0 0 00:00:00 948-11:03:24 281 [scsi_tmf_0] - root 0 0 00:00:00 948-11:03:24 282 [scsi_eh_1] - root 0 0 00:00:00 948-11:03:24 283 [scsi_tmf_1] - root 0 0 00:16:23 948-11:03:24 289 [kworker/3:1H] - root 0 0 00:27:52 948-11:03:24 294 [kworker/0:1H] - root 0 0 00:16:14 948-11:03:24 301 [kworker/4:1H] - root 0 0 03:37:51 948-11:03:24 302 [jbd2/vda1-8] - root 0 0 00:00:00 948-11:03:24 303 [ext4-rsv-conver] - root 0 0 00:02:16 948-11:03:24 309 [kworker/2:1H] - root 0 0 00:17:21 948-11:03:23 372 [kworker/5:1H] - root 0 0 00:03:49 948-11:03:23 374 [kworker/1:1H] 8:memory:/system.slice,6:devices:/system.slice/auditd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/auditd.service root 55532 732 01:58:49 948-11:03:22 458 /sbin/auditd 8:memory:/system.slice,6:devices:/system.slice/dbus.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dbus.service dbus 58296 1412 04:54:16 948-11:03:22 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation - root 0 0 00:21:54 948-11:03:21 671 [loop0] - root 0 0 00:08:31 948-11:03:21 672 [jbd2/loop0-8] - root 0 0 00:00:00 948-11:03:21 673 [ext4-rsv-conver] 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1440 00:00:00 947-09:03:27 1006 nano pdns.conf 8:memory:/system.slice,6:devices:/system.slice/dnsadmin.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dnsadmin.service root 167448 4260 00:41:11 948-11:03:10 1491 dnsadmin - dormant mode 8:memory:/system.slice,6:devices:/system.slice/cpdavd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpdavd.service root 183896 6684 01:25:56 948-11:03:10 1494 cpdavd - accepting connections on: 2091, 2077, 2078 (dormant) 8:memory:/system.slice,6:devices:/system.slice/tailwatchd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/tailwatchd.service root 207080 19128 02:12:30 948-11:03:10 1495 tailwatchd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 190176 12296 04:58:03 948-11:03:10 1497 cPhulkd - processor 8:memory:/system.slice,6:devices:/system.slice/pure-authd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-authd.service root 152776 2040 00:00:03 11-06:31:44 1535 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth 8:memory:/system.slice,6:devices:/system.slice/pure-ftpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-ftpd.service root 153400 3096 00:00:03 11-06:31:44 1536 pure-ftpd (SERVER) - root 0 0 00:00:00 03:10:27 2121 [kworker/2:0] - root 0 0 00:00:00 03:00:12 3153 [kworker/3:2] 8:memory:/system.slice,6:devices:/system.slice/queueprocd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/queueprocd.service root 224740 15240 00:01:11 6-06:31:43 3563 queueprocd - waiting up to 60s to process a task 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12740 964 00:00:13 6-06:31:30 3697 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12748 984 00:00:10 6-06:31:30 3698 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 53268 11808 00:00:00 6-06:31:30 3699 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect 8:memory:/system.slice,6:devices:/system.slice/p0f.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 9968 3392 00:27:54 6-06:31:25 3885 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 8:memory:/system.slice,6:devices:/system.slice/cpanellogd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanellogd.service root 130412 2792 00:00:03 6-06:31:25 3894 cpanellogd - sleeping for logs 8:memory:/system.slice,6:devices:/system.slice/nscd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/nscd.service nscd 2008308 3136 00:01:59 6-06:31:25 3898 /usr/sbin/nscd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 153136 11428 00:04:15 6-06:31:25 3899 cPhulkd - dbprocessor 8:memory:/system.slice,6:devices:/system.slice/cpanel_php_fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel_php_fpm.service root 298732 5800 00:00:30 6-06:31:21 3969 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/sw-engine.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sw-engine.service root 443168 11664 00:03:05 143-05:36:01 6136 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-background-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 402256 34576 01:48:04 143-05:35:57 6219 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 385704 18496 00:03:13 143-05:35:57 6223 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237380 14868 00:00:00 01:52:29 8326 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237408 14784 00:00:00 01:52:27 8329 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/cpanel.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel.service root 168356 4900 06:45:28 914-01:39:54 8935 cpsrvd (SSL) - dormant mode - accepting connections - root 0 0 00:00:00 15:18:09 9732 [kworker/3:0] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237316 14456 00:00:00 01:20:23 10522 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237184 14364 00:00:00 01:20:21 10524 /usr/sbin/httpd -k start - root 0 0 00:00:00 01:15:12 10944 [kworker/4:2] - root 0 0 00:00:00 01:05:08 11615 [kworker/5:2] - root 0 0 00:00:00 01:00:12 11901 [kworker/0:1] - root 0 0 00:00:00 50:09 12464 [kworker/4:1] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237152 13748 00:00:00 49:18 12489 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/pdns.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pdns.service named 851208 51736 00:08:49 54-06:31:22 12713 /usr/sbin/pdns_server --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no - root 0 0 00:00:00 30:12 13633 [kworker/1:2] - root 0 0 00:00:00 18:10 14865 [kworker/5:0] - root 0 0 00:00:00 13:16 15289 [kworker/u12:0] - root 0 0 00:00:00 10:12 15529 [kworker/2:1] 8:memory:/user.slice,6:devices:/user.slice,5:cpuacct,cpu:/user.slice,3:blkio:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2386591.scope root 185004 2588 00:00:00 00:12 16586 /usr/sbin/CROND -n 8:memory:/user.slice,6:devices:/user.slice,5:cpuacct,cpu:/user.slice,3:blkio:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2386591.scope root 113280 1208 00:00:00 00:12 16590 /bin/sh -c bash -c "sleep $((RANDOM % 60))" ; /opt/imunify360/venv/share/imunify360/scripts/check-detached.py > /dev/null 2>&1 || : 8:memory:/user.slice,6:devices:/user.slice,5:cpuacct,cpu:/user.slice,3:blkio:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2386591.scope root 108052 356 00:00:00 00:12 16594 sleep 31 - root 0 0 00:00:00 00:12 16608 [kworker/0:2] - root 0 0 00:00:00 00:12 16611 [kworker/1:1] 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 157116 5108 00:00:00 00:02 16628 sshd: unknown [priv] 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service sshd 115644 2864 00:00:00 00:02 16629 sshd: unknown [net] 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 4240 00:00:00 00:01 16631 sshd: [accepted] 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 4228 00:00:00 00:00 16764 sshd: [accepted] 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service sshd 115644 2620 00:00:00 00:00 16766 sshd: [net] 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@260095-103.179.190.35:6556-64.227.70.2:45974.service root 113552 1860 00:00:00 00:00 16773 /bin/bash /usr/bin/check_mk_agent 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@260095-103.179.190.35:6556-64.227.70.2:45974.service root 49820 1560 00:00:00 00:00 16796 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257768 126384 00:00:09 06:30:56 16954 /usr/local/cpanel/3rdparty/perl/536/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 259080 123848 00:00:06 06:20:18 17771 spamd child 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257768 122156 00:00:00 06:20:18 17772 spamd child 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47236 4692 00:00:02 6-09:20:57 19311 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 48024 5584 00:00:04 6-09:20:57 19312 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 10452 1248 00:00:03 6-09:20:57 19314 dovecot/log 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47400 4708 00:00:04 6-09:20:57 19315 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 48764 6328 00:00:07 6-09:20:57 19316 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 18164 5088 00:00:07 6-09:20:57 19317 dovecot/config 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 13568 1240 00:00:03 6-09:20:57 19318 dovecot/stats 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 230824 11152 00:02:54 28-17:53:07 20033 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 51680 2304 00:00:35 28-17:53:06 20057 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 10320 780 00:00:07 28-17:53:06 20060 dovecot/anvil 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89016 12464 00:00:57 28-17:53:05 20100 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 804 00:00:00 147-06:30:53 20921 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1564 00:48:06 147-06:30:53 20922 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1340 00:00:00 147-06:30:53 20923 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1388 00:00:00 147-06:30:53 20924 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1356 00:00:00 147-06:30:53 20925 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1220 00:17:41 147-06:30:53 20926 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] - root 0 0 00:00:00 05:00:12 23707 [kworker/u12:1] - root 0 0 00:00:24 2-00:25:12 24127 [kworker/1:0] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237632 15356 00:00:01 04:45:21 26135 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237340 14988 00:00:01 04:23:51 28713 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237272 15072 00:00:01 04:11:56 29785 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237728 15280 00:00:01 04:11:56 29786 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237736 15328 00:00:01 04:11:56 29787 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 608600 13340 00:42:23 153-06:30:32 31387 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/qemu-guest-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 348 00:00:00 153-06:29:32 31521 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 8:memory:/system.slice,6:devices:/system.slice/chronyd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/chronyd.service chrony 121048 1140 00:00:30 153-06:29:31 31540 /usr/sbin/chronyd - root 0 0 00:00:03 1-01:49:13 31557 [kworker/0:0] 8:memory:/system.slice,6:devices:/system.slice/xinetd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/xinetd.service root 27380 248 00:00:00 153-06:29:30 31609 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 8:memory:/system.slice,6:devices:/system.slice/system-serial\x2dgetty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 112 00:00:00 153-06:29:30 31640 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 8:memory:/system.slice,6:devices:/system.slice/smartd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/smartd.service root 52852 964 00:00:02 153-06:29:30 31655 /usr/sbin/smartd -n -q never 8:memory:/system.slice,6:devices:/system.slice/memcached.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/memcached.service memcached 80044 612 00:11:00 153-06:29:30 31670 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 8:memory:/system.slice,6:devices:/system.slice/atd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/atd.service root 24208 192 00:00:00 153-06:29:30 31690 /usr/sbin/atd -f 8:memory:/system.slice,6:devices:/system.slice/systemd-logind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-logind.service root 25228 1836 00:21:51 153-06:29:30 31705 /usr/lib/systemd/systemd-logind 8:memory:/system.slice,6:devices:/system.slice/mariadb.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/mariadb.service mysql 3881328 645188 1-01:33:45 153-06:29:28 31762 /usr/sbin/mysqld 8:memory:/system.slice,6:devices:/system.slice/system-getty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 112 00:00:00 153-06:29:27 31810 /sbin/agetty --noclear tty1 linux 8:memory:/system.slice,6:devices:/system.slice/rsyslog.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rsyslog.service root 523376 14904 00:45:46 153-06:29:27 31840 /usr/sbin/rsyslogd -n 8:memory:/system.slice,6:devices:/system.slice/systemd-udevd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-udevd.service root 43532 416 00:00:00 153-06:29:24 31961 /usr/lib/systemd/systemd-udevd 8:memory:/system.slice,6:devices:/system.slice/systemd-journald.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-journald.service root 56596 21200 01:08:32 153-06:29:24 31976 /usr/lib/systemd/systemd-journald 8:memory:/system.slice,6:devices:/system.slice/rpcbind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rpcbind.service rpc 69320 1036 00:00:40 153-06:29:24 31993 /sbin/rpcbind -w 8:memory:/system.slice,6:devices:/system.slice/acpid.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/acpid.service root 4388 140 00:00:00 153-06:29:24 32009 /usr/sbin/acpid 8:memory:/system.slice,6:devices:/system.slice/crond.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/crond.service root 124504 1088 00:02:20 153-06:29:24 32032 /usr/sbin/crond -n 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 1364 00:16:45 153-06:29:23 32045 /usr/sbin/sshd -D 8:memory:/system.slice,6:devices:/system.slice/polkit.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/polkit.service polkitd 610540 9104 00:14:57 153-06:29:23 32131 /usr/lib/polkit-1/polkitd --no-debug 8:memory:/system.slice,6:devices:/system.slice/irqbalance.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/irqbalance.service root 21540 508 00:17:38 153-06:29:22 32156 /usr/sbin/irqbalance --foreground Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2024-11-12 00:50 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadffd809eeeFound public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-fs-nfsd.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled var-lib-nfs-rpc_pipefs.mount static brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2380842.scope static session-2745.scope static acpid.service enabled aibolit-resident.service enabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled auth-rpcgss-module.service static autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled gssproxy.service disabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-blkmap.service disabled nfs-config.service static nfs-idmap.service static nfs-idmapd.service static nfs-lock.service static nfs-mountd.service static nfs-rquotad.service disabled nfs-secure.service static nfs-server.service disabled nfs-utils.service static nfs.service disabled nfslock.service static nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-gssd.service static rpc-rquotad.service disabled rpc-statd-notify.service static rpc-statd.service static rpcbind.service enabled rpcgssd.service static rpcidmapd.service static rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nfs-client.target enabled nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpc_pipefs.target static rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 323 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-fs-nfsd.mount loaded inactive dead NFSD configuration filesystem proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-lib-nfs-rpc_pipefs.mount loaded inactive dead RPC Pipe File System var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2380842.scope loaded active running Session 2380842 of user root session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service auth-rpcgss-module.service loaded inactive dead Kernel Module supporting RPCSEC_GSS * check_mk@104625-103.179.190.34:6556-194.165.16.76:65294.service loaded failed failed Check_MK * check_mk@120978-103.179.190.34:6556-194.165.16.76:65441.service loaded failed failed Check_MK * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK * check_mk@172347-103.179.190.35:6556-45.227.254.48:65517.service loaded failed failed Check_MK * check_mk@197230-103.179.190.34:6556-167.94.138.124:40940.service loaded failed failed Check_MK * check_mk@210696-103.179.190.35:6556-194.165.16.76:65106.service loaded failed failed Check_MK * check_mk@228110-103.179.190.35:6556-194.165.16.76:65495.service loaded failed failed Check_MK * check_mk@232223-103.179.190.35:6556-194.165.16.72:65253.service loaded failed failed Check_MK * check_mk@240753-103.179.190.35:6556-194.165.16.72:65204.service loaded failed failed Check_MK check_mk@259858-103.179.190.35:6556-64.227.32.66:52586.service loaded activating start start Check_MK (64.227.32.66:52586) * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK * check_mk@62547-103.179.190.34:6556-103.83.81.110:58694.service loaded failed failed Check_MK * check_mk@62548-103.179.190.35:6556-103.83.81.110:64910.service loaded failed failed Check_MK * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK * check_mk@81701-103.179.190.34:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@81702-103.179.190.35:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 gssproxy.service loaded inactive dead GSSAPI Proxy Daemon httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.39 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nfs-config.service loaded inactive dead Preprocess NFS configuration nfs-idmapd.service loaded inactive dead NFSv4 ID-name mapping service nfs-mountd.service loaded inactive dead NFS Mount Daemon * nfs-secure-server.service not-found inactive dead nfs-secure-server.service nfs-server.service loaded inactive dead NFS server and services nfs-utils.service loaded inactive dead NFS server and client services nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpc-gssd.service loaded inactive dead RPC security service for NFS client and server rpc-statd-notify.service loaded inactive dead Notify NFS peers of a restart rpc-statd.service loaded inactive dead NFS status monitor for NFSv2/3 locking. rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WP Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WP Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice Imunify-notifier.slice loaded active active Imunify-notifier.slice Imunify-Scan-aibolit.slice loaded inactive dead Imunify-Scan-aibolit.slice Imunify-Scan.slice loaded inactive dead Imunify-Scan.slice Imunify.slice loaded active active Imunify.slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nfs-client.target loaded inactive dead NFS client services nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpc_pipefs.target loaded inactive dead rpc_pipefs.target rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191516 3644 21:10:22 946-08:27:40 1 /usr/lib/systemd/systemd --system --deserialize 18 - root 0 0 00:00:07 946-08:27:40 2 [kthreadd] - root 0 0 00:00:00 946-08:27:40 4 [kworker/0:0H] - root 0 0 00:03:39 946-08:27:40 6 [ksoftirqd/0] - root 0 0 00:00:41 946-08:27:40 7 [migration/0] - root 0 0 00:00:00 946-08:27:40 8 [rcu_bh] - root 0 0 23:00:35 946-08:27:40 9 [rcu_sched] - root 0 0 00:00:00 946-08:27:40 10 [lru-add-drain] - root 0 0 00:06:06 946-08:27:40 11 [watchdog/0] - root 0 0 00:05:43 946-08:27:40 12 [watchdog/1] - root 0 0 00:08:31 946-08:27:40 13 [migration/1] - root 0 0 00:02:55 946-08:27:40 14 [ksoftirqd/1] - root 0 0 00:00:00 946-08:27:40 16 [kworker/1:0H] - root 0 0 00:05:20 946-08:27:40 17 [watchdog/2] - root 0 0 00:01:19 946-08:27:40 18 [migration/2] - root 0 0 00:02:28 946-08:27:40 19 [ksoftirqd/2] - root 0 0 00:00:00 946-08:27:40 21 [kworker/2:0H] - root 0 0 00:05:20 946-08:27:40 22 [watchdog/3] - root 0 0 00:00:59 946-08:27:40 23 [migration/3] - root 0 0 00:04:56 946-08:27:40 24 [ksoftirqd/3] - root 0 0 00:00:00 946-08:27:40 26 [kworker/3:0H] - root 0 0 00:05:07 946-08:27:40 27 [watchdog/4] - root 0 0 00:04:37 946-08:27:40 28 [migration/4] - root 0 0 00:06:11 946-08:27:40 29 [ksoftirqd/4] - root 0 0 00:00:00 946-08:27:40 31 [kworker/4:0H] - root 0 0 00:06:16 946-08:27:40 32 [watchdog/5] - root 0 0 00:01:20 946-08:27:40 33 [migration/5] - root 0 0 00:36:49 946-08:27:40 34 [ksoftirqd/5] - root 0 0 00:00:00 946-08:27:40 36 [kworker/5:0H] - root 0 0 00:00:00 946-08:27:40 38 [kdevtmpfs] - root 0 0 00:00:00 946-08:27:40 39 [netns] - root 0 0 00:00:41 946-08:27:40 40 [khungtaskd] - root 0 0 00:00:00 946-08:27:40 41 [writeback] - root 0 0 00:00:00 946-08:27:40 42 [kintegrityd] - root 0 0 00:00:00 946-08:27:40 43 [bioset] - root 0 0 00:00:00 946-08:27:40 44 [bioset] - root 0 0 00:00:00 946-08:27:40 45 [bioset] - root 0 0 00:00:00 946-08:27:40 46 [kblockd] - root 0 0 00:00:00 946-08:27:40 47 [md] - root 0 0 00:00:00 946-08:27:40 48 [edac-poller] - root 0 0 00:00:00 946-08:27:40 49 [watchdogd] - root 0 0 00:30:35 946-08:27:40 55 [kswapd0] - root 0 0 00:00:00 946-08:27:40 56 [ksmd] - root 0 0 00:02:56 946-08:27:40 57 [khugepaged] - root 0 0 00:00:00 946-08:27:40 58 [crypto] - root 0 0 00:00:00 946-08:27:40 66 [kthrotld] - root 0 0 00:00:00 946-08:27:40 68 [kmpath_rdacd] - root 0 0 00:00:00 946-08:27:40 69 [kaluad] - root 0 0 00:00:00 946-08:27:40 70 [kpsmoused] - root 0 0 00:00:00 946-08:27:39 72 [ipv6_addrconf] - root 0 0 00:00:00 946-08:27:39 86 [deferwq] - root 0 0 00:53:55 946-08:27:39 197 [kauditd] - root 0 0 00:00:00 946-08:27:39 262 [ata_sff] - root 0 0 00:00:00 946-08:27:39 276 [ttm_swap] - root 0 0 00:00:00 946-08:27:39 280 [scsi_eh_0] - root 0 0 00:00:00 946-08:27:39 281 [scsi_tmf_0] - root 0 0 00:00:00 946-08:27:39 282 [scsi_eh_1] - root 0 0 00:00:00 946-08:27:39 283 [scsi_tmf_1] - root 0 0 00:16:20 946-08:27:39 289 [kworker/3:1H] - root 0 0 00:27:50 946-08:27:39 294 [kworker/0:1H] - root 0 0 00:16:11 946-08:27:39 301 [kworker/4:1H] - root 0 0 03:37:20 946-08:27:39 302 [jbd2/vda1-8] - root 0 0 00:00:00 946-08:27:39 303 [ext4-rsv-conver] - root 0 0 00:02:16 946-08:27:39 309 [kworker/2:1H] - root 0 0 00:17:18 946-08:27:38 372 [kworker/5:1H] - root 0 0 00:03:49 946-08:27:38 374 [kworker/1:1H] - root 0 0 00:00:00 02:08:30 405 [kworker/1:2] 8:memory:/system.slice,6:devices:/system.slice/auditd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/auditd.service root 55532 732 01:58:28 946-08:27:37 458 /sbin/auditd 8:memory:/system.slice,6:devices:/system.slice/dbus.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dbus.service dbus 58296 1412 04:53:38 946-08:27:37 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation - root 0 0 00:21:51 946-08:27:36 671 [loop0] - root 0 0 00:08:30 946-08:27:36 672 [jbd2/loop0-8] - root 0 0 00:00:00 946-08:27:36 673 [ext4-rsv-conver] 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1440 00:00:00 945-06:27:42 1006 nano pdns.conf 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237264 14664 00:00:00 01:58:32 1475 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/dnsadmin.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dnsadmin.service root 167448 4264 00:41:06 946-08:27:25 1491 dnsadmin - dormant mode 8:memory:/system.slice,6:devices:/system.slice/cpdavd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpdavd.service root 183896 6680 01:25:43 946-08:27:25 1494 cpdavd - accepting connections on: 2091, 2077, 2078 (dormant) 8:memory:/system.slice,6:devices:/system.slice/tailwatchd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/tailwatchd.service root 207164 19316 02:12:16 946-08:27:25 1495 tailwatchd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 190176 12296 04:57:19 946-08:27:25 1497 cPhulkd - processor 8:memory:/system.slice,6:devices:/system.slice/pure-authd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-authd.service root 152776 2040 00:00:02 9-03:55:59 1535 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth 8:memory:/system.slice,6:devices:/system.slice/pure-ftpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-ftpd.service root 153400 3096 00:00:03 9-03:55:59 1536 pure-ftpd (SERVER) - root 0 0 00:00:00 01:54:23 1814 [kworker/3:0] - root 0 0 00:00:00 01:32:18 3521 [kworker/u12:1] 8:memory:/system.slice,6:devices:/system.slice/queueprocd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/queueprocd.service root 224740 15200 00:00:48 4-03:55:58 3563 queueprocd - waiting up to 60s to process a task 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12760 964 00:00:09 4-03:55:45 3697 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12768 980 00:00:07 4-03:55:45 3698 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 53268 11808 00:00:00 4-03:55:45 3699 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect 8:memory:/system.slice,6:devices:/system.slice/p0f.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 9972 3384 00:18:19 4-03:55:40 3885 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 8:memory:/system.slice,6:devices:/system.slice/cpanellogd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanellogd.service root 130412 2792 00:00:02 4-03:55:40 3894 cpanellogd - sleeping for logs 8:memory:/system.slice,6:devices:/system.slice/nscd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/nscd.service nscd 2008308 3116 00:01:19 4-03:55:40 3898 /usr/sbin/nscd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 153136 11428 00:02:52 4-03:55:40 3899 cPhulkd - dbprocessor 8:memory:/system.slice,6:devices:/system.slice/cpanel_php_fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel_php_fpm.service root 298732 5800 00:00:20 4-03:55:36 3969 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) - root 0 0 00:00:00 01:24:26 4194 [kworker/4:0] - root 0 0 00:00:00 01:13:27 5130 [kworker/0:2] 8:memory:/system.slice,6:devices:/system.slice/sw-engine.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sw-engine.service root 443168 11664 00:03:02 141-03:00:16 6136 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-background-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 402256 34576 01:46:29 141-03:00:12 6219 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 385704 18496 00:03:10 141-03:00:12 6223 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php - root 0 0 00:00:00 06:57:26 7500 [kworker/4:1] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237356 14348 00:00:00 47:06 7544 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237268 14660 00:00:00 47:05 7550 /usr/sbin/httpd -k start - root 0 0 00:00:00 44:26 7881 [kworker/5:1] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237160 14472 00:00:00 36:12 8465 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237304 14372 00:00:00 36:11 8469 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237228 14188 00:00:00 36:10 8471 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/cpanel.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel.service root 168356 4904 06:44:15 911-23:04:09 8935 cpsrvd (SSL) - dormant mode - accepting connections - root 0 0 00:00:00 24:26 9349 [kworker/3:1] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236956 13260 00:00:00 12:19 10468 /usr/sbin/httpd -k start - root 0 0 00:00:00 04:27 11095 [kworker/4:2] 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 41196 2920 00:00:00 03:17 11158 dovecot/auth 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 4232 00:00:00 01:11 11342 sshd: [accepted] 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service sshd 115644 2628 00:00:00 01:10 11344 sshd: [net] 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service dothingaynay 678380 82084 00:00:01 00:18 11385 php-fpm: pool dothingaynay_vn 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 157116 5076 00:00:00 00:04 11397 sshd: unknown [priv] 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service sshd 115644 2628 00:00:00 00:04 11398 sshd: unknown [net] 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 162132 5812 00:00:00 00:02 11399 sshd: root [priv] 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service sshd 115644 2620 00:00:00 00:02 11400 sshd: root [net] 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@259858-103.179.190.35:6556-64.227.32.66:52586.service root 113552 1592 00:00:00 00:00 11542 /bin/bash /usr/bin/check_mk_agent 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@259858-103.179.190.35:6556-64.227.32.66:52586.service root 49820 1560 00:00:00 00:00 11565 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 - root 0 0 00:00:05 12:14:25 12000 [kworker/1:1] 8:memory:/system.slice,6:devices:/system.slice/pdns.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pdns.service named 851208 51728 00:08:29 52-03:55:37 12713 /usr/sbin/pdns_server --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no - root 0 0 00:00:00 11:38:56 15082 [kworker/5:2] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237436 15280 00:00:01 05:16:11 16135 /usr/sbin/httpd -k start - root 0 0 00:00:02 1-22:43:50 18339 [kworker/2:1] 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47236 4692 00:00:02 4-06:45:12 19311 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47124 4584 00:00:01 4-06:45:12 19312 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 10452 1248 00:00:02 4-06:45:12 19314 dovecot/log 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47400 4708 00:00:03 4-06:45:12 19315 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47488 4976 00:00:03 4-06:45:12 19316 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 18164 5088 00:00:04 4-06:45:12 19317 dovecot/config 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 13568 1240 00:00:02 4-06:45:12 19318 dovecot/stats 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 230824 11152 00:02:41 26-15:17:22 20033 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 51680 2304 00:00:32 26-15:17:21 20057 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 10320 780 00:00:07 26-15:17:21 20060 dovecot/anvil 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89016 12464 00:00:51 26-15:17:20 20100 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 8:memory:/user.slice,6:devices:/user.slice,5:cpuacct,cpu:/user.slice,3:blkio:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2380842.scope root 185004 2584 00:00:00 04:14:25 20615 /usr/sbin/CROND -n 8:memory:/user.slice,6:devices:/user.slice,5:cpuacct,cpu:/user.slice,3:blkio:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2380842.scope root 113280 1204 00:00:00 04:14:25 20618 /bin/sh -c sleep $((1 + RANDOM % 5))h $((1 + RANDOM % 60))m; /usr/local/bin/wp-toolkit update-configuration > /dev/null 2> /dev/null || /usr/local/cpanel/3rdparty/wp-toolkit/bin/wp-toolkit-installer.sh --generate-configs > /dev/null 2> /dev/null; /usr/bin/yum -y update wp-toolkit-cpanel > /dev/null 2> /dev/null 8:memory:/user.slice,6:devices:/user.slice,5:cpuacct,cpu:/user.slice,3:blkio:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2380842.scope root 108052 360 00:00:00 04:14:25 20619 sleep 4h 18m 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 804 00:00:00 145-03:55:08 20921 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1564 00:47:25 145-03:55:08 20922 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1340 00:00:00 145-03:55:08 20923 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1388 00:00:00 145-03:55:08 20924 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1356 00:00:00 145-03:55:08 20925 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1220 00:17:26 145-03:55:08 20926 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 258948 123732 00:00:16 16:40:02 21267 spamd child - root 0 0 00:00:01 15:54:26 24660 [kworker/0:0] - root 0 0 00:00:00 03:02:44 26434 [kworker/u12:0] 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257568 124744 00:02:24 8-03:53:39 26981 /usr/local/cpanel/3rdparty/perl/536/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237628 15080 00:00:00 02:13:02 30260 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237400 14972 00:00:00 02:12:58 30261 /usr/sbin/httpd -k start - root 0 0 00:00:00 02:11:00 30742 [kworker/2:0] 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 608600 13340 00:41:51 151-03:54:47 31387 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/qemu-guest-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 348 00:00:00 151-03:53:47 31521 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 8:memory:/system.slice,6:devices:/system.slice/chronyd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/chronyd.service chrony 121048 1108 00:00:30 151-03:53:46 31540 /usr/sbin/chronyd 8:memory:/system.slice,6:devices:/system.slice/xinetd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/xinetd.service root 27380 248 00:00:00 151-03:53:45 31609 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 8:memory:/system.slice,6:devices:/system.slice/system-serial\x2dgetty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 112 00:00:00 151-03:53:45 31640 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 8:memory:/system.slice,6:devices:/system.slice/smartd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/smartd.service root 52852 964 00:00:02 151-03:53:45 31655 /usr/sbin/smartd -n -q never 8:memory:/system.slice,6:devices:/system.slice/memcached.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/memcached.service memcached 80044 612 00:10:51 151-03:53:45 31670 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 8:memory:/system.slice,6:devices:/system.slice/atd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/atd.service root 24208 192 00:00:00 151-03:53:45 31690 /usr/sbin/atd -f 8:memory:/system.slice,6:devices:/system.slice/systemd-logind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-logind.service root 25228 1836 00:21:33 151-03:53:45 31705 /usr/lib/systemd/systemd-logind 8:memory:/system.slice,6:devices:/system.slice/mariadb.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/mariadb.service mysql 3881328 635736 1-01:15:33 151-03:53:43 31762 /usr/sbin/mysqld 8:memory:/system.slice,6:devices:/system.slice/system-getty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 112 00:00:00 151-03:53:42 31810 /sbin/agetty --noclear tty1 linux 8:memory:/system.slice,6:devices:/system.slice/rsyslog.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rsyslog.service root 537828 17316 00:44:59 151-03:53:42 31840 /usr/sbin/rsyslogd -n 8:memory:/system.slice,6:devices:/system.slice/systemd-udevd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-udevd.service root 43532 416 00:00:00 151-03:53:39 31961 /usr/lib/systemd/systemd-udevd 8:memory:/system.slice,6:devices:/system.slice/systemd-journald.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-journald.service root 64804 26836 01:07:17 151-03:53:39 31976 /usr/lib/systemd/systemd-journald 8:memory:/system.slice,6:devices:/system.slice/rpcbind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rpcbind.service rpc 69320 1036 00:00:40 151-03:53:39 31993 /sbin/rpcbind -w 8:memory:/system.slice,6:devices:/system.slice/acpid.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/acpid.service root 4388 140 00:00:00 151-03:53:39 32009 /usr/sbin/acpid 8:memory:/system.slice,6:devices:/system.slice/crond.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/crond.service root 124504 1088 00:02:18 151-03:53:39 32032 /usr/sbin/crond -n 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 1364 00:16:24 151-03:53:38 32045 /usr/sbin/sshd -D 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257568 121972 00:00:01 7-07:25:43 32056 spamd child 8:memory:/system.slice,6:devices:/system.slice/polkit.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/polkit.service polkitd 610540 9104 00:14:45 151-03:53:38 32131 /usr/lib/polkit-1/polkitd --no-debug 8:memory:/system.slice,6:devices:/system.slice/irqbalance.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/irqbalance.service root 21540 508 00:17:23 151-03:53:37 32156 /usr/sbin/irqbalance --foreground Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2024-11-09 22:14 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadfda955d92Found public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-fs-nfsd.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled var-lib-nfs-rpc_pipefs.mount static brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2745.scope static acpid.service enabled aibolit-resident.service enabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled auth-rpcgss-module.service static autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled gssproxy.service disabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-blkmap.service disabled nfs-config.service static nfs-idmap.service static nfs-idmapd.service static nfs-lock.service static nfs-mountd.service static nfs-rquotad.service disabled nfs-secure.service static nfs-server.service disabled nfs-utils.service static nfs.service disabled nfslock.service static nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-gssd.service static rpc-rquotad.service disabled rpc-statd-notify.service static rpc-statd.service static rpcbind.service enabled rpcgssd.service static rpcidmapd.service static rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nfs-client.target enabled nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpc_pipefs.target static rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 322 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-fs-nfsd.mount loaded inactive dead NFSD configuration filesystem proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-lib-nfs-rpc_pipefs.mount loaded inactive dead RPC Pipe File System var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service auth-rpcgss-module.service loaded inactive dead Kernel Module supporting RPCSEC_GSS * check_mk@104625-103.179.190.34:6556-194.165.16.76:65294.service loaded failed failed Check_MK * check_mk@120978-103.179.190.34:6556-194.165.16.76:65441.service loaded failed failed Check_MK * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK * check_mk@172347-103.179.190.35:6556-45.227.254.48:65517.service loaded failed failed Check_MK * check_mk@197230-103.179.190.34:6556-167.94.138.124:40940.service loaded failed failed Check_MK * check_mk@210696-103.179.190.35:6556-194.165.16.76:65106.service loaded failed failed Check_MK * check_mk@228110-103.179.190.35:6556-194.165.16.76:65495.service loaded failed failed Check_MK * check_mk@232223-103.179.190.35:6556-194.165.16.72:65253.service loaded failed failed Check_MK * check_mk@240753-103.179.190.35:6556-194.165.16.72:65204.service loaded failed failed Check_MK check_mk@259261-103.179.190.35:6556-143.244.168.161:59318.service loaded activating start start Check_MK (143.244.168.161:59318) * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK * check_mk@62547-103.179.190.34:6556-103.83.81.110:58694.service loaded failed failed Check_MK * check_mk@62548-103.179.190.35:6556-103.83.81.110:64910.service loaded failed failed Check_MK * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK * check_mk@81701-103.179.190.34:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@81702-103.179.190.35:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 gssproxy.service loaded inactive dead GSSAPI Proxy Daemon httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.39 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nfs-config.service loaded inactive dead Preprocess NFS configuration nfs-idmapd.service loaded inactive dead NFSv4 ID-name mapping service nfs-mountd.service loaded inactive dead NFS Mount Daemon * nfs-secure-server.service not-found inactive dead nfs-secure-server.service nfs-server.service loaded inactive dead NFS server and services nfs-utils.service loaded inactive dead NFS server and client services nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpc-gssd.service loaded inactive dead RPC security service for NFS client and server rpc-statd-notify.service loaded inactive dead Notify NFS peers of a restart rpc-statd.service loaded inactive dead NFS status monitor for NFSv2/3 locking. rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WP Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WP Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice Imunify-notifier.slice loaded active active Imunify-notifier.slice Imunify-Scan-aibolit.slice loaded inactive dead Imunify-Scan-aibolit.slice Imunify-Scan.slice loaded inactive dead Imunify-Scan.slice Imunify.slice loaded active active Imunify.slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nfs-client.target loaded inactive dead NFS client services nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpc_pipefs.target loaded inactive dead rpc_pipefs.target rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191516 3712 21:07:46 944-10:44:42 1 /usr/lib/systemd/systemd --system --deserialize 18 - root 0 0 00:00:07 944-10:44:42 2 [kthreadd] - root 0 0 00:00:00 944-10:44:42 4 [kworker/0:0H] - root 0 0 00:03:38 944-10:44:42 6 [ksoftirqd/0] - root 0 0 00:00:41 944-10:44:42 7 [migration/0] - root 0 0 00:00:00 944-10:44:42 8 [rcu_bh] - root 0 0 22:57:14 944-10:44:42 9 [rcu_sched] - root 0 0 00:00:00 944-10:44:42 10 [lru-add-drain] - root 0 0 00:06:05 944-10:44:42 11 [watchdog/0] - root 0 0 00:05:42 944-10:44:42 12 [watchdog/1] - root 0 0 00:08:30 944-10:44:42 13 [migration/1] - root 0 0 00:02:55 944-10:44:42 14 [ksoftirqd/1] - root 0 0 00:00:00 944-10:44:42 16 [kworker/1:0H] - root 0 0 00:05:20 944-10:44:42 17 [watchdog/2] - root 0 0 00:01:18 944-10:44:42 18 [migration/2] - root 0 0 00:02:28 944-10:44:42 19 [ksoftirqd/2] - root 0 0 00:00:00 944-10:44:42 21 [kworker/2:0H] - root 0 0 00:05:19 944-10:44:42 22 [watchdog/3] - root 0 0 00:00:59 944-10:44:42 23 [migration/3] - root 0 0 00:04:55 944-10:44:42 24 [ksoftirqd/3] - root 0 0 00:00:00 944-10:44:42 26 [kworker/3:0H] - root 0 0 00:05:06 944-10:44:42 27 [watchdog/4] - root 0 0 00:04:36 944-10:44:42 28 [migration/4] - root 0 0 00:06:11 944-10:44:42 29 [ksoftirqd/4] - root 0 0 00:00:00 944-10:44:42 31 [kworker/4:0H] - root 0 0 00:06:15 944-10:44:42 32 [watchdog/5] - root 0 0 00:01:20 944-10:44:42 33 [migration/5] - root 0 0 00:36:44 944-10:44:42 34 [ksoftirqd/5] - root 0 0 00:00:00 944-10:44:42 36 [kworker/5:0H] - root 0 0 00:00:00 944-10:44:42 38 [kdevtmpfs] - root 0 0 00:00:00 944-10:44:42 39 [netns] - root 0 0 00:00:41 944-10:44:42 40 [khungtaskd] - root 0 0 00:00:00 944-10:44:42 41 [writeback] - root 0 0 00:00:00 944-10:44:42 42 [kintegrityd] - root 0 0 00:00:00 944-10:44:42 43 [bioset] - root 0 0 00:00:00 944-10:44:42 44 [bioset] - root 0 0 00:00:00 944-10:44:42 45 [bioset] - root 0 0 00:00:00 944-10:44:42 46 [kblockd] - root 0 0 00:00:00 944-10:44:42 47 [md] - root 0 0 00:00:00 944-10:44:42 48 [edac-poller] - root 0 0 00:00:00 944-10:44:42 49 [watchdogd] - root 0 0 00:30:24 944-10:44:42 55 [kswapd0] - root 0 0 00:00:00 944-10:44:42 56 [ksmd] - root 0 0 00:02:56 944-10:44:42 57 [khugepaged] - root 0 0 00:00:00 944-10:44:42 58 [crypto] - root 0 0 00:00:00 944-10:44:42 66 [kthrotld] - root 0 0 00:00:00 944-10:44:42 68 [kmpath_rdacd] - root 0 0 00:00:00 944-10:44:42 69 [kaluad] - root 0 0 00:00:00 944-10:44:42 70 [kpsmoused] - root 0 0 00:00:00 944-10:44:41 72 [ipv6_addrconf] - root 0 0 00:00:00 944-10:44:41 86 [deferwq] - root 0 0 00:53:46 944-10:44:41 197 [kauditd] - root 0 0 00:00:00 944-10:44:41 262 [ata_sff] - root 0 0 00:00:00 944-10:44:41 276 [ttm_swap] - root 0 0 00:00:00 944-10:44:41 280 [scsi_eh_0] - root 0 0 00:00:00 944-10:44:41 281 [scsi_tmf_0] - root 0 0 00:00:00 944-10:44:41 282 [scsi_eh_1] - root 0 0 00:00:00 944-10:44:41 283 [scsi_tmf_1] - root 0 0 00:16:17 944-10:44:41 289 [kworker/3:1H] - root 0 0 00:27:46 944-10:44:41 294 [kworker/0:1H] - root 0 0 00:16:08 944-10:44:41 301 [kworker/4:1H] - root 0 0 03:36:50 944-10:44:41 302 [jbd2/vda1-8] - root 0 0 00:00:00 944-10:44:41 303 [ext4-rsv-conver] - root 0 0 00:02:15 944-10:44:41 309 [kworker/2:1H] - root 0 0 00:17:15 944-10:44:40 372 [kworker/5:1H] - root 0 0 00:03:48 944-10:44:40 374 [kworker/1:1H] 8:memory:/system.slice,6:devices:/system.slice/auditd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/auditd.service root 55532 732 01:58:09 944-10:44:39 458 /sbin/auditd 8:memory:/system.slice,6:devices:/system.slice/dbus.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dbus.service dbus 58296 1412 04:53:03 944-10:44:39 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation - root 0 0 00:21:48 944-10:44:38 671 [loop0] - root 0 0 00:08:29 944-10:44:38 672 [jbd2/loop0-8] - root 0 0 00:00:00 944-10:44:38 673 [ext4-rsv-conver] 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1440 00:00:00 943-08:44:44 1006 nano pdns.conf 8:memory:/system.slice,6:devices:/system.slice/dnsadmin.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dnsadmin.service root 167448 4260 00:41:01 944-10:44:27 1491 dnsadmin - dormant mode 8:memory:/system.slice,6:devices:/system.slice/cpdavd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpdavd.service root 183896 6680 01:25:32 944-10:44:27 1494 cpdavd - accepting connections on: 2091, 2077, 2078 (dormant) 8:memory:/system.slice,6:devices:/system.slice/tailwatchd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/tailwatchd.service root 207008 19664 02:12:04 944-10:44:27 1495 tailwatchd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 190176 12704 04:56:37 944-10:44:27 1497 cPhulkd - processor 8:memory:/system.slice,6:devices:/system.slice/pure-authd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-authd.service root 152776 2040 00:00:01 7-06:13:01 1535 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth 8:memory:/system.slice,6:devices:/system.slice/pure-ftpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-ftpd.service root 153400 3096 00:00:02 7-06:13:01 1536 pure-ftpd (SERVER) - root 0 0 00:00:00 03:31:28 1631 [kworker/5:2] 8:memory:/system.slice,6:devices:/system.slice/queueprocd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/queueprocd.service root 224740 17376 00:00:26 2-06:13:00 3563 queueprocd - waiting up to 60s to process a task 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12776 1416 00:00:05 2-06:12:47 3697 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12792 1428 00:00:04 2-06:12:47 3698 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 53268 11920 00:00:00 2-06:12:47 3699 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect 8:memory:/system.slice,6:devices:/system.slice/p0f.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 9980 3388 00:10:10 2-06:12:42 3885 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 8:memory:/system.slice,6:devices:/system.slice/cpanellogd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanellogd.service root 130412 2816 00:00:01 2-06:12:42 3894 cpanellogd - sleeping for logs 8:memory:/system.slice,6:devices:/system.slice/nscd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/nscd.service nscd 2008308 3156 00:00:43 2-06:12:42 3898 /usr/sbin/nscd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 153024 11628 00:01:34 2-06:12:42 3899 cPhulkd - dbprocessor 8:memory:/system.slice,6:devices:/system.slice/cpanel_php_fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel_php_fpm.service root 298732 6116 00:00:11 2-06:12:38 3969 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 258928 123704 00:00:07 08:13:51 4044 spamd child - root 0 0 00:00:00 03:00:41 4812 [kworker/3:0] - root 0 0 00:00:01 1-05:56:27 6031 [kworker/4:0] 8:memory:/system.slice,6:devices:/system.slice/sw-engine.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sw-engine.service root 443168 11664 00:03:00 139-05:17:18 6136 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-background-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 402256 34580 01:45:04 139-05:17:14 6219 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 385704 18504 00:03:08 139-05:17:14 6223 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/cpanel.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel.service root 168356 4904 06:43:12 910-01:21:11 8935 cpsrvd (SSL) - dormant mode - accepting connections - root 0 0 00:00:01 02:01:29 11306 [kworker/1:2] 8:memory:/system.slice,6:devices:/system.slice/pdns.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pdns.service named 851208 51844 00:08:11 50-06:12:39 12713 /usr/sbin/pdns_server --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237516 15184 00:00:00 01:44:48 12995 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237244 14692 00:00:00 01:42:10 13364 /usr/sbin/httpd -k start - root 0 0 00:00:00 01:41:28 13425 [kworker/3:1] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237396 14720 00:00:00 01:27:02 14655 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237200 14500 00:00:00 01:17:42 15720 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237168 14484 00:00:00 01:17:20 15755 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237208 14336 00:00:00 01:16:26 15996 /usr/sbin/httpd -k start - root 0 0 00:00:02 17:16:24 17461 [kworker/0:1] - root 0 0 00:00:00 01:01:28 18213 [kworker/0:2] - root 0 0 00:00:00 01:00:52 18339 [kworker/2:1] - root 0 0 00:00:00 59:32 18622 [kworker/1:1] - root 0 0 00:00:00 56:28 19038 [kworker/5:0] 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47088 4708 00:00:01 2-09:02:14 19311 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 46968 4832 00:00:01 2-09:02:14 19312 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 10452 1532 00:00:01 2-09:02:14 19314 dovecot/log 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47048 4568 00:00:01 2-09:02:14 19315 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47096 4832 00:00:01 2-09:02:14 19316 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 18164 5452 00:00:02 2-09:02:14 19317 dovecot/config 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 13568 1568 00:00:01 2-09:02:14 19318 dovecot/stats 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 230824 13104 00:02:30 24-17:34:24 20033 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 51680 2356 00:00:29 24-17:34:23 20057 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 10320 796 00:00:06 24-17:34:23 20060 dovecot/anvil 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89008 12452 00:00:45 24-17:34:22 20100 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid - root 0 0 00:00:00 49:44 20196 [kworker/4:2] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 804 00:00:00 143-06:12:10 20921 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1564 00:46:48 143-06:12:10 20922 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1344 00:00:00 143-06:12:10 20923 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1368 00:00:00 143-06:12:10 20924 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1360 00:00:00 143-06:12:10 20925 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1220 00:17:13 143-06:12:10 20926 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] - root 0 0 00:00:00 05:22:18 21203 [kworker/u12:2] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237164 14284 00:00:00 41:21 21361 /usr/sbin/httpd -k start - root 0 0 00:00:00 31:28 22720 [kworker/2:0] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236960 13340 00:00:00 25:26 23595 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236968 13688 00:00:00 24:18 23687 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236824 13064 00:00:00 22:22 23928 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 41196 2928 00:00:00 02:53 26067 dovecot/auth - root 0 0 00:00:00 01:29 26310 [kworker/0:0] 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@259261-103.179.190.35:6556-143.244.168.161:59318.service root 113576 1860 00:00:00 00:00 26497 /bin/bash /usr/bin/check_mk_agent 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@259261-103.179.190.35:6556-143.244.168.161:59318.service root 49820 1560 00:00:00 00:00 26520 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257568 124944 00:01:52 6-06:10:41 26981 /usr/local/cpanel/3rdparty/perl/536/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 - root 0 0 00:00:01 15:00:15 29900 [kworker/u12:1] 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 608600 14340 00:41:24 149-06:11:49 31387 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/qemu-guest-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 348 00:00:00 149-06:10:49 31521 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 8:memory:/system.slice,6:devices:/system.slice/chronyd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/chronyd.service chrony 121048 1284 00:00:29 149-06:10:48 31540 /usr/sbin/chronyd 8:memory:/system.slice,6:devices:/system.slice/xinetd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/xinetd.service root 27380 248 00:00:00 149-06:10:47 31609 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 8:memory:/system.slice,6:devices:/system.slice/system-serial\x2dgetty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 112 00:00:00 149-06:10:47 31640 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 8:memory:/system.slice,6:devices:/system.slice/smartd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/smartd.service root 52852 1004 00:00:02 149-06:10:47 31655 /usr/sbin/smartd -n -q never 8:memory:/system.slice,6:devices:/system.slice/memcached.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/memcached.service memcached 80044 612 00:10:43 149-06:10:47 31670 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 8:memory:/system.slice,6:devices:/system.slice/atd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/atd.service root 24208 192 00:00:00 149-06:10:47 31690 /usr/sbin/atd -f 8:memory:/system.slice,6:devices:/system.slice/systemd-logind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-logind.service root 25228 1836 00:21:17 149-06:10:47 31705 /usr/lib/systemd/systemd-logind 8:memory:/system.slice,6:devices:/system.slice/mariadb.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/mariadb.service mysql 3881328 629224 1-01:00:37 149-06:10:45 31762 /usr/sbin/mysqld 8:memory:/system.slice,6:devices:/system.slice/system-getty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 112 00:00:00 149-06:10:44 31810 /sbin/agetty --noclear tty1 linux 8:memory:/system.slice,6:devices:/system.slice/rsyslog.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rsyslog.service root 504400 6804 00:44:15 149-06:10:44 31840 /usr/sbin/rsyslogd -n 8:memory:/system.slice,6:devices:/system.slice/systemd-udevd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-udevd.service root 43532 416 00:00:00 149-06:10:41 31961 /usr/lib/systemd/systemd-udevd 8:memory:/system.slice,6:devices:/system.slice/systemd-journald.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-journald.service root 40188 6332 01:06:04 149-06:10:41 31976 /usr/lib/systemd/systemd-journald 8:memory:/system.slice,6:devices:/system.slice/rpcbind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rpcbind.service rpc 69320 1036 00:00:39 149-06:10:41 31993 /sbin/rpcbind -w 8:memory:/system.slice,6:devices:/system.slice/acpid.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/acpid.service root 4388 140 00:00:00 149-06:10:41 32009 /usr/sbin/acpid 8:memory:/system.slice,6:devices:/system.slice/crond.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/crond.service root 124504 1088 00:02:17 149-06:10:41 32032 /usr/sbin/crond -n 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 1364 00:16:03 149-06:10:40 32045 /usr/sbin/sshd -D 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257568 122012 00:00:01 5-09:42:45 32056 spamd child 8:memory:/system.slice,6:devices:/system.slice/polkit.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/polkit.service polkitd 610540 9108 00:14:33 149-06:10:40 32131 /usr/lib/polkit-1/polkitd --no-debug 8:memory:/system.slice,6:devices:/system.slice/irqbalance.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/irqbalance.service root 21540 508 00:17:11 149-06:10:39 32156 /usr/sbin/irqbalance --foreground Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2024-11-08 00:31 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadfc3178abeFound public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-fs-nfsd.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled var-lib-nfs-rpc_pipefs.mount static brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2370781.scope static session-2745.scope static acpid.service enabled aibolit-resident.service enabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled auth-rpcgss-module.service static autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled gssproxy.service disabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-blkmap.service disabled nfs-config.service static nfs-idmap.service static nfs-idmapd.service static nfs-lock.service static nfs-mountd.service static nfs-rquotad.service disabled nfs-secure.service static nfs-server.service disabled nfs-utils.service static nfs.service disabled nfslock.service static nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-gssd.service static rpc-rquotad.service disabled rpc-statd-notify.service static rpc-statd.service static rpcbind.service enabled rpcgssd.service static rpcidmapd.service static rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nfs-client.target enabled nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpc_pipefs.target static rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 323 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-fs-nfsd.mount loaded inactive dead NFSD configuration filesystem proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-lib-nfs-rpc_pipefs.mount loaded inactive dead RPC Pipe File System var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2370781.scope loaded active running Session 2370781 of user root session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service auth-rpcgss-module.service loaded inactive dead Kernel Module supporting RPCSEC_GSS * check_mk@104625-103.179.190.34:6556-194.165.16.76:65294.service loaded failed failed Check_MK * check_mk@120978-103.179.190.34:6556-194.165.16.76:65441.service loaded failed failed Check_MK * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK * check_mk@172347-103.179.190.35:6556-45.227.254.48:65517.service loaded failed failed Check_MK * check_mk@197230-103.179.190.34:6556-167.94.138.124:40940.service loaded failed failed Check_MK * check_mk@210696-103.179.190.35:6556-194.165.16.76:65106.service loaded failed failed Check_MK * check_mk@228110-103.179.190.35:6556-194.165.16.76:65495.service loaded failed failed Check_MK * check_mk@232223-103.179.190.35:6556-194.165.16.72:65253.service loaded failed failed Check_MK * check_mk@240753-103.179.190.35:6556-194.165.16.72:65204.service loaded failed failed Check_MK check_mk@258338-103.179.190.35:6556-139.59.136.184:58558.service loaded activating start start Check_MK (139.59.136.184:58558) * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK * check_mk@62547-103.179.190.34:6556-103.83.81.110:58694.service loaded failed failed Check_MK * check_mk@62548-103.179.190.35:6556-103.83.81.110:64910.service loaded failed failed Check_MK * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK * check_mk@81701-103.179.190.34:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@81702-103.179.190.35:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 gssproxy.service loaded inactive dead GSSAPI Proxy Daemon httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.39 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nfs-config.service loaded inactive dead Preprocess NFS configuration nfs-idmapd.service loaded inactive dead NFSv4 ID-name mapping service nfs-mountd.service loaded inactive dead NFS Mount Daemon * nfs-secure-server.service not-found inactive dead nfs-secure-server.service nfs-server.service loaded inactive dead NFS server and services nfs-utils.service loaded inactive dead NFS server and client services nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpc-gssd.service loaded inactive dead RPC security service for NFS client and server rpc-statd-notify.service loaded inactive dead Notify NFS peers of a restart rpc-statd.service loaded inactive dead NFS status monitor for NFSv2/3 locking. rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WP Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WP Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice Imunify-notifier.slice loaded active active Imunify-notifier.slice Imunify-Scan-aibolit.slice loaded inactive dead Imunify-Scan-aibolit.slice Imunify-Scan.slice loaded inactive dead Imunify-Scan.slice Imunify.slice loaded active active Imunify.slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nfs-client.target loaded inactive dead NFS client services nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpc_pipefs.target loaded inactive dead rpc_pipefs.target rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191516 3712 21:04:27 942-09:17:12 1 /usr/lib/systemd/systemd --system --deserialize 18 - root 0 0 00:00:07 942-09:17:12 2 [kthreadd] - root 0 0 00:00:00 942-09:17:12 4 [kworker/0:0H] - root 0 0 00:03:38 942-09:17:12 6 [ksoftirqd/0] - root 0 0 00:00:41 942-09:17:12 7 [migration/0] - root 0 0 00:00:00 942-09:17:12 8 [rcu_bh] - root 0 0 22:52:47 942-09:17:12 9 [rcu_sched] - root 0 0 00:00:00 942-09:17:12 10 [lru-add-drain] - root 0 0 00:06:04 942-09:17:12 11 [watchdog/0] - root 0 0 00:05:42 942-09:17:12 12 [watchdog/1] - root 0 0 00:08:29 942-09:17:12 13 [migration/1] - root 0 0 00:02:54 942-09:17:12 14 [ksoftirqd/1] - root 0 0 00:00:00 942-09:17:12 16 [kworker/1:0H] - root 0 0 00:05:19 942-09:17:12 17 [watchdog/2] - root 0 0 00:01:18 942-09:17:12 18 [migration/2] - root 0 0 00:02:27 942-09:17:12 19 [ksoftirqd/2] - root 0 0 00:00:00 942-09:17:12 21 [kworker/2:0H] - root 0 0 00:05:18 942-09:17:12 22 [watchdog/3] - root 0 0 00:00:59 942-09:17:12 23 [migration/3] - root 0 0 00:04:54 942-09:17:12 24 [ksoftirqd/3] - root 0 0 00:00:00 942-09:17:12 26 [kworker/3:0H] - root 0 0 00:05:05 942-09:17:12 27 [watchdog/4] - root 0 0 00:04:36 942-09:17:12 28 [migration/4] - root 0 0 00:06:10 942-09:17:12 29 [ksoftirqd/4] - root 0 0 00:00:00 942-09:17:12 31 [kworker/4:0H] - root 0 0 00:06:14 942-09:17:12 32 [watchdog/5] - root 0 0 00:01:20 942-09:17:12 33 [migration/5] - root 0 0 00:36:38 942-09:17:12 34 [ksoftirqd/5] - root 0 0 00:00:00 942-09:17:12 36 [kworker/5:0H] - root 0 0 00:00:00 942-09:17:12 38 [kdevtmpfs] - root 0 0 00:00:00 942-09:17:12 39 [netns] - root 0 0 00:00:41 942-09:17:12 40 [khungtaskd] - root 0 0 00:00:00 942-09:17:12 41 [writeback] - root 0 0 00:00:00 942-09:17:12 42 [kintegrityd] - root 0 0 00:00:00 942-09:17:12 43 [bioset] - root 0 0 00:00:00 942-09:17:12 44 [bioset] - root 0 0 00:00:00 942-09:17:12 45 [bioset] - root 0 0 00:00:00 942-09:17:12 46 [kblockd] - root 0 0 00:00:00 942-09:17:12 47 [md] - root 0 0 00:00:00 942-09:17:12 48 [edac-poller] - root 0 0 00:00:00 942-09:17:12 49 [watchdogd] - root 0 0 00:30:22 942-09:17:12 55 [kswapd0] - root 0 0 00:00:00 942-09:17:12 56 [ksmd] - root 0 0 00:02:56 942-09:17:12 57 [khugepaged] - root 0 0 00:00:00 942-09:17:12 58 [crypto] - root 0 0 00:00:00 942-09:17:12 66 [kthrotld] - root 0 0 00:00:00 942-09:17:12 68 [kmpath_rdacd] - root 0 0 00:00:00 942-09:17:12 69 [kaluad] - root 0 0 00:00:00 942-09:17:12 70 [kpsmoused] - root 0 0 00:00:00 942-09:17:11 72 [ipv6_addrconf] - root 0 0 00:00:00 942-09:17:11 86 [deferwq] - root 0 0 00:53:36 942-09:17:11 197 [kauditd] - root 0 0 00:00:00 942-09:17:11 262 [ata_sff] - root 0 0 00:00:00 942-09:17:11 276 [ttm_swap] - root 0 0 00:00:00 942-09:17:11 280 [scsi_eh_0] - root 0 0 00:00:00 942-09:17:11 281 [scsi_tmf_0] - root 0 0 00:00:00 942-09:17:11 282 [scsi_eh_1] - root 0 0 00:00:00 942-09:17:11 283 [scsi_tmf_1] - root 0 0 00:16:15 942-09:17:11 289 [kworker/3:1H] - root 0 0 00:27:42 942-09:17:11 294 [kworker/0:1H] - root 0 0 00:16:06 942-09:17:11 301 [kworker/4:1H] - root 0 0 03:36:17 942-09:17:11 302 [jbd2/vda1-8] - root 0 0 00:00:00 942-09:17:11 303 [ext4-rsv-conver] - root 0 0 00:00:00 03:57 307 [kworker/2:2] - root 0 0 00:02:15 942-09:17:11 309 [kworker/2:1H] - root 0 0 00:17:12 942-09:17:10 372 [kworker/5:1H] - root 0 0 00:03:48 942-09:17:10 374 [kworker/1:1H] - root 0 0 00:00:00 02:58 391 [kworker/0:2] 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 41196 2924 00:00:00 02:50 416 dovecot/auth 8:memory:/system.slice,6:devices:/system.slice/auditd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/auditd.service root 55532 732 01:57:48 942-09:17:09 458 /sbin/auditd 8:memory:/system.slice,6:devices:/system.slice/dbus.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dbus.service dbus 58296 1412 04:52:24 942-09:17:09 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 4228 00:00:00 01:56 659 sshd: [accepted] - root 0 0 00:21:44 942-09:17:08 671 [loop0] - root 0 0 00:08:27 942-09:17:08 672 [jbd2/loop0-8] - root 0 0 00:00:00 942-09:17:08 673 [ext4-rsv-conver] 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 4228 00:00:00 00:56 728 sshd: [accepted] 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 4224 00:00:00 00:46 730 sshd: [accepted] 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@258338-103.179.190.35:6556-139.59.136.184:58558.service root 113416 1588 00:00:00 00:00 903 /bin/bash /usr/bin/check_mk_agent 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@258338-103.179.190.35:6556-139.59.136.184:58558.service root 49820 1560 00:00:00 00:00 926 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1440 00:00:00 941-07:17:14 1006 nano pdns.conf 8:memory:/system.slice,6:devices:/system.slice/dnsadmin.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dnsadmin.service root 167448 4264 00:40:56 942-09:16:57 1491 dnsadmin - dormant mode 8:memory:/system.slice,6:devices:/system.slice/cpdavd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpdavd.service root 183896 6676 01:25:19 942-09:16:57 1494 cpdavd - accepting connections on: 2091, 2077, 2078 (dormant) 8:memory:/system.slice,6:devices:/system.slice/tailwatchd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/tailwatchd.service root 207008 19600 02:11:51 942-09:16:57 1495 tailwatchd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 190164 12716 04:55:51 942-09:16:57 1497 cPhulkd - processor 8:memory:/system.slice,6:devices:/system.slice/pure-authd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-authd.service root 152776 2040 00:00:01 5-04:45:31 1535 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth 8:memory:/system.slice,6:devices:/system.slice/pure-ftpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-ftpd.service root 153400 3096 00:00:01 5-04:45:31 1536 pure-ftpd (SERVER) 8:memory:/user.slice,6:devices:/user.slice,5:cpuacct,cpu:/user.slice,3:blkio:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2370781.scope root 185004 2584 00:00:00 05:03:58 1608 /usr/sbin/CROND -n 8:memory:/user.slice,6:devices:/user.slice,5:cpuacct,cpu:/user.slice,3:blkio:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2370781.scope root 113280 1204 00:00:00 05:03:58 1612 /bin/sh -c sleep $((1 + RANDOM % 5))h $((1 + RANDOM % 60))m; /usr/local/bin/wp-toolkit update-configuration > /dev/null 2> /dev/null || /usr/local/cpanel/3rdparty/wp-toolkit/bin/wp-toolkit-installer.sh --generate-configs > /dev/null 2> /dev/null; /usr/bin/yum -y update wp-toolkit-cpanel > /dev/null 2> /dev/null 8:memory:/user.slice,6:devices:/user.slice,5:cpuacct,cpu:/user.slice,3:blkio:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2370781.scope root 108052 356 00:00:00 05:03:58 1618 sleep 5h 35m 8:memory:/system.slice,6:devices:/system.slice/queueprocd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/queueprocd.service root 224352 16852 00:00:02 04:45:30 3563 queueprocd - waiting up to 60s to process a task 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12740 1412 00:00:00 04:45:17 3697 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12744 1424 00:00:00 04:45:17 3698 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 53268 11920 00:00:00 04:45:17 3699 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect - root 0 0 00:00:00 04:45:12 3806 [kworker/2:0] 8:memory:/system.slice,6:devices:/system.slice/p0f.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 9824 3160 00:00:53 04:45:12 3885 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 8:memory:/system.slice,6:devices:/system.slice/cpanellogd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanellogd.service root 130412 2824 00:00:00 04:45:12 3894 cpanellogd - sleeping for logs 8:memory:/system.slice,6:devices:/system.slice/nscd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/nscd.service nscd 926900 1928 00:00:03 04:45:12 3898 /usr/sbin/nscd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 152764 11372 00:00:09 04:45:12 3899 cPhulkd - dbprocessor 8:memory:/system.slice,6:devices:/system.slice/cpanel_php_fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel_php_fpm.service root 298732 6116 00:00:00 04:45:08 3969 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) - root 0 0 00:00:00 04:33:58 5337 [kworker/u12:0] 8:memory:/system.slice,6:devices:/system.slice/sw-engine.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sw-engine.service root 443168 11664 00:02:57 137-03:49:48 6136 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-background-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 402256 34580 01:43:31 137-03:49:44 6219 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 385704 18504 00:03:05 137-03:49:44 6223 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/cpanel.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel.service root 255732 29064 06:42:04 907-23:53:41 8935 cpsrvd (SSL) - waiting for connections - root 0 0 00:00:02 1-22:23:57 11146 [kworker/3:0] 8:memory:/system.slice,6:devices:/system.slice/pdns.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pdns.service named 851208 51844 00:07:51 48-04:45:09 12713 /usr/sbin/pdns_server --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no - root 0 0 00:00:04 08:28:57 14196 [kworker/1:0] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237532 14804 00:00:01 03:01:19 14256 /usr/sbin/httpd -k start - root 0 0 00:00:01 19:29:58 14371 [kworker/u12:1] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237340 14864 00:00:01 03:00:53 14453 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237312 14896 00:00:00 03:00:52 14480 /usr/sbin/httpd -k start - root 0 0 00:00:00 08:02:58 16655 [kworker/4:1] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237168 14696 00:00:00 02:56:28 17132 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 258956 123744 00:00:19 18:50:13 17867 spamd child 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 46900 4312 00:00:00 07:34:44 19311 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 46968 4572 00:00:00 07:34:44 19312 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 10452 1532 00:00:00 07:34:44 19314 dovecot/log 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 46900 4568 00:00:00 07:34:44 19315 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 46912 4576 00:00:00 07:34:44 19316 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 17964 5260 00:00:00 07:34:44 19317 dovecot/config 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 13568 1568 00:00:00 07:34:44 19318 dovecot/stats - root 0 0 00:00:00 02:32:06 19772 [kworker/0:0] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237220 14672 00:00:00 02:28:53 20015 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 230824 13108 00:02:18 22-16:06:54 20033 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 51680 2356 00:00:27 22-16:06:53 20057 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 10320 796 00:00:06 22-16:06:53 20060 dovecot/anvil 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89008 12476 00:00:38 22-16:06:52 20100 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid - root 0 0 00:00:00 02:23:57 20486 [kworker/4:0] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 804 00:00:00 141-04:44:40 20921 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1564 00:46:08 141-04:44:40 20922 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1348 00:00:00 141-04:44:40 20923 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1372 00:00:00 141-04:44:40 20924 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1364 00:00:00 141-04:44:40 20925 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1220 00:16:58 141-04:44:40 20926 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] - root 0 0 00:00:00 02:13:31 21293 [kworker/5:2] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237280 14720 00:00:00 02:01:27 22005 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237524 14708 00:00:01 02:01:26 22007 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257568 124940 00:01:17 4-04:43:11 26981 /usr/local/cpanel/3rdparty/perl/536/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 - root 0 0 00:00:00 01:03:57 27074 [kworker/0:1] - root 0 0 00:00:00 53:57 27838 [kworker/1:1] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237252 14100 00:00:00 42:11 28913 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237096 14120 00:00:00 42:09 28918 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237080 14364 00:00:00 42:09 28920 /usr/sbin/httpd -k start - root 0 0 00:00:00 33:57 29590 [kworker/2:1] - root 0 0 00:00:00 23:57 30622 [kworker/3:2] 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 608600 14336 00:40:49 147-04:44:19 31387 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/qemu-guest-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 348 00:00:00 147-04:43:19 31521 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 8:memory:/system.slice,6:devices:/system.slice/chronyd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/chronyd.service chrony 121048 1236 00:00:29 147-04:43:18 31540 /usr/sbin/chronyd 8:memory:/system.slice,6:devices:/system.slice/xinetd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/xinetd.service root 27380 248 00:00:00 147-04:43:17 31609 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 8:memory:/system.slice,6:devices:/system.slice/system-serial\x2dgetty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 112 00:00:00 147-04:43:17 31640 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 8:memory:/system.slice,6:devices:/system.slice/smartd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/smartd.service root 52852 1004 00:00:02 147-04:43:17 31655 /usr/sbin/smartd -n -q never 8:memory:/system.slice,6:devices:/system.slice/memcached.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/memcached.service memcached 80044 612 00:10:34 147-04:43:17 31670 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 8:memory:/system.slice,6:devices:/system.slice/atd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/atd.service root 24208 192 00:00:00 147-04:43:17 31690 /usr/sbin/atd -f 8:memory:/system.slice,6:devices:/system.slice/systemd-logind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-logind.service root 25228 1836 00:20:59 147-04:43:17 31705 /usr/lib/systemd/systemd-logind - root 0 0 00:00:00 13:57 31709 [kworker/5:1] 8:memory:/system.slice,6:devices:/system.slice/mariadb.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/mariadb.service mysql 3881328 629252 1-00:39:46 147-04:43:15 31762 /usr/sbin/mysqld 8:memory:/system.slice,6:devices:/system.slice/system-getty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 112 00:00:00 147-04:43:14 31810 /sbin/agetty --noclear tty1 linux 8:memory:/system.slice,6:devices:/system.slice/rsyslog.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rsyslog.service root 529904 13416 00:43:25 147-04:43:14 31840 /usr/sbin/rsyslogd -n 8:memory:/system.slice,6:devices:/system.slice/systemd-udevd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-udevd.service root 43532 416 00:00:00 147-04:43:11 31961 /usr/lib/systemd/systemd-udevd 8:memory:/system.slice,6:devices:/system.slice/systemd-journald.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-journald.service root 56612 18232 01:04:40 147-04:43:11 31976 /usr/lib/systemd/systemd-journald 8:memory:/system.slice,6:devices:/system.slice/rpcbind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rpcbind.service rpc 69320 1036 00:00:39 147-04:43:11 31993 /sbin/rpcbind -w 8:memory:/system.slice,6:devices:/system.slice/acpid.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/acpid.service root 4388 140 00:00:00 147-04:43:11 32009 /usr/sbin/acpid 8:memory:/system.slice,6:devices:/system.slice/crond.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/crond.service root 124504 1088 00:02:15 147-04:43:11 32032 /usr/sbin/crond -n 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 1364 00:15:41 147-04:43:10 32045 /usr/sbin/sshd -D 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257568 122012 00:00:00 3-08:15:15 32056 spamd child 8:memory:/system.slice,6:devices:/system.slice/polkit.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/polkit.service polkitd 610540 9108 00:14:21 147-04:43:10 32131 /usr/lib/polkit-1/polkitd --no-debug 8:memory:/system.slice,6:devices:/system.slice/irqbalance.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/irqbalance.service root 21540 508 00:16:57 147-04:43:09 32156 /usr/sbin/irqbalance --foreground Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2024-11-05 23:03 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadf6c434766Found public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-fs-nfsd.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled var-lib-nfs-rpc_pipefs.mount static brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2252556.scope static session-2252769.scope static session-2252824.scope static session-2745.scope static acpid.service enabled aibolit-resident.service enabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled auth-rpcgss-module.service static autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled gssproxy.service disabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-blkmap.service disabled nfs-config.service static nfs-idmap.service static nfs-idmapd.service static nfs-lock.service static nfs-mountd.service static nfs-rquotad.service disabled nfs-secure.service static nfs-server.service disabled nfs-utils.service static nfs.service disabled nfslock.service static nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-gssd.service static rpc-rquotad.service disabled rpc-statd-notify.service static rpc-statd.service static rpcbind.service enabled rpcgssd.service static rpcidmapd.service static rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nfs-client.target enabled nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpc_pipefs.target static rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 325 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-fs-nfsd.mount loaded inactive dead NFSD configuration filesystem proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-lib-nfs-rpc_pipefs.mount loaded inactive dead RPC Pipe File System var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2252556.scope loaded active running Session 2252556 of user root session-2252769.scope loaded active abandoned Session 2252769 of user root session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service auth-rpcgss-module.service loaded inactive dead Kernel Module supporting RPCSEC_GSS * check_mk@104625-103.179.190.34:6556-194.165.16.76:65294.service loaded failed failed Check_MK * check_mk@120978-103.179.190.34:6556-194.165.16.76:65441.service loaded failed failed Check_MK * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK * check_mk@172347-103.179.190.35:6556-45.227.254.48:65517.service loaded failed failed Check_MK * check_mk@197230-103.179.190.34:6556-167.94.138.124:40940.service loaded failed failed Check_MK * check_mk@210696-103.179.190.35:6556-194.165.16.76:65106.service loaded failed failed Check_MK * check_mk@228110-103.179.190.35:6556-194.165.16.76:65495.service loaded failed failed Check_MK * check_mk@232223-103.179.190.35:6556-194.165.16.72:65253.service loaded failed failed Check_MK check_mk@240427-103.179.190.35:6556-209.38.208.202:44026.service loaded activating start start Check_MK (209.38.208.202:44026) * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK * check_mk@62547-103.179.190.34:6556-103.83.81.110:58694.service loaded failed failed Check_MK * check_mk@62548-103.179.190.35:6556-103.83.81.110:64910.service loaded failed failed Check_MK * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK * check_mk@81701-103.179.190.34:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@81702-103.179.190.35:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 gssproxy.service loaded inactive dead GSSAPI Proxy Daemon httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.39 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nfs-config.service loaded inactive dead Preprocess NFS configuration nfs-idmapd.service loaded inactive dead NFSv4 ID-name mapping service nfs-mountd.service loaded inactive dead NFS Mount Daemon * nfs-secure-server.service not-found inactive dead nfs-secure-server.service nfs-server.service loaded inactive dead NFS server and services nfs-utils.service loaded inactive dead NFS server and client services nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpc-gssd.service loaded inactive dead RPC security service for NFS client and server rpc-statd-notify.service loaded inactive dead Notify NFS peers of a restart rpc-statd.service loaded inactive dead NFS status monitor for NFSv2/3 locking. rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WP Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WP Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice Imunify-notifier.slice loaded active active Imunify-notifier.slice Imunify-Scan-aibolit.slice loaded inactive dead Imunify-Scan-aibolit.slice Imunify-Scan.slice loaded inactive dead Imunify-Scan.slice Imunify.slice loaded active active Imunify.slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nfs-client.target loaded inactive dead NFS client services nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpc_pipefs.target loaded inactive dead rpc_pipefs.target rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191516 3708 19:55:37 895-06:46:23 1 /usr/lib/systemd/systemd --system --deserialize 18 - root 0 0 00:00:07 895-06:46:23 2 [kthreadd] - root 0 0 00:00:00 895-06:46:23 4 [kworker/0:0H] - root 0 0 00:03:26 895-06:46:23 6 [ksoftirqd/0] - root 0 0 00:00:39 895-06:46:23 7 [migration/0] - root 0 0 00:00:00 895-06:46:23 8 [rcu_bh] - root 0 0 21:30:57 895-06:46:23 9 [rcu_sched] - root 0 0 00:00:00 895-06:46:23 10 [lru-add-drain] - root 0 0 00:05:46 895-06:46:23 11 [watchdog/0] - root 0 0 00:05:25 895-06:46:23 12 [watchdog/1] - root 0 0 00:08:02 895-06:46:23 13 [migration/1] - root 0 0 00:02:45 895-06:46:23 14 [ksoftirqd/1] - root 0 0 00:00:00 895-06:46:23 16 [kworker/1:0H] - root 0 0 00:05:04 895-06:46:23 17 [watchdog/2] - root 0 0 00:01:14 895-06:46:23 18 [migration/2] - root 0 0 00:02:20 895-06:46:23 19 [ksoftirqd/2] - root 0 0 00:00:00 895-06:46:23 21 [kworker/2:0H] - root 0 0 00:05:03 895-06:46:23 22 [watchdog/3] - root 0 0 00:00:55 895-06:46:23 23 [migration/3] - root 0 0 00:04:39 895-06:46:23 24 [ksoftirqd/3] - root 0 0 00:00:00 895-06:46:23 26 [kworker/3:0H] - root 0 0 00:04:51 895-06:46:23 27 [watchdog/4] - root 0 0 00:04:20 895-06:46:23 28 [migration/4] - root 0 0 00:05:50 895-06:46:23 29 [ksoftirqd/4] - root 0 0 00:00:00 895-06:46:23 31 [kworker/4:0H] - root 0 0 00:05:53 895-06:46:23 32 [watchdog/5] - root 0 0 00:01:14 895-06:46:23 33 [migration/5] - root 0 0 00:34:39 895-06:46:23 34 [ksoftirqd/5] - root 0 0 00:00:00 895-06:46:23 36 [kworker/5:0H] - root 0 0 00:00:00 895-06:46:23 38 [kdevtmpfs] - root 0 0 00:00:00 895-06:46:23 39 [netns] - root 0 0 00:00:39 895-06:46:23 40 [khungtaskd] - root 0 0 00:00:00 895-06:46:23 41 [writeback] - root 0 0 00:00:00 895-06:46:23 42 [kintegrityd] - root 0 0 00:00:00 895-06:46:23 43 [bioset] - root 0 0 00:00:00 895-06:46:23 44 [bioset] - root 0 0 00:00:00 895-06:46:23 45 [bioset] - root 0 0 00:00:00 895-06:46:23 46 [kblockd] - root 0 0 00:00:00 895-06:46:23 47 [md] - root 0 0 00:00:00 895-06:46:23 48 [edac-poller] - root 0 0 00:00:00 895-06:46:23 49 [watchdogd] - root 0 0 00:28:53 895-06:46:23 55 [kswapd0] - root 0 0 00:00:00 895-06:46:23 56 [ksmd] - root 0 0 00:02:48 895-06:46:23 57 [khugepaged] - root 0 0 00:00:00 895-06:46:23 58 [crypto] - root 0 0 00:00:00 895-06:46:23 66 [kthrotld] - root 0 0 00:00:00 895-06:46:23 68 [kmpath_rdacd] - root 0 0 00:00:00 895-06:46:23 69 [kaluad] - root 0 0 00:00:00 895-06:46:23 70 [kpsmoused] - root 0 0 00:00:00 895-06:46:22 72 [ipv6_addrconf] - root 0 0 00:00:00 895-06:46:22 86 [deferwq] - root 0 0 00:51:19 895-06:46:22 197 [kauditd] - root 0 0 00:00:00 895-06:46:22 262 [ata_sff] - root 0 0 00:00:00 895-06:46:22 276 [ttm_swap] - root 0 0 00:00:00 895-06:46:22 280 [scsi_eh_0] - root 0 0 00:00:00 895-06:46:22 281 [scsi_tmf_0] - root 0 0 00:00:00 895-06:46:22 282 [scsi_eh_1] - root 0 0 00:00:00 895-06:46:22 283 [scsi_tmf_1] - root 0 0 00:15:17 895-06:46:22 289 [kworker/3:1H] - root 0 0 00:26:04 895-06:46:22 294 [kworker/0:1H] - root 0 0 00:15:07 895-06:46:22 301 [kworker/4:1H] - root 0 0 03:23:24 895-06:46:22 302 [jbd2/vda1-8] - root 0 0 00:00:00 895-06:46:22 303 [ext4-rsv-conver] - root 0 0 00:02:06 895-06:46:22 309 [kworker/2:1H] - root 0 0 00:16:07 895-06:46:21 372 [kworker/5:1H] - root 0 0 00:03:33 895-06:46:21 374 [kworker/1:1H] 8:memory:/system.slice,6:devices:/system.slice/auditd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/auditd.service root 55532 732 01:52:48 895-06:46:20 458 /sbin/auditd 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 258316 126916 00:00:07 02:13:06 500 /usr/local/cpanel/3rdparty/perl/536/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 8:memory:/system.slice,6:devices:/system.slice/dbus.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dbus.service dbus 58296 1416 04:37:52 895-06:46:20 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation - root 0 0 00:20:28 895-06:46:19 671 [loop0] - root 0 0 00:07:58 895-06:46:19 672 [jbd2/loop0-8] - root 0 0 00:00:00 895-06:46:19 673 [ext4-rsv-conver] - root 0 0 00:00:00 08:52:27 859 [kworker/2:1] 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1440 00:00:00 894-04:46:25 1006 nano pdns.conf 8:memory:/system.slice,6:devices:/system.slice/dnsadmin.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dnsadmin.service root 167448 4260 00:38:57 895-06:46:08 1491 dnsadmin - dormant mode 8:memory:/system.slice,6:devices:/system.slice/cpdavd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpdavd.service root 183896 6676 01:20:06 895-06:46:08 1494 cpdavd - accepting connections on: 2091, 2077, 2078 (dormant) 8:memory:/system.slice,6:devices:/system.slice/tailwatchd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/tailwatchd.service root 206992 19664 02:08:13 895-06:46:08 1495 tailwatchd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 190164 12712 04:45:25 895-06:46:08 1497 cPhulkd - processor 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 259604 124224 00:00:02 02:02:06 1812 spamd child 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 258316 122668 00:00:00 02:02:06 1813 spamd child 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237164 15092 00:00:00 01:53:37 2496 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237052 15072 00:00:00 01:53:37 2497 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237012 14872 00:00:00 01:53:27 2516 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237188 14988 00:00:00 01:53:25 2529 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237080 14928 00:00:00 01:53:25 2531 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 152248 10800 00:00:04 08:29:07 2554 cPhulkd - dbprocessor 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237168 14352 00:00:00 01:23:27 4589 /usr/sbin/httpd -k start - root 0 0 00:00:00 01:19:55 4861 [kworker/u12:1] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237148 14440 00:00:00 01:19:21 4957 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236988 14304 00:00:00 01:19:19 4964 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/sw-engine.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sw-engine.service root 443168 11676 00:01:55 90-01:18:59 6136 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-background-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 402256 34576 01:07:52 90-01:18:55 6219 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 385704 18492 00:02:03 90-01:18:55 6223 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php - root 0 0 00:00:00 51:19 7188 [kworker/u12:2] - root 0 0 00:00:00 07:32:59 7376 [kworker/5:2] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 230684 12912 00:00:51 8-05:26:36 8200 /usr/sbin/httpd -k start 8:memory:/user.slice,6:devices:/user.slice,5:cpuacct,cpu:/user.slice,3:blkio:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2252769.scope root 123360 764 00:00:00 32:00 8720 /usr/sbin/anacron -s - root 0 0 00:00:08 2-00:30:03 8792 [kworker/0:2] 8:memory:/system.slice,6:devices:/system.slice/cpanel.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel.service root 255688 29020 06:15:15 860-21:22:52 8935 cpsrvd (SSL) - waiting for connections - root 0 0 00:00:00 30:04 9100 [kworker/2:2] - root 0 0 00:00:00 30:00 9202 [kworker/1:1] - root 0 0 00:00:00 29:51 9343 [kworker/4:2] 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89008 12424 00:01:08 36-22:00:43 9758 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 8:memory:/system.slice,6:devices:/system.slice/pure-ftpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-ftpd.service root 153400 988 00:00:08 36-22:00:43 9781 pure-ftpd (SERVER) 8:memory:/system.slice,6:devices:/system.slice/pure-authd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-authd.service root 152776 588 00:00:07 36-22:00:43 9782 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth - root 0 0 00:00:00 23:00 11791 [kworker/5:1] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236840 13400 00:00:00 18:54 12045 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 51564 2484 00:00:01 1-02:14:36 12453 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 46956 4640 00:00:00 1-02:14:36 12454 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 46912 4560 00:00:00 1-02:14:36 12455 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 10320 1328 00:00:00 1-02:14:36 12456 dovecot/anvil 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 10452 1532 00:00:00 1-02:14:36 12457 dovecot/log 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47032 4572 00:00:00 1-02:14:36 12458 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 46968 4684 00:00:00 1-02:14:36 12459 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 18096 5376 00:00:01 1-02:14:36 12460 dovecot/config 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 13568 1568 00:00:00 1-02:14:36 12461 dovecot/stats 8:memory:/system.slice,6:devices:/system.slice/pdns.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pdns.service named 852076 50808 00:00:11 1-02:14:20 12713 /usr/sbin/pdns_server --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no 8:memory:/system.slice,6:devices:/system.slice/queueprocd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/queueprocd.service root 224736 17464 00:00:09 1-02:14:20 12729 queueprocd - waiting up to 60s to process a task - root 0 0 00:00:00 12:00 12823 [kworker/3:2] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12740 1420 00:00:03 1-02:14:08 12870 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12752 1432 00:00:02 1-02:14:08 12871 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 53340 11860 00:00:00 1-02:14:08 12872 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect - root 0 0 00:00:00 10:52 12926 [kworker/0:1] 8:memory:/system.slice,6:devices:/system.slice/nscd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/nscd.service nscd 1400016 2692 00:00:15 1-02:14:04 12963 /usr/sbin/nscd 8:memory:/system.slice,6:devices:/system.slice/p0f.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 9928 3316 00:04:59 1-02:14:03 13068 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 8:memory:/system.slice,6:devices:/system.slice/cpanellogd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanellogd.service root 130412 2816 00:00:00 1-02:14:03 13073 cpanellogd - sleeping for logs 8:memory:/system.slice,6:devices:/system.slice/cpanel_php_fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel_php_fpm.service root 298732 8056 00:00:05 1-02:14:01 13134 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 41196 2924 00:00:00 01:44 13452 dovecot/auth 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 60816 4496 00:00:00 01:44 13476 dovecot/lmtp 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@240427-103.179.190.35:6556-209.38.208.202:44026.service root 113568 1860 00:00:00 00:00 13842 /bin/bash /usr/bin/check_mk_agent 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@240427-103.179.190.35:6556-209.38.208.202:44026.service root 49820 1560 00:00:00 00:00 13873 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 - root 0 0 00:00:00 05:01:29 19378 [kworker/3:0] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 804 00:00:00 94-02:13:51 20921 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1564 00:30:46 94-02:13:51 20922 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1104 00:00:00 94-02:13:51 20923 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1116 00:00:00 94-02:13:51 20924 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1360 00:00:00 94-02:13:51 20925 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1220 00:11:18 94-02:13:51 20926 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237276 15284 00:00:01 02:57:56 28560 /usr/sbin/httpd -k start 8:memory:/user.slice,6:devices:/user.slice,5:cpuacct,cpu:/user.slice,3:blkio:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2252556.scope root 185004 2588 00:00:00 02:32:59 29884 /usr/sbin/CROND -n 8:memory:/user.slice,6:devices:/user.slice,5:cpuacct,cpu:/user.slice,3:blkio:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2252556.scope root 113280 1200 00:00:00 02:32:59 29890 /bin/sh -c sleep $((1 + RANDOM % 5))h $((1 + RANDOM % 60))m; /usr/local/bin/wp-toolkit update-configuration > /dev/null 2> /dev/null || /usr/local/cpanel/3rdparty/wp-toolkit/bin/wp-toolkit-installer.sh --generate-configs > /dev/null 2> /dev/null; /usr/bin/yum -y update wp-toolkit-cpanel > /dev/null 2> /dev/null 8:memory:/user.slice,6:devices:/user.slice,5:cpuacct,cpu:/user.slice,3:blkio:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2252556.scope root 108052 356 00:00:00 02:32:59 29892 sleep 5h 41m - root 0 0 00:00:01 1-19:32:59 30998 [kworker/4:0] - root 0 0 00:00:13 22:52:59 31056 [kworker/1:2] 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 608600 14044 00:28:14 100-02:13:30 31387 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/qemu-guest-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 348 00:00:00 100-02:12:30 31521 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 8:memory:/system.slice,6:devices:/system.slice/chronyd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/chronyd.service chrony 121048 1156 00:00:20 100-02:12:29 31540 /usr/sbin/chronyd 8:memory:/system.slice,6:devices:/system.slice/xinetd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/xinetd.service root 27380 248 00:00:00 100-02:12:28 31609 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 8:memory:/system.slice,6:devices:/system.slice/system-serial\x2dgetty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 112 00:00:00 100-02:12:28 31640 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 8:memory:/system.slice,6:devices:/system.slice/smartd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/smartd.service root 52852 1080 00:00:01 100-02:12:28 31655 /usr/sbin/smartd -n -q never 8:memory:/system.slice,6:devices:/system.slice/memcached.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/memcached.service memcached 80044 612 00:07:09 100-02:12:28 31670 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 8:memory:/system.slice,6:devices:/system.slice/atd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/atd.service root 24208 192 00:00:00 100-02:12:28 31690 /usr/sbin/atd -f 8:memory:/system.slice,6:devices:/system.slice/systemd-logind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-logind.service root 25228 1836 00:14:11 100-02:12:28 31705 /usr/lib/systemd/systemd-logind 8:memory:/system.slice,6:devices:/system.slice/mariadb.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/mariadb.service mysql 3881328 578516 16:52:06 100-02:12:26 31762 /usr/sbin/mysqld 8:memory:/system.slice,6:devices:/system.slice/system-getty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 112 00:00:00 100-02:12:25 31810 /sbin/agetty --noclear tty1 linux 8:memory:/system.slice,6:devices:/system.slice/rsyslog.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rsyslog.service root 518004 9508 00:30:04 100-02:12:25 31840 /usr/sbin/rsyslogd -n 8:memory:/system.slice,6:devices:/system.slice/systemd-udevd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-udevd.service root 43532 416 00:00:00 100-02:12:22 31961 /usr/lib/systemd/systemd-udevd 8:memory:/system.slice,6:devices:/system.slice/systemd-journald.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-journald.service root 48420 9892 00:45:14 100-02:12:22 31976 /usr/lib/systemd/systemd-journald 8:memory:/system.slice,6:devices:/system.slice/rpcbind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rpcbind.service rpc 69320 1040 00:00:28 100-02:12:22 31993 /sbin/rpcbind -w 8:memory:/system.slice,6:devices:/system.slice/acpid.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/acpid.service root 4388 140 00:00:00 100-02:12:22 32009 /usr/sbin/acpid 8:memory:/system.slice,6:devices:/system.slice/crond.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/crond.service root 124504 1088 00:01:32 100-02:12:22 32032 /usr/sbin/crond -n 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 1364 00:10:57 100-02:12:21 32045 /usr/sbin/sshd -D 8:memory:/system.slice,6:devices:/system.slice/polkit.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/polkit.service polkitd 610540 9136 00:09:44 100-02:12:21 32131 /usr/lib/polkit-1/polkitd --no-debug 8:memory:/system.slice,6:devices:/system.slice/irqbalance.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/irqbalance.service root 21540 508 00:11:31 100-02:12:20 32156 /usr/sbin/irqbalance --foreground Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2024-09-19 20:33 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadf145e7007Found public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-fs-nfsd.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled var-lib-nfs-rpc_pipefs.mount static brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2247527.scope static session-2745.scope static acpid.service enabled aibolit-resident.service enabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled auth-rpcgss-module.service static autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled gssproxy.service disabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-blkmap.service disabled nfs-config.service static nfs-idmap.service static nfs-idmapd.service static nfs-lock.service static nfs-mountd.service static nfs-rquotad.service disabled nfs-secure.service static nfs-server.service disabled nfs-utils.service static nfs.service disabled nfslock.service static nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-gssd.service static rpc-rquotad.service disabled rpc-statd-notify.service static rpc-statd.service static rpcbind.service enabled rpcgssd.service static rpcidmapd.service static rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nfs-client.target enabled nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpc_pipefs.target static rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 323 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-fs-nfsd.mount loaded inactive dead NFSD configuration filesystem proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-lib-nfs-rpc_pipefs.mount loaded inactive dead RPC Pipe File System var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2247527.scope loaded active running Session 2247527 of user root session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service auth-rpcgss-module.service loaded inactive dead Kernel Module supporting RPCSEC_GSS * check_mk@104625-103.179.190.34:6556-194.165.16.76:65294.service loaded failed failed Check_MK * check_mk@120978-103.179.190.34:6556-194.165.16.76:65441.service loaded failed failed Check_MK * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK * check_mk@172347-103.179.190.35:6556-45.227.254.48:65517.service loaded failed failed Check_MK * check_mk@197230-103.179.190.34:6556-167.94.138.124:40940.service loaded failed failed Check_MK * check_mk@210696-103.179.190.35:6556-194.165.16.76:65106.service loaded failed failed Check_MK * check_mk@228110-103.179.190.35:6556-194.165.16.76:65495.service loaded failed failed Check_MK (194.165.16.76:65495) * check_mk@232223-103.179.190.35:6556-194.165.16.72:65253.service loaded failed failed Check_MK (194.165.16.72:65253) check_mk@239502-103.179.190.35:6556-159.89.174.87:56506.service loaded activating start start Check_MK (159.89.174.87:56506) * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK * check_mk@62547-103.179.190.34:6556-103.83.81.110:58694.service loaded failed failed Check_MK * check_mk@62548-103.179.190.35:6556-103.83.81.110:64910.service loaded failed failed Check_MK * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK * check_mk@81701-103.179.190.34:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@81702-103.179.190.35:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 gssproxy.service loaded inactive dead GSSAPI Proxy Daemon httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.39 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nfs-config.service loaded inactive dead Preprocess NFS configuration nfs-idmapd.service loaded inactive dead NFSv4 ID-name mapping service nfs-mountd.service loaded inactive dead NFS Mount Daemon * nfs-secure-server.service not-found inactive dead nfs-secure-server.service nfs-server.service loaded inactive dead NFS server and services nfs-utils.service loaded inactive dead NFS server and client services nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpc-gssd.service loaded inactive dead RPC security service for NFS client and server rpc-statd-notify.service loaded inactive dead Notify NFS peers of a restart rpc-statd.service loaded inactive dead NFS status monitor for NFSv2/3 locking. rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WP Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WP Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice Imunify-notifier.slice loaded active active Imunify-notifier.slice Imunify-Scan-aibolit.slice loaded inactive dead Imunify-Scan-aibolit.slice Imunify-Scan.slice loaded inactive dead Imunify-Scan.slice Imunify.slice loaded active active Imunify.slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nfs-client.target loaded inactive dead NFS client services nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpc_pipefs.target loaded inactive dead rpc_pipefs.target rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191516 3592 19:52:17 893-08:14:53 1 /usr/lib/systemd/systemd --system --deserialize 18 - root 0 0 00:00:06 893-08:14:53 2 [kthreadd] - root 0 0 00:00:00 893-08:14:53 4 [kworker/0:0H] - root 0 0 00:03:26 893-08:14:53 6 [ksoftirqd/0] - root 0 0 00:00:39 893-08:14:53 7 [migration/0] - root 0 0 00:00:00 893-08:14:53 8 [rcu_bh] - root 0 0 21:27:43 893-08:14:53 9 [rcu_sched] - root 0 0 00:00:00 893-08:14:53 10 [lru-add-drain] - root 0 0 00:05:46 893-08:14:53 11 [watchdog/0] - root 0 0 00:05:24 893-08:14:53 12 [watchdog/1] - root 0 0 00:08:01 893-08:14:53 13 [migration/1] - root 0 0 00:02:44 893-08:14:53 14 [ksoftirqd/1] - root 0 0 00:00:00 893-08:14:53 16 [kworker/1:0H] - root 0 0 00:05:03 893-08:14:53 17 [watchdog/2] - root 0 0 00:01:14 893-08:14:53 18 [migration/2] - root 0 0 00:02:19 893-08:14:53 19 [ksoftirqd/2] - root 0 0 00:00:00 893-08:14:53 21 [kworker/2:0H] - root 0 0 00:05:02 893-08:14:53 22 [watchdog/3] - root 0 0 00:00:55 893-08:14:53 23 [migration/3] - root 0 0 00:04:38 893-08:14:53 24 [ksoftirqd/3] - root 0 0 00:00:00 893-08:14:53 26 [kworker/3:0H] - root 0 0 00:04:50 893-08:14:53 27 [watchdog/4] - root 0 0 00:04:20 893-08:14:53 28 [migration/4] - root 0 0 00:05:49 893-08:14:53 29 [ksoftirqd/4] - root 0 0 00:00:00 893-08:14:53 31 [kworker/4:0H] - root 0 0 00:05:53 893-08:14:53 32 [watchdog/5] - root 0 0 00:01:14 893-08:14:53 33 [migration/5] - root 0 0 00:34:35 893-08:14:53 34 [ksoftirqd/5] - root 0 0 00:00:00 893-08:14:53 36 [kworker/5:0H] - root 0 0 00:00:00 893-08:14:53 38 [kdevtmpfs] - root 0 0 00:00:00 893-08:14:53 39 [netns] - root 0 0 00:00:39 893-08:14:53 40 [khungtaskd] - root 0 0 00:00:00 893-08:14:53 41 [writeback] - root 0 0 00:00:00 893-08:14:53 42 [kintegrityd] - root 0 0 00:00:00 893-08:14:53 43 [bioset] - root 0 0 00:00:00 893-08:14:53 44 [bioset] - root 0 0 00:00:00 893-08:14:53 45 [bioset] - root 0 0 00:00:00 893-08:14:53 46 [kblockd] - root 0 0 00:00:00 893-08:14:53 47 [md] - root 0 0 00:00:00 893-08:14:53 48 [edac-poller] - root 0 0 00:00:00 893-08:14:53 49 [watchdogd] - root 0 0 00:28:52 893-08:14:53 55 [kswapd0] - root 0 0 00:00:00 893-08:14:53 56 [ksmd] - root 0 0 00:02:47 893-08:14:53 57 [khugepaged] - root 0 0 00:00:00 893-08:14:53 58 [crypto] - root 0 0 00:00:00 893-08:14:53 66 [kthrotld] - root 0 0 00:00:00 893-08:14:53 68 [kmpath_rdacd] - root 0 0 00:00:00 893-08:14:53 69 [kaluad] - root 0 0 00:00:00 893-08:14:53 70 [kpsmoused] - root 0 0 00:00:00 893-08:14:52 72 [ipv6_addrconf] - root 0 0 00:00:00 893-08:14:52 86 [deferwq] - root 0 0 00:51:15 893-08:14:52 197 [kauditd] - root 0 0 00:00:00 893-08:14:52 262 [ata_sff] - root 0 0 00:00:00 893-08:14:52 276 [ttm_swap] - root 0 0 00:00:00 893-08:14:52 280 [scsi_eh_0] - root 0 0 00:00:00 893-08:14:52 281 [scsi_tmf_0] - root 0 0 00:00:00 893-08:14:52 282 [scsi_eh_1] - root 0 0 00:00:00 893-08:14:52 283 [scsi_tmf_1] - root 0 0 00:15:15 893-08:14:52 289 [kworker/3:1H] - root 0 0 00:26:00 893-08:14:52 294 [kworker/0:1H] - root 0 0 00:15:05 893-08:14:52 301 [kworker/4:1H] - root 0 0 03:22:54 893-08:14:52 302 [jbd2/vda1-8] - root 0 0 00:00:00 893-08:14:52 303 [ext4-rsv-conver] - root 0 0 00:02:06 893-08:14:52 309 [kworker/2:1H] - root 0 0 00:16:05 893-08:14:51 372 [kworker/5:1H] - root 0 0 00:03:32 893-08:14:51 374 [kworker/1:1H] 8:memory:/system.slice,6:devices:/system.slice/auditd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/auditd.service root 55532 732 01:52:39 893-08:14:50 458 /sbin/auditd 8:memory:/system.slice,6:devices:/system.slice/dbus.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dbus.service dbus 58296 1412 04:37:14 893-08:14:50 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 259504 124252 00:00:03 03:27:26 609 spamd child 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 258216 122580 00:00:00 03:27:26 610 spamd child - root 0 0 00:20:25 893-08:14:49 671 [loop0] - root 0 0 00:07:57 893-08:14:49 672 [jbd2/loop0-8] - root 0 0 00:00:00 893-08:14:49 673 [ext4-rsv-conver] 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1440 00:00:00 892-06:14:55 1006 nano pdns.conf 8:memory:/system.slice,6:devices:/system.slice/dnsadmin.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dnsadmin.service root 167448 4264 00:38:52 893-08:14:38 1491 dnsadmin - dormant mode 8:memory:/system.slice,6:devices:/system.slice/cpdavd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpdavd.service root 183896 6680 01:19:54 893-08:14:38 1494 cpdavd - accepting connections on: 2091, 2077, 2078 (dormant) 8:memory:/system.slice,6:devices:/system.slice/tailwatchd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/tailwatchd.service root 208944 17828 02:08:03 893-08:14:38 1495 tailwatchd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 185812 10708 04:45:04 893-08:14:38 1497 cPhulkd - processor - root 0 0 00:00:00 03:11:49 2222 [kworker/u12:2] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237100 14400 00:00:00 02:53:47 3613 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237028 14396 00:00:00 02:53:45 3626 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236940 14256 00:00:00 02:53:44 3637 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237104 14352 00:00:00 02:53:44 3638 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 241380 15260 00:00:00 02:53:44 3641 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237460 14604 00:00:00 02:53:43 3649 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237112 14524 00:00:00 02:53:43 3654 /usr/sbin/httpd -k start - root 0 0 00:00:00 02:41:29 4996 [kworker/0:1] - root 0 0 00:00:01 15:41:30 6125 [kworker/5:2] 8:memory:/system.slice,6:devices:/system.slice/sw-engine.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sw-engine.service root 443168 11676 00:01:52 88-02:47:29 6136 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-background-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 402256 34576 01:06:18 88-02:47:25 6219 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 385704 18492 00:02:00 88-02:47:25 6223 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237104 14368 00:00:00 02:13:50 7029 /usr/sbin/httpd -k start - root 0 0 00:00:00 02:05:36 7953 [kworker/u12:0] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 230684 9156 00:00:39 6-06:55:06 8200 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12748 992 00:00:11 6-06:55:06 8201 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12764 1008 00:00:09 6-06:55:06 8202 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 53344 11820 00:00:00 6-06:55:06 8203 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect - root 0 0 00:00:00 01:58:33 8792 [kworker/0:2] 8:memory:/system.slice,6:devices:/system.slice/cpanel.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel.service root 255676 29080 06:14:00 858-22:51:22 8935 cpsrvd (SSL) - waiting for connections - root 0 0 00:00:00 01:58:01 9391 [kworker/4:1] 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 51644 1272 00:00:40 34-23:29:14 9720 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 10312 556 00:00:09 34-23:29:13 9726 dovecot/anvil 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89008 12452 00:01:04 34-23:29:13 9758 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 8:memory:/system.slice,6:devices:/system.slice/pure-ftpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-ftpd.service root 153400 988 00:00:08 34-23:29:13 9781 pure-ftpd (SERVER) 8:memory:/system.slice,6:devices:/system.slice/pure-authd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-authd.service root 152776 588 00:00:06 34-23:29:13 9782 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth - root 0 0 00:00:01 1-05:00:30 10079 [kworker/3:2] - root 0 0 00:00:00 01:51:29 11220 [kworker/5:1] - root 0 0 00:00:00 01:41:29 12123 [kworker/2:0] - root 0 0 00:00:00 01:32:29 12863 [kworker/4:2] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237064 14128 00:00:00 01:24:32 13654 /usr/sbin/httpd -k start - root 0 0 00:00:00 51:29 15422 [kworker/1:1] 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47536 4004 00:00:09 27-06:33:13 15540 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47564 3588 00:00:11 27-06:33:13 15541 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 10444 700 00:00:12 27-06:33:13 15542 dovecot/log 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47920 3664 00:00:12 27-06:33:13 15544 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47560 3628 00:00:12 27-06:33:13 15545 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 18088 4332 00:00:32 27-06:33:13 15546 dovecot/config 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 13560 596 00:00:14 27-06:33:13 15547 dovecot/stats - root 0 0 00:00:00 21:29 17373 [kworker/3:1] - root 0 0 00:00:21 1-10:10:29 17430 [kworker/1:2] 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 151992 10496 00:00:00 19:45 17477 cPhulkd - dbprocessor 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 41188 2916 00:00:00 01:30 18670 dovecot/auth - root 0 0 00:00:00 01:29 18741 [kworker/1:0] 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service hibid 640972 51868 00:00:00 00:10 18873 php-fpm: pool hibid_vn 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service hanoigroup 728940 69392 00:00:00 00:07 18874 php-fpm: pool hanoigroup_vn 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service hanoigroup 645912 57668 00:00:00 00:06 18876 php-fpm: pool hanoigroup_vn 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 162132 5844 00:00:00 00:03 18877 sshd: root [priv] 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service sshd 115644 2624 00:00:00 00:03 18878 sshd: root [net] 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@239502-103.179.190.35:6556-159.89.174.87:56506.service root 113560 1864 00:00:00 00:00 19018 /bin/bash /usr/bin/check_mk_agent 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@239502-103.179.190.35:6556-159.89.174.87:56506.service root 49820 1560 00:00:00 00:00 19041 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 804 00:00:00 92-03:42:21 20921 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1564 00:30:07 92-03:42:21 20922 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1104 00:00:00 92-03:42:21 20923 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1116 00:00:00 92-03:42:21 20924 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1360 00:00:00 92-03:42:21 20925 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1220 00:11:03 92-03:42:21 20926 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/queueprocd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/queueprocd.service root 224736 13260 00:04:30 33-03:43:04 22781 queueprocd - waiting up to 60s to process a task 8:memory:/system.slice,6:devices:/system.slice/p0f.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 9916 3236 02:23:56 33-03:42:44 23085 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 8:memory:/system.slice,6:devices:/system.slice/nscd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/nscd.service nscd 2819364 3432 00:08:36 33-03:42:44 23115 /usr/sbin/nscd 8:memory:/system.slice,6:devices:/system.slice/cpanellogd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanellogd.service root 130412 1868 00:00:19 33-03:42:44 23116 cpanellogd - sleeping for logs 8:memory:/system.slice,6:devices:/system.slice/cpanel_php_fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel_php_fpm.service root 298732 5332 00:02:46 33-03:42:41 23179 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) - root 0 0 00:00:01 1-01:21:58 29113 [kworker/2:1] 8:memory:/user.slice,6:devices:/user.slice,5:cpuacct,cpu:/user.slice,3:blkio:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2247527.scope root 185004 2588 00:00:00 04:01:30 29946 /usr/sbin/CROND -n 8:memory:/user.slice,6:devices:/user.slice,5:cpuacct,cpu:/user.slice,3:blkio:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2247527.scope root 113280 1204 00:00:00 04:01:30 29951 /bin/sh -c sleep $((1 + RANDOM % 5))h $((1 + RANDOM % 60))m; /usr/local/bin/wp-toolkit update-configuration > /dev/null 2> /dev/null || /usr/local/cpanel/3rdparty/wp-toolkit/bin/wp-toolkit-installer.sh --generate-configs > /dev/null 2> /dev/null; /usr/bin/yum -y update wp-toolkit-cpanel > /dev/null 2> /dev/null 8:memory:/user.slice,6:devices:/user.slice,5:cpuacct,cpu:/user.slice,3:blkio:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2247527.scope root 108052 352 00:00:00 04:01:30 29954 sleep 4h 4m 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 608600 14044 00:27:39 98-03:42:00 31387 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236944 14316 00:00:00 03:42:31 31464 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/qemu-guest-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 348 00:00:00 98-03:41:00 31521 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 8:memory:/system.slice,6:devices:/system.slice/chronyd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/chronyd.service chrony 121048 1176 00:00:19 98-03:40:59 31540 /usr/sbin/chronyd 8:memory:/system.slice,6:devices:/system.slice/pdns.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pdns.service named 1965156 52256 00:15:49 98-03:40:59 31562 /usr/sbin/pdns_server --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no 8:memory:/system.slice,6:devices:/system.slice/xinetd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/xinetd.service root 27380 248 00:00:00 98-03:40:58 31609 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 8:memory:/system.slice,6:devices:/system.slice/system-serial\x2dgetty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 112 00:00:00 98-03:40:58 31640 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 8:memory:/system.slice,6:devices:/system.slice/smartd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/smartd.service root 52852 1080 00:00:01 98-03:40:58 31655 /usr/sbin/smartd -n -q never 8:memory:/system.slice,6:devices:/system.slice/memcached.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/memcached.service memcached 80044 612 00:07:00 98-03:40:58 31670 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 8:memory:/system.slice,6:devices:/system.slice/atd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/atd.service root 24208 192 00:00:00 98-03:40:58 31690 /usr/sbin/atd -f 8:memory:/system.slice,6:devices:/system.slice/systemd-logind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-logind.service root 25228 1836 00:13:54 98-03:40:58 31705 /usr/lib/systemd/systemd-logind 8:memory:/system.slice,6:devices:/system.slice/mariadb.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/mariadb.service mysql 3881328 574448 16:30:22 98-03:40:56 31762 /usr/sbin/mysqld 8:memory:/system.slice,6:devices:/system.slice/system-getty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 112 00:00:00 98-03:40:55 31810 /sbin/agetty --noclear tty1 linux 8:memory:/system.slice,6:devices:/system.slice/rsyslog.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rsyslog.service root 541836 17348 00:29:36 98-03:40:55 31840 /usr/sbin/rsyslogd -n 8:memory:/system.slice,6:devices:/system.slice/systemd-udevd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-udevd.service root 43532 416 00:00:00 98-03:40:52 31961 /usr/lib/systemd/systemd-udevd 8:memory:/system.slice,6:devices:/system.slice/systemd-journald.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-journald.service root 64804 26948 00:44:37 98-03:40:52 31976 /usr/lib/systemd/systemd-journald 8:memory:/system.slice,6:devices:/system.slice/rpcbind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rpcbind.service rpc 69320 1040 00:00:27 98-03:40:52 31993 /sbin/rpcbind -w 8:memory:/system.slice,6:devices:/system.slice/acpid.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/acpid.service root 4388 140 00:00:00 98-03:40:52 32009 /usr/sbin/acpid 8:memory:/system.slice,6:devices:/system.slice/crond.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/crond.service root 124504 960 00:01:30 98-03:40:52 32032 /usr/sbin/crond -n 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 1364 00:10:49 98-03:40:51 32045 /usr/sbin/sshd -D 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 258216 126832 00:00:08 03:41:37 32095 /usr/local/cpanel/3rdparty/perl/536/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 8:memory:/system.slice,6:devices:/system.slice/polkit.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/polkit.service polkitd 610540 9136 00:09:33 98-03:40:51 32131 /usr/lib/polkit-1/polkitd --no-debug 8:memory:/system.slice,6:devices:/system.slice/irqbalance.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/irqbalance.service root 21540 508 00:11:16 98-03:40:50 32156 /usr/sbin/irqbalance --foreground Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2024-09-17 22:01 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadf31e6ee5eFound public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-fs-nfsd.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled var-lib-nfs-rpc_pipefs.mount static brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2745.scope static acpid.service enabled aibolit-resident.service enabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled auth-rpcgss-module.service static autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled gssproxy.service disabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-blkmap.service disabled nfs-config.service static nfs-idmap.service static nfs-idmapd.service static nfs-lock.service static nfs-mountd.service static nfs-rquotad.service disabled nfs-secure.service static nfs-server.service disabled nfs-utils.service static nfs.service disabled nfslock.service static nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-gssd.service static rpc-rquotad.service disabled rpc-statd-notify.service static rpc-statd.service static rpcbind.service enabled rpcgssd.service static rpcidmapd.service static rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nfs-client.target enabled nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpc_pipefs.target static rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 322 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-fs-nfsd.mount loaded inactive dead NFSD configuration filesystem proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-lib-nfs-rpc_pipefs.mount loaded inactive dead RPC Pipe File System var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service auth-rpcgss-module.service loaded inactive dead Kernel Module supporting RPCSEC_GSS * check_mk@104625-103.179.190.34:6556-194.165.16.76:65294.service loaded failed failed Check_MK * check_mk@120978-103.179.190.34:6556-194.165.16.76:65441.service loaded failed failed Check_MK * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK * check_mk@172347-103.179.190.35:6556-45.227.254.48:65517.service loaded failed failed Check_MK * check_mk@197230-103.179.190.34:6556-167.94.138.124:40940.service loaded failed failed Check_MK * check_mk@210696-103.179.190.35:6556-194.165.16.76:65106.service loaded failed failed Check_MK * check_mk@228110-103.179.190.35:6556-194.165.16.76:65495.service loaded failed failed Check_MK (194.165.16.76:65495) * check_mk@232223-103.179.190.35:6556-194.165.16.72:65253.service loaded failed failed Check_MK (194.165.16.72:65253) check_mk@238673-103.179.190.35:6556-134.209.25.199:46144.service loaded activating start start Check_MK (134.209.25.199:46144) * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK * check_mk@62547-103.179.190.34:6556-103.83.81.110:58694.service loaded failed failed Check_MK * check_mk@62548-103.179.190.35:6556-103.83.81.110:64910.service loaded failed failed Check_MK * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK * check_mk@81701-103.179.190.34:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@81702-103.179.190.35:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 gssproxy.service loaded inactive dead GSSAPI Proxy Daemon httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.39 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nfs-config.service loaded inactive dead Preprocess NFS configuration nfs-idmapd.service loaded inactive dead NFSv4 ID-name mapping service nfs-mountd.service loaded inactive dead NFS Mount Daemon * nfs-secure-server.service not-found inactive dead nfs-secure-server.service nfs-server.service loaded inactive dead NFS server and services nfs-utils.service loaded inactive dead NFS server and client services nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpc-gssd.service loaded inactive dead RPC security service for NFS client and server rpc-statd-notify.service loaded inactive dead Notify NFS peers of a restart rpc-statd.service loaded inactive dead NFS status monitor for NFSv2/3 locking. rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WP Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WP Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice Imunify-notifier.slice loaded active active Imunify-notifier.slice Imunify-Scan-aibolit.slice loaded inactive dead Imunify-Scan-aibolit.slice Imunify-Scan.slice loaded inactive dead Imunify-Scan.slice Imunify.slice loaded active active Imunify.slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nfs-client.target loaded inactive dead NFS client services nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpc_pipefs.target loaded inactive dead rpc_pipefs.target rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191516 3588 19:49:15 891-09:33:05 1 /usr/lib/systemd/systemd --system --deserialize 18 - root 0 0 00:00:06 891-09:33:05 2 [kthreadd] - root 0 0 00:00:00 891-09:33:05 4 [kworker/0:0H] - root 0 0 00:03:26 891-09:33:05 6 [ksoftirqd/0] - root 0 0 00:00:39 891-09:33:05 7 [migration/0] - root 0 0 00:00:00 891-09:33:05 8 [rcu_bh] - root 0 0 21:25:20 891-09:33:05 9 [rcu_sched] - root 0 0 00:00:00 891-09:33:05 10 [lru-add-drain] - root 0 0 00:05:45 891-09:33:05 11 [watchdog/0] - root 0 0 00:05:23 891-09:33:05 12 [watchdog/1] - root 0 0 00:08:00 891-09:33:05 13 [migration/1] - root 0 0 00:02:44 891-09:33:05 14 [ksoftirqd/1] - root 0 0 00:00:00 891-09:33:05 16 [kworker/1:0H] - root 0 0 00:05:02 891-09:33:05 17 [watchdog/2] - root 0 0 00:01:14 891-09:33:05 18 [migration/2] - root 0 0 00:02:19 891-09:33:05 19 [ksoftirqd/2] - root 0 0 00:00:00 891-09:33:05 21 [kworker/2:0H] - root 0 0 00:05:01 891-09:33:05 22 [watchdog/3] - root 0 0 00:00:55 891-09:33:05 23 [migration/3] - root 0 0 00:04:38 891-09:33:05 24 [ksoftirqd/3] - root 0 0 00:00:00 891-09:33:05 26 [kworker/3:0H] - root 0 0 00:04:49 891-09:33:05 27 [watchdog/4] - root 0 0 00:04:19 891-09:33:05 28 [migration/4] - root 0 0 00:05:48 891-09:33:05 29 [ksoftirqd/4] - root 0 0 00:00:00 891-09:33:05 31 [kworker/4:0H] - root 0 0 00:05:52 891-09:33:05 32 [watchdog/5] - root 0 0 00:01:14 891-09:33:05 33 [migration/5] - root 0 0 00:34:31 891-09:33:05 34 [ksoftirqd/5] - root 0 0 00:00:00 891-09:33:05 36 [kworker/5:0H] - root 0 0 00:00:00 891-09:33:05 38 [kdevtmpfs] - root 0 0 00:00:00 891-09:33:05 39 [netns] - root 0 0 00:00:39 891-09:33:05 40 [khungtaskd] - root 0 0 00:00:00 891-09:33:05 41 [writeback] - root 0 0 00:00:00 891-09:33:05 42 [kintegrityd] - root 0 0 00:00:00 891-09:33:05 43 [bioset] - root 0 0 00:00:00 891-09:33:05 44 [bioset] - root 0 0 00:00:00 891-09:33:05 45 [bioset] - root 0 0 00:00:00 891-09:33:05 46 [kblockd] - root 0 0 00:00:00 891-09:33:05 47 [md] - root 0 0 00:00:00 891-09:33:05 48 [edac-poller] - root 0 0 00:00:00 891-09:33:05 49 [watchdogd] - root 0 0 00:28:52 891-09:33:05 55 [kswapd0] - root 0 0 00:00:00 891-09:33:05 56 [ksmd] - root 0 0 00:02:47 891-09:33:05 57 [khugepaged] - root 0 0 00:00:00 891-09:33:05 58 [crypto] - root 0 0 00:00:00 891-09:33:05 66 [kthrotld] - root 0 0 00:00:00 891-09:33:05 68 [kmpath_rdacd] - root 0 0 00:00:00 891-09:33:05 69 [kaluad] - root 0 0 00:00:00 891-09:33:05 70 [kpsmoused] - root 0 0 00:00:00 891-09:33:04 72 [ipv6_addrconf] - root 0 0 00:00:00 891-09:33:04 86 [deferwq] - root 0 0 00:51:10 891-09:33:04 197 [kauditd] - root 0 0 00:00:00 891-09:33:04 262 [ata_sff] - root 0 0 00:00:00 891-09:33:04 276 [ttm_swap] - root 0 0 00:00:00 891-09:33:04 280 [scsi_eh_0] - root 0 0 00:00:00 891-09:33:04 281 [scsi_tmf_0] - root 0 0 00:00:00 891-09:33:04 282 [scsi_eh_1] - root 0 0 00:00:00 891-09:33:04 283 [scsi_tmf_1] - root 0 0 00:15:13 891-09:33:04 289 [kworker/3:1H] - root 0 0 00:25:58 891-09:33:04 294 [kworker/0:1H] - root 0 0 00:15:03 891-09:33:04 301 [kworker/4:1H] - root 0 0 03:22:31 891-09:33:04 302 [jbd2/vda1-8] - root 0 0 00:00:00 891-09:33:04 303 [ext4-rsv-conver] - root 0 0 00:02:05 891-09:33:04 309 [kworker/2:1H] - root 0 0 00:16:03 891-09:33:03 372 [kworker/5:1H] - root 0 0 00:03:32 891-09:33:03 374 [kworker/1:1H] 8:memory:/system.slice,6:devices:/system.slice/auditd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/auditd.service root 55532 732 01:52:27 891-09:33:02 458 /sbin/auditd 8:memory:/system.slice,6:devices:/system.slice/dbus.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dbus.service dbus 58296 1412 04:36:38 891-09:33:02 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation - root 0 0 00:20:23 891-09:33:01 671 [loop0] - root 0 0 00:07:56 891-09:33:01 672 [jbd2/loop0-8] - root 0 0 00:00:00 891-09:33:01 673 [ext4-rsv-conver] 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1440 00:00:00 890-07:33:07 1006 nano pdns.conf 8:memory:/system.slice,6:devices:/system.slice/dnsadmin.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dnsadmin.service root 167448 4260 00:38:46 891-09:32:50 1491 dnsadmin - dormant mode 8:memory:/system.slice,6:devices:/system.slice/cpdavd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpdavd.service root 183896 6684 01:19:40 891-09:32:50 1494 cpdavd - accepting connections on: 2091, 2077, 2078 (dormant) 8:memory:/system.slice,6:devices:/system.slice/tailwatchd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/tailwatchd.service root 208944 17844 02:07:55 891-09:32:50 1495 tailwatchd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 190164 12716 04:44:37 891-09:32:50 1497 cPhulkd - processor - root 0 0 00:00:00 03:33:35 2389 [kworker/5:0] 8:memory:/system.slice,6:devices:/system.slice/sw-engine.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sw-engine.service root 443168 11676 00:01:49 86-04:05:41 6136 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-background-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 402256 34576 01:04:44 86-04:05:37 6219 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 385704 18492 00:01:57 86-04:05:37 6223 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php - root 0 0 00:00:14 1-00:16:41 7316 [kworker/1:0] 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 152740 11276 00:00:09 08:56:26 8095 cPhulkd - dbprocessor 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 230684 9156 00:00:26 4-08:13:18 8200 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12748 992 00:00:08 4-08:13:18 8201 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12752 1008 00:00:07 4-08:13:18 8202 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 53344 11820 00:00:00 4-08:13:18 8203 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect 8:memory:/system.slice,6:devices:/system.slice/cpanel.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel.service root 168356 4904 06:12:48 857-00:09:34 8935 cpsrvd (SSL) - dormant mode - accepting connections - root 0 0 00:00:00 02:39:42 9083 [kworker/4:2] 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 51644 1272 00:00:38 33-00:47:26 9720 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 10312 556 00:00:08 33-00:47:25 9726 dovecot/anvil 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89008 12452 00:01:02 33-00:47:25 9758 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 8:memory:/system.slice,6:devices:/system.slice/pure-ftpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-ftpd.service root 153400 988 00:00:07 33-00:47:25 9781 pure-ftpd (SERVER) 8:memory:/system.slice,6:devices:/system.slice/pure-authd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-authd.service root 152776 588 00:00:06 33-00:47:25 9782 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth - root 0 0 00:00:00 02:09:41 11208 [kworker/3:2] - root 0 0 00:00:00 01:49:41 12462 [kworker/5:1] - root 0 0 00:00:00 01:42:04 13060 [kworker/u12:1] - root 0 0 00:00:00 01:39:41 13196 [kworker/2:1] 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47536 4012 00:00:08 25-07:51:25 15540 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47476 3336 00:00:10 25-07:51:25 15541 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 10444 700 00:00:11 25-07:51:25 15542 dovecot/log 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47660 3504 00:00:11 25-07:51:25 15544 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47560 3636 00:00:11 25-07:51:25 15545 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 18088 4284 00:00:30 25-07:51:25 15546 dovecot/config 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 13560 596 00:00:13 25-07:51:25 15547 dovecot/stats - root 0 0 00:00:01 21:44:41 16723 [kworker/2:0] - root 0 0 00:00:00 49:41 18806 [kworker/3:1] - root 0 0 00:00:00 49:41 18808 [kworker/0:0] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237472 15208 00:00:00 41:02 19914 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 804 00:00:00 90-05:00:33 20921 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1564 00:29:27 90-05:00:33 20922 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1104 00:00:00 90-05:00:33 20923 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1116 00:00:00 90-05:00:33 20924 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1360 00:00:00 90-05:00:33 20925 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1220 00:10:48 90-05:00:33 20926 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237456 14808 00:00:00 29:14 21738 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237084 14056 00:00:00 20:58 22708 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/queueprocd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/queueprocd.service root 224736 13260 00:04:13 31-05:01:16 22781 queueprocd - waiting up to 60s to process a task - root 0 0 00:00:00 19:41 22869 [kworker/1:1] 8:memory:/system.slice,6:devices:/system.slice/p0f.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 9920 3240 02:16:15 31-05:00:56 23085 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 8:memory:/system.slice,6:devices:/system.slice/nscd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/nscd.service nscd 2819364 3428 00:08:04 31-05:00:56 23115 /usr/sbin/nscd 8:memory:/system.slice,6:devices:/system.slice/cpanellogd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanellogd.service root 130412 1868 00:00:18 31-05:00:56 23116 cpanellogd - sleeping for logs 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237092 13836 00:00:00 18:03 23152 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/cpanel_php_fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel_php_fpm.service root 298732 5332 00:02:35 31-05:00:53 23179 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237248 14364 00:00:00 14:24 23391 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236992 13640 00:00:00 08:56 23842 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237544 13976 00:00:00 08:52 23846 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236924 13384 00:00:00 08:47 23851 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236944 13236 00:00:00 08:22 23968 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237080 13616 00:00:00 08:21 23971 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236920 13536 00:00:00 08:21 23972 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236960 13180 00:00:00 05:19 24117 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236796 13480 00:00:00 05:19 24118 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service dothingaynay 616960 36032 00:00:00 00:05 24546 php-fpm: pool dothingaynay_vn 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@238673-103.179.190.35:6556-134.209.25.199:46144.service root 113568 1864 00:00:00 00:00 24686 /bin/bash /usr/bin/check_mk_agent 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@238673-103.179.190.35:6556-134.209.25.199:46144.service root 49820 1560 00:00:00 00:00 24709 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 258236 126864 00:00:08 05:00:23 27739 /usr/local/cpanel/3rdparty/perl/536/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 259556 124248 00:00:04 04:48:10 28752 spamd child 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 258236 122648 00:00:00 04:48:10 28753 spamd child - root 0 0 00:00:01 11:27:16 30063 [kworker/u12:2] 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 608600 14040 00:27:12 96-05:00:12 31387 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/qemu-guest-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 348 00:00:00 96-04:59:12 31521 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 8:memory:/system.slice,6:devices:/system.slice/chronyd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/chronyd.service chrony 121048 1176 00:00:19 96-04:59:11 31540 /usr/sbin/chronyd 8:memory:/system.slice,6:devices:/system.slice/pdns.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pdns.service named 1965156 52240 00:15:29 96-04:59:11 31562 /usr/sbin/pdns_server --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no 8:memory:/system.slice,6:devices:/system.slice/xinetd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/xinetd.service root 27380 248 00:00:00 96-04:59:10 31609 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 8:memory:/system.slice,6:devices:/system.slice/system-serial\x2dgetty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 112 00:00:00 96-04:59:10 31640 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 8:memory:/system.slice,6:devices:/system.slice/smartd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/smartd.service root 52852 1080 00:00:01 96-04:59:10 31655 /usr/sbin/smartd -n -q never 8:memory:/system.slice,6:devices:/system.slice/memcached.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/memcached.service memcached 80044 612 00:06:51 96-04:59:10 31670 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 8:memory:/system.slice,6:devices:/system.slice/atd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/atd.service root 24208 192 00:00:00 96-04:59:10 31690 /usr/sbin/atd -f 8:memory:/system.slice,6:devices:/system.slice/systemd-logind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-logind.service root 25228 1836 00:13:37 96-04:59:10 31705 /usr/lib/systemd/systemd-logind 8:memory:/system.slice,6:devices:/system.slice/mariadb.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/mariadb.service mysql 3881328 573420 16:17:50 96-04:59:08 31762 /usr/sbin/mysqld 8:memory:/system.slice,6:devices:/system.slice/system-getty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 112 00:00:00 96-04:59:07 31810 /sbin/agetty --noclear tty1 linux 8:memory:/system.slice,6:devices:/system.slice/rsyslog.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rsyslog.service root 517536 6644 00:29:01 96-04:59:07 31840 /usr/sbin/rsyslogd -n 8:memory:/system.slice,6:devices:/system.slice/systemd-udevd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-udevd.service root 43532 416 00:00:00 96-04:59:04 31961 /usr/lib/systemd/systemd-udevd 8:memory:/system.slice,6:devices:/system.slice/systemd-journald.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-journald.service root 40184 6216 00:43:47 96-04:59:04 31976 /usr/lib/systemd/systemd-journald 8:memory:/system.slice,6:devices:/system.slice/rpcbind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rpcbind.service rpc 69320 1036 00:00:27 96-04:59:04 31993 /sbin/rpcbind -w 8:memory:/system.slice,6:devices:/system.slice/acpid.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/acpid.service root 4388 140 00:00:00 96-04:59:04 32009 /usr/sbin/acpid 8:memory:/system.slice,6:devices:/system.slice/crond.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/crond.service root 124504 960 00:01:28 96-04:59:04 32032 /usr/sbin/crond -n 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 1364 00:10:37 96-04:59:03 32045 /usr/sbin/sshd -D 8:memory:/system.slice,6:devices:/system.slice/polkit.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/polkit.service polkitd 610540 9136 00:09:21 96-04:59:03 32131 /usr/lib/polkit-1/polkitd --no-debug 8:memory:/system.slice,6:devices:/system.slice/irqbalance.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/irqbalance.service root 21540 508 00:11:03 96-04:59:02 32156 /usr/sbin/irqbalance --foreground - root 0 0 00:00:06 1-10:19:41 32450 [kworker/0:1] - root 0 0 00:00:01 1-10:18:41 32587 [kworker/4:1] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2024-09-15 23:19 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadfa38fde9fFound public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-fs-nfsd.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled var-lib-nfs-rpc_pipefs.mount static brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2745.scope static acpid.service enabled aibolit-resident.service enabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled auth-rpcgss-module.service static autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled gssproxy.service disabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-blkmap.service disabled nfs-config.service static nfs-idmap.service static nfs-idmapd.service static nfs-lock.service static nfs-mountd.service static nfs-rquotad.service disabled nfs-secure.service static nfs-server.service disabled nfs-utils.service static nfs.service disabled nfslock.service static nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-gssd.service static rpc-rquotad.service disabled rpc-statd-notify.service static rpc-statd.service static rpcbind.service enabled rpcgssd.service static rpcidmapd.service static rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nfs-client.target enabled nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpc_pipefs.target static rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 322 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-fs-nfsd.mount loaded inactive dead NFSD configuration filesystem proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-lib-nfs-rpc_pipefs.mount loaded inactive dead RPC Pipe File System var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service auth-rpcgss-module.service loaded inactive dead Kernel Module supporting RPCSEC_GSS * check_mk@104625-103.179.190.34:6556-194.165.16.76:65294.service loaded failed failed Check_MK * check_mk@120978-103.179.190.34:6556-194.165.16.76:65441.service loaded failed failed Check_MK * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK * check_mk@172347-103.179.190.35:6556-45.227.254.48:65517.service loaded failed failed Check_MK * check_mk@197230-103.179.190.34:6556-167.94.138.124:40940.service loaded failed failed Check_MK * check_mk@210696-103.179.190.35:6556-194.165.16.76:65106.service loaded failed failed Check_MK * check_mk@228110-103.179.190.35:6556-194.165.16.76:65495.service loaded failed failed Check_MK (194.165.16.76:65495) * check_mk@232223-103.179.190.35:6556-194.165.16.72:65253.service loaded failed failed Check_MK (194.165.16.72:65253) check_mk@238013-103.179.190.35:6556-206.189.2.13:48538.service loaded activating start start Check_MK (206.189.2.13:48538) * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK * check_mk@62547-103.179.190.34:6556-103.83.81.110:58694.service loaded failed failed Check_MK * check_mk@62548-103.179.190.35:6556-103.83.81.110:64910.service loaded failed failed Check_MK * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK * check_mk@81701-103.179.190.34:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@81702-103.179.190.35:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 gssproxy.service loaded inactive dead GSSAPI Proxy Daemon httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.39 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nfs-config.service loaded inactive dead Preprocess NFS configuration nfs-idmapd.service loaded inactive dead NFSv4 ID-name mapping service nfs-mountd.service loaded inactive dead NFS Mount Daemon * nfs-secure-server.service not-found inactive dead nfs-secure-server.service nfs-server.service loaded inactive dead NFS server and services nfs-utils.service loaded inactive dead NFS server and client services nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpc-gssd.service loaded inactive dead RPC security service for NFS client and server rpc-statd-notify.service loaded inactive dead Notify NFS peers of a restart rpc-statd.service loaded inactive dead NFS status monitor for NFSv2/3 locking. rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WP Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WP Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice Imunify-notifier.slice loaded active active Imunify-notifier.slice Imunify-Scan-aibolit.slice loaded inactive dead Imunify-Scan-aibolit.slice Imunify-Scan.slice loaded inactive dead Imunify-Scan.slice Imunify.slice loaded active active Imunify.slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nfs-client.target loaded inactive dead NFS client services nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpc_pipefs.target loaded inactive dead rpc_pipefs.target rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191516 3584 19:46:32 889-08:37:07 1 /usr/lib/systemd/systemd --system --deserialize 18 - root 0 0 00:00:06 889-08:37:07 2 [kthreadd] - root 0 0 00:00:00 889-08:37:07 4 [kworker/0:0H] - root 0 0 00:03:25 889-08:37:07 6 [ksoftirqd/0] - root 0 0 00:00:39 889-08:37:07 7 [migration/0] - root 0 0 00:00:00 889-08:37:07 8 [rcu_bh] - root 0 0 21:22:04 889-08:37:07 9 [rcu_sched] - root 0 0 00:00:00 889-08:37:07 10 [lru-add-drain] - root 0 0 00:05:44 889-08:37:07 11 [watchdog/0] - root 0 0 00:05:23 889-08:37:07 12 [watchdog/1] - root 0 0 00:07:59 889-08:37:07 13 [migration/1] - root 0 0 00:02:44 889-08:37:07 14 [ksoftirqd/1] - root 0 0 00:00:00 889-08:37:07 16 [kworker/1:0H] - root 0 0 00:05:02 889-08:37:07 17 [watchdog/2] - root 0 0 00:01:13 889-08:37:07 18 [migration/2] - root 0 0 00:02:19 889-08:37:07 19 [ksoftirqd/2] - root 0 0 00:00:00 889-08:37:07 21 [kworker/2:0H] - root 0 0 00:05:01 889-08:37:07 22 [watchdog/3] - root 0 0 00:00:55 889-08:37:07 23 [migration/3] - root 0 0 00:04:38 889-08:37:07 24 [ksoftirqd/3] - root 0 0 00:00:00 889-08:37:07 26 [kworker/3:0H] - root 0 0 00:04:49 889-08:37:07 27 [watchdog/4] - root 0 0 00:04:18 889-08:37:07 28 [migration/4] - root 0 0 00:05:47 889-08:37:07 29 [ksoftirqd/4] - root 0 0 00:00:00 889-08:37:07 31 [kworker/4:0H] - root 0 0 00:05:51 889-08:37:07 32 [watchdog/5] - root 0 0 00:01:14 889-08:37:07 33 [migration/5] - root 0 0 00:34:26 889-08:37:07 34 [ksoftirqd/5] - root 0 0 00:00:00 889-08:37:07 36 [kworker/5:0H] - root 0 0 00:00:00 889-08:37:07 38 [kdevtmpfs] - root 0 0 00:00:00 889-08:37:07 39 [netns] - root 0 0 00:00:39 889-08:37:07 40 [khungtaskd] - root 0 0 00:00:00 889-08:37:07 41 [writeback] - root 0 0 00:00:00 889-08:37:07 42 [kintegrityd] - root 0 0 00:00:00 889-08:37:07 43 [bioset] - root 0 0 00:00:00 889-08:37:07 44 [bioset] - root 0 0 00:00:00 889-08:37:07 45 [bioset] - root 0 0 00:00:00 889-08:37:07 46 [kblockd] - root 0 0 00:00:00 889-08:37:07 47 [md] - root 0 0 00:00:00 889-08:37:07 48 [edac-poller] - root 0 0 00:00:00 889-08:37:07 49 [watchdogd] - root 0 0 00:28:50 889-08:37:07 55 [kswapd0] - root 0 0 00:00:00 889-08:37:07 56 [ksmd] - root 0 0 00:02:47 889-08:37:07 57 [khugepaged] - root 0 0 00:00:00 889-08:37:07 58 [crypto] - root 0 0 00:00:00 889-08:37:07 66 [kthrotld] - root 0 0 00:00:00 889-08:37:07 68 [kmpath_rdacd] - root 0 0 00:00:00 889-08:37:07 69 [kaluad] - root 0 0 00:00:00 889-08:37:07 70 [kpsmoused] - root 0 0 00:00:00 889-08:37:06 72 [ipv6_addrconf] - root 0 0 00:00:00 889-08:37:06 86 [deferwq] - root 0 0 00:51:04 889-08:37:06 197 [kauditd] - root 0 0 00:00:00 889-08:37:06 262 [ata_sff] - root 0 0 00:00:00 889-08:37:06 276 [ttm_swap] - root 0 0 00:00:00 889-08:37:06 280 [scsi_eh_0] - root 0 0 00:00:00 889-08:37:06 281 [scsi_tmf_0] - root 0 0 00:00:00 889-08:37:06 282 [scsi_eh_1] - root 0 0 00:00:00 889-08:37:06 283 [scsi_tmf_1] - root 0 0 00:15:11 889-08:37:06 289 [kworker/3:1H] - root 0 0 00:25:54 889-08:37:06 294 [kworker/0:1H] - root 0 0 00:15:01 889-08:37:06 301 [kworker/4:1H] - root 0 0 03:22:03 889-08:37:06 302 [jbd2/vda1-8] - root 0 0 00:00:00 889-08:37:06 303 [ext4-rsv-conver] - root 0 0 00:02:05 889-08:37:06 309 [kworker/2:1H] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237236 14080 00:00:00 44:09 322 /usr/sbin/httpd -k start - root 0 0 00:16:01 889-08:37:05 372 [kworker/5:1H] - root 0 0 00:03:31 889-08:37:05 374 [kworker/1:1H] 8:memory:/system.slice,6:devices:/system.slice/auditd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/auditd.service root 55532 640 01:52:14 889-08:37:04 458 /sbin/auditd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 152476 10956 00:00:20 1-02:21:59 470 cPhulkd - dbprocessor 8:memory:/system.slice,6:devices:/system.slice/dbus.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dbus.service dbus 58296 1412 04:35:59 889-08:37:04 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation - root 0 0 00:20:20 889-08:37:03 671 [loop0] - root 0 0 00:07:54 889-08:37:03 672 [jbd2/loop0-8] - root 0 0 00:00:00 889-08:37:03 673 [ext4-rsv-conver] 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1440 00:00:00 888-06:37:09 1006 nano pdns.conf - root 0 0 00:00:00 23:43 1408 [kworker/4:2] 8:memory:/system.slice,6:devices:/system.slice/dnsadmin.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dnsadmin.service root 167448 4260 00:38:41 889-08:36:52 1491 dnsadmin - dormant mode 8:memory:/system.slice,6:devices:/system.slice/cpdavd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpdavd.service root 183896 6680 01:19:28 889-08:36:52 1494 cpdavd - accepting connections on: 2091, 2077, 2078 (dormant) 8:memory:/system.slice,6:devices:/system.slice/tailwatchd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/tailwatchd.service root 208944 17740 02:07:47 889-08:36:52 1495 tailwatchd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 190164 12320 04:44:10 889-08:36:52 1497 cPhulkd - processor 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236716 12996 00:00:00 21:11 1544 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236692 12596 00:00:00 19:05 1582 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236712 13012 00:00:00 19:04 1587 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236896 14008 00:00:00 18:37 1709 /usr/sbin/httpd -k start - root 0 0 00:00:00 13:43 1950 [kworker/2:1] 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 41188 2920 00:00:00 00:32 2718 dovecot/auth 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 60804 4496 00:00:00 00:32 2742 dovecot/lmtp 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 41188 2720 00:00:00 00:32 2749 dovecot/auth -w 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 162132 5844 00:00:00 00:01 2806 sshd: root [priv] 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service sshd 115644 2624 00:00:00 00:01 2807 sshd: root [net] - root 0 0 00:00:00 00:01 2808 [update_quota_ca] <defunct> - root 0 0 00:00:00 00:01 2809 [cpsrvd (SSL) - ] <defunct> 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@238013-103.179.190.35:6556-206.189.2.13:48538.service root 113416 1588 00:00:00 00:00 2952 /bin/bash /usr/bin/check_mk_agent 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@238013-103.179.190.35:6556-206.189.2.13:48538.service root 49820 1564 00:00:00 00:00 2975 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237280 15344 00:00:02 06:04:18 4173 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 241884 16136 00:00:02 06:04:13 4183 /usr/sbin/httpd -k start - root 0 0 00:00:00 05:52:23 5052 [kworker/3:2] - root 0 0 00:00:00 05:52:23 5056 [kworker/4:1] - root 0 0 00:00:03 1-16:33:42 6024 [kworker/5:1] 8:memory:/system.slice,6:devices:/system.slice/sw-engine.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sw-engine.service root 443168 11676 00:01:47 84-03:09:43 6136 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-background-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 402256 34436 01:03:10 84-03:09:39 6219 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 385704 18364 00:01:54 84-03:09:39 6223 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 230684 9156 00:00:14 2-07:17:20 8200 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12748 992 00:00:05 2-07:17:20 8201 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12756 1008 00:00:04 2-07:17:20 8202 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 53344 11820 00:00:00 2-07:17:20 8203 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect 8:memory:/system.slice,6:devices:/system.slice/cpanel.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel.service root 255676 29024 06:11:35 854-23:13:36 8935 cpsrvd (SSL) - waiting for connections 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 51644 1204 00:00:36 30-23:51:28 9720 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 10312 556 00:00:08 30-23:51:27 9726 dovecot/anvil 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89012 11668 00:00:59 30-23:51:27 9758 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 8:memory:/system.slice,6:devices:/system.slice/pure-ftpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-ftpd.service root 153400 988 00:00:07 30-23:51:27 9781 pure-ftpd (SERVER) 8:memory:/system.slice,6:devices:/system.slice/pure-authd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-authd.service root 152776 588 00:00:06 30-23:51:27 9782 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth - root 0 0 00:00:06 11:48:43 11422 [kworker/1:0] 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47536 3760 00:00:08 23-06:55:27 15540 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47476 2808 00:00:09 23-06:55:27 15541 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 10444 700 00:00:10 23-06:55:27 15542 dovecot/log 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47660 3504 00:00:10 23-06:55:27 15544 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47560 3376 00:00:10 23-06:55:27 15545 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 18088 4284 00:00:28 23-06:55:27 15546 dovecot/config 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 13560 596 00:00:12 23-06:55:27 15547 dovecot/stats 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257644 124988 00:00:08 04:03:22 18007 /usr/local/cpanel/3rdparty/perl/536/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 258936 123636 00:00:03 03:50:31 18810 spamd child 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257644 121980 00:00:00 03:50:31 18811 spamd child - root 0 0 00:00:02 16:52:43 18906 [kworker/0:2] - root 0 0 00:00:01 16:46:23 19381 [kworker/u12:2] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 804 00:00:00 88-04:04:35 20921 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1564 00:28:47 88-04:04:35 20922 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1104 00:00:00 88-04:04:35 20923 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1116 00:00:00 88-04:04:35 20924 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1360 00:00:00 88-04:04:35 20925 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1220 00:10:33 88-04:04:35 20926 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/queueprocd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/queueprocd.service root 224736 13168 00:03:56 29-04:05:18 22781 queueprocd - waiting up to 60s to process a task 8:memory:/system.slice,6:devices:/system.slice/p0f.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 10120 3428 02:06:42 29-04:04:58 23085 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 8:memory:/system.slice,6:devices:/system.slice/nscd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/nscd.service nscd 2819364 3276 00:07:34 29-04:04:58 23115 /usr/sbin/nscd 8:memory:/system.slice,6:devices:/system.slice/cpanellogd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanellogd.service root 130412 1868 00:00:16 29-04:04:58 23116 cpanellogd - sleeping for logs 8:memory:/system.slice,6:devices:/system.slice/cpanel_php_fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel_php_fpm.service root 298732 5332 00:02:25 29-04:04:55 23179 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) - root 0 0 00:00:00 02:20:31 25098 [kworker/3:1] - root 0 0 00:00:02 1-19:52:23 25742 [kworker/2:2] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 241536 15480 00:00:00 02:12:05 27082 /usr/sbin/httpd -k start - root 0 0 00:00:00 01:43:43 28746 [kworker/0:1] - root 0 0 00:00:00 01:08:40 30671 [kworker/5:2] - root 0 0 00:00:00 01:07:53 30684 [kworker/1:2] 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 608600 14028 00:26:42 94-04:04:14 31387 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237404 14380 00:00:00 58:57 31390 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237324 14472 00:00:00 58:56 31392 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/qemu-guest-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 348 00:00:00 94-04:03:14 31521 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 8:memory:/system.slice,6:devices:/system.slice/chronyd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/chronyd.service chrony 121048 1060 00:00:19 94-04:03:13 31540 /usr/sbin/chronyd 8:memory:/system.slice,6:devices:/system.slice/pdns.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pdns.service named 1965156 51716 00:15:09 94-04:03:13 31562 /usr/sbin/pdns_server --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no 8:memory:/system.slice,6:devices:/system.slice/xinetd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/xinetd.service root 27380 248 00:00:00 94-04:03:12 31609 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 8:memory:/system.slice,6:devices:/system.slice/system-serial\x2dgetty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 112 00:00:00 94-04:03:12 31640 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 8:memory:/system.slice,6:devices:/system.slice/smartd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/smartd.service root 52852 1080 00:00:01 94-04:03:12 31655 /usr/sbin/smartd -n -q never 8:memory:/system.slice,6:devices:/system.slice/memcached.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/memcached.service memcached 80044 612 00:06:42 94-04:03:12 31670 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 8:memory:/system.slice,6:devices:/system.slice/atd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/atd.service root 24208 192 00:00:00 94-04:03:12 31690 /usr/sbin/atd -f 8:memory:/system.slice,6:devices:/system.slice/systemd-logind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-logind.service root 25228 1836 00:13:19 94-04:03:12 31705 /usr/lib/systemd/systemd-logind 8:memory:/system.slice,6:devices:/system.slice/mariadb.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/mariadb.service mysql 3881328 571284 16:01:24 94-04:03:10 31762 /usr/sbin/mysqld 8:memory:/system.slice,6:devices:/system.slice/system-getty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 112 00:00:00 94-04:03:09 31810 /sbin/agetty --noclear tty1 linux 8:memory:/system.slice,6:devices:/system.slice/rsyslog.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rsyslog.service root 540596 16296 00:28:28 94-04:03:09 31840 /usr/sbin/rsyslogd -n 8:memory:/system.slice,6:devices:/system.slice/systemd-udevd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-udevd.service root 43532 416 00:00:00 94-04:03:06 31961 /usr/lib/systemd/systemd-udevd 8:memory:/system.slice,6:devices:/system.slice/systemd-journald.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-journald.service root 64800 25212 00:43:00 94-04:03:06 31976 /usr/lib/systemd/systemd-journald 8:memory:/system.slice,6:devices:/system.slice/rpcbind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rpcbind.service rpc 69320 1032 00:00:26 94-04:03:06 31993 /sbin/rpcbind -w 8:memory:/system.slice,6:devices:/system.slice/acpid.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/acpid.service root 4388 140 00:00:00 94-04:03:06 32009 /usr/sbin/acpid 8:memory:/system.slice,6:devices:/system.slice/crond.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/crond.service root 124504 960 00:01:26 94-04:03:06 32032 /usr/sbin/crond -n 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 1364 00:10:25 94-04:03:05 32045 /usr/sbin/sshd -D 8:memory:/system.slice,6:devices:/system.slice/polkit.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/polkit.service polkitd 610540 9136 00:09:09 94-04:03:05 32131 /usr/lib/polkit-1/polkitd --no-debug 8:memory:/system.slice,6:devices:/system.slice/irqbalance.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/irqbalance.service root 21540 508 00:10:49 94-04:03:04 32156 /usr/sbin/irqbalance --foreground - root 0 0 00:00:00 52:02 32267 [kworker/u12:0] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2024-09-13 22:23 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadfd3633588Found public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-fs-nfsd.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled var-lib-nfs-rpc_pipefs.mount static brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2233068.scope static session-2745.scope static acpid.service enabled aibolit-resident.service enabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled auth-rpcgss-module.service static autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled gssproxy.service disabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-blkmap.service disabled nfs-config.service static nfs-idmap.service static nfs-idmapd.service static nfs-lock.service static nfs-mountd.service static nfs-rquotad.service disabled nfs-secure.service static nfs-server.service disabled nfs-utils.service static nfs.service disabled nfslock.service static nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-gssd.service static rpc-rquotad.service disabled rpc-statd-notify.service static rpc-statd.service static rpcbind.service enabled rpcgssd.service static rpcidmapd.service static rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nfs-client.target enabled nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpc_pipefs.target static rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 323 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-fs-nfsd.mount loaded inactive dead NFSD configuration filesystem proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-lib-nfs-rpc_pipefs.mount loaded inactive dead RPC Pipe File System var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2233068.scope loaded active running Session 2233068 of user root session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service auth-rpcgss-module.service loaded inactive dead Kernel Module supporting RPCSEC_GSS * check_mk@104625-103.179.190.34:6556-194.165.16.76:65294.service loaded failed failed Check_MK * check_mk@120978-103.179.190.34:6556-194.165.16.76:65441.service loaded failed failed Check_MK * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK * check_mk@172347-103.179.190.35:6556-45.227.254.48:65517.service loaded failed failed Check_MK * check_mk@197230-103.179.190.34:6556-167.94.138.124:40940.service loaded failed failed Check_MK * check_mk@210696-103.179.190.35:6556-194.165.16.76:65106.service loaded failed failed Check_MK * check_mk@228110-103.179.190.35:6556-194.165.16.76:65495.service loaded failed failed Check_MK (194.165.16.76:65495) * check_mk@232223-103.179.190.35:6556-194.165.16.72:65253.service loaded failed failed Check_MK (194.165.16.72:65253) check_mk@237230-103.179.190.35:6556-159.65.144.72:56810.service loaded activating start start Check_MK (159.65.144.72:56810) * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK * check_mk@62547-103.179.190.34:6556-103.83.81.110:58694.service loaded failed failed Check_MK * check_mk@62548-103.179.190.35:6556-103.83.81.110:64910.service loaded failed failed Check_MK * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK * check_mk@81701-103.179.190.34:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@81702-103.179.190.35:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 gssproxy.service loaded inactive dead GSSAPI Proxy Daemon httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.39 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nfs-config.service loaded inactive dead Preprocess NFS configuration nfs-idmapd.service loaded inactive dead NFSv4 ID-name mapping service nfs-mountd.service loaded inactive dead NFS Mount Daemon * nfs-secure-server.service not-found inactive dead nfs-secure-server.service nfs-server.service loaded inactive dead NFS server and services nfs-utils.service loaded inactive dead NFS server and client services nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpc-gssd.service loaded inactive dead RPC security service for NFS client and server rpc-statd-notify.service loaded inactive dead Notify NFS peers of a restart rpc-statd.service loaded inactive dead NFS status monitor for NFSv2/3 locking. rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WP Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WP Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice Imunify-notifier.slice loaded active active Imunify-notifier.slice Imunify-Scan-aibolit.slice loaded inactive dead Imunify-Scan-aibolit.slice Imunify-Scan.slice loaded inactive dead Imunify-Scan.slice Imunify.slice loaded active active Imunify.slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nfs-client.target loaded inactive dead NFS client services nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpc_pipefs.target loaded inactive dead rpc_pipefs.target rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191516 3600 19:43:40 887-10:13:34 1 /usr/lib/systemd/systemd --system --deserialize 18 - root 0 0 00:00:06 887-10:13:34 2 [kthreadd] - root 0 0 00:00:00 887-10:13:34 4 [kworker/0:0H] - root 0 0 00:03:25 887-10:13:34 6 [ksoftirqd/0] - root 0 0 00:00:39 887-10:13:34 7 [migration/0] - root 0 0 00:00:00 887-10:13:34 8 [rcu_bh] - root 0 0 21:18:59 887-10:13:34 9 [rcu_sched] - root 0 0 00:00:00 887-10:13:34 10 [lru-add-drain] - root 0 0 00:05:43 887-10:13:34 11 [watchdog/0] - root 0 0 00:05:22 887-10:13:34 12 [watchdog/1] - root 0 0 00:07:58 887-10:13:34 13 [migration/1] - root 0 0 00:02:44 887-10:13:34 14 [ksoftirqd/1] - root 0 0 00:00:00 887-10:13:34 16 [kworker/1:0H] - root 0 0 00:05:01 887-10:13:34 17 [watchdog/2] - root 0 0 00:01:13 887-10:13:34 18 [migration/2] - root 0 0 00:02:19 887-10:13:34 19 [ksoftirqd/2] - root 0 0 00:00:00 887-10:13:34 21 [kworker/2:0H] - root 0 0 00:05:00 887-10:13:34 22 [watchdog/3] - root 0 0 00:00:55 887-10:13:34 23 [migration/3] - root 0 0 00:04:37 887-10:13:34 24 [ksoftirqd/3] - root 0 0 00:00:00 887-10:13:34 26 [kworker/3:0H] - root 0 0 00:04:48 887-10:13:34 27 [watchdog/4] - root 0 0 00:04:18 887-10:13:34 28 [migration/4] - root 0 0 00:05:47 887-10:13:34 29 [ksoftirqd/4] - root 0 0 00:00:00 887-10:13:34 31 [kworker/4:0H] - root 0 0 00:05:50 887-10:13:34 32 [watchdog/5] - root 0 0 00:01:14 887-10:13:34 33 [migration/5] - root 0 0 00:34:21 887-10:13:34 34 [ksoftirqd/5] - root 0 0 00:00:00 887-10:13:34 36 [kworker/5:0H] - root 0 0 00:00:00 887-10:13:34 38 [kdevtmpfs] - root 0 0 00:00:00 887-10:13:34 39 [netns] - root 0 0 00:00:39 887-10:13:34 40 [khungtaskd] - root 0 0 00:00:00 887-10:13:34 41 [writeback] - root 0 0 00:00:00 887-10:13:34 42 [kintegrityd] - root 0 0 00:00:00 887-10:13:34 43 [bioset] - root 0 0 00:00:00 887-10:13:34 44 [bioset] - root 0 0 00:00:00 887-10:13:34 45 [bioset] - root 0 0 00:00:00 887-10:13:34 46 [kblockd] - root 0 0 00:00:00 887-10:13:34 47 [md] - root 0 0 00:00:00 887-10:13:34 48 [edac-poller] - root 0 0 00:00:00 887-10:13:34 49 [watchdogd] - root 0 0 00:28:41 887-10:13:34 55 [kswapd0] - root 0 0 00:00:00 887-10:13:34 56 [ksmd] - root 0 0 00:02:46 887-10:13:34 57 [khugepaged] - root 0 0 00:00:00 887-10:13:34 58 [crypto] - root 0 0 00:00:00 887-10:13:34 66 [kthrotld] - root 0 0 00:00:00 887-10:13:34 68 [kmpath_rdacd] - root 0 0 00:00:00 887-10:13:34 69 [kaluad] - root 0 0 00:00:00 887-10:13:34 70 [kpsmoused] - root 0 0 00:00:00 887-10:13:33 72 [ipv6_addrconf] - root 0 0 00:00:00 887-10:13:33 86 [deferwq] - root 0 0 00:50:59 887-10:13:33 197 [kauditd] - root 0 0 00:00:00 887-10:13:33 262 [ata_sff] - root 0 0 00:00:00 887-10:13:33 276 [ttm_swap] - root 0 0 00:00:00 887-10:13:33 280 [scsi_eh_0] - root 0 0 00:00:00 887-10:13:33 281 [scsi_tmf_0] - root 0 0 00:00:00 887-10:13:33 282 [scsi_eh_1] - root 0 0 00:00:00 887-10:13:33 283 [scsi_tmf_1] - root 0 0 00:15:09 887-10:13:33 289 [kworker/3:1H] - root 0 0 00:25:50 887-10:13:33 294 [kworker/0:1H] - root 0 0 00:14:59 887-10:13:33 301 [kworker/4:1H] - root 0 0 03:21:35 887-10:13:33 302 [jbd2/vda1-8] - root 0 0 00:00:00 887-10:13:33 303 [ext4-rsv-conver] - root 0 0 00:02:04 887-10:13:33 309 [kworker/2:1H] - root 0 0 00:15:59 887-10:13:32 372 [kworker/5:1H] - root 0 0 00:03:30 887-10:13:32 374 [kworker/1:1H] 8:memory:/system.slice,6:devices:/system.slice/auditd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/auditd.service root 55532 732 01:52:04 887-10:13:31 458 /sbin/auditd 8:memory:/system.slice,6:devices:/system.slice/dbus.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dbus.service dbus 58296 1412 04:35:23 887-10:13:31 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation - root 0 0 00:20:16 887-10:13:30 671 [loop0] - root 0 0 00:07:53 887-10:13:30 672 [jbd2/loop0-8] - root 0 0 00:00:00 887-10:13:30 673 [ext4-rsv-conver] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237796 15220 00:00:01 03:52:45 771 /usr/sbin/httpd -k start 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1440 00:00:00 886-08:13:36 1006 nano pdns.conf - root 0 0 00:00:00 16:28:54 1230 [kworker/3:1] 8:memory:/system.slice,6:devices:/system.slice/dnsadmin.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dnsadmin.service root 167448 4260 00:38:36 887-10:13:19 1491 dnsadmin - dormant mode 8:memory:/system.slice,6:devices:/system.slice/cpdavd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpdavd.service root 183896 6676 01:19:14 887-10:13:19 1494 cpdavd - accepting connections on: 2091, 2077, 2078 (dormant) 8:memory:/system.slice,6:devices:/system.slice/tailwatchd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/tailwatchd.service root 208944 17828 02:07:39 887-10:13:19 1495 tailwatchd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 190164 12736 04:43:49 887-10:13:19 1497 cPhulkd - processor - root 0 0 00:00:03 1-11:25:09 5611 [kworker/5:0] 8:memory:/system.slice,6:devices:/system.slice/sw-engine.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sw-engine.service root 443168 11676 00:01:44 82-04:46:10 6136 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-background-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 402256 34576 01:01:43 82-04:46:06 6219 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 385704 18496 00:01:51 82-04:46:06 6223 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237160 14672 00:00:00 02:10:27 6395 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237092 14624 00:00:00 02:10:27 6396 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237128 14612 00:00:00 02:10:26 6397 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237092 14608 00:00:00 02:10:26 6398 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236952 14468 00:00:00 02:10:26 6403 /usr/sbin/httpd -k start - root 0 0 00:00:00 02:08:10 6563 [kworker/3:0] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 230684 9764 00:00:03 08:53:47 8200 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12784 1416 00:00:01 08:53:47 8201 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12792 1432 00:00:01 08:53:47 8202 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 53344 11852 00:00:00 08:53:47 8203 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect 8:memory:/system.slice,6:devices:/system.slice/cpanel.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel.service root 255684 29024 06:10:27 853-00:50:03 8935 cpsrvd (SSL) - waiting for connections - root 0 0 00:00:00 01:25:09 9549 [kworker/2:1] - root 0 0 00:00:00 08:35:16 9706 [kworker/u12:0] 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 51644 1268 00:00:33 29-01:27:55 9720 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 10312 324 00:00:07 29-01:27:54 9726 dovecot/anvil 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89012 12444 00:00:56 29-01:27:54 9758 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 8:memory:/system.slice,6:devices:/system.slice/pure-ftpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-ftpd.service root 153400 1000 00:00:06 29-01:27:54 9781 pure-ftpd (SERVER) 8:memory:/system.slice,6:devices:/system.slice/pure-authd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-authd.service root 152776 588 00:00:05 29-01:27:54 9782 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237028 14288 00:00:00 01:09:15 10535 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236980 14220 00:00:00 01:09:15 10536 /usr/sbin/httpd -k start - root 0 0 00:00:00 59:10 10959 [kworker/0:2] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236936 14044 00:00:00 39:56 12359 /usr/sbin/httpd -k start - root 0 0 00:00:00 30:07 13080 [kworker/2:2] - root 0 0 00:00:00 25:09 13395 [kworker/4:2] 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 152368 10956 00:00:11 20:43:27 13870 cPhulkd - dbprocessor - root 0 0 00:00:00 18:10 14037 [kworker/5:1] - root 0 0 00:00:00 10:09 14534 [kworker/1:1] 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 41188 2904 00:00:00 00:24 15087 dovecot/auth 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 41188 2728 00:00:00 00:20 15089 dovecot/auth -w - root 0 0 00:00:00 00:20 15090 [cpsrvd (SSL) - ] <defunct> 8:memory:/user.slice,6:devices:/user.slice,5:cpuacct,cpu:/user.slice,3:blkio:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2233068.scope root 185004 2584 00:00:00 00:10 15117 /usr/sbin/CROND -n 8:memory:/user.slice,6:devices:/user.slice,5:cpuacct,cpu:/user.slice,3:blkio:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2233068.scope root 113280 1208 00:00:00 00:10 15120 /bin/sh -c bash -c "sleep $((RANDOM % 60))" ; /opt/imunify360/venv/share/imunify360/scripts/check-detached.py > /dev/null 2>&1 || : 8:memory:/user.slice,6:devices:/user.slice,5:cpuacct,cpu:/user.slice,3:blkio:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2233068.scope root 108052 356 00:00:00 00:10 15124 sleep 50 - root 0 0 00:00:00 00:10 15136 [kworker/3:2] 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89144 8860 00:00:00 00:05 15188 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@237230-103.179.190.35:6556-159.65.144.72:56810.service root 113552 1860 00:00:00 00:00 15317 /bin/bash /usr/bin/check_mk_agent 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@237230-103.179.190.35:6556-159.65.144.72:56810.service root 49820 1560 00:00:00 00:00 15342 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47536 3980 00:00:07 21-08:31:54 15540 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47476 3608 00:00:08 21-08:31:54 15541 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 10444 724 00:00:09 21-08:31:54 15542 dovecot/log 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47660 3716 00:00:09 21-08:31:54 15544 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47560 3672 00:00:09 21-08:31:54 15545 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 18088 4404 00:00:26 21-08:31:54 15546 dovecot/config 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 13560 656 00:00:11 21-08:31:54 15547 dovecot/stats - root 0 0 00:00:04 06:59:10 17809 [kworker/1:2] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 804 00:00:00 86-05:41:02 20921 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1564 00:28:08 86-05:41:02 20922 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1112 00:00:00 86-05:41:02 20923 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1124 00:00:00 86-05:41:02 20924 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1364 00:00:00 86-05:41:02 20925 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1220 00:10:19 86-05:41:02 20926 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] - root 0 0 00:00:01 06:10:10 21136 [kworker/0:1] 8:memory:/system.slice,6:devices:/system.slice/queueprocd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/queueprocd.service root 224736 13316 00:03:42 27-05:41:45 22781 queueprocd - waiting up to 60s to process a task 8:memory:/system.slice,6:devices:/system.slice/p0f.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 9924 3244 01:57:39 27-05:41:25 23085 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 8:memory:/system.slice,6:devices:/system.slice/nscd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/nscd.service nscd 2819364 3424 00:07:06 27-05:41:25 23115 /usr/sbin/nscd 8:memory:/system.slice,6:devices:/system.slice/cpanellogd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanellogd.service root 130412 1868 00:00:15 27-05:41:25 23116 cpanellogd - sleeping for logs 8:memory:/system.slice,6:devices:/system.slice/cpanel_php_fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel_php_fpm.service root 298732 5332 00:02:16 27-05:41:22 23179 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257608 126236 00:00:09 05:40:19 23478 /usr/local/cpanel/3rdparty/perl/536/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 - root 0 0 00:00:00 05:31:26 24152 [kworker/u12:1] 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 258916 123692 00:00:05 05:26:58 24509 spamd child 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257608 121956 00:00:00 05:26:58 24510 spamd child 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237004 14596 00:00:00 04:27:08 28152 /usr/sbin/httpd -k start - root 0 0 00:00:00 17:25:10 29380 [kworker/4:0] 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 608600 21620 00:26:13 92-05:40:41 31387 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/qemu-guest-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 348 00:00:00 92-05:39:41 31521 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 8:memory:/system.slice,6:devices:/system.slice/chronyd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/chronyd.service chrony 121048 1268 00:00:18 92-05:39:40 31540 /usr/sbin/chronyd 8:memory:/system.slice,6:devices:/system.slice/pdns.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pdns.service named 1965156 52152 00:14:50 92-05:39:40 31562 /usr/sbin/pdns_server --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no 8:memory:/system.slice,6:devices:/system.slice/xinetd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/xinetd.service root 27380 248 00:00:00 92-05:39:39 31609 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 8:memory:/system.slice,6:devices:/system.slice/system-serial\x2dgetty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 112 00:00:00 92-05:39:39 31640 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 8:memory:/system.slice,6:devices:/system.slice/smartd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/smartd.service root 52852 872 00:00:01 92-05:39:39 31655 /usr/sbin/smartd -n -q never 8:memory:/system.slice,6:devices:/system.slice/memcached.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/memcached.service memcached 80044 612 00:06:33 92-05:39:39 31670 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 8:memory:/system.slice,6:devices:/system.slice/atd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/atd.service root 24208 192 00:00:00 92-05:39:39 31690 /usr/sbin/atd -f 8:memory:/system.slice,6:devices:/system.slice/systemd-logind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-logind.service root 25228 1836 00:13:02 92-05:39:39 31705 /usr/lib/systemd/systemd-logind 8:memory:/system.slice,6:devices:/system.slice/mariadb.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/mariadb.service mysql 3881328 570628 15:44:11 92-05:39:37 31762 /usr/sbin/mysqld 8:memory:/system.slice,6:devices:/system.slice/system-getty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 112 00:00:00 92-05:39:36 31810 /sbin/agetty --noclear tty1 linux 8:memory:/system.slice,6:devices:/system.slice/rsyslog.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rsyslog.service root 540832 16540 00:27:58 92-05:39:36 31840 /usr/sbin/rsyslogd -n 8:memory:/system.slice,6:devices:/system.slice/systemd-udevd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-udevd.service root 43532 416 00:00:00 92-05:39:33 31961 /usr/lib/systemd/systemd-udevd 8:memory:/system.slice,6:devices:/system.slice/systemd-journald.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-journald.service root 64800 25452 00:42:18 92-05:39:33 31976 /usr/lib/systemd/systemd-journald 8:memory:/system.slice,6:devices:/system.slice/rpcbind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rpcbind.service rpc 69320 1036 00:00:26 92-05:39:33 31993 /sbin/rpcbind -w 8:memory:/system.slice,6:devices:/system.slice/acpid.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/acpid.service root 4388 140 00:00:00 92-05:39:33 32009 /usr/sbin/acpid 8:memory:/system.slice,6:devices:/system.slice/crond.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/crond.service root 124504 960 00:01:24 92-05:39:33 32032 /usr/sbin/crond -n 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 1364 00:10:16 92-05:39:32 32045 /usr/sbin/sshd -D 8:memory:/system.slice,6:devices:/system.slice/polkit.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/polkit.service polkitd 610540 9140 00:08:57 92-05:39:32 32131 /usr/lib/polkit-1/polkitd --no-debug 8:memory:/system.slice,6:devices:/system.slice/irqbalance.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/irqbalance.service root 21540 508 00:10:35 92-05:39:31 32156 /usr/sbin/irqbalance --foreground Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2024-09-12 00:00 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadf2fb8d3d6Found public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-fs-nfsd.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled var-lib-nfs-rpc_pipefs.mount static brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2745.scope static acpid.service enabled aibolit-resident.service enabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled auth-rpcgss-module.service static autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled gssproxy.service disabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-blkmap.service disabled nfs-config.service static nfs-idmap.service static nfs-idmapd.service static nfs-lock.service static nfs-mountd.service static nfs-rquotad.service disabled nfs-secure.service static nfs-server.service disabled nfs-utils.service static nfs.service disabled nfslock.service static nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-gssd.service static rpc-rquotad.service disabled rpc-statd-notify.service static rpc-statd.service static rpcbind.service enabled rpcgssd.service static rpcidmapd.service static rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nfs-client.target enabled nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpc_pipefs.target static rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 322 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-fs-nfsd.mount loaded inactive dead NFSD configuration filesystem proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-lib-nfs-rpc_pipefs.mount loaded inactive dead RPC Pipe File System var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service auth-rpcgss-module.service loaded inactive dead Kernel Module supporting RPCSEC_GSS * check_mk@104625-103.179.190.34:6556-194.165.16.76:65294.service loaded failed failed Check_MK * check_mk@120978-103.179.190.34:6556-194.165.16.76:65441.service loaded failed failed Check_MK * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK * check_mk@172347-103.179.190.35:6556-45.227.254.48:65517.service loaded failed failed Check_MK * check_mk@197230-103.179.190.34:6556-167.94.138.124:40940.service loaded failed failed Check_MK * check_mk@210696-103.179.190.35:6556-194.165.16.76:65106.service loaded failed failed Check_MK * check_mk@228110-103.179.190.35:6556-194.165.16.76:65495.service loaded failed failed Check_MK (194.165.16.76:65495) * check_mk@232223-103.179.190.35:6556-194.165.16.72:65253.service loaded failed failed Check_MK (194.165.16.72:65253) check_mk@236751-103.179.190.35:6556-206.81.12.187:57138.service loaded activating start start Check_MK (206.81.12.187:57138) * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK * check_mk@62547-103.179.190.34:6556-103.83.81.110:58694.service loaded failed failed Check_MK * check_mk@62548-103.179.190.35:6556-103.83.81.110:64910.service loaded failed failed Check_MK * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK * check_mk@81701-103.179.190.34:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@81702-103.179.190.35:6556-194.110.203.85:4402.service loaded failed failed Check_MK * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 gssproxy.service loaded inactive dead GSSAPI Proxy Daemon httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.39 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nfs-config.service loaded inactive dead Preprocess NFS configuration nfs-idmapd.service loaded inactive dead NFSv4 ID-name mapping service nfs-mountd.service loaded inactive dead NFS Mount Daemon * nfs-secure-server.service not-found inactive dead nfs-secure-server.service nfs-server.service loaded inactive dead NFS server and services nfs-utils.service loaded inactive dead NFS server and client services nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpc-gssd.service loaded inactive dead RPC security service for NFS client and server rpc-statd-notify.service loaded inactive dead Notify NFS peers of a restart rpc-statd.service loaded inactive dead NFS status monitor for NFSv2/3 locking. rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WP Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WP Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice Imunify-notifier.slice loaded active active Imunify-notifier.slice Imunify-Scan-aibolit.slice loaded inactive dead Imunify-Scan-aibolit.slice Imunify-Scan.slice loaded inactive dead Imunify-Scan.slice Imunify.slice loaded active active Imunify.slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nfs-client.target loaded inactive dead NFS client services nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpc_pipefs.target loaded inactive dead rpc_pipefs.target rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191516 3584 19:41:56 886-07:37:20 1 /usr/lib/systemd/systemd --system --deserialize 18 - root 0 0 00:00:06 886-07:37:20 2 [kthreadd] - root 0 0 00:00:00 886-07:37:20 4 [kworker/0:0H] - root 0 0 00:03:24 886-07:37:20 6 [ksoftirqd/0] - root 0 0 00:00:39 886-07:37:20 7 [migration/0] - root 0 0 00:00:00 886-07:37:20 8 [rcu_bh] - root 0 0 21:16:52 886-07:37:20 9 [rcu_sched] - root 0 0 00:00:00 886-07:37:20 10 [lru-add-drain] - root 0 0 00:05:43 886-07:37:20 11 [watchdog/0] - root 0 0 00:05:22 886-07:37:20 12 [watchdog/1] - root 0 0 00:07:58 886-07:37:20 13 [migration/1] - root 0 0 00:02:43 886-07:37:20 14 [ksoftirqd/1] - root 0 0 00:00:00 886-07:37:20 16 [kworker/1:0H] - root 0 0 00:05:01 886-07:37:20 17 [watchdog/2] - root 0 0 00:01:13 886-07:37:20 18 [migration/2] - root 0 0 00:02:18 886-07:37:20 19 [ksoftirqd/2] - root 0 0 00:00:00 886-07:37:20 21 [kworker/2:0H] - root 0 0 00:05:00 886-07:37:20 22 [watchdog/3] - root 0 0 00:00:55 886-07:37:20 23 [migration/3] - root 0 0 00:04:36 886-07:37:20 24 [ksoftirqd/3] - root 0 0 00:00:00 886-07:37:20 26 [kworker/3:0H] - root 0 0 00:04:48 886-07:37:20 27 [watchdog/4] - root 0 0 00:04:17 886-07:37:20 28 [migration/4] - root 0 0 00:05:46 886-07:37:20 29 [ksoftirqd/4] - root 0 0 00:00:00 886-07:37:20 31 [kworker/4:0H] - root 0 0 00:05:49 886-07:37:20 32 [watchdog/5] - root 0 0 00:01:14 886-07:37:20 33 [migration/5] - root 0 0 00:34:17 886-07:37:20 34 [ksoftirqd/5] - root 0 0 00:00:00 886-07:37:20 36 [kworker/5:0H] - root 0 0 00:00:00 886-07:37:20 38 [kdevtmpfs] - root 0 0 00:00:00 886-07:37:20 39 [netns] - root 0 0 00:00:38 886-07:37:20 40 [khungtaskd] - root 0 0 00:00:00 886-07:37:20 41 [writeback] - root 0 0 00:00:00 886-07:37:20 42 [kintegrityd] - root 0 0 00:00:00 886-07:37:20 43 [bioset] - root 0 0 00:00:00 886-07:37:20 44 [bioset] - root 0 0 00:00:00 886-07:37:20 45 [bioset] - root 0 0 00:00:00 886-07:37:20 46 [kblockd] - root 0 0 00:00:00 886-07:37:20 47 [md] - root 0 0 00:00:00 886-07:37:20 48 [edac-poller] - root 0 0 00:00:00 886-07:37:20 49 [watchdogd] - root 0 0 00:28:41 886-07:37:20 55 [kswapd0] - root 0 0 00:00:00 886-07:37:20 56 [ksmd] - root 0 0 00:02:46 886-07:37:20 57 [khugepaged] - root 0 0 00:00:00 886-07:37:20 58 [crypto] - root 0 0 00:00:00 886-07:37:20 66 [kthrotld] - root 0 0 00:00:00 886-07:37:20 68 [kmpath_rdacd] - root 0 0 00:00:00 886-07:37:20 69 [kaluad] - root 0 0 00:00:00 886-07:37:20 70 [kpsmoused] - root 0 0 00:00:00 886-07:37:19 72 [ipv6_addrconf] - root 0 0 00:00:00 886-07:37:19 86 [deferwq] - root 0 0 00:50:57 886-07:37:19 197 [kauditd] - root 0 0 00:00:00 886-07:37:19 262 [ata_sff] - root 0 0 00:00:00 886-07:37:19 276 [ttm_swap] - root 0 0 00:00:00 886-07:37:19 280 [scsi_eh_0] - root 0 0 00:00:00 886-07:37:19 281 [scsi_tmf_0] - root 0 0 00:00:00 886-07:37:19 282 [scsi_eh_1] - root 0 0 00:00:00 886-07:37:19 283 [scsi_tmf_1] - root 0 0 00:15:07 886-07:37:19 289 [kworker/3:1H] - root 0 0 00:25:48 886-07:37:19 294 [kworker/0:1H] - root 0 0 00:14:58 886-07:37:19 301 [kworker/4:1H] - root 0 0 03:21:15 886-07:37:19 302 [jbd2/vda1-8] - root 0 0 00:00:00 886-07:37:19 303 [ext4-rsv-conver] - root 0 0 00:02:04 886-07:37:19 309 [kworker/2:1H] - root 0 0 00:15:57 886-07:37:18 372 [kworker/5:1H] - root 0 0 00:03:30 886-07:37:18 374 [kworker/1:1H] 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257740 126384 00:00:07 03:04:40 388 /usr/local/cpanel/3rdparty/perl/536/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 8:memory:/system.slice,6:devices:/system.slice/auditd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/auditd.service root 55532 732 01:51:59 886-07:37:17 458 /sbin/auditd 8:memory:/system.slice,6:devices:/system.slice/dbus.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dbus.service dbus 58296 1412 04:35:02 886-07:37:17 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237412 15268 00:00:02 09:37:19 644 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237472 15328 00:00:02 09:37:17 646 /usr/sbin/httpd -k start - root 0 0 00:20:14 886-07:37:16 671 [loop0] - root 0 0 00:07:52 886-07:37:16 672 [jbd2/loop0-8] - root 0 0 00:00:00 886-07:37:16 673 [ext4-rsv-conver] 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1440 00:00:00 885-05:37:22 1006 nano pdns.conf 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237160 14536 00:00:00 02:56:34 1154 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 259036 123692 00:00:03 02:53:31 1359 spamd child 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257740 122092 00:00:00 02:53:31 1360 spamd child 8:memory:/system.slice,6:devices:/system.slice/dnsadmin.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dnsadmin.service root 167448 4268 00:38:33 886-07:37:05 1491 dnsadmin - dormant mode 8:memory:/system.slice,6:devices:/system.slice/cpdavd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpdavd.service root 183896 6676 01:19:08 886-07:37:05 1494 cpdavd - accepting connections on: 2091, 2077, 2078 (dormant) 8:memory:/system.slice,6:devices:/system.slice/tailwatchd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/tailwatchd.service root 208944 17780 02:07:33 886-07:37:05 1495 tailwatchd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 190164 12328 04:43:37 886-07:37:05 1497 cPhulkd - processor - root 0 0 00:00:00 08:48:55 5611 [kworker/5:0] 8:memory:/system.slice,6:devices:/system.slice/sw-engine.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sw-engine.service root 443168 11676 00:01:43 81-02:09:56 6136 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-background-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 402256 34576 01:00:52 81-02:09:52 6219 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 385704 18492 00:01:50 81-02:09:52 6223 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php - root 0 0 00:00:00 01:48:55 6281 [kworker/u12:0] - root 0 0 00:00:00 01:43:55 6646 [kworker/2:0] - root 0 0 00:00:00 01:21:12 8280 [kworker/1:0] 8:memory:/system.slice,6:devices:/system.slice/cpanel.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel.service root 255676 29028 06:09:46 851-22:13:49 8935 cpsrvd (SSL) - waiting for connections 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 230832 7396 00:02:47 27-22:51:42 9702 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 51644 1268 00:00:32 27-22:51:41 9720 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 10312 324 00:00:07 27-22:51:40 9726 dovecot/anvil 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89012 12452 00:00:53 27-22:51:40 9758 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 8:memory:/system.slice,6:devices:/system.slice/pure-ftpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-ftpd.service root 153400 884 00:00:06 27-22:51:40 9781 pure-ftpd (SERVER) 8:memory:/system.slice,6:devices:/system.slice/pure-authd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-authd.service root 152776 588 00:00:05 27-22:51:40 9782 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth - root 0 0 00:00:00 07:32:19 11375 [kworker/u12:1] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237036 14072 00:00:00 56:55 12129 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237380 14428 00:00:00 56:55 12130 /usr/sbin/httpd -k start - root 0 0 00:00:29 1-23:57:55 12244 [kworker/1:1] - root 0 0 00:00:00 53:55 12309 [kworker/0:0] - root 0 0 00:00:01 1-11:23:55 12913 [kworker/4:1] - root 0 0 00:00:00 43:56 13402 [kworker/3:1] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12784 420 00:00:43 20-05:55:40 15538 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12824 432 00:00:34 20-05:55:40 15539 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47536 3980 00:00:06 20-05:55:40 15540 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47476 3608 00:00:08 20-05:55:40 15541 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 10444 724 00:00:09 20-05:55:40 15542 dovecot/log 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47660 3716 00:00:09 20-05:55:40 15544 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47560 3672 00:00:08 20-05:55:40 15545 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 18088 4404 00:00:24 20-05:55:40 15546 dovecot/config 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 13560 656 00:00:11 20-05:55:40 15547 dovecot/stats 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 53340 9332 00:00:00 20-05:55:40 15548 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect - root 0 0 00:00:00 13:55 15959 [kworker/4:0] - root 0 0 00:00:00 09:40 16252 [kworker/5:2] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237008 13152 00:00:00 05:51 16533 /usr/sbin/httpd -k start - root 0 0 00:00:00 03:56 16682 [kworker/5:1] 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 41188 2920 00:00:00 01:56 16744 dovecot/auth - root 0 0 00:00:00 01:32 16916 [kworker/u12:2] 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@236751-103.179.190.35:6556-206.81.12.187:57138.service root 113552 1864 00:00:00 00:00 17085 /bin/bash /usr/bin/check_mk_agent 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@236751-103.179.190.35:6556-206.81.12.187:57138.service root 49820 1560 00:00:00 00:00 17108 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 804 00:00:00 85-03:04:48 20921 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1564 00:27:47 85-03:04:48 20922 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1112 00:00:00 85-03:04:48 20923 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1124 00:00:00 85-03:04:48 20924 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1364 00:00:00 85-03:04:48 20925 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81752 1220 00:10:11 85-03:04:48 20926 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] - root 0 0 00:00:00 05:23:12 21401 [kworker/2:2] 8:memory:/system.slice,6:devices:/system.slice/queueprocd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/queueprocd.service root 224736 13248 00:03:33 26-03:05:31 22781 queueprocd - waiting up to 60s to process a task 8:memory:/system.slice,6:devices:/system.slice/p0f.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 9876 3056 01:52:32 26-03:05:11 23085 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 8:memory:/system.slice,6:devices:/system.slice/nscd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/nscd.service nscd 2819364 3472 00:06:50 26-03:05:11 23115 /usr/sbin/nscd 8:memory:/system.slice,6:devices:/system.slice/cpanellogd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanellogd.service root 130412 1868 00:00:15 26-03:05:11 23116 cpanellogd - sleeping for logs 8:memory:/system.slice,6:devices:/system.slice/cpanel_php_fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel_php_fpm.service root 298732 5332 00:02:10 26-03:05:08 23179 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) - root 0 0 00:00:02 1-21:33:55 23331 [kworker/3:0] - root 0 0 00:00:03 18:53:55 23906 [kworker/0:1] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237316 14884 00:00:00 04:32:26 24911 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237176 14736 00:00:01 04:13:17 26260 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237248 14748 00:00:00 04:01:03 27091 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 237292 14812 00:00:00 04:00:49 27101 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 152864 11360 00:01:28 3-22:40:47 30879 cPhulkd - dbprocessor 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 608572 10280 00:25:52 91-03:04:27 31387 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/qemu-guest-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 348 00:00:00 91-03:03:27 31521 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 8:memory:/system.slice,6:devices:/system.slice/chronyd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/chronyd.service chrony 121048 1268 00:00:18 91-03:03:26 31540 /usr/sbin/chronyd 8:memory:/system.slice,6:devices:/system.slice/pdns.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pdns.service named 1965156 52160 00:14:38 91-03:03:26 31562 /usr/sbin/pdns_server --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no 8:memory:/system.slice,6:devices:/system.slice/xinetd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/xinetd.service root 27380 248 00:00:00 91-03:03:25 31609 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 8:memory:/system.slice,6:devices:/system.slice/system-serial\x2dgetty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 112 00:00:00 91-03:03:25 31640 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 8:memory:/system.slice,6:devices:/system.slice/smartd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/smartd.service root 52852 872 00:00:01 91-03:03:25 31655 /usr/sbin/smartd -n -q never 8:memory:/system.slice,6:devices:/system.slice/memcached.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/memcached.service memcached 80044 612 00:06:29 91-03:03:25 31670 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 8:memory:/system.slice,6:devices:/system.slice/atd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/atd.service root 24208 192 00:00:00 91-03:03:25 31690 /usr/sbin/atd -f 8:memory:/system.slice,6:devices:/system.slice/systemd-logind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-logind.service root 25228 1836 00:12:52 91-03:03:25 31705 /usr/lib/systemd/systemd-logind 8:memory:/system.slice,6:devices:/system.slice/mariadb.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/mariadb.service mysql 3881328 570612 15:24:47 91-03:03:23 31762 /usr/sbin/mysqld 8:memory:/system.slice,6:devices:/system.slice/system-getty.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 112 00:00:00 91-03:03:22 31810 /sbin/agetty --noclear tty1 linux 8:memory:/system.slice,6:devices:/system.slice/rsyslog.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rsyslog.service root 540936 15048 00:27:41 91-03:03:22 31840 /usr/sbin/rsyslogd -n 8:memory:/system.slice,6:devices:/system.slice/systemd-udevd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-udevd.service root 43532 416 00:00:00 91-03:03:19 31961 /usr/lib/systemd/systemd-udevd 8:memory:/system.slice,6:devices:/system.slice/systemd-journald.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-journald.service root 64804 21488 00:41:55 91-03:03:19 31976 /usr/lib/systemd/systemd-journald 8:memory:/system.slice,6:devices:/system.slice/rpcbind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rpcbind.service rpc 69320 1036 00:00:25 91-03:03:19 31993 /sbin/rpcbind -w 8:memory:/system.slice,6:devices:/system.slice/acpid.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/acpid.service root 4388 140 00:00:00 91-03:03:19 32009 /usr/sbin/acpid 8:memory:/system.slice,6:devices:/system.slice/crond.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/crond.service root 124504 960 00:01:23 91-03:03:19 32032 /usr/sbin/crond -n 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111304 1364 00:10:12 91-03:03:18 32045 /usr/sbin/sshd -D 8:memory:/system.slice,6:devices:/system.slice/polkit.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/polkit.service polkitd 610540 9140 00:08:50 91-03:03:18 32131 /usr/lib/polkit-1/polkitd --no-debug 8:memory:/system.slice,6:devices:/system.slice/irqbalance.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/irqbalance.service root 21540 508 00:10:27 91-03:03:17 32156 /usr/sbin/irqbalance --foreground Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2024-09-10 21:23 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadf8cd41224Found public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2745.scope static acpid.service enabled aibolit-resident.service enabled alt-php-internal-fpm.service disabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-rquotad.service disabled nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-rquotad.service disabled rpcbind.service enabled rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 301 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK * check_mk@62547-103.179.190.34:6556-103.83.81.110:58694.service loaded failed failed Check_MK * check_mk@62548-103.179.190.35:6556-103.83.81.110:64910.service loaded failed failed Check_MK * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK check_mk@77099-103.179.190.35:6556-139.144.150.26:52792.service loaded activating start start Check_MK (139.144.150.26:52792) * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.38 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WP Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WP Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice Imunify-notifier.slice loaded active active Imunify-notifier.slice Imunify.slice loaded active active Imunify.slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191436 4096 07:28:13 348-15:46:24 1 /usr/lib/systemd/systemd --system --deserialize 24 - root 0 0 00:00:02 348-15:46:24 2 [kthreadd] - root 0 0 00:00:00 348-15:46:24 4 [kworker/0:0H] - root 0 0 00:01:06 348-15:46:24 6 [ksoftirqd/0] - root 0 0 00:00:12 348-15:46:24 7 [migration/0] - root 0 0 00:00:00 348-15:46:24 8 [rcu_bh] - root 0 0 06:39:26 348-15:46:24 9 [rcu_sched] - root 0 0 00:00:00 348-15:46:24 10 [lru-add-drain] - root 0 0 00:02:13 348-15:46:24 11 [watchdog/0] - root 0 0 00:02:03 348-15:46:24 12 [watchdog/1] - root 0 0 00:02:46 348-15:46:24 13 [migration/1] - root 0 0 00:00:54 348-15:46:24 14 [ksoftirqd/1] - root 0 0 00:00:00 348-15:46:24 16 [kworker/1:0H] - root 0 0 00:01:57 348-15:46:24 17 [watchdog/2] - root 0 0 00:00:21 348-15:46:24 18 [migration/2] - root 0 0 00:00:47 348-15:46:24 19 [ksoftirqd/2] - root 0 0 00:00:00 348-15:46:24 21 [kworker/2:0H] - root 0 0 00:01:54 348-15:46:24 22 [watchdog/3] - root 0 0 00:00:17 348-15:46:24 23 [migration/3] - root 0 0 00:01:26 348-15:46:24 24 [ksoftirqd/3] - root 0 0 00:00:00 348-15:46:24 26 [kworker/3:0H] - root 0 0 00:01:51 348-15:46:24 27 [watchdog/4] - root 0 0 00:01:37 348-15:46:24 28 [migration/4] - root 0 0 00:01:51 348-15:46:24 29 [ksoftirqd/4] - root 0 0 00:00:00 348-15:46:24 31 [kworker/4:0H] - root 0 0 00:02:04 348-15:46:24 32 [watchdog/5] - root 0 0 00:00:22 348-15:46:24 33 [migration/5] - root 0 0 00:09:28 348-15:46:24 34 [ksoftirqd/5] - root 0 0 00:00:00 348-15:46:24 36 [kworker/5:0H] - root 0 0 00:00:00 348-15:46:24 38 [kdevtmpfs] - root 0 0 00:00:00 348-15:46:24 39 [netns] - root 0 0 00:00:14 348-15:46:24 40 [khungtaskd] - root 0 0 00:00:00 348-15:46:24 41 [writeback] - root 0 0 00:00:00 348-15:46:24 42 [kintegrityd] - root 0 0 00:00:00 348-15:46:24 43 [bioset] - root 0 0 00:00:00 348-15:46:24 44 [bioset] - root 0 0 00:00:00 348-15:46:24 45 [bioset] - root 0 0 00:00:00 348-15:46:24 46 [kblockd] - root 0 0 00:00:00 348-15:46:24 47 [md] - root 0 0 00:00:00 348-15:46:24 48 [edac-poller] - root 0 0 00:00:00 348-15:46:24 49 [watchdogd] - root 0 0 00:07:18 348-15:46:24 55 [kswapd0] - root 0 0 00:00:00 348-15:46:24 56 [ksmd] - root 0 0 00:01:06 348-15:46:24 57 [khugepaged] - root 0 0 00:00:00 348-15:46:24 58 [crypto] - root 0 0 00:00:00 348-15:46:24 66 [kthrotld] - root 0 0 00:00:00 348-15:46:24 68 [kmpath_rdacd] - root 0 0 00:00:00 348-15:46:24 69 [kaluad] - root 0 0 00:00:00 348-15:46:24 70 [kpsmoused] - root 0 0 00:00:00 348-15:46:23 72 [ipv6_addrconf] - root 0 0 00:00:00 348-15:46:23 86 [deferwq] - root 0 0 00:20:23 348-15:46:23 197 [kauditd] - root 0 0 00:00:00 348-15:46:23 262 [ata_sff] - root 0 0 00:00:00 348-15:46:23 276 [ttm_swap] - root 0 0 00:00:00 348-15:46:23 280 [scsi_eh_0] - root 0 0 00:00:00 348-15:46:23 281 [scsi_tmf_0] - root 0 0 00:00:00 348-15:46:23 282 [scsi_eh_1] - root 0 0 00:00:00 348-15:46:23 283 [scsi_tmf_1] - root 0 0 00:04:55 348-15:46:23 289 [kworker/3:1H] - root 0 0 00:09:46 348-15:46:23 294 [kworker/0:1H] - root 0 0 00:04:42 348-15:46:23 301 [kworker/4:1H] - root 0 0 01:10:38 348-15:46:23 302 [jbd2/vda1-8] - root 0 0 00:00:00 348-15:46:23 303 [ext4-rsv-conver] - root 0 0 00:00:40 348-15:46:23 309 [kworker/2:1H] - root 0 0 00:04:57 348-15:46:22 372 [kworker/5:1H] - root 0 0 00:01:11 348-15:46:22 374 [kworker/1:1H] 8:memory:/system.slice,6:devices:/system.slice/auditd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/auditd.service root 55532 868 00:44:11 348-15:46:21 458 /sbin/auditd 8:memory:/system.slice,6:devices:/system.slice/dbus.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dbus.service dbus 58296 1656 01:44:30 348-15:46:21 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation - root 0 0 00:07:17 348-15:46:20 671 [loop0] - root 0 0 00:02:45 348-15:46:20 672 [jbd2/loop0-8] - root 0 0 00:00:00 348-15:46:20 673 [ext4-rsv-conver] 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1592 00:00:00 347-13:46:26 1006 nano pdns.conf 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 255980 123816 00:04:56 15-06:22:17 1042 /usr/local/cpanel/3rdparty/perl/536/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 8:memory:/system.slice,6:devices:/system.slice/dnsadmin.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dnsadmin.service root 167448 4264 00:14:41 348-15:46:09 1491 dnsadmin - dormant mode 8:memory:/system.slice,6:devices:/system.slice/cpdavd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpdavd.service root 183880 6640 00:30:02 348-15:46:09 1494 cpdavd - accepting connections on: 2091, 2077, 2078 (dormant) 8:memory:/system.slice,6:devices:/system.slice/tailwatchd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/tailwatchd.service root 206852 19324 00:35:46 348-15:46:09 1495 tailwatchd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 190164 12340 01:50:17 348-15:46:09 1497 cPhulkd - processor 8:memory:/system.slice,6:devices:/system.slice/memcached.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/memcached.service memcached 80044 1612 00:08:22 109-06:23:17 6647 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 8:memory:/system.slice,6:devices:/system.slice/queueprocd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/queueprocd.service root 224396 15116 00:02:00 14-06:24:42 6853 queueprocd - waiting up to 60s to process a task 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236220 13988 00:00:00 05:05:39 7170 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/p0f.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 9884 3352 00:50:12 14-06:23:19 7380 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 153744 12256 00:13:16 14-06:23:19 7385 cPhulkd - dbprocessor 8:memory:/system.slice,6:devices:/system.slice/cpanellogd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanellogd.service root 130396 2796 00:00:08 14-06:23:19 7393 cpanellogd - sleeping for logs 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236328 14336 00:00:01 11:54:57 8697 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/cpanel.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel.service root 255864 29352 02:19:17 314-06:22:53 8935 cpsrvd (SSL) - waiting for connections 8:memory:/system.slice,6:devices:/system.slice/atd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/atd.service root 24208 872 00:00:00 304-06:23:26 8955 /usr/sbin/atd -f 8:memory:/system.slice,6:devices:/system.slice/chronyd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/chronyd.service chrony 103732 1640 00:00:31 166-05:58:56 9130 /usr/sbin/chronyd 8:memory:/system.slice,6:devices:/system.slice/xinetd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/xinetd.service root 27380 868 00:00:00 166-05:58:56 9174 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 6:devices:/system.slice/system-serial\x2dgetty.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 740 00:00:00 304-06:22:39 9698 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 6:devices:/system.slice/system-getty.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 728 00:00:00 304-06:22:39 9745 /sbin/agetty --noclear tty1 linux 8:memory:/system.slice,6:devices:/system.slice/acpid.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/acpid.service root 4388 456 00:00:00 304-06:22:35 10005 /usr/sbin/acpid 8:memory:/system.slice,6:devices:/system.slice/crond.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/crond.service root 124500 1592 00:04:41 304-06:22:35 10027 /usr/sbin/crond -n 8:memory:/system.slice,6:devices:/system.slice/irqbalance.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/irqbalance.service root 21540 1096 00:36:11 304-06:22:34 10141 /usr/sbin/irqbalance --foreground - root 0 0 00:00:07 11:23:08 10801 [kworker/1:1] - root 0 0 00:00:00 04:03:08 13823 [kworker/2:1] 8:memory:/system.slice,6:devices:/system.slice/systemd-logind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-logind.service root 24892 2020 00:31:52 199-05:53:00 13923 /usr/lib/systemd/systemd-logind 8:memory:/system.slice,6:devices:/system.slice/systemd-journald.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-journald.service root 56512 20240 01:49:03 199-05:52:54 14218 /usr/lib/systemd/systemd-journald 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236464 14080 00:00:00 03:34:14 15680 /usr/sbin/httpd -k start - root 0 0 00:00:01 09:38:56 18212 [kworker/u12:2] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236248 13888 00:00:00 02:48:25 19101 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236264 13936 00:00:00 02:48:25 19102 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236256 13784 00:00:00 02:40:58 19742 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236332 13848 00:00:00 02:40:48 19750 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236188 13788 00:00:00 02:40:47 19751 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236276 13856 00:00:00 02:40:47 19752 /usr/sbin/httpd -k start - root 0 0 00:00:00 09:05:08 20693 [kworker/4:0] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236560 14524 00:00:00 08:40:21 22373 /usr/sbin/httpd -k start - root 0 0 00:00:01 08:38:08 22570 [kworker/0:2] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 230264 9068 00:01:09 11-06:23:52 22659 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12760 1228 00:00:11 11-06:23:52 22660 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12772 1240 00:00:09 11-06:23:52 22661 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 53328 11836 00:00:00 11-06:23:52 22662 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 610556 17412 00:02:15 11-06:23:49 22692 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) - root 0 0 00:00:00 02:05:31 22793 [kworker/u12:1] 8:memory:/system.slice,6:devices:/system.slice/qemu-guest-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 1620 00:00:00 11-06:22:53 22849 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 8:memory:/system.slice,6:devices:/system.slice/pdns.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pdns.service named 810620 8448 00:01:58 11-06:22:52 22867 /usr/sbin/pdns_server --socket-dir=/run/pdns --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81728 1252 00:00:00 11-06:22:52 22892 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81728 1748 00:04:03 11-06:22:52 22893 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81728 2184 00:00:00 11-06:22:52 22894 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81728 2184 00:00:00 11-06:22:52 22895 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81728 2184 00:00:00 11-06:22:52 22896 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81728 2236 00:01:29 11-06:22:52 22897 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/smartd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/smartd.service root 52852 2284 00:00:00 11-06:22:52 22927 /usr/sbin/smartd -n -q never 8:memory:/system.slice,6:devices:/system.slice/mariadb.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/mariadb.service mysql 2492956 304184 00:56:01 11-06:22:50 22987 /usr/sbin/mysqld 8:memory:/system.slice,6:devices:/system.slice/rsyslog.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rsyslog.service root 526024 14604 00:04:03 11-06:22:49 23034 /usr/sbin/rsyslogd -n 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 51496 2148 00:00:21 11-06:22:48 23087 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47488 5080 00:00:02 11-06:22:48 23089 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47800 5160 00:00:04 11-06:22:48 23090 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 10312 1056 00:00:21 11-06:22:48 23091 dovecot/anvil 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 10444 1248 00:00:04 11-06:22:48 23092 dovecot/log 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47752 5036 00:00:03 11-06:22:48 23093 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47596 5084 00:00:02 11-06:22:48 23094 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 17992 4892 00:00:10 11-06:22:48 23096 dovecot/config 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 13560 1260 00:00:04 11-06:22:48 23097 dovecot/stats 8:memory:/system.slice,6:devices:/system.slice/pure-ftpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-ftpd.service root 153400 3128 00:00:04 11-06:22:47 23112 pure-ftpd (SERVER) 8:memory:/system.slice,6:devices:/system.slice/pure-authd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-authd.service root 152776 2036 00:00:04 11-06:22:47 23113 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth 8:memory:/system.slice,6:devices:/system.slice/nscd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/nscd.service nscd 1467604 2696 00:04:01 11-06:22:47 23130 /usr/sbin/nscd 8:memory:/system.slice,6:devices:/system.slice/systemd-udevd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-udevd.service root 43532 1332 00:00:00 11-06:22:47 23154 /usr/lib/systemd/systemd-udevd 8:memory:/system.slice,6:devices:/system.slice/rpcbind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rpcbind.service rpc 69256 1392 00:00:02 11-06:22:47 23179 /sbin/rpcbind -w 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111300 4300 00:01:18 11-06:22:46 23200 /usr/sbin/sshd -D 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 88836 12368 00:01:58 11-06:22:46 23246 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 8:memory:/system.slice,6:devices:/system.slice/polkit.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/polkit.service polkitd 610540 7540 00:01:18 11-06:22:46 23264 /usr/lib/polkit-1/polkitd --no-debug - root 0 0 00:00:00 08:13:09 24313 [kworker/5:0] 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 257340 122216 00:00:08 08:03:23 25339 spamd child - root 0 0 00:00:00 01:13:08 26405 [kworker/0:1] - root 0 0 00:00:00 01:11:17 26643 [kworker/3:1] - root 0 0 00:00:00 01:11:14 26662 [kworker/4:2] - root 0 0 00:00:00 53:08 27607 [kworker/2:0] 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 41300 3160 00:00:00 32:24 29081 dovecot/auth - root 0 0 00:00:00 13:08 30914 [kworker/3:0] - root 0 0 00:00:00 11:24 31197 [kworker/1:2] - root 0 0 00:00:00 11:13 31311 [kworker/5:2] 8:memory:/system.slice,6:devices:/system.slice/cpanel_php_fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel_php_fpm.service root 255388 6608 00:01:00 11-04:23:45 31344 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/sw-engine.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sw-engine.service root 366000 11008 00:00:14 11-04:23:45 31380 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-background-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 382392 29176 00:09:29 11-04:23:41 31481 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 372020 19008 00:00:15 11-04:23:41 31485 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 41180 2800 00:00:00 06:07 31743 dovecot/auth -w 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 60804 4552 00:00:00 00:56 32192 dovecot/lmtp - root 0 0 00:00:00 00:21 32345 [cpsrvd (SSL) - ] <defunct> 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 89380 10100 00:00:00 00:06 32361 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@77099-103.179.190.35:6556-139.144.150.26:52792.service root 113608 1860 00:00:00 00:00 32501 /bin/bash /usr/bin/check_mk_agent 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@77099-103.179.190.35:6556-139.144.150.26:52792.service root 49820 1560 00:00:00 00:00 32524 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 255980 120428 00:00:00 3-21:05:49 32744 spamd child Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2023-03-21 00:43 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadf18ea44cfFound public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2745.scope static acpid.service enabled aibolit-resident.service enabled alt-php-internal-fpm.service disabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-rquotad.service disabled nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-rquotad.service disabled rpcbind.service enabled rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 301 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK * check_mk@62547-103.179.190.34:6556-103.83.81.110:58694.service loaded failed failed Check_MK * check_mk@62548-103.179.190.35:6556-103.83.81.110:64910.service loaded failed failed Check_MK * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK check_mk@72309-103.179.190.35:6556-164.92.179.10:52766.service loaded activating start start Check_MK (164.92.179.10:52766) * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.38 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WP Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WP Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice Imunify-notifier.slice loaded active active Imunify-notifier.slice Imunify.slice loaded active active Imunify.slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191436 4016 06:52:03 317-14:33:47 1 /usr/lib/systemd/systemd --system --deserialize 24 - root 0 0 00:00:02 317-14:33:47 2 [kthreadd] - root 0 0 00:00:00 317-14:33:47 4 [kworker/0:0H] - root 0 0 00:01:01 317-14:33:47 6 [ksoftirqd/0] - root 0 0 00:00:11 317-14:33:47 7 [migration/0] - root 0 0 00:00:00 317-14:33:47 8 [rcu_bh] - root 0 0 06:05:22 317-14:33:47 9 [rcu_sched] - root 0 0 00:00:00 317-14:33:47 10 [lru-add-drain] - root 0 0 00:02:00 317-14:33:47 11 [watchdog/0] - root 0 0 00:01:51 317-14:33:47 12 [watchdog/1] - root 0 0 00:02:29 317-14:33:47 13 [migration/1] - root 0 0 00:00:50 317-14:33:47 14 [ksoftirqd/1] - root 0 0 00:00:00 317-14:33:47 16 [kworker/1:0H] - root 0 0 00:01:46 317-14:33:47 17 [watchdog/2] - root 0 0 00:00:19 317-14:33:47 18 [migration/2] - root 0 0 00:00:44 317-14:33:47 19 [ksoftirqd/2] - root 0 0 00:00:00 317-14:33:47 21 [kworker/2:0H] - root 0 0 00:01:44 317-14:33:47 22 [watchdog/3] - root 0 0 00:00:16 317-14:33:47 23 [migration/3] - root 0 0 00:01:18 317-14:33:47 24 [ksoftirqd/3] - root 0 0 00:00:00 317-14:33:47 26 [kworker/3:0H] - root 0 0 00:01:41 317-14:33:47 27 [watchdog/4] - root 0 0 00:01:27 317-14:33:47 28 [migration/4] - root 0 0 00:01:42 317-14:33:47 29 [ksoftirqd/4] - root 0 0 00:00:00 317-14:33:47 31 [kworker/4:0H] - root 0 0 00:01:52 317-14:33:47 32 [watchdog/5] - root 0 0 00:00:20 317-14:33:47 33 [migration/5] - root 0 0 00:08:37 317-14:33:47 34 [ksoftirqd/5] - root 0 0 00:00:00 317-14:33:47 36 [kworker/5:0H] - root 0 0 00:00:00 317-14:33:47 38 [kdevtmpfs] - root 0 0 00:00:00 317-14:33:47 39 [netns] - root 0 0 00:00:13 317-14:33:47 40 [khungtaskd] - root 0 0 00:00:00 317-14:33:47 41 [writeback] - root 0 0 00:00:00 317-14:33:47 42 [kintegrityd] - root 0 0 00:00:00 317-14:33:47 43 [bioset] - root 0 0 00:00:00 317-14:33:47 44 [bioset] - root 0 0 00:00:00 317-14:33:47 45 [bioset] - root 0 0 00:00:00 317-14:33:47 46 [kblockd] - root 0 0 00:00:00 317-14:33:47 47 [md] - root 0 0 00:00:00 317-14:33:47 48 [edac-poller] - root 0 0 00:00:00 317-14:33:47 49 [watchdogd] - root 0 0 00:06:35 317-14:33:47 55 [kswapd0] - root 0 0 00:00:00 317-14:33:47 56 [ksmd] - root 0 0 00:01:00 317-14:33:47 57 [khugepaged] - root 0 0 00:00:00 317-14:33:47 58 [crypto] - root 0 0 00:00:00 317-14:33:47 66 [kthrotld] - root 0 0 00:00:00 317-14:33:47 68 [kmpath_rdacd] - root 0 0 00:00:00 317-14:33:47 69 [kaluad] - root 0 0 00:00:00 317-14:33:47 70 [kpsmoused] - root 0 0 00:00:00 317-14:33:46 72 [ipv6_addrconf] - root 0 0 00:00:00 317-14:33:46 86 [deferwq] - root 0 0 00:18:29 317-14:33:46 197 [kauditd] - root 0 0 00:00:00 317-14:33:46 262 [ata_sff] - root 0 0 00:00:00 317-14:33:46 276 [ttm_swap] - root 0 0 00:00:00 317-14:33:46 280 [scsi_eh_0] - root 0 0 00:00:00 317-14:33:46 281 [scsi_tmf_0] - root 0 0 00:00:00 317-14:33:46 282 [scsi_eh_1] - root 0 0 00:00:00 317-14:33:46 283 [scsi_tmf_1] - root 0 0 00:04:22 317-14:33:46 289 [kworker/3:1H] - root 0 0 00:09:09 317-14:33:46 294 [kworker/0:1H] - root 0 0 00:04:11 317-14:33:46 301 [kworker/4:1H] - root 0 0 01:04:18 317-14:33:46 302 [jbd2/vda1-8] - root 0 0 00:00:00 317-14:33:46 303 [ext4-rsv-conver] - root 0 0 00:00:38 317-14:33:46 309 [kworker/2:1H] - root 0 0 00:04:24 317-14:33:45 372 [kworker/5:1H] - root 0 0 00:01:06 317-14:33:45 374 [kworker/1:1H] 8:memory:/system.slice,6:devices:/system.slice/auditd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/auditd.service root 55532 780 00:40:05 317-14:33:44 458 /sbin/auditd 8:memory:/system.slice,6:devices:/system.slice/dbus.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dbus.service dbus 58296 1656 01:33:51 317-14:33:44 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation - root 0 0 00:06:41 317-14:33:43 671 [loop0] - root 0 0 00:02:31 317-14:33:43 672 [jbd2/loop0-8] - root 0 0 00:00:00 317-14:33:43 673 [ext4-rsv-conver] 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 86072 11872 00:01:32 23-05:12:02 810 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1592 00:00:00 316-12:33:49 1006 nano pdns.conf - root 0 0 00:00:07 10:50:27 1431 [kworker/1:2] 8:memory:/system.slice,6:devices:/system.slice/dnsadmin.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dnsadmin.service root 167292 4200 00:13:15 317-14:33:32 1491 dnsadmin - dormant mode 8:memory:/system.slice,6:devices:/system.slice/cpdavd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpdavd.service root 183660 6604 00:27:21 317-14:33:32 1494 cpdavd - accepting connections on: 2079, 2080, 2091, 2077, 2078 (dormant) 8:memory:/system.slice,6:devices:/system.slice/tailwatchd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/tailwatchd.service root 206568 18864 00:27:16 317-14:33:32 1495 tailwatchd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 189964 12292 01:37:35 317-14:33:32 1497 cPhulkd - processor - root 0 0 00:00:01 23:00:23 1990 [kworker/2:2] - root 0 0 00:00:00 03:58:45 3313 [kworker/5:0] 8:memory:/system.slice,6:devices:/system.slice/rpcbind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rpcbind.service rpc 69320 1464 00:00:19 78-05:10:40 6632 /sbin/rpcbind -w 8:memory:/system.slice,6:devices:/system.slice/memcached.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/memcached.service memcached 80044 1612 00:05:54 78-05:10:40 6647 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111300 3864 00:09:55 78-05:10:37 6810 /usr/sbin/sshd -D 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 51620 2540 00:01:28 53-05:08:39 7108 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 10304 1280 00:00:35 53-05:08:39 7117 dovecot/anvil 8:memory:/system.slice,6:devices:/system.slice/pure-ftpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-ftpd.service root 153400 3120 00:00:43 53-05:08:38 7198 pure-ftpd (SERVER) 8:memory:/system.slice,6:devices:/system.slice/pure-authd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-authd.service root 152776 2032 00:00:44 53-05:08:38 7199 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth 8:memory:/system.slice,6:devices:/system.slice/cpanel_php_fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel_php_fpm.service root 255320 4648 00:00:43 8-02:33:03 7547 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/sw-engine.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sw-engine.service root 366000 8856 00:00:10 8-02:33:02 7584 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-background-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 382392 28512 00:06:47 8-02:32:59 7669 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 372020 18384 00:00:10 8-02:32:59 7673 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/cpanel.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel.service root 254624 28768 02:12:55 283-05:10:16 8935 cpsrvd (SSL) - waiting for connections 8:memory:/system.slice,6:devices:/system.slice/atd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/atd.service root 24208 920 00:00:00 273-05:10:49 8955 /usr/sbin/atd -f 8:memory:/system.slice,6:devices:/system.slice/chronyd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/chronyd.service chrony 103732 1568 00:00:26 135-04:46:19 9130 /usr/sbin/chronyd 8:memory:/system.slice,6:devices:/system.slice/xinetd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/xinetd.service root 27380 868 00:00:00 135-04:46:19 9174 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 6:devices:/system.slice/system-serial\x2dgetty.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 740 00:00:00 273-05:10:02 9698 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 6:devices:/system.slice/system-getty.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 728 00:00:00 273-05:10:02 9745 /sbin/agetty --noclear tty1 linux 8:memory:/system.slice,6:devices:/system.slice/acpid.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/acpid.service root 4388 456 00:00:00 273-05:09:58 10005 /usr/sbin/acpid 8:memory:/system.slice,6:devices:/system.slice/crond.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/crond.service root 124500 1592 00:04:11 273-05:09:58 10027 /usr/sbin/crond -n 8:memory:/system.slice,6:devices:/system.slice/pdns.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pdns.service named 809548 11420 00:27:41 157-05:11:08 10057 /usr/sbin/pdns_server --socket-dir=/run/pdns --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no 8:memory:/system.slice,6:devices:/system.slice/irqbalance.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/irqbalance.service root 21540 1096 00:32:21 273-05:09:57 10141 /usr/sbin/irqbalance --foreground 8:memory:/system.slice,6:devices:/system.slice/mariadb.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/mariadb.service mysql 2492656 299176 01:02:34 11-05:11:26 10703 /usr/sbin/mysqld 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81928 1256 00:00:00 15-05:09:32 10742 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81928 1752 00:05:41 15-05:09:32 10743 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81928 2176 00:00:00 15-05:09:32 10744 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81928 2176 00:00:00 15-05:09:32 10745 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81928 2132 00:00:00 15-05:09:32 10746 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81928 2216 00:02:02 15-05:09:32 10747 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] - root 0 0 00:00:00 01:59:27 12360 [kworker/0:2] 8:memory:/system.slice,6:devices:/system.slice/qemu-guest-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 1600 00:00:00 168-04:40:24 13850 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 8:memory:/system.slice,6:devices:/system.slice/smartd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/smartd.service root 52852 2128 00:00:02 168-04:40:23 13907 /usr/sbin/smartd -n -q never 8:memory:/system.slice,6:devices:/system.slice/systemd-logind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-logind.service root 24892 2020 00:26:32 168-04:40:23 13923 /usr/lib/systemd/systemd-logind 8:memory:/system.slice,6:devices:/system.slice/rsyslog.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rsyslog.service root 509096 4316 00:57:29 168-04:40:20 14031 /usr/sbin/rsyslogd -n 8:memory:/system.slice,6:devices:/system.slice/systemd-udevd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-udevd.service root 43532 1324 00:00:00 168-04:40:18 14146 /usr/lib/systemd/systemd-udevd 8:memory:/system.slice,6:devices:/system.slice/systemd-journald.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-journald.service root 40184 3148 01:30:34 168-04:40:17 14218 /usr/lib/systemd/systemd-journald - root 0 0 00:00:00 01:35:27 14232 [kworker/4:2] - root 0 0 00:00:00 58:33 16868 [kworker/5:2] - root 0 0 00:00:00 55:27 17186 [kworker/1:1] - root 0 0 00:00:00 35:23 18574 [kworker/3:2] 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47812 5284 00:00:02 9-08:01:10 19017 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47960 5404 00:00:03 9-08:01:10 19018 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 10436 1508 00:00:04 9-08:01:10 19019 dovecot/log 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47700 5220 00:00:03 9-08:01:10 19020 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47492 5120 00:00:01 9-08:01:10 19021 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 18176 5064 00:00:12 9-08:01:10 19022 dovecot/config 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 13552 1524 00:00:06 9-08:01:10 19023 dovecot/stats - root 0 0 00:00:00 28:27 19149 [kworker/2:1] - root 0 0 00:00:03 1-08:00:28 20430 [kworker/0:0] - root 0 0 00:00:02 13:13:21 20490 [kworker/u12:0] - root 0 0 00:00:00 10:27 20527 [kworker/4:1] - root 0 0 00:00:00 05:27 20947 [kworker/u12:1] 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 41104 2964 00:00:00 04:49 21002 dovecot/auth 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 41104 2768 00:00:00 04:48 21033 dovecot/auth -w - root 0 0 00:00:00 00:27 21326 [kworker/3:1] - root 0 0 00:00:00 00:27 21331 [kworker/5:1] 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service hicorp 613644 36904 00:00:00 00:18 21347 php-fpm: pool hicorp_vn 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 86632 10012 00:00:00 00:15 21349 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 86632 10012 00:00:00 00:11 21423 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid - root 0 0 00:00:00 00:10 21424 [cpsrvd (SSL) - ] <defunct> 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111300 4232 00:00:00 00:06 21426 sshd: [accepted] 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service sshd 111300 2224 00:00:00 00:06 21427 sshd: [net] 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 189964 11108 00:00:00 00:05 21428 cPhulkd - processor - http socket 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 86344 8520 00:00:00 00:04 21429 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 162184 5792 00:00:00 00:02 21520 sshd: root [priv] 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service sshd 111300 2220 00:00:00 00:02 21521 sshd: root [net] 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@72309-103.179.190.35:6556-164.92.179.10:52766.service root 113584 1860 00:00:00 00:01 21565 /bin/bash /usr/bin/check_mk_agent 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@72309-103.179.190.35:6556-164.92.179.10:52766.service root 49820 1560 00:00:00 00:00 21588 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 - root 0 0 00:00:00 06:29:28 23053 [kworker/3:0] 8:memory:/system.slice,6:devices:/system.slice/queueprocd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/queueprocd.service root 223852 14800 00:01:30 8-05:12:03 25013 queueprocd - waiting up to 60s to process a task 8:memory:/system.slice,6:devices:/system.slice/nscd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/nscd.service nscd 1400016 2520 00:02:10 8-05:11:42 25252 /usr/sbin/nscd 8:memory:/system.slice,6:devices:/system.slice/p0f.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 9896 3356 00:31:22 8-05:11:32 25418 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 8:memory:/system.slice,6:devices:/system.slice/cpanellogd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanellogd.service root 130240 2772 00:00:04 8-05:11:32 25420 cpanellogd - sleeping for logs 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 153316 12028 00:05:41 8-05:11:32 25423 cPhulkd - dbprocessor 8:memory:/system.slice,6:devices:/system.slice/polkit.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/polkit.service polkitd 610540 11388 00:14:09 133-04:54:23 28815 /usr/lib/polkit-1/polkitd --no-debug 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 230252 8996 00:00:01 05:11:09 29754 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12756 1180 00:00:00 05:11:09 29755 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12772 1188 00:00:00 05:11:09 29756 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 53092 11744 00:00:00 05:11:09 29757 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236288 14968 00:00:00 05:11:09 29759 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236300 14036 00:00:00 05:11:09 29760 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236344 14008 00:00:00 05:11:09 29762 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236328 14028 00:00:00 05:11:09 29764 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 610552 15364 00:00:02 05:11:06 29787 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 251512 123400 00:00:09 05:08:21 30636 /usr/local/cpanel/3rdparty/perl/532/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236276 13952 00:00:00 05:08:16 30655 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236256 13980 00:00:00 05:08:16 30656 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236260 13944 00:00:00 05:08:16 30657 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236272 13940 00:00:00 05:08:16 30658 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236320 14020 00:00:00 05:07:21 30724 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236248 13920 00:00:00 04:59:45 31385 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 252636 121764 00:00:05 04:54:52 31808 spamd child 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 251512 120052 00:00:00 04:54:52 31809 spamd child Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2023-02-17 23:30 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadf31721ef4Found public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2745.scope static acpid.service enabled aibolit-resident.service enabled alt-php-internal-fpm.service disabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-rquotad.service disabled nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-rquotad.service disabled rpcbind.service enabled rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 301 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK * check_mk@62547-103.179.190.34:6556-103.83.81.110:58694.service loaded failed failed Check_MK * check_mk@62548-103.179.190.35:6556-103.83.81.110:64910.service loaded failed failed Check_MK * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK check_mk@70970-103.179.190.35:6556-172.104.139.59:58126.service loaded activating start start Check_MK (172.104.139.59:58126) * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.38 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WP Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WP Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice Imunify-notifier.slice loaded active active Imunify-notifier.slice Imunify.slice loaded active active Imunify.slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191436 4100 06:43:14 310-03:07:12 1 /usr/lib/systemd/systemd --system --deserialize 24 - root 0 0 00:00:02 310-03:07:12 2 [kthreadd] - root 0 0 00:00:00 310-03:07:12 4 [kworker/0:0H] - root 0 0 00:01:00 310-03:07:12 6 [ksoftirqd/0] - root 0 0 00:00:11 310-03:07:12 7 [migration/0] - root 0 0 00:00:00 310-03:07:12 8 [rcu_bh] - root 0 0 05:57:43 310-03:07:12 9 [rcu_sched] - root 0 0 00:00:00 310-03:07:12 10 [lru-add-drain] - root 0 0 00:01:57 310-03:07:12 11 [watchdog/0] - root 0 0 00:01:48 310-03:07:12 12 [watchdog/1] - root 0 0 00:02:25 310-03:07:12 13 [migration/1] - root 0 0 00:00:49 310-03:07:12 14 [ksoftirqd/1] - root 0 0 00:00:00 310-03:07:12 16 [kworker/1:0H] - root 0 0 00:01:43 310-03:07:12 17 [watchdog/2] - root 0 0 00:00:19 310-03:07:12 18 [migration/2] - root 0 0 00:00:43 310-03:07:12 19 [ksoftirqd/2] - root 0 0 00:00:00 310-03:07:12 21 [kworker/2:0H] - root 0 0 00:01:41 310-03:07:12 22 [watchdog/3] - root 0 0 00:00:16 310-03:07:12 23 [migration/3] - root 0 0 00:01:16 310-03:07:12 24 [ksoftirqd/3] - root 0 0 00:00:00 310-03:07:12 26 [kworker/3:0H] - root 0 0 00:01:38 310-03:07:12 27 [watchdog/4] - root 0 0 00:01:25 310-03:07:12 28 [migration/4] - root 0 0 00:01:40 310-03:07:12 29 [ksoftirqd/4] - root 0 0 00:00:00 310-03:07:12 31 [kworker/4:0H] - root 0 0 00:01:50 310-03:07:12 32 [watchdog/5] - root 0 0 00:00:20 310-03:07:12 33 [migration/5] - root 0 0 00:08:25 310-03:07:12 34 [ksoftirqd/5] - root 0 0 00:00:00 310-03:07:12 36 [kworker/5:0H] - root 0 0 00:00:00 310-03:07:12 38 [kdevtmpfs] - root 0 0 00:00:00 310-03:07:12 39 [netns] - root 0 0 00:00:13 310-03:07:12 40 [khungtaskd] - root 0 0 00:00:00 310-03:07:12 41 [writeback] - root 0 0 00:00:00 310-03:07:12 42 [kintegrityd] - root 0 0 00:00:00 310-03:07:12 43 [bioset] - root 0 0 00:00:00 310-03:07:12 44 [bioset] - root 0 0 00:00:00 310-03:07:12 45 [bioset] - root 0 0 00:00:00 310-03:07:12 46 [kblockd] - root 0 0 00:00:00 310-03:07:12 47 [md] - root 0 0 00:00:00 310-03:07:12 48 [edac-poller] - root 0 0 00:00:00 310-03:07:12 49 [watchdogd] - root 0 0 00:06:16 310-03:07:12 55 [kswapd0] - root 0 0 00:00:00 310-03:07:12 56 [ksmd] - root 0 0 00:00:59 310-03:07:12 57 [khugepaged] - root 0 0 00:00:00 310-03:07:12 58 [crypto] - root 0 0 00:00:00 310-03:07:12 66 [kthrotld] - root 0 0 00:00:00 310-03:07:12 68 [kmpath_rdacd] - root 0 0 00:00:00 310-03:07:12 69 [kaluad] - root 0 0 00:00:00 310-03:07:12 70 [kpsmoused] - root 0 0 00:00:00 310-03:07:11 72 [ipv6_addrconf] - root 0 0 00:00:00 310-03:07:11 86 [deferwq] - root 0 0 00:17:59 310-03:07:11 197 [kauditd] - root 0 0 00:00:00 310-03:07:11 262 [ata_sff] - root 0 0 00:00:00 310-03:07:11 276 [ttm_swap] - root 0 0 00:00:00 310-03:07:11 280 [scsi_eh_0] - root 0 0 00:00:00 310-03:07:11 281 [scsi_tmf_0] - root 0 0 00:00:00 310-03:07:11 282 [scsi_eh_1] - root 0 0 00:00:00 310-03:07:11 283 [scsi_tmf_1] - root 0 0 00:04:16 310-03:07:11 289 [kworker/3:1H] - root 0 0 00:08:59 310-03:07:11 294 [kworker/0:1H] - root 0 0 00:04:04 310-03:07:11 301 [kworker/4:1H] - root 0 0 01:02:57 310-03:07:11 302 [jbd2/vda1-8] - root 0 0 00:00:00 310-03:07:11 303 [ext4-rsv-conver] - root 0 0 00:00:37 310-03:07:11 309 [kworker/2:1H] - root 0 0 00:04:17 310-03:07:10 372 [kworker/5:1H] - root 0 0 00:01:05 310-03:07:10 374 [kworker/1:1H] 8:memory:/system.slice,6:devices:/system.slice/auditd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/auditd.service root 55532 868 00:38:59 310-03:07:09 458 /sbin/auditd 8:memory:/system.slice,6:devices:/system.slice/dbus.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dbus.service dbus 58296 1664 01:31:17 310-03:07:09 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation - root 0 0 00:06:33 310-03:07:08 671 [loop0] - root 0 0 00:02:28 310-03:07:08 672 [jbd2/loop0-8] - root 0 0 00:00:00 310-03:07:08 673 [ext4-rsv-conver] 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 86072 12224 00:01:06 15-17:45:27 810 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1592 00:00:00 309-01:07:14 1006 nano pdns.conf 8:memory:/system.slice,6:devices:/system.slice/dnsadmin.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dnsadmin.service root 167292 4204 00:12:55 310-03:06:57 1491 dnsadmin - dormant mode 8:memory:/system.slice,6:devices:/system.slice/cpdavd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpdavd.service root 183660 6600 00:26:21 310-03:06:57 1494 cpdavd - accepting connections on: 2079, 2080, 2091, 2077, 2078 (dormant) 8:memory:/system.slice,6:devices:/system.slice/tailwatchd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/tailwatchd.service root 206860 19648 00:26:14 310-03:06:57 1495 tailwatchd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 189928 12720 01:34:38 310-03:06:57 1497 cPhulkd - processor 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236404 13908 00:00:00 01:51:18 3907 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236396 14056 00:00:00 01:51:16 3913 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236416 14000 00:00:00 01:51:16 3914 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236596 14252 00:00:00 01:25:12 6027 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236444 14016 00:00:00 01:25:11 6028 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236460 13944 00:00:00 01:25:11 6029 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236316 13832 00:00:00 01:25:09 6034 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236404 13920 00:00:00 01:25:09 6039 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236540 14160 00:00:00 01:25:09 6040 /usr/sbin/httpd -k start - root 0 0 00:00:00 01:23:51 6212 [kworker/5:0] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12752 1412 00:00:00 08:56:50 6549 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12760 1416 00:00:00 08:56:50 6550 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 53092 11764 00:00:00 08:56:50 6553 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236660 14660 00:00:01 08:56:45 6593 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/rpcbind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rpcbind.service rpc 69320 1476 00:00:17 70-17:44:05 6632 /sbin/rpcbind -w 8:memory:/system.slice,6:devices:/system.slice/memcached.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/memcached.service memcached 80044 1612 00:05:19 70-17:44:05 6647 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111300 3864 00:08:55 70-17:44:02 6810 /usr/sbin/sshd -D 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 51620 2592 00:01:16 45-17:42:04 7108 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 10304 1280 00:00:30 45-17:42:04 7117 dovecot/anvil 8:memory:/system.slice,6:devices:/system.slice/pure-ftpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-ftpd.service root 153400 3100 00:00:37 45-17:42:03 7198 pure-ftpd (SERVER) 8:memory:/system.slice,6:devices:/system.slice/pure-authd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-authd.service root 152776 2032 00:00:38 45-17:42:03 7199 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth 8:memory:/system.slice,6:devices:/system.slice/cpanel_php_fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel_php_fpm.service root 255320 5232 00:00:03 15:06:28 7547 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) - root 0 0 00:00:00 15:06:27 7583 [kworker/5:1] 8:memory:/system.slice,6:devices:/system.slice/sw-engine.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sw-engine.service root 366000 18928 00:00:00 15:06:27 7584 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) - root 0 0 00:00:00 01:03:51 7668 [kworker/4:2] 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-background-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 382392 39068 00:00:31 15:06:24 7669 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 372020 28848 00:00:00 15:06:24 7673 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/cpanel.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel.service root 254624 28556 02:10:19 275-17:43:41 8935 cpsrvd (SSL) - waiting for connections 8:memory:/system.slice,6:devices:/system.slice/atd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/atd.service root 24208 952 00:00:00 265-17:44:14 8955 /usr/sbin/atd -f - root 0 0 00:00:00 43:51 8996 [kworker/2:2] 8:memory:/system.slice,6:devices:/system.slice/chronyd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/chronyd.service chrony 103732 1700 00:00:25 127-17:19:44 9130 /usr/sbin/chronyd 8:memory:/system.slice,6:devices:/system.slice/xinetd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/xinetd.service root 27380 868 00:00:00 127-17:19:44 9174 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 6:devices:/system.slice/system-serial\x2dgetty.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 740 00:00:00 265-17:43:27 9698 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 6:devices:/system.slice/system-getty.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 728 00:00:00 265-17:43:27 9745 /sbin/agetty --noclear tty1 linux - root 0 0 00:00:00 28:51 9871 [kworker/1:0] - root 0 0 00:00:00 08:02:51 9960 [kworker/0:1] 8:memory:/system.slice,6:devices:/system.slice/acpid.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/acpid.service root 4388 456 00:00:00 265-17:43:23 10005 /usr/sbin/acpid 8:memory:/system.slice,6:devices:/system.slice/crond.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/crond.service root 124500 1592 00:04:03 265-17:43:23 10027 /usr/sbin/crond -n 8:memory:/system.slice,6:devices:/system.slice/pdns.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pdns.service named 809548 12800 00:26:23 149-17:44:33 10057 /usr/sbin/pdns_server --socket-dir=/run/pdns --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no 8:memory:/system.slice,6:devices:/system.slice/irqbalance.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/irqbalance.service root 21540 1100 00:31:25 265-17:43:22 10141 /usr/sbin/irqbalance --foreground 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 230576 12888 00:02:13 20-17:45:02 10388 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 610528 21616 00:01:38 7-17:44:53 10490 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/mariadb.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/mariadb.service mysql 2420788 273076 00:25:39 3-17:44:51 10703 /usr/sbin/mysqld 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81928 1256 00:00:00 7-17:42:57 10742 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81928 1752 00:02:54 7-17:42:57 10743 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81928 2152 00:00:00 7-17:42:57 10744 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81928 2132 00:00:00 7-17:42:57 10745 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81928 2152 00:00:00 7-17:42:57 10746 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81928 2216 00:01:03 7-17:42:57 10747 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] - root 0 0 00:00:00 13:51 10785 [kworker/3:2] - root 0 0 00:00:00 02:52 11359 [kworker/3:1] 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 41104 2952 00:00:00 02:00 11373 dovecot/auth 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service hilink 718388 56284 00:00:00 00:12 11498 php-fpm: pool hilink_vn 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service hilink 761916 101560 00:00:01 00:11 11500 php-fpm: pool hilink_vn 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@70970-103.179.190.35:6556-172.104.139.59:58126.service root 113568 1864 00:00:00 00:00 11648 /bin/bash /usr/bin/check_mk_agent 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@70970-103.179.190.35:6556-172.104.139.59:58126.service root 49820 1560 00:00:00 00:00 11671 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 - root 0 0 00:00:00 07:23:51 12752 [kworker/u12:1] - root 0 0 00:00:04 07:23:47 12781 [kworker/1:2] 8:memory:/system.slice,6:devices:/system.slice/qemu-guest-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 1700 00:00:00 160-17:13:49 13850 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 8:memory:/system.slice,6:devices:/system.slice/smartd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/smartd.service root 52852 2268 00:00:02 160-17:13:48 13907 /usr/sbin/smartd -n -q never 8:memory:/system.slice,6:devices:/system.slice/systemd-logind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-logind.service root 24892 2020 00:25:14 160-17:13:48 13923 /usr/lib/systemd/systemd-logind 8:memory:/system.slice,6:devices:/system.slice/rsyslog.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rsyslog.service root 515780 11464 00:54:34 160-17:13:45 14031 /usr/sbin/rsyslogd -n 8:memory:/system.slice,6:devices:/system.slice/systemd-udevd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-udevd.service root 43532 1324 00:00:00 160-17:13:43 14146 /usr/lib/systemd/systemd-udevd 8:memory:/system.slice,6:devices:/system.slice/systemd-journald.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-journald.service root 48372 13328 01:25:59 160-17:13:42 14218 /usr/lib/systemd/systemd-journald - root 0 0 00:00:00 06:33:51 17245 [kworker/3:0] 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47408 4884 00:00:00 1-20:34:35 19017 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47420 5324 00:00:00 1-20:34:35 19018 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 10436 1516 00:00:00 1-20:34:35 19019 dovecot/log 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47412 5088 00:00:00 1-20:34:35 19020 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47276 4820 00:00:00 1-20:34:35 19021 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 17984 5148 00:00:02 1-20:34:35 19022 dovecot/config 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 13552 1564 00:00:01 1-20:34:35 19023 dovecot/stats - root 0 0 00:00:00 05:53:51 20108 [kworker/4:0] 8:memory:/system.slice,6:devices:/system.slice/queueprocd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/queueprocd.service root 223852 17072 00:00:08 17:45:28 25013 queueprocd - waiting up to 60s to process a task 8:memory:/system.slice,6:devices:/system.slice/nscd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/nscd.service nscd 926900 2196 00:00:10 17:45:07 25252 /usr/sbin/nscd 8:memory:/system.slice,6:devices:/system.slice/p0f.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 9828 3080 00:02:50 17:44:57 25418 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 8:memory:/system.slice,6:devices:/system.slice/cpanellogd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanellogd.service root 130240 2812 00:00:00 17:44:57 25420 cpanellogd - sleeping for logs 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 152724 11468 00:00:25 17:44:57 25423 cPhulkd - dbprocessor 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 251368 124028 00:00:19 17:41:50 26494 /usr/local/cpanel/3rdparty/perl/532/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 - root 0 0 00:00:00 04:23:51 26910 [kworker/2:1] 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 252524 121620 00:00:16 17:29:37 28286 spamd child 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 251368 119872 00:00:00 17:29:37 28287 spamd child 8:memory:/system.slice,6:devices:/system.slice/polkit.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/polkit.service polkitd 610540 11496 00:13:17 125-17:27:48 28815 /usr/lib/polkit-1/polkitd --no-debug - root 0 0 00:00:00 03:50:32 28823 [kworker/u12:2] - root 0 0 00:00:00 03:28:47 29951 [kworker/0:2] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2023-02-10 12:03 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadf9d84f304Found public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2745.scope static acpid.service enabled aibolit-resident.service enabled alt-php-internal-fpm.service disabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-rquotad.service disabled nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-rquotad.service disabled rpcbind.service enabled rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 301 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK * check_mk@62547-103.179.190.34:6556-103.83.81.110:58694.service loaded failed failed Check_MK * check_mk@62548-103.179.190.35:6556-103.83.81.110:64910.service loaded failed failed Check_MK * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK check_mk@69582-103.179.190.35:6556-165.22.205.214:58990.service loaded activating start start Check_MK (165.22.205.214:58990) * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.37 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WordPress Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WordPress Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice Imunify-notifier.slice loaded active active Imunify-notifier.slice Imunify.slice loaded active active Imunify.slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191436 4092 06:33:26 301-22:20:54 1 /usr/lib/systemd/systemd --system --deserialize 24 - root 0 0 00:00:02 301-22:20:54 2 [kthreadd] - root 0 0 00:00:00 301-22:20:54 4 [kworker/0:0H] - root 0 0 00:00:58 301-22:20:54 6 [ksoftirqd/0] - root 0 0 00:00:11 301-22:20:54 7 [migration/0] - root 0 0 00:00:00 301-22:20:54 8 [rcu_bh] - root 0 0 05:48:16 301-22:20:54 9 [rcu_sched] - root 0 0 00:00:00 301-22:20:54 10 [lru-add-drain] - root 0 0 00:01:54 301-22:20:54 11 [watchdog/0] - root 0 0 00:01:45 301-22:20:54 12 [watchdog/1] - root 0 0 00:02:20 301-22:20:54 13 [migration/1] - root 0 0 00:00:48 301-22:20:54 14 [ksoftirqd/1] - root 0 0 00:00:00 301-22:20:54 16 [kworker/1:0H] - root 0 0 00:01:40 301-22:20:54 17 [watchdog/2] - root 0 0 00:00:18 301-22:20:54 18 [migration/2] - root 0 0 00:00:41 301-22:20:54 19 [ksoftirqd/2] - root 0 0 00:00:00 301-22:20:54 21 [kworker/2:0H] - root 0 0 00:01:38 301-22:20:54 22 [watchdog/3] - root 0 0 00:00:15 301-22:20:54 23 [migration/3] - root 0 0 00:01:13 301-22:20:54 24 [ksoftirqd/3] - root 0 0 00:00:00 301-22:20:54 26 [kworker/3:0H] - root 0 0 00:01:35 301-22:20:54 27 [watchdog/4] - root 0 0 00:01:23 301-22:20:54 28 [migration/4] - root 0 0 00:01:36 301-22:20:54 29 [ksoftirqd/4] - root 0 0 00:00:00 301-22:20:54 31 [kworker/4:0H] - root 0 0 00:01:47 301-22:20:54 32 [watchdog/5] - root 0 0 00:00:19 301-22:20:54 33 [migration/5] - root 0 0 00:08:10 301-22:20:54 34 [ksoftirqd/5] - root 0 0 00:00:00 301-22:20:54 36 [kworker/5:0H] - root 0 0 00:00:00 301-22:20:54 38 [kdevtmpfs] - root 0 0 00:00:00 301-22:20:54 39 [netns] - root 0 0 00:00:12 301-22:20:54 40 [khungtaskd] - root 0 0 00:00:00 301-22:20:54 41 [writeback] - root 0 0 00:00:00 301-22:20:54 42 [kintegrityd] - root 0 0 00:00:00 301-22:20:54 43 [bioset] - root 0 0 00:00:00 301-22:20:54 44 [bioset] - root 0 0 00:00:00 301-22:20:54 45 [bioset] - root 0 0 00:00:00 301-22:20:54 46 [kblockd] - root 0 0 00:00:00 301-22:20:54 47 [md] - root 0 0 00:00:00 301-22:20:54 48 [edac-poller] - root 0 0 00:00:00 301-22:20:54 49 [watchdogd] - root 0 0 00:06:05 301-22:20:54 55 [kswapd0] - root 0 0 00:00:00 301-22:20:54 56 [ksmd] - root 0 0 00:00:57 301-22:20:54 57 [khugepaged] - root 0 0 00:00:00 301-22:20:54 58 [crypto] - root 0 0 00:00:00 301-22:20:54 66 [kthrotld] - root 0 0 00:00:00 301-22:20:54 68 [kmpath_rdacd] - root 0 0 00:00:00 301-22:20:54 69 [kaluad] - root 0 0 00:00:00 301-22:20:54 70 [kpsmoused] - root 0 0 00:00:00 301-22:20:53 72 [ipv6_addrconf] - root 0 0 00:00:00 301-22:20:53 86 [deferwq] - root 0 0 00:17:25 301-22:20:53 197 [kauditd] - root 0 0 00:00:00 301-22:20:53 262 [ata_sff] - root 0 0 00:00:00 301-22:20:53 276 [ttm_swap] - root 0 0 00:00:00 301-22:20:53 280 [scsi_eh_0] - root 0 0 00:00:00 301-22:20:53 281 [scsi_tmf_0] - root 0 0 00:00:00 301-22:20:53 282 [scsi_eh_1] - root 0 0 00:00:00 301-22:20:53 283 [scsi_tmf_1] - root 0 0 00:04:08 301-22:20:53 289 [kworker/3:1H] - root 0 0 00:08:46 301-22:20:53 294 [kworker/0:1H] - root 0 0 00:03:57 301-22:20:53 301 [kworker/4:1H] - root 0 0 01:01:08 301-22:20:53 302 [jbd2/vda1-8] - root 0 0 00:00:00 301-22:20:53 303 [ext4-rsv-conver] - root 0 0 00:00:36 301-22:20:53 309 [kworker/2:1H] - root 0 0 00:04:09 301-22:20:52 372 [kworker/5:1H] - root 0 0 00:01:03 301-22:20:52 374 [kworker/1:1H] 8:memory:/system.slice,6:devices:/system.slice/auditd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/auditd.service root 55532 868 00:37:43 301-22:20:51 458 /sbin/auditd 8:memory:/system.slice,6:devices:/system.slice/dbus.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dbus.service dbus 58296 1660 01:28:27 301-22:20:51 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation - root 0 0 00:06:23 301-22:20:50 671 [loop0] - root 0 0 00:02:24 301-22:20:50 672 [jbd2/loop0-8] - root 0 0 00:00:00 301-22:20:50 673 [ext4-rsv-conver] 8:memory:/system.slice,6:devices:/system.slice/queueprocd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/queueprocd.service root 223856 14880 00:01:34 7-12:59:09 781 queueprocd - waiting up to 60s to process a task 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 86064 12212 00:00:32 7-12:59:09 810 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1592 00:00:00 300-20:20:56 1006 nano pdns.conf 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12740 1296 00:00:08 7-12:58:40 1017 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12748 1312 00:00:06 7-12:58:40 1018 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 53084 11612 00:00:00 7-12:58:40 1019 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect 8:memory:/system.slice,6:devices:/system.slice/nscd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/nscd.service nscd 1535192 2736 00:02:01 7-12:58:39 1096 /usr/sbin/nscd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 153184 11880 00:05:33 7-12:58:38 1194 cPhulkd - dbprocessor 8:memory:/system.slice,6:devices:/system.slice/p0f.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 9924 3376 00:27:09 7-12:58:38 1201 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 8:memory:/system.slice,6:devices:/system.slice/cpanellogd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanellogd.service root 130240 2740 00:00:04 7-12:58:38 1208 cpanellogd - sleeping for logs 8:memory:/system.slice,6:devices:/system.slice/dnsadmin.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dnsadmin.service root 167292 4204 00:12:32 301-22:20:39 1491 dnsadmin - dormant mode 8:memory:/system.slice,6:devices:/system.slice/cpdavd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpdavd.service root 183660 6600 00:25:11 301-22:20:39 1494 cpdavd - accepting connections on: 2079, 2080, 2091, 2077, 2078 (dormant) 8:memory:/system.slice,6:devices:/system.slice/tailwatchd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/tailwatchd.service root 206744 19240 00:24:59 301-22:20:39 1495 tailwatchd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 189964 12288 01:31:16 301-22:20:39 1497 cPhulkd - processor - root 0 0 00:00:00 04:17:32 2998 [kworker/2:0] - root 0 0 00:00:02 04:17:32 3004 [kworker/1:2] - root 0 0 00:00:00 04:16:32 3049 [kworker/3:0] - root 0 0 00:00:00 17:27:32 4890 [kworker/4:1] - root 0 0 00:00:00 04:06:48 5104 [kworker/u12:2] 8:memory:/system.slice,6:devices:/system.slice/rpcbind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rpcbind.service rpc 69320 1476 00:00:15 62-12:57:47 6632 /sbin/rpcbind -w 8:memory:/system.slice,6:devices:/system.slice/memcached.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/memcached.service memcached 80044 1612 00:04:39 62-12:57:47 6647 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 8:memory:/system.slice,6:devices:/system.slice/mariadb.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/mariadb.service mysql 3151276 405092 06:14:28 62-12:57:45 6739 /usr/sbin/mysqld 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111300 3864 00:07:43 62-12:57:44 6810 /usr/sbin/sshd -D 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 372020 18484 00:01:34 62-12:57:44 6825 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/sw-engine.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sw-engine.service root 366000 10332 00:01:25 62-12:57:44 6843 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-background-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 382392 28968 00:48:30 62-12:57:44 6858 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 51488 2376 00:01:02 37-12:55:46 7108 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47844 5276 00:00:07 37-12:55:46 7114 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 48280 5664 00:00:12 37-12:55:46 7115 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 10304 1280 00:00:25 37-12:55:46 7117 dovecot/anvil 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 10436 1468 00:00:17 37-12:55:46 7118 dovecot/log 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 48348 5712 00:00:16 37-12:55:46 7119 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 48220 5532 00:00:13 37-12:55:46 7120 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 17852 5012 00:00:54 37-12:55:46 7122 dovecot/config 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 13552 1484 00:00:25 37-12:55:46 7123 dovecot/stats 8:memory:/system.slice,6:devices:/system.slice/pure-ftpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-ftpd.service root 153400 3100 00:00:29 37-12:55:45 7198 pure-ftpd (SERVER) 8:memory:/system.slice,6:devices:/system.slice/pure-authd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-authd.service root 152776 2032 00:00:30 37-12:55:45 7199 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth - root 0 0 00:00:01 16:46:00 7610 [kworker/5:2] 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 251672 124380 00:00:36 1-12:56:49 8912 /usr/local/cpanel/3rdparty/perl/532/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 8:memory:/system.slice,6:devices:/system.slice/cpanel.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel.service root 254616 28576 02:06:57 267-12:57:23 8935 cpsrvd (SSL) - waiting for connections 8:memory:/system.slice,6:devices:/system.slice/atd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/atd.service root 24208 968 00:00:00 257-12:57:56 8955 /usr/sbin/atd -f - root 0 0 00:00:01 09:47:32 9075 [kworker/0:1] 8:memory:/system.slice,6:devices:/system.slice/chronyd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/chronyd.service chrony 103732 1504 00:00:23 119-12:33:26 9130 /usr/sbin/chronyd 8:memory:/system.slice,6:devices:/system.slice/xinetd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/xinetd.service root 27380 868 00:00:00 119-12:33:26 9174 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 6:devices:/system.slice/system-serial\x2dgetty.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 740 00:00:00 257-12:57:09 9698 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 6:devices:/system.slice/system-getty.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 728 00:00:00 257-12:57:09 9745 /sbin/agetty --noclear tty1 linux 8:memory:/system.slice,6:devices:/system.slice/acpid.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/acpid.service root 4388 456 00:00:00 257-12:57:05 10005 /usr/sbin/acpid 8:memory:/system.slice,6:devices:/system.slice/crond.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/crond.service root 124500 1592 00:03:55 257-12:57:05 10027 /usr/sbin/crond -n 8:memory:/system.slice,6:devices:/system.slice/pdns.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pdns.service named 809548 12920 00:24:55 141-12:58:15 10057 /usr/sbin/pdns_server --socket-dir=/run/pdns --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no 8:memory:/system.slice,6:devices:/system.slice/irqbalance.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/irqbalance.service root 21540 1100 00:30:20 257-12:57:04 10141 /usr/sbin/irqbalance --foreground 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 230344 11272 00:01:19 12-12:58:44 10388 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/qemu-guest-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 1700 00:00:00 152-12:27:31 13850 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 8:memory:/system.slice,6:devices:/system.slice/smartd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/smartd.service root 52852 2308 00:00:02 152-12:27:30 13907 /usr/sbin/smartd -n -q never 8:memory:/system.slice,6:devices:/system.slice/systemd-logind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-logind.service root 24892 2020 00:23:48 152-12:27:30 13923 /usr/lib/systemd/systemd-logind 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 610528 21556 00:00:52 4-12:56:33 13952 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/cpanel_php_fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel_php_fpm.service root 255320 4924 00:00:25 4-12:56:32 13962 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/rsyslog.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rsyslog.service root 510244 7024 00:51:16 152-12:27:27 14031 /usr/sbin/rsyslogd -n 8:memory:/system.slice,6:devices:/system.slice/systemd-udevd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-udevd.service root 43532 1324 00:00:00 152-12:27:25 14146 /usr/lib/systemd/systemd-udevd 8:memory:/system.slice,6:devices:/system.slice/systemd-journald.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-journald.service root 39436 6192 01:20:45 152-12:27:24 14218 /usr/lib/systemd/systemd-journald - root 0 0 00:00:00 01:47:32 15085 [kworker/1:1] - root 0 0 00:00:00 01:45:50 15340 [kworker/5:1] - root 0 0 00:00:00 01:17:33 17016 [kworker/2:2] 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 252896 121880 00:00:00 48:32 18850 spamd child - root 0 0 00:00:00 45:43 19187 [kworker/0:0] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236032 12984 00:00:00 43:21 19410 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236040 13080 00:00:00 33:00 20415 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236284 13572 00:00:00 32:58 20422 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236048 12996 00:00:00 32:14 20463 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236128 13012 00:00:00 32:14 20466 /usr/sbin/httpd -k start - root 0 0 00:00:00 27:32 20924 [kworker/3:2] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 235904 12832 00:00:00 25:21 21296 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 235916 12376 00:00:00 10:05 22566 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 235908 12456 00:00:00 10:05 22567 /usr/sbin/httpd -k start - root 0 0 00:00:00 07:33 22919 [kworker/4:0] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 235908 12576 00:00:00 05:08 23057 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 235772 10860 00:00:00 04:21 23087 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 41104 2948 00:00:00 01:33 23316 dovecot/auth 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 41104 2764 00:00:00 01:32 23330 dovecot/auth -w - root 0 0 00:00:00 00:57 23434 [kworker/5:0] - root 0 0 00:00:00 00:16 23463 [cpsrvd (SSL) - ] <defunct> - root 0 0 00:00:00 06:47:19 23543 [kworker/u12:0] 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@69582-103.179.190.35:6556-165.22.205.214:58990.service root 113592 1856 00:00:00 00:00 23606 /bin/bash /usr/bin/check_mk_agent 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@69582-103.179.190.35:6556-165.22.205.214:58990.service root 49820 1560 00:00:00 00:00 23629 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81928 1284 00:00:00 12:59:04 25344 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81928 1752 00:00:12 12:59:04 25345 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81928 2184 00:00:00 12:59:04 25346 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81928 2184 00:00:00 12:59:04 25347 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81928 2184 00:00:00 12:59:04 25348 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81928 2276 00:00:04 12:59:04 25349 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/polkit.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/polkit.service polkitd 610540 11500 00:12:18 117-12:41:30 28815 /usr/lib/polkit-1/polkitd --no-debug 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 251672 120288 00:00:00 18:46:18 32159 spamd child Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2023-02-02 07:17 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadf0d69b6ceFound public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2745.scope static acpid.service enabled aibolit-resident.service enabled alt-php-internal-fpm.service disabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-rquotad.service disabled nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-rquotad.service disabled rpcbind.service enabled rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 301 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK * check_mk@62547-103.179.190.34:6556-103.83.81.110:58694.service loaded failed failed Check_MK * check_mk@62548-103.179.190.35:6556-103.83.81.110:64910.service loaded failed failed Check_MK * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK check_mk@67895-103.179.190.35:6556-159.65.51.215:49004.service loaded activating start start Check_MK (159.65.51.215:49004) * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.37 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WordPress Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WordPress Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice Imunify-notifier.slice loaded active active Imunify-notifier.slice Imunify.slice loaded active active Imunify.slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191436 4024 06:22:29 293-04:56:12 1 /usr/lib/systemd/systemd --system --deserialize 24 - root 0 0 00:00:02 293-04:56:12 2 [kthreadd] - root 0 0 00:00:00 293-04:56:12 4 [kworker/0:0H] - root 0 0 00:00:56 293-04:56:12 6 [ksoftirqd/0] - root 0 0 00:00:11 293-04:56:12 7 [migration/0] - root 0 0 00:00:00 293-04:56:12 8 [rcu_bh] - root 0 0 05:38:24 293-04:56:12 9 [rcu_sched] - root 0 0 00:00:00 293-04:56:12 10 [lru-add-drain] - root 0 0 00:01:50 293-04:56:12 11 [watchdog/0] - root 0 0 00:01:42 293-04:56:12 12 [watchdog/1] - root 0 0 00:02:15 293-04:56:12 13 [migration/1] - root 0 0 00:00:46 293-04:56:12 14 [ksoftirqd/1] - root 0 0 00:00:00 293-04:56:12 16 [kworker/1:0H] - root 0 0 00:01:37 293-04:56:12 17 [watchdog/2] - root 0 0 00:00:17 293-04:56:12 18 [migration/2] - root 0 0 00:00:40 293-04:56:12 19 [ksoftirqd/2] - root 0 0 00:00:00 293-04:56:12 21 [kworker/2:0H] - root 0 0 00:01:35 293-04:56:12 22 [watchdog/3] - root 0 0 00:00:15 293-04:56:12 23 [migration/3] - root 0 0 00:01:11 293-04:56:12 24 [ksoftirqd/3] - root 0 0 00:00:00 293-04:56:12 26 [kworker/3:0H] - root 0 0 00:01:32 293-04:56:12 27 [watchdog/4] - root 0 0 00:01:20 293-04:56:12 28 [migration/4] - root 0 0 00:01:33 293-04:56:12 29 [ksoftirqd/4] - root 0 0 00:00:00 293-04:56:12 31 [kworker/4:0H] - root 0 0 00:01:43 293-04:56:12 32 [watchdog/5] - root 0 0 00:00:18 293-04:56:12 33 [migration/5] - root 0 0 00:07:55 293-04:56:12 34 [ksoftirqd/5] - root 0 0 00:00:00 293-04:56:12 36 [kworker/5:0H] - root 0 0 00:00:00 293-04:56:12 38 [kdevtmpfs] - root 0 0 00:00:00 293-04:56:12 39 [netns] - root 0 0 00:00:12 293-04:56:12 40 [khungtaskd] - root 0 0 00:00:00 293-04:56:12 41 [writeback] - root 0 0 00:00:00 293-04:56:12 42 [kintegrityd] - root 0 0 00:00:00 293-04:56:12 43 [bioset] - root 0 0 00:00:00 293-04:56:12 44 [bioset] - root 0 0 00:00:00 293-04:56:12 45 [bioset] - root 0 0 00:00:00 293-04:56:12 46 [kblockd] - root 0 0 00:00:00 293-04:56:12 47 [md] - root 0 0 00:00:00 293-04:56:12 48 [edac-poller] - root 0 0 00:00:00 293-04:56:12 49 [watchdogd] - root 0 0 00:05:55 293-04:56:12 55 [kswapd0] - root 0 0 00:00:00 293-04:56:12 56 [ksmd] - root 0 0 00:00:55 293-04:56:12 57 [khugepaged] - root 0 0 00:00:00 293-04:56:12 58 [crypto] - root 0 0 00:00:00 293-04:56:12 66 [kthrotld] - root 0 0 00:00:00 293-04:56:12 68 [kmpath_rdacd] - root 0 0 00:00:00 293-04:56:12 69 [kaluad] - root 0 0 00:00:00 293-04:56:12 70 [kpsmoused] - root 0 0 00:00:00 293-04:56:11 72 [ipv6_addrconf] - root 0 0 00:00:00 293-04:56:11 86 [deferwq] - root 0 0 00:16:48 293-04:56:11 197 [kauditd] - root 0 0 00:00:00 293-04:56:11 262 [ata_sff] - root 0 0 00:00:00 293-04:56:11 276 [ttm_swap] - root 0 0 00:00:00 293-04:56:11 280 [scsi_eh_0] - root 0 0 00:00:00 293-04:56:11 281 [scsi_tmf_0] - root 0 0 00:00:00 293-04:56:11 282 [scsi_eh_1] - root 0 0 00:00:00 293-04:56:11 283 [scsi_tmf_1] - root 0 0 00:04:01 293-04:56:11 289 [kworker/3:1H] - root 0 0 00:08:33 293-04:56:11 294 [kworker/0:1H] - root 0 0 00:03:49 293-04:56:11 301 [kworker/4:1H] - root 0 0 00:59:18 293-04:56:11 302 [jbd2/vda1-8] - root 0 0 00:00:00 293-04:56:11 303 [ext4-rsv-conver] - root 0 0 00:00:35 293-04:56:11 309 [kworker/2:1H] - root 0 0 00:04:01 293-04:56:10 372 [kworker/5:1H] - root 0 0 00:01:02 293-04:56:10 374 [kworker/1:1H] 8:memory:/system.slice,6:devices:/system.slice/auditd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/auditd.service root 55532 868 00:36:22 293-04:56:09 458 /sbin/auditd 8:memory:/system.slice,6:devices:/system.slice/dbus.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dbus.service dbus 58296 1660 01:25:23 293-04:56:09 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation - root 0 0 00:06:13 293-04:56:08 671 [loop0] - root 0 0 00:02:20 293-04:56:08 672 [jbd2/loop0-8] - root 0 0 00:00:00 293-04:56:08 673 [ext4-rsv-conver] 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1592 00:00:00 292-02:56:14 1006 nano pdns.conf 8:memory:/system.slice,6:devices:/system.slice/dnsadmin.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dnsadmin.service root 167292 4204 00:12:07 293-04:55:57 1491 dnsadmin - dormant mode 8:memory:/system.slice,6:devices:/system.slice/cpdavd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpdavd.service root 261876 24776 00:23:58 293-04:55:57 1494 cpdavd - accepting connections on: 2079, 2080, 2091, 2077, 2078 8:memory:/system.slice,6:devices:/system.slice/tailwatchd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/tailwatchd.service root 206652 19188 00:23:39 293-04:55:57 1495 tailwatchd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 189972 12292 01:27:39 293-04:55:57 1497 cPhulkd - processor - root 0 0 00:00:00 04:22:46 3391 [kworker/4:1] - root 0 0 00:00:00 04:02:49 5023 [kworker/0:2] 8:memory:/system.slice,6:devices:/system.slice/rpcbind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rpcbind.service rpc 69320 1440 00:00:13 53-19:33:05 6632 /sbin/rpcbind -w 8:memory:/system.slice,6:devices:/system.slice/memcached.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/memcached.service memcached 80044 1612 00:03:57 53-19:33:05 6647 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 8:memory:/system.slice,6:devices:/system.slice/mariadb.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/mariadb.service mysql 3151276 389404 05:24:49 53-19:33:03 6739 /usr/sbin/mysqld 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111300 3864 00:06:26 53-19:33:02 6810 /usr/sbin/sshd -D 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 372020 18488 00:01:20 53-19:33:02 6825 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/sw-engine.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sw-engine.service root 366000 10332 00:01:12 53-19:33:02 6843 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-background-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 382392 28968 00:41:11 53-19:33:02 6858 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 51488 2376 00:00:47 28-19:31:04 7108 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47712 5412 00:00:05 28-19:31:04 7114 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 48020 5464 00:00:08 28-19:31:04 7115 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 10304 1280 00:00:20 28-19:31:04 7117 dovecot/anvil 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 10436 1468 00:00:12 28-19:31:04 7118 dovecot/log 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 48348 5600 00:00:12 28-19:31:04 7119 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47960 5436 00:00:10 28-19:31:04 7120 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 17852 5012 00:00:40 28-19:31:04 7122 dovecot/config 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 13552 1484 00:00:18 28-19:31:04 7123 dovecot/stats 8:memory:/system.slice,6:devices:/system.slice/pure-ftpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-ftpd.service root 153400 3100 00:00:22 28-19:31:03 7198 pure-ftpd (SERVER) 8:memory:/system.slice,6:devices:/system.slice/pure-authd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-authd.service root 152776 2032 00:00:22 28-19:31:03 7199 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth 8:memory:/system.slice,6:devices:/system.slice/cpanel.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel.service root 254624 28576 02:03:26 258-19:32:41 8935 cpsrvd (SSL) - waiting for connections 8:memory:/system.slice,6:devices:/system.slice/atd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/atd.service root 24208 776 00:00:00 248-19:33:14 8955 /usr/sbin/atd -f 8:memory:/system.slice,6:devices:/system.slice/chronyd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/chronyd.service chrony 103732 1532 00:00:21 110-19:08:44 9130 /usr/sbin/chronyd 8:memory:/system.slice,6:devices:/system.slice/xinetd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/xinetd.service root 27380 868 00:00:00 110-19:08:44 9174 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236264 14548 00:00:01 09:27:12 9649 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236260 14544 00:00:01 09:27:11 9657 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 240496 15276 00:00:01 09:27:10 9661 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236304 14600 00:00:01 09:27:10 9671 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236260 14556 00:00:01 09:27:10 9675 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236328 14592 00:00:01 09:27:10 9676 /usr/sbin/httpd -k start 6:devices:/system.slice/system-serial\x2dgetty.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 740 00:00:00 248-19:32:27 9698 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 6:devices:/system.slice/system-getty.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 728 00:00:00 248-19:32:27 9745 /sbin/agetty --noclear tty1 linux 8:memory:/system.slice,6:devices:/system.slice/acpid.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/acpid.service root 4388 456 00:00:00 248-19:32:23 10005 /usr/sbin/acpid 8:memory:/system.slice,6:devices:/system.slice/crond.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/crond.service root 124500 1592 00:03:46 248-19:32:23 10027 /usr/sbin/crond -n 8:memory:/system.slice,6:devices:/system.slice/pdns.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pdns.service named 809548 12388 00:23:20 132-19:33:33 10057 /usr/sbin/pdns_server --socket-dir=/run/pdns --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no 8:memory:/system.slice,6:devices:/system.slice/irqbalance.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/irqbalance.service root 21540 1100 00:29:12 248-19:32:22 10141 /usr/sbin/irqbalance --foreground 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 230228 9032 00:00:22 3-19:34:02 10388 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12772 1284 00:00:04 3-19:34:02 10389 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12808 1292 00:00:03 3-19:34:02 10390 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 53092 11744 00:00:00 3-19:34:02 10391 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 610528 17348 00:01:06 3-19:33:58 10415 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) - root 0 0 00:00:00 02:32:48 11643 [kworker/2:2] - root 0 0 00:00:01 21:51:49 13292 [kworker/2:0] 8:memory:/system.slice,6:devices:/system.slice/qemu-guest-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 1700 00:00:00 143-19:02:49 13850 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 8:memory:/system.slice,6:devices:/system.slice/smartd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/smartd.service root 52852 2348 00:00:02 143-19:02:48 13907 /usr/sbin/smartd -n -q never 8:memory:/system.slice,6:devices:/system.slice/systemd-logind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-logind.service root 24892 2020 00:22:15 143-19:02:48 13923 /usr/lib/systemd/systemd-logind 8:memory:/system.slice,6:devices:/system.slice/rsyslog.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rsyslog.service root 525464 13908 00:47:45 143-19:02:45 14031 /usr/sbin/rsyslogd -n 8:memory:/system.slice,6:devices:/system.slice/systemd-udevd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-udevd.service root 43532 1324 00:00:00 143-19:02:43 14146 /usr/lib/systemd/systemd-udevd 8:memory:/system.slice,6:devices:/system.slice/systemd-journald.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-journald.service root 56568 18700 01:15:12 143-19:02:42 14218 /usr/lib/systemd/systemd-journald - root 0 0 00:00:00 14:52:49 15239 [kworker/5:0] - root 0 0 00:00:00 01:50:07 15371 [kworker/u12:0] 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 252596 121644 00:00:01 01:33:03 17055 spamd child - root 0 0 00:00:00 01:19:59 18882 [kworker/u12:2] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236264 14760 00:00:02 13:55:56 19916 /usr/sbin/httpd -k start - root 0 0 00:00:00 01:02:48 21472 [kworker/1:1] - root 0 0 00:00:00 07:21:33 21723 [kworker/3:0] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81916 1252 00:00:00 49-19:32:32 22291 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81916 1748 00:17:16 49-19:32:32 22292 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81916 2180 00:00:00 49-19:32:32 22293 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81916 2180 00:00:00 49-19:32:32 22294 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81916 2180 00:00:00 49-19:32:32 22295 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81916 2204 00:06:10 49-19:32:32 22296 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] - root 0 0 00:00:06 12:52:49 24566 [kworker/1:0] - root 0 0 00:00:00 32:49 25739 [kworker/5:2] 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 251376 124088 00:00:19 19:32:01 26146 /usr/local/cpanel/3rdparty/perl/532/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 - root 0 0 00:00:02 19:21:34 26951 [kworker/0:0] - root 0 0 00:00:00 21:30 27230 [kworker/4:2] 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 251376 119880 00:00:00 19:17:01 27275 spamd child 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236240 14316 00:00:00 06:06:53 27823 /usr/sbin/httpd -k start - root 0 0 00:00:00 12:49 27840 [kworker/3:1] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236356 14416 00:00:00 06:02:22 28150 /usr/sbin/httpd -k start - root 0 0 00:00:00 02:49 28458 [kworker/4:0] 8:memory:/system.slice,6:devices:/system.slice/queueprocd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/queueprocd.service root 223844 14920 00:02:07 12-19:34:21 28498 queueprocd - waiting up to 60s to process a task 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service hanoigroup 757008 96912 00:00:01 00:09 28551 php-fpm: pool hanoigroup_vn 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service hanoigroup 668692 80100 00:00:01 00:08 28553 php-fpm: pool hanoigroup_vn 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@67895-103.179.190.35:6556-159.65.51.215:49004.service root 113592 1864 00:00:00 00:00 28693 /bin/bash /usr/bin/check_mk_agent 8:memory:/system.slice,6:devices:/system.slice/nscd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/nscd.service nscd 1467604 2680 00:03:36 12-19:33:59 28709 /usr/sbin/nscd 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@67895-103.179.190.35:6556-159.65.51.215:49004.service root 49820 1560 00:00:00 00:00 28726 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 8:memory:/system.slice,6:devices:/system.slice/cpanellogd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanellogd.service root 130240 2740 00:00:07 12-19:33:59 28801 cpanellogd - sleeping for logs 8:memory:/system.slice,6:devices:/system.slice/p0f.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 9904 3372 00:43:30 12-19:33:59 28814 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 8:memory:/system.slice,6:devices:/system.slice/polkit.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/polkit.service polkitd 610540 11504 00:11:15 108-19:16:48 28815 /usr/lib/polkit-1/polkitd --no-debug 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 153116 11764 00:08:03 12-19:33:59 28829 cPhulkd - dbprocessor 8:memory:/system.slice,6:devices:/system.slice/cpanel_php_fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel_php_fpm.service root 255320 6588 00:01:05 12-19:33:56 28893 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 86068 12220 00:00:41 12-19:32:15 29072 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236248 14208 00:00:00 05:26:47 30469 /usr/sbin/httpd -k start Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2023-01-24 13:52 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadfa60423bcFound public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2745.scope static acpid.service enabled aibolit-resident.service enabled alt-php-internal-fpm.service disabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-rquotad.service disabled nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-rquotad.service disabled rpcbind.service enabled rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 301 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK * check_mk@62547-103.179.190.34:6556-103.83.81.110:58694.service loaded failed failed Check_MK * check_mk@62548-103.179.190.35:6556-103.83.81.110:64910.service loaded failed failed Check_MK * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK check_mk@66564-103.179.190.35:6556-170.187.164.180:44490.service loaded activating start start Check_MK (170.187.164.180:44490) * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.37 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WordPress Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WordPress Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice Imunify-notifier.slice loaded active active Imunify-notifier.slice Imunify.slice loaded active active Imunify.slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191436 4016 06:14:45 286-15:44:20 1 /usr/lib/systemd/systemd --system --deserialize 24 - root 0 0 00:00:02 286-15:44:20 2 [kthreadd] - root 0 0 00:00:00 286-15:44:20 4 [kworker/0:0H] - root 0 0 00:00:55 286-15:44:20 6 [ksoftirqd/0] - root 0 0 00:00:10 286-15:44:20 7 [migration/0] - root 0 0 00:00:00 286-15:44:20 8 [rcu_bh] - root 0 0 05:31:06 286-15:44:20 9 [rcu_sched] - root 0 0 00:00:00 286-15:44:20 10 [lru-add-drain] - root 0 0 00:01:47 286-15:44:20 11 [watchdog/0] - root 0 0 00:01:40 286-15:44:20 12 [watchdog/1] - root 0 0 00:02:12 286-15:44:20 13 [migration/1] - root 0 0 00:00:45 286-15:44:20 14 [ksoftirqd/1] - root 0 0 00:00:00 286-15:44:20 16 [kworker/1:0H] - root 0 0 00:01:35 286-15:44:20 17 [watchdog/2] - root 0 0 00:00:17 286-15:44:20 18 [migration/2] - root 0 0 00:00:40 286-15:44:20 19 [ksoftirqd/2] - root 0 0 00:00:00 286-15:44:20 21 [kworker/2:0H] - root 0 0 00:01:33 286-15:44:20 22 [watchdog/3] - root 0 0 00:00:14 286-15:44:20 23 [migration/3] - root 0 0 00:01:09 286-15:44:20 24 [ksoftirqd/3] - root 0 0 00:00:00 286-15:44:20 26 [kworker/3:0H] - root 0 0 00:01:30 286-15:44:20 27 [watchdog/4] - root 0 0 00:01:18 286-15:44:20 28 [migration/4] - root 0 0 00:01:31 286-15:44:20 29 [ksoftirqd/4] - root 0 0 00:00:00 286-15:44:20 31 [kworker/4:0H] - root 0 0 00:01:41 286-15:44:20 32 [watchdog/5] - root 0 0 00:00:18 286-15:44:20 33 [migration/5] - root 0 0 00:07:44 286-15:44:20 34 [ksoftirqd/5] - root 0 0 00:00:00 286-15:44:20 36 [kworker/5:0H] - root 0 0 00:00:00 286-15:44:20 38 [kdevtmpfs] - root 0 0 00:00:00 286-15:44:20 39 [netns] - root 0 0 00:00:11 286-15:44:20 40 [khungtaskd] - root 0 0 00:00:00 286-15:44:20 41 [writeback] - root 0 0 00:00:00 286-15:44:20 42 [kintegrityd] - root 0 0 00:00:00 286-15:44:20 43 [bioset] - root 0 0 00:00:00 286-15:44:20 44 [bioset] - root 0 0 00:00:00 286-15:44:20 45 [bioset] - root 0 0 00:00:00 286-15:44:20 46 [kblockd] - root 0 0 00:00:00 286-15:44:20 47 [md] - root 0 0 00:00:00 286-15:44:20 48 [edac-poller] - root 0 0 00:00:00 286-15:44:20 49 [watchdogd] - root 0 0 00:05:45 286-15:44:20 55 [kswapd0] - root 0 0 00:00:00 286-15:44:20 56 [ksmd] - root 0 0 00:00:54 286-15:44:20 57 [khugepaged] - root 0 0 00:00:00 286-15:44:20 58 [crypto] - root 0 0 00:00:00 286-15:44:20 66 [kthrotld] - root 0 0 00:00:00 286-15:44:20 68 [kmpath_rdacd] - root 0 0 00:00:00 286-15:44:20 69 [kaluad] - root 0 0 00:00:00 286-15:44:20 70 [kpsmoused] - root 0 0 00:00:00 286-15:44:19 72 [ipv6_addrconf] - root 0 0 00:00:00 286-15:44:19 86 [deferwq] - root 0 0 00:16:25 286-15:44:19 197 [kauditd] - root 0 0 00:00:00 286-15:44:19 262 [ata_sff] - root 0 0 00:00:00 286-15:44:19 276 [ttm_swap] - root 0 0 00:00:00 286-15:44:19 280 [scsi_eh_0] - root 0 0 00:00:00 286-15:44:19 281 [scsi_tmf_0] - root 0 0 00:00:00 286-15:44:19 282 [scsi_eh_1] - root 0 0 00:00:00 286-15:44:19 283 [scsi_tmf_1] - root 0 0 00:03:53 286-15:44:19 289 [kworker/3:1H] - root 0 0 00:08:23 286-15:44:19 294 [kworker/0:1H] - root 0 0 00:03:42 286-15:44:19 301 [kworker/4:1H] - root 0 0 00:57:44 286-15:44:19 302 [jbd2/vda1-8] - root 0 0 00:00:00 286-15:44:19 303 [ext4-rsv-conver] - root 0 0 00:00:34 286-15:44:19 309 [kworker/2:1H] - root 0 0 00:03:53 286-15:44:18 372 [kworker/5:1H] - root 0 0 00:01:00 286-15:44:18 374 [kworker/1:1H] 8:memory:/system.slice,6:devices:/system.slice/auditd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/auditd.service root 55532 868 00:35:31 286-15:44:17 458 /sbin/auditd 8:memory:/system.slice,6:devices:/system.slice/dbus.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dbus.service dbus 58296 1660 01:23:22 286-15:44:17 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation - root 0 0 00:06:03 286-15:44:16 671 [loop0] - root 0 0 00:02:17 286-15:44:16 672 [jbd2/loop0-8] - root 0 0 00:00:00 286-15:44:16 673 [ext4-rsv-conver] 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1592 00:00:00 285-13:44:22 1006 nano pdns.conf 8:memory:/system.slice,6:devices:/system.slice/dnsadmin.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dnsadmin.service root 167292 4200 00:11:50 286-15:44:05 1491 dnsadmin - dormant mode 8:memory:/system.slice,6:devices:/system.slice/cpdavd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpdavd.service root 183660 6600 00:23:08 286-15:44:05 1494 cpdavd - accepting connections on: 2079, 2080, 2091, 2077, 2078 (dormant) 8:memory:/system.slice,6:devices:/system.slice/tailwatchd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/tailwatchd.service root 206772 19212 00:22:46 286-15:44:05 1495 tailwatchd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 189972 12280 01:25:21 286-15:44:05 1497 cPhulkd - processor 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236596 13736 00:00:00 01:35:03 3204 /usr/sbin/httpd -k start - root 0 0 00:00:00 01:10:56 5696 [kworker/4:2] 8:memory:/system.slice,6:devices:/system.slice/rpcbind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rpcbind.service rpc 69320 1436 00:00:11 47-06:21:13 6632 /sbin/rpcbind -w 8:memory:/system.slice,6:devices:/system.slice/memcached.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/memcached.service memcached 80044 1612 00:03:27 47-06:21:13 6647 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 8:memory:/system.slice,6:devices:/system.slice/mariadb.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/mariadb.service mysql 3151276 372848 04:41:47 47-06:21:11 6739 /usr/sbin/mysqld 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111300 3864 00:05:38 47-06:21:10 6810 /usr/sbin/sshd -D 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 372020 18552 00:01:11 47-06:21:10 6825 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/sw-engine.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sw-engine.service root 366000 10396 00:01:02 47-06:21:10 6843 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-background-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 382392 29032 00:35:54 47-06:21:10 6858 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 51488 2372 00:00:37 22-06:19:12 7108 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47712 5384 00:00:04 22-06:19:12 7114 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 48020 5708 00:00:07 22-06:19:12 7115 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 10304 1280 00:00:16 22-06:19:12 7117 dovecot/anvil 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 10436 1472 00:00:09 22-06:19:12 7118 dovecot/log 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 48348 5592 00:00:09 22-06:19:12 7119 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47960 5692 00:00:07 22-06:19:12 7120 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 17852 5012 00:00:31 22-06:19:12 7122 dovecot/config 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 13552 1484 00:00:14 22-06:19:12 7123 dovecot/stats 8:memory:/system.slice,6:devices:/system.slice/pure-ftpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-ftpd.service root 153400 3100 00:00:18 22-06:19:11 7198 pure-ftpd (SERVER) 8:memory:/system.slice,6:devices:/system.slice/pure-authd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-authd.service root 152776 2032 00:00:18 22-06:19:11 7199 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12736 1288 00:00:07 5-06:22:11 7904 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12740 1304 00:00:06 5-06:22:11 7905 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 53092 11744 00:00:00 5-06:22:11 7906 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 610528 16588 00:01:01 5-06:22:09 7923 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) - root 0 0 00:00:00 39:56 8319 [kworker/3:2] - root 0 0 00:00:00 39:56 8323 [kworker/2:0] 8:memory:/system.slice,6:devices:/system.slice/cpanel.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel.service root 254624 28784 02:00:59 252-06:20:49 8935 cpsrvd (SSL) - waiting for connections 8:memory:/system.slice,6:devices:/system.slice/atd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/atd.service root 24208 792 00:00:00 242-06:21:22 8955 /usr/sbin/atd -f 8:memory:/system.slice,6:devices:/system.slice/chronyd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/chronyd.service chrony 103732 1596 00:00:20 104-05:56:52 9130 /usr/sbin/chronyd 8:memory:/system.slice,6:devices:/system.slice/xinetd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/xinetd.service root 27380 872 00:00:00 104-05:56:52 9174 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 6:devices:/system.slice/system-serial\x2dgetty.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 740 00:00:00 242-06:20:35 9698 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 6:devices:/system.slice/system-getty.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 728 00:00:00 242-06:20:35 9745 /sbin/agetty --noclear tty1 linux - root 0 0 00:00:00 20:56 9847 [kworker/5:2] 8:memory:/system.slice,6:devices:/system.slice/acpid.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/acpid.service root 4388 456 00:00:00 242-06:20:31 10005 /usr/sbin/acpid 8:memory:/system.slice,6:devices:/system.slice/crond.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/crond.service root 124500 1592 00:03:40 242-06:20:31 10027 /usr/sbin/crond -n 8:memory:/system.slice,6:devices:/system.slice/pdns.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pdns.service named 809548 12308 00:22:13 126-06:21:41 10057 /usr/sbin/pdns_server --socket-dir=/run/pdns --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no 8:memory:/system.slice,6:devices:/system.slice/irqbalance.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/irqbalance.service root 21540 1100 00:28:24 242-06:20:30 10141 /usr/sbin/irqbalance --foreground - root 0 0 00:00:00 10:56 10705 [kworker/3:0] - root 0 0 00:00:00 09:51 10882 [kworker/5:1] - root 0 0 00:00:00 09:49 10899 [kworker/1:2] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236376 14292 00:00:01 05:55:53 11465 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236348 14308 00:00:01 05:55:52 11468 /usr/sbin/httpd -k start - root 0 0 00:00:00 04:07 11513 [kworker/u12:1] 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 41104 2948 00:00:00 01:26 11700 dovecot/auth 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 41104 2768 00:00:00 01:25 11703 dovecot/auth -w - root 0 0 00:00:00 00:56 11749 [kworker/0:1] - root 0 0 00:00:00 05:53:58 11750 [kworker/u12:2] 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 86632 10020 00:00:00 00:55 11756 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service hanoigroup 767120 107452 00:00:09 00:51 11761 php-fpm: pool hanoigroup_vn 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service hanoigroup 691192 103156 00:00:09 00:50 11770 php-fpm: pool hanoigroup_vn 8:memory:/system.slice,6:devices:/system.slice/pure-ftpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-ftpd.service root 153404 1152 00:00:00 00:08 11783 pure-ftpd (IDLE) 8:memory:/system.slice,6:devices:/system.slice/pure-ftpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-ftpd.service root 153404 764 00:00:00 00:08 11784 pure-ftpd (PRIV) 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@66564-103.179.190.35:6556-170.187.164.180:44490.service root 113564 1864 00:00:00 00:01 11924 /bin/bash /usr/bin/check_mk_agent 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@66564-103.179.190.35:6556-170.187.164.180:44490.service root 49820 1560 00:00:00 00:00 11947 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 8:memory:/system.slice,6:devices:/system.slice/qemu-guest-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 1700 00:00:00 137-05:50:57 13850 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 8:memory:/system.slice,6:devices:/system.slice/smartd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/smartd.service root 52852 2188 00:00:02 137-05:50:56 13907 /usr/sbin/smartd -n -q never 8:memory:/system.slice,6:devices:/system.slice/systemd-logind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-logind.service root 24892 2016 00:21:15 137-05:50:56 13923 /usr/lib/systemd/systemd-logind 8:memory:/system.slice,6:devices:/system.slice/rsyslog.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rsyslog.service root 509384 5568 00:45:16 137-05:50:53 14031 /usr/sbin/rsyslogd -n 8:memory:/system.slice,6:devices:/system.slice/systemd-udevd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-udevd.service root 43532 1324 00:00:00 137-05:50:51 14146 /usr/lib/systemd/systemd-udevd 8:memory:/system.slice,6:devices:/system.slice/systemd-journald.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-journald.service root 40184 4612 01:11:18 137-05:50:50 14218 /usr/lib/systemd/systemd-journald - root 0 0 00:00:04 1-08:30:56 16399 [kworker/0:0] - root 0 0 00:00:02 04:50:56 17575 [kworker/1:0] - root 0 0 00:00:00 1-00:40:51 19543 [kworker/4:0] 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 252608 121752 00:00:10 10:36:07 20466 spamd child 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81916 1252 00:00:00 43-06:20:40 22291 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81916 1748 00:14:55 43-06:20:40 22292 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81916 2180 00:00:00 43-06:20:40 22293 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81916 2180 00:00:00 43-06:20:40 22294 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81916 2180 00:00:00 43-06:20:40 22295 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81916 2204 00:05:19 43-06:20:40 22296 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236632 14340 00:00:01 03:36:16 22757 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236644 14296 00:00:01 03:35:32 22917 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236300 14180 00:00:01 03:35:09 22935 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236640 14264 00:00:01 03:35:08 22936 /usr/sbin/httpd -k start - root 0 0 00:00:00 10:00:56 24430 [kworker/2:2] - root 0 0 00:00:00 02:52:19 26764 [kworker/u12:0] 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 251412 124112 00:00:29 1-06:19:37 26937 /usr/local/cpanel/3rdparty/perl/532/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236332 14344 00:00:02 09:22:13 27668 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 251412 119960 00:00:00 1-06:08:33 27711 spamd child 8:memory:/system.slice,6:devices:/system.slice/queueprocd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/queueprocd.service root 223844 14892 00:01:03 6-06:22:29 28498 queueprocd - waiting up to 60s to process a task 8:memory:/system.slice,6:devices:/system.slice/nscd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/nscd.service nscd 1400016 2660 00:01:39 6-06:22:07 28709 /usr/sbin/nscd 8:memory:/system.slice,6:devices:/system.slice/cpanellogd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanellogd.service root 130240 2740 00:00:03 6-06:22:07 28801 cpanellogd - sleeping for logs 8:memory:/system.slice,6:devices:/system.slice/p0f.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 9904 3392 00:21:39 6-06:22:07 28814 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 8:memory:/system.slice,6:devices:/system.slice/polkit.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/polkit.service polkitd 610540 11508 00:10:36 102-06:04:56 28815 /usr/lib/polkit-1/polkitd --no-debug 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 153116 11760 00:04:13 6-06:22:07 28829 cPhulkd - dbprocessor 8:memory:/system.slice,6:devices:/system.slice/cpanel_php_fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel_php_fpm.service root 255320 6588 00:00:32 6-06:22:04 28893 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 86068 12224 00:00:17 6-06:20:23 29072 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid - root 0 0 00:00:00 02:09:48 30965 [kworker/0:2] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236372 14608 00:00:03 15:09:41 31152 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236336 14332 00:00:02 08:38:17 31424 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 230340 11092 00:01:20 12-06:21:09 31695 /usr/sbin/httpd -k start Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2023-01-18 00:40 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadf9af0d709Found public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2745.scope static session-687808.scope static acpid.service enabled aibolit-resident.service enabled alt-php-internal-fpm.service disabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-rquotad.service disabled nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-rquotad.service disabled rpcbind.service enabled rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 302 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2745.scope loaded active abandoned Session 2745 of user root session-687808.scope loaded active running Session 687808 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK * check_mk@62547-103.179.190.34:6556-103.83.81.110:58694.service loaded failed failed Check_MK (103.83.81.110:58694) * check_mk@62548-103.179.190.35:6556-103.83.81.110:64910.service loaded failed failed Check_MK (103.83.81.110:64910) check_mk@64273-103.179.190.35:6556-185.3.94.183:48304.service loaded activating start start Check_MK (185.3.94.183:48304) * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.37 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WordPress Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WordPress Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice Imunify-notifier.slice loaded inactive dead Imunify-notifier.slice Imunify.slice loaded inactive dead Imunify.slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191436 4012 05:59:28 273-12:28:23 1 /usr/lib/systemd/systemd --system --deserialize 24 - root 0 0 00:00:02 273-12:28:23 2 [kthreadd] - root 0 0 00:00:00 273-12:28:23 4 [kworker/0:0H] - root 0 0 00:00:53 273-12:28:23 6 [ksoftirqd/0] - root 0 0 00:00:10 273-12:28:23 7 [migration/0] - root 0 0 00:00:00 273-12:28:23 8 [rcu_bh] - root 0 0 05:15:19 273-12:28:23 9 [rcu_sched] - root 0 0 00:00:00 273-12:28:23 10 [lru-add-drain] - root 0 0 00:01:42 273-12:28:23 11 [watchdog/0] - root 0 0 00:01:35 273-12:28:23 12 [watchdog/1] - root 0 0 00:02:05 273-12:28:23 13 [migration/1] - root 0 0 00:00:43 273-12:28:23 14 [ksoftirqd/1] - root 0 0 00:00:00 273-12:28:23 16 [kworker/1:0H] - root 0 0 00:01:30 273-12:28:23 17 [watchdog/2] - root 0 0 00:00:16 273-12:28:23 18 [migration/2] - root 0 0 00:00:38 273-12:28:23 19 [ksoftirqd/2] - root 0 0 00:00:00 273-12:28:23 21 [kworker/2:0H] - root 0 0 00:01:28 273-12:28:23 22 [watchdog/3] - root 0 0 00:00:14 273-12:28:23 23 [migration/3] - root 0 0 00:01:06 273-12:28:23 24 [ksoftirqd/3] - root 0 0 00:00:00 273-12:28:23 26 [kworker/3:0H] - root 0 0 00:01:26 273-12:28:23 27 [watchdog/4] - root 0 0 00:01:14 273-12:28:23 28 [migration/4] - root 0 0 00:01:26 273-12:28:23 29 [ksoftirqd/4] - root 0 0 00:00:00 273-12:28:23 31 [kworker/4:0H] - root 0 0 00:01:36 273-12:28:23 32 [watchdog/5] - root 0 0 00:00:17 273-12:28:23 33 [migration/5] - root 0 0 00:07:20 273-12:28:23 34 [ksoftirqd/5] - root 0 0 00:00:00 273-12:28:23 36 [kworker/5:0H] - root 0 0 00:00:00 273-12:28:23 38 [kdevtmpfs] - root 0 0 00:00:00 273-12:28:23 39 [netns] - root 0 0 00:00:11 273-12:28:23 40 [khungtaskd] - root 0 0 00:00:00 273-12:28:23 41 [writeback] - root 0 0 00:00:00 273-12:28:23 42 [kintegrityd] - root 0 0 00:00:00 273-12:28:23 43 [bioset] - root 0 0 00:00:00 273-12:28:23 44 [bioset] - root 0 0 00:00:00 273-12:28:23 45 [bioset] - root 0 0 00:00:00 273-12:28:23 46 [kblockd] - root 0 0 00:00:00 273-12:28:23 47 [md] - root 0 0 00:00:00 273-12:28:23 48 [edac-poller] - root 0 0 00:00:00 273-12:28:23 49 [watchdogd] - root 0 0 00:05:23 273-12:28:23 55 [kswapd0] - root 0 0 00:00:00 273-12:28:23 56 [ksmd] - root 0 0 00:00:51 273-12:28:23 57 [khugepaged] - root 0 0 00:00:00 273-12:28:23 58 [crypto] - root 0 0 00:00:00 273-12:28:23 66 [kthrotld] - root 0 0 00:00:00 273-12:28:23 68 [kmpath_rdacd] - root 0 0 00:00:00 273-12:28:23 69 [kaluad] - root 0 0 00:00:00 273-12:28:23 70 [kpsmoused] - root 0 0 00:00:00 273-12:28:22 72 [ipv6_addrconf] - root 0 0 00:00:00 273-12:28:22 86 [deferwq] - root 0 0 00:15:36 273-12:28:22 197 [kauditd] - root 0 0 00:00:00 273-12:28:22 262 [ata_sff] - root 0 0 00:00:00 273-12:28:22 276 [ttm_swap] - root 0 0 00:00:00 273-12:28:22 280 [scsi_eh_0] - root 0 0 00:00:00 273-12:28:22 281 [scsi_tmf_0] - root 0 0 00:00:00 273-12:28:22 282 [scsi_eh_1] - root 0 0 00:00:00 273-12:28:22 283 [scsi_tmf_1] - root 0 0 00:03:40 273-12:28:22 289 [kworker/3:1H] - root 0 0 00:08:04 273-12:28:22 294 [kworker/0:1H] - root 0 0 00:03:29 273-12:28:22 301 [kworker/4:1H] - root 0 0 00:54:55 273-12:28:22 302 [jbd2/vda1-8] - root 0 0 00:00:00 273-12:28:22 303 [ext4-rsv-conver] - root 0 0 00:00:32 273-12:28:22 309 [kworker/2:1H] - root 0 0 00:03:40 273-12:28:21 372 [kworker/5:1H] - root 0 0 00:00:58 273-12:28:21 374 [kworker/1:1H] 8:memory:/system.slice,6:devices:/system.slice/auditd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/auditd.service root 55532 868 00:33:43 273-12:28:20 458 /sbin/auditd 8:memory:/system.slice,6:devices:/system.slice/dbus.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dbus.service dbus 58296 1660 01:19:00 273-12:28:20 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation - root 0 0 00:05:47 273-12:28:19 671 [loop0] - root 0 0 00:02:10 273-12:28:19 672 [jbd2/loop0-8] - root 0 0 00:00:00 273-12:28:19 673 [ext4-rsv-conver] 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1592 00:00:00 272-10:28:25 1006 nano pdns.conf 8:memory:/system.slice,6:devices:/system.slice/dnsadmin.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dnsadmin.service root 167292 4200 00:11:13 273-12:28:08 1491 dnsadmin - dormant mode 8:memory:/system.slice,6:devices:/system.slice/cpdavd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpdavd.service root 261856 24476 00:21:29 273-12:28:08 1494 cpdavd - accepting connections on: 2079, 2080, 2091, 2077, 2078 8:memory:/system.slice,6:devices:/system.slice/tailwatchd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/tailwatchd.service root 206672 19088 00:20:59 273-12:28:08 1495 tailwatchd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 190000 12280 01:20:20 273-12:28:08 1497 cPhulkd - processor 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 251324 124012 00:00:07 03:03:58 2552 /usr/local/cpanel/3rdparty/perl/532/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 - root 0 0 00:00:00 09:23:58 2795 [kworker/4:0] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236536 15152 00:00:06 1-08:07:36 3045 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 252480 121544 00:00:03 02:52:21 3732 spamd child 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 251324 119872 00:00:00 02:52:21 3733 spamd child - root 0 0 00:00:00 02:49:58 3938 [kworker/5:0] 8:memory:/system.slice,6:devices:/system.slice/rpcbind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rpcbind.service rpc 69320 1420 00:00:08 34-03:05:16 6632 /sbin/rpcbind -w 8:memory:/system.slice,6:devices:/system.slice/memcached.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/memcached.service memcached 80044 1612 00:02:24 34-03:05:16 6647 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 8:memory:/system.slice,6:devices:/system.slice/mariadb.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/mariadb.service mysql 3151276 363172 03:23:05 34-03:05:14 6739 /usr/sbin/mysqld 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111300 3920 00:03:55 34-03:05:13 6810 /usr/sbin/sshd -D 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 372020 18568 00:00:51 34-03:05:13 6825 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/sw-engine.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sw-engine.service root 366000 10416 00:00:43 34-03:05:13 6843 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-background-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 382392 29052 00:25:05 34-03:05:13 6858 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 230216 9040 00:00:51 9-03:03:16 7068 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12728 1292 00:00:10 9-03:03:16 7069 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12732 1312 00:00:08 9-03:03:16 7070 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 53084 11604 00:00:00 9-03:03:16 7071 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 51488 2416 00:00:15 9-03:03:15 7108 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47580 5032 00:00:01 9-03:03:15 7114 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47380 5116 00:00:02 9-03:03:15 7115 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 10304 1316 00:00:07 9-03:03:15 7117 dovecot/anvil 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 10436 1508 00:00:03 9-03:03:15 7118 dovecot/log 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47600 5340 00:00:03 9-03:03:15 7119 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47600 5176 00:00:02 9-03:03:15 7120 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 17852 5068 00:00:13 9-03:03:15 7122 dovecot/config 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 13552 1524 00:00:05 9-03:03:15 7123 dovecot/stats 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 86076 12232 00:00:37 9-03:03:14 7166 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 8:memory:/system.slice,6:devices:/system.slice/pure-ftpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-ftpd.service root 153400 3120 00:00:07 9-03:03:14 7198 pure-ftpd (SERVER) 8:memory:/system.slice,6:devices:/system.slice/pure-authd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-authd.service root 152776 2032 00:00:07 9-03:03:14 7199 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth 8:memory:/system.slice,6:devices:/system.slice/cpanel.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel.service root 254624 28644 01:56:56 239-03:04:52 8935 cpsrvd (SSL) - waiting for connections 8:memory:/system.slice,6:devices:/system.slice/atd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/atd.service root 24208 824 00:00:00 229-03:05:25 8955 /usr/sbin/atd -f 8:memory:/system.slice,6:devices:/system.slice/chronyd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/chronyd.service chrony 103732 1740 00:00:17 91-02:40:55 9130 /usr/sbin/chronyd 8:memory:/system.slice,6:devices:/system.slice/xinetd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/xinetd.service root 27380 872 00:00:00 91-02:40:55 9174 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 6:devices:/system.slice/system-serial\x2dgetty.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 740 00:00:00 229-03:04:38 9698 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 6:devices:/system.slice/system-getty.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 728 00:00:00 229-03:04:38 9745 /sbin/agetty --noclear tty1 linux 8:memory:/system.slice,6:devices:/system.slice/acpid.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/acpid.service root 4388 456 00:00:00 229-03:04:34 10005 /usr/sbin/acpid 8:memory:/system.slice,6:devices:/system.slice/crond.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/crond.service root 124500 1592 00:03:27 229-03:04:34 10027 /usr/sbin/crond -n 8:memory:/system.slice,6:devices:/system.slice/pdns.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pdns.service named 809548 12296 00:19:53 113-03:05:44 10057 /usr/sbin/pdns_server --socket-dir=/run/pdns --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236216 13932 00:00:00 01:50:08 10138 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236204 13868 00:00:00 01:50:07 10139 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236232 13896 00:00:00 01:50:07 10140 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/irqbalance.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/irqbalance.service root 21540 1100 00:26:45 229-03:04:33 10141 /usr/sbin/irqbalance --foreground - root 0 0 00:00:00 01:44:58 10598 [kworker/2:1] 8:memory:/system.slice,6:devices:/system.slice/qemu-guest-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 1700 00:00:00 124-02:35:00 13850 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 8:memory:/system.slice,6:devices:/system.slice/smartd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/smartd.service root 52852 2256 00:00:02 124-02:34:59 13907 /usr/sbin/smartd -n -q never 8:memory:/system.slice,6:devices:/system.slice/systemd-logind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-logind.service root 24892 2016 00:19:03 124-02:34:59 13923 /usr/lib/systemd/systemd-logind 8:memory:/system.slice,6:devices:/system.slice/rsyslog.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rsyslog.service root 511032 8652 00:40:14 124-02:34:56 14031 /usr/sbin/rsyslogd -n 8:memory:/system.slice,6:devices:/system.slice/systemd-udevd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-udevd.service root 43532 1324 00:00:00 124-02:34:54 14146 /usr/lib/systemd/systemd-udevd 8:memory:/system.slice,6:devices:/system.slice/systemd-journald.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-journald.service root 40184 8112 01:03:27 124-02:34:53 14218 /usr/lib/systemd/systemd-journald - root 0 0 00:00:00 53:11 14420 [kworker/4:1] - root 0 0 00:00:00 53:08 14440 [kworker/5:1] - root 0 0 00:00:00 53:07 14448 [kworker/3:0] - root 0 0 00:00:00 06:44:57 14554 [kworker/2:2] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236200 14640 00:00:02 13:57:56 14897 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236260 14688 00:00:01 13:57:16 14915 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236216 14320 00:00:00 06:31:01 15636 /usr/sbin/httpd -k start - root 0 0 00:00:00 06:29:22 15813 [kworker/u12:2] - root 0 0 00:00:00 06:14:58 16723 [kworker/0:0] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236264 14332 00:00:00 06:08:57 17147 /usr/sbin/httpd -k start - root 0 0 00:00:00 24:58 17519 [kworker/1:0] - root 0 0 00:00:00 15:08 18826 [kworker/u12:1] - root 0 0 00:00:00 14:58 18955 [kworker/0:1] - root 0 0 00:00:00 04:58 20148 [kworker/0:2] 8:memory:/system.slice,6:devices:/system.slice/queueprocd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/queueprocd.service root 223968 14884 00:04:17 33-03:06:21 20156 queueprocd - waiting up to 60s to process a task - root 0 0 00:00:00 03:58 20354 [kworker/u12:0] 8:memory:/system.slice,6:devices:/system.slice/nscd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/nscd.service nscd 1467604 2676 00:08:28 33-03:06:00 20363 /usr/sbin/nscd 8:memory:/system.slice,6:devices:/system.slice/p0f.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 10012 3464 02:00:09 33-03:06:00 20462 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 8:memory:/system.slice,6:devices:/system.slice/cpanellogd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanellogd.service root 130240 2736 00:00:18 33-03:06:00 20467 cpanellogd - sleeping for logs 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 153352 11964 00:21:12 33-03:06:00 20476 cPhulkd - dbprocessor 8:memory:/system.slice,6:devices:/system.slice/cpanel_php_fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel_php_fpm.service root 255320 6584 00:02:38 33-03:05:57 20541 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 41104 2948 00:00:00 01:32 20657 dovecot/auth 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 41104 2764 00:00:00 01:31 20659 dovecot/auth -w 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 235644 10016 00:00:00 01:14 20685 /usr/sbin/httpd -k start - root 0 0 00:00:00 00:26 20783 [cpsrvd (SSL) - ] <defunct> 8:memory:/system.slice,6:devices:/system.slice/pure-ftpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-ftpd.service root 153404 1152 00:00:00 00:01 20901 pure-ftpd (IDLE) 8:memory:/system.slice,6:devices:/system.slice/pure-ftpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-ftpd.service root 153404 764 00:00:00 00:01 20902 pure-ftpd (PRIV) 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@64273-103.179.190.35:6556-185.3.94.183:48304.service root 113592 1860 00:00:00 00:00 20947 /bin/bash /usr/bin/check_mk_agent 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@64273-103.179.190.35:6556-185.3.94.183:48304.service root 49820 1560 00:00:00 00:00 20970 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 610516 17284 00:03:03 13-03:05:47 21950 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81916 1252 00:00:00 30-03:04:43 22291 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81916 1748 00:10:04 30-03:04:43 22292 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81916 2184 00:00:00 30-03:04:43 22293 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81916 2184 00:00:00 30-03:04:43 22294 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81916 2184 00:00:00 30-03:04:43 22295 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81916 2204 00:03:36 30-03:04:43 22296 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] - root 0 0 00:00:12 19:53:15 23465 [kworker/1:2] 8:memory:/system.slice,6:devices:/system.slice/polkit.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/polkit.service polkitd 610540 11516 00:09:08 89-02:48:59 28815 /usr/lib/polkit-1/polkitd --no-debug 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236340 14628 00:00:01 10:41:44 29551 /usr/sbin/httpd -k start - root 0 0 00:00:00 03:54:58 29850 [kworker/3:1] 8:memory:/user.slice,6:devices:/user.slice,5:cpuacct,cpu:/user.slice,3:blkio:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-687808.scope root 185000 2584 00:00:00 03:24:58 32426 /usr/sbin/CROND -n 8:memory:/user.slice,6:devices:/user.slice,5:cpuacct,cpu:/user.slice,3:blkio:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-687808.scope root 113280 1208 00:00:00 03:24:58 32430 /bin/sh -c sleep $((1 + RANDOM % 5))h $((1 + RANDOM % 60))m; /usr/local/bin/wp-toolkit update-configuration > /dev/null 2> /dev/null || /usr/local/cpanel/3rdparty/wp-toolkit/bin/wp-toolkit-installer.sh --generate-configs > /dev/null 2> /dev/null; /usr/bin/yum -y update wp-toolkit-cpanel > /dev/null 2> /dev/null 8:memory:/user.slice,6:devices:/user.slice,5:cpuacct,cpu:/user.slice,3:blkio:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-687808.scope root 108052 356 00:00:00 03:24:58 32433 sleep 3h 38m Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2023-01-04 21:24 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadf31f362a4Found public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2745.scope static acpid.service enabled aibolit-resident.service enabled alt-php-internal-fpm.service disabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-rquotad.service disabled nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-rquotad.service disabled rpcbind.service enabled rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 301 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK check_mk@62252-103.179.190.35:6556-147.182.144.10:43348.service loaded activating start start Check_MK (147.182.144.10:43348) * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.37 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WordPress Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WordPress Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice Imunify-notifier.slice loaded inactive dead Imunify-notifier.slice Imunify.slice loaded inactive dead Imunify.slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191436 4016 05:48:07 263-21:55:23 1 /usr/lib/systemd/systemd --system --deserialize 24 - root 0 0 00:00:01 263-21:55:23 2 [kthreadd] - root 0 0 00:00:00 263-21:55:23 4 [kworker/0:0H] - root 0 0 00:00:51 263-21:55:23 6 [ksoftirqd/0] - root 0 0 00:00:10 263-21:55:23 7 [migration/0] - root 0 0 00:00:00 263-21:55:23 8 [rcu_bh] - root 0 0 05:04:25 263-21:55:23 9 [rcu_sched] - root 0 0 00:00:00 263-21:55:23 10 [lru-add-drain] - root 0 0 00:01:39 263-21:55:23 11 [watchdog/0] - root 0 0 00:01:32 263-21:55:23 12 [watchdog/1] - root 0 0 00:02:00 263-21:55:23 13 [migration/1] - root 0 0 00:00:42 263-21:55:23 14 [ksoftirqd/1] - root 0 0 00:00:00 263-21:55:23 16 [kworker/1:0H] - root 0 0 00:01:27 263-21:55:23 17 [watchdog/2] - root 0 0 00:00:15 263-21:55:23 18 [migration/2] - root 0 0 00:00:37 263-21:55:23 19 [ksoftirqd/2] - root 0 0 00:00:00 263-21:55:23 21 [kworker/2:0H] - root 0 0 00:01:25 263-21:55:23 22 [watchdog/3] - root 0 0 00:00:13 263-21:55:23 23 [migration/3] - root 0 0 00:01:03 263-21:55:23 24 [ksoftirqd/3] - root 0 0 00:00:00 263-21:55:23 26 [kworker/3:0H] - root 0 0 00:01:23 263-21:55:23 27 [watchdog/4] - root 0 0 00:01:11 263-21:55:23 28 [migration/4] - root 0 0 00:01:23 263-21:55:23 29 [ksoftirqd/4] - root 0 0 00:00:00 263-21:55:23 31 [kworker/4:0H] - root 0 0 00:01:32 263-21:55:23 32 [watchdog/5] - root 0 0 00:00:16 263-21:55:23 33 [migration/5] - root 0 0 00:07:04 263-21:55:23 34 [ksoftirqd/5] - root 0 0 00:00:00 263-21:55:23 36 [kworker/5:0H] - root 0 0 00:00:00 263-21:55:23 38 [kdevtmpfs] - root 0 0 00:00:00 263-21:55:23 39 [netns] - root 0 0 00:00:10 263-21:55:23 40 [khungtaskd] - root 0 0 00:00:00 263-21:55:23 41 [writeback] - root 0 0 00:00:00 263-21:55:23 42 [kintegrityd] - root 0 0 00:00:00 263-21:55:23 43 [bioset] - root 0 0 00:00:00 263-21:55:23 44 [bioset] - root 0 0 00:00:00 263-21:55:23 45 [bioset] - root 0 0 00:00:00 263-21:55:23 46 [kblockd] - root 0 0 00:00:00 263-21:55:23 47 [md] - root 0 0 00:00:00 263-21:55:23 48 [edac-poller] - root 0 0 00:00:00 263-21:55:23 49 [watchdogd] - root 0 0 00:05:13 263-21:55:23 55 [kswapd0] - root 0 0 00:00:00 263-21:55:23 56 [ksmd] - root 0 0 00:00:50 263-21:55:23 57 [khugepaged] - root 0 0 00:00:00 263-21:55:23 58 [crypto] - root 0 0 00:00:00 263-21:55:23 66 [kthrotld] - root 0 0 00:00:00 263-21:55:23 68 [kmpath_rdacd] - root 0 0 00:00:00 263-21:55:23 69 [kaluad] - root 0 0 00:00:00 263-21:55:23 70 [kpsmoused] - root 0 0 00:00:00 263-21:55:22 72 [ipv6_addrconf] - root 0 0 00:00:00 263-21:55:22 86 [deferwq] - root 0 0 00:15:03 263-21:55:22 197 [kauditd] - root 0 0 00:00:00 263-21:55:22 262 [ata_sff] - root 0 0 00:00:00 263-21:55:22 276 [ttm_swap] - root 0 0 00:00:00 263-21:55:22 280 [scsi_eh_0] - root 0 0 00:00:00 263-21:55:22 281 [scsi_tmf_0] - root 0 0 00:00:00 263-21:55:22 282 [scsi_eh_1] - root 0 0 00:00:00 263-21:55:22 283 [scsi_tmf_1] - root 0 0 00:03:32 263-21:55:22 289 [kworker/3:1H] - root 0 0 00:07:46 263-21:55:22 294 [kworker/0:1H] - root 0 0 00:03:20 263-21:55:22 301 [kworker/4:1H] - root 0 0 00:52:34 263-21:55:22 302 [jbd2/vda1-8] - root 0 0 00:00:00 263-21:55:22 303 [ext4-rsv-conver] - root 0 0 00:00:30 263-21:55:22 309 [kworker/2:1H] - root 0 0 00:03:31 263-21:55:21 372 [kworker/5:1H] - root 0 0 00:00:55 263-21:55:21 374 [kworker/1:1H] 8:memory:/system.slice,6:devices:/system.slice/auditd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/auditd.service root 55532 868 00:32:30 263-21:55:20 458 /sbin/auditd 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236296 14140 00:00:00 03:05:15 574 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/dbus.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dbus.service dbus 58296 1660 01:15:56 263-21:55:20 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation - root 0 0 00:05:34 263-21:55:19 671 [loop0] - root 0 0 00:02:05 263-21:55:19 672 [jbd2/loop0-8] - root 0 0 00:00:00 263-21:55:19 673 [ext4-rsv-conver] 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1592 00:00:00 262-19:55:25 1006 nano pdns.conf 8:memory:/system.slice,6:devices:/system.slice/dnsadmin.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dnsadmin.service root 167292 4192 00:10:48 263-21:55:08 1491 dnsadmin - dormant mode 8:memory:/system.slice,6:devices:/system.slice/cpdavd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpdavd.service root 183660 6588 00:20:13 263-21:55:08 1494 cpdavd - accepting connections on: 2079, 2080, 2091, 2077, 2078 (dormant) 8:memory:/system.slice,6:devices:/system.slice/tailwatchd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/tailwatchd.service root 206672 19108 00:19:33 263-21:55:08 1495 tailwatchd 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 190000 12288 01:16:52 263-21:55:08 1497 cPhulkd - processor 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236284 14124 00:00:00 02:24:42 3114 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236264 14068 00:00:00 02:24:42 3115 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236268 14096 00:00:00 02:10:30 4205 /usr/sbin/httpd -k start - root 0 0 00:00:01 1-03:49:19 4596 [kworker/3:2] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236552 14032 00:00:00 01:57:10 4904 /usr/sbin/httpd -k start - root 0 0 00:00:04 08:20:32 5629 [kworker/1:0] 8:memory:/system.slice,6:devices:/system.slice/rpcbind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rpcbind.service rpc 69320 1416 00:00:05 24-12:32:16 6632 /sbin/rpcbind -w 8:memory:/system.slice,6:devices:/system.slice/memcached.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/memcached.service memcached 80044 1616 00:01:42 24-12:32:16 6647 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 86072 12236 00:01:13 24-12:32:16 6680 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 8:memory:/system.slice,6:devices:/system.slice/mariadb.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/mariadb.service mysql 3151276 349036 02:19:13 24-12:32:14 6739 /usr/sbin/mysqld 8:memory:/system.slice,6:devices:/system.slice/sshd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sshd.service root 111300 4292 00:02:46 24-12:32:13 6810 /usr/sbin/sshd -D 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 372020 18816 00:00:36 24-12:32:13 6825 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/sw-engine.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/sw-engine.service root 366000 10664 00:00:30 24-12:32:13 6843 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/wp-toolkit-background-tasks.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 382392 29300 00:17:47 24-12:32:13 6858 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 51636 2320 00:00:36 24-12:32:12 6876 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 10304 1048 00:00:15 24-12:32:12 6880 dovecot/anvil 8:memory:/system.slice,6:devices:/system.slice/pure-ftpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-ftpd.service root 153400 3132 00:00:18 24-12:32:11 6901 pure-ftpd (SERVER) 8:memory:/system.slice,6:devices:/system.slice/pure-authd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pure-authd.service root 152776 2032 00:00:19 24-12:32:11 6926 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth - root 0 0 00:00:00 01:21:57 7703 [kworker/0:0] 8:memory:/system.slice,6:devices:/system.slice/cpanel.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel.service root 254624 28564 01:55:04 229-12:31:52 8935 cpsrvd (SSL) - waiting for connections 8:memory:/system.slice,6:devices:/system.slice/atd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/atd.service root 24208 840 00:00:00 219-12:32:25 8955 /usr/sbin/atd -f 8:memory:/system.slice,6:devices:/system.slice/chronyd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/chronyd.service chrony 103732 1664 00:00:15 81-12:07:55 9130 /usr/sbin/chronyd 8:memory:/system.slice,6:devices:/system.slice/xinetd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/xinetd.service root 27380 872 00:00:00 81-12:07:55 9174 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid - root 0 0 00:00:00 01:06:32 9358 [kworker/u12:1] 6:devices:/system.slice/system-serial\x2dgetty.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 740 00:00:00 219-12:31:38 9698 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 6:devices:/system.slice/system-getty.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 728 00:00:00 219-12:31:38 9745 /sbin/agetty --noclear tty1 linux 8:memory:/system.slice,6:devices:/system.slice/acpid.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/acpid.service root 4388 456 00:00:00 219-12:31:34 10005 /usr/sbin/acpid 8:memory:/system.slice,6:devices:/system.slice/crond.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/crond.service root 124500 1592 00:03:17 219-12:31:34 10027 /usr/sbin/crond -n 8:memory:/system.slice,6:devices:/system.slice/pdns.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/pdns.service named 809548 12216 00:18:20 103-12:32:44 10057 /usr/sbin/pdns_server --socket-dir=/run/pdns --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no 8:memory:/system.slice,6:devices:/system.slice/irqbalance.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/irqbalance.service root 21540 1100 00:25:36 219-12:31:33 10141 /usr/sbin/irqbalance --foreground - root 0 0 00:00:00 41:56 11262 [kworker/3:1] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236204 13484 00:00:00 40:27 11424 /usr/sbin/httpd -k start - root 0 0 00:00:00 31:56 11986 [kworker/4:2] - root 0 0 00:00:00 31:56 11989 [kworker/5:1] 8:memory:/system.slice,6:devices:/system.slice/qemu-guest-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 1700 00:00:00 114-12:02:00 13850 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236188 12880 00:00:00 12:09 13862 /usr/sbin/httpd -k start - root 0 0 00:00:00 11:56 13888 [kworker/0:1] 8:memory:/system.slice,6:devices:/system.slice/smartd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/smartd.service root 52852 2296 00:00:01 114-12:01:59 13907 /usr/sbin/smartd -n -q never 8:memory:/system.slice,6:devices:/system.slice/systemd-logind.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-logind.service root 24892 2016 00:17:31 114-12:01:59 13923 /usr/lib/systemd/systemd-logind 8:memory:/system.slice,6:devices:/system.slice/rsyslog.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/rsyslog.service root 527024 15016 00:36:50 114-12:01:56 14031 /usr/sbin/rsyslogd -n 8:memory:/system.slice,6:devices:/system.slice/systemd-udevd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-udevd.service root 43532 1324 00:00:00 114-12:01:54 14146 /usr/lib/systemd/systemd-udevd 8:memory:/system.slice,6:devices:/system.slice/systemd-journald.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/systemd-journald.service root 56604 20732 00:58:07 114-12:01:53 14218 /usr/lib/systemd/systemd-journald - root 0 0 00:00:00 05:56 14381 [kworker/1:1] - root 0 0 00:00:00 14:06:53 14801 [kworker/5:0] 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 41104 2948 00:00:00 00:45 14921 dovecot/auth 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 41104 2768 00:00:00 00:41 14925 dovecot/auth -w 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service hipress 617392 35932 00:00:00 00:11 14942 php-fpm: pool hipress_vn 8:memory:/system.slice,6:devices:/system.slice/exim.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/exim.service mailnull 86608 9776 00:00:00 00:05 14946 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 190000 11104 00:00:00 00:03 14948 cPhulkd - processor - http socket - root 0 0 00:00:00 00:03 14949 [cpsrvd (SSL) - ] <defunct> 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@62252-103.179.190.35:6556-147.182.144.10:43348.service root 113560 1860 00:00:00 00:00 15089 /bin/bash /usr/bin/check_mk_agent 8:memory:/system.slice,6:devices:/system.slice/system-check_mk.slice,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@62252-103.179.190.35:6556-147.182.144.10:43348.service root 49820 1560 00:00:00 00:00 15112 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 - root 0 0 00:00:00 06:35:56 15532 [kworker/u12:0] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236504 14404 00:00:00 05:33:22 19891 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236632 14420 00:00:00 05:33:22 19892 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/queueprocd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/queueprocd.service root 223968 14872 00:02:53 23-12:33:21 20156 queueprocd - waiting up to 60s to process a task 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47704 5172 00:00:01 7-12:23:41 20341 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47568 5172 00:00:02 7-12:23:41 20342 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 10436 1508 00:00:03 7-12:23:41 20343 dovecot/log 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47604 5272 00:00:03 7-12:23:41 20344 dovecot/pop3-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovenull 47428 5112 00:00:02 7-12:23:41 20345 dovecot/imap-login 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service root 17852 5068 00:00:11 7-12:23:41 20346 dovecot/config 8:memory:/system.slice,6:devices:/system.slice/dovecot.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/dovecot.service dovecot 13552 1528 00:00:04 7-12:23:41 20347 dovecot/stats 8:memory:/system.slice,6:devices:/system.slice/nscd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/nscd.service nscd 1467604 2624 00:05:56 23-12:33:00 20363 /usr/sbin/nscd 8:memory:/system.slice,6:devices:/system.slice/p0f.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 9884 3332 01:26:22 23-12:33:00 20462 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 8:memory:/system.slice,6:devices:/system.slice/cpanellogd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanellogd.service root 130240 2736 00:00:12 23-12:33:00 20467 cpanellogd - sleeping for logs 8:memory:/system.slice,6:devices:/system.slice/cphulkd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cphulkd.service root 153352 11972 00:14:55 23-12:33:00 20476 cPhulkd - dbprocessor 8:memory:/system.slice,6:devices:/system.slice/cpanel_php_fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/cpanel_php_fpm.service root 255320 6584 00:01:50 23-12:32:57 20541 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 251244 123928 00:00:13 12:31:01 20854 /usr/local/cpanel/3rdparty/perl/532/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 252376 121472 00:00:14 12:20:15 21517 spamd child 8:memory:/system.slice,6:devices:/system.slice/spamd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/spamd.service root 251244 119752 00:00:00 12:20:15 21518 spamd child 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 230216 9024 00:00:19 3-12:32:50 21921 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12748 1284 00:00:03 3-12:32:50 21922 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 12752 1304 00:00:02 3-12:32:50 21923 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service root 53088 11752 00:00:00 3-12:32:50 21924 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect 8:memory:/system.slice,6:devices:/system.slice/ea-php74-php-fpm.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 610516 19440 00:00:42 3-12:32:47 21950 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) - root 0 0 00:00:00 05:01:56 22138 [kworker/2:2] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81916 1256 00:00:00 20-12:31:43 22291 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81916 1748 00:06:46 20-12:31:43 22292 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81916 2164 00:00:00 20-12:31:43 22293 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81916 2168 00:00:00 20-12:31:43 22294 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81916 2184 00:00:00 20-12:31:43 22295 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 8:memory:/system.slice,6:devices:/system.slice/zabbix-agent.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81916 2204 00:02:25 20-12:31:43 22296 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] 8:memory:/system.slice,6:devices:/system.slice/httpd.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/httpd.service nobody 236708 14364 00:00:00 04:35:28 23767 /usr/sbin/httpd -k start 8:memory:/system.slice,6:devices:/system.slice/polkit.service,5:cpuacct,cpu:/system.slice,3:blkio:/system.slice,1:name=systemd:/system.slice/polkit.service polkitd 610540 11524 00:08:06 79-12:15:59 28815 /usr/lib/polkit-1/polkitd --no-debug - root 0 0 00:00:00 03:46:56 29036 [kworker/2:0] - root 0 0 00:00:00 03:21:56 31432 [kworker/4:0] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2022-12-26 06:51 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadf3f658a2eFound public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2745.scope static acpid.service enabled aibolit-resident.service enabled alt-php-internal-fpm.service disabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-rquotad.service disabled nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-rquotad.service disabled rpcbind.service enabled rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 301 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK check_mk@59314-103.179.190.35:6556-185.3.94.183:58740.service loaded activating start start Check_MK (185.3.94.183:58740) * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.37 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WordPress Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WordPress Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191436 4020 05:34:01 252-22:46:11 1 /usr/lib/systemd/systemd --system --deserialize 24 - root 0 0 00:00:01 252-22:46:11 2 [kthreadd] - root 0 0 00:00:00 252-22:46:11 4 [kworker/0:0H] - root 0 0 00:00:49 252-22:46:11 6 [ksoftirqd/0] - root 0 0 00:00:09 252-22:46:11 7 [migration/0] - root 0 0 00:00:00 252-22:46:11 8 [rcu_bh] - root 0 0 04:53:04 252-22:46:11 9 [rcu_sched] - root 0 0 00:00:00 252-22:46:11 10 [lru-add-drain] - root 0 0 00:01:35 252-22:46:11 11 [watchdog/0] - root 0 0 00:01:28 252-22:46:11 12 [watchdog/1] - root 0 0 00:01:54 252-22:46:11 13 [migration/1] - root 0 0 00:00:40 252-22:46:11 14 [ksoftirqd/1] - root 0 0 00:00:00 252-22:46:11 16 [kworker/1:0H] - root 0 0 00:01:23 252-22:46:11 17 [watchdog/2] - root 0 0 00:00:14 252-22:46:11 18 [migration/2] - root 0 0 00:00:36 252-22:46:11 19 [ksoftirqd/2] - root 0 0 00:00:00 252-22:46:11 21 [kworker/2:0H] - root 0 0 00:01:21 252-22:46:11 22 [watchdog/3] - root 0 0 00:00:13 252-22:46:11 23 [migration/3] - root 0 0 00:01:01 252-22:46:11 24 [ksoftirqd/3] - root 0 0 00:00:00 252-22:46:11 26 [kworker/3:0H] - root 0 0 00:01:19 252-22:46:11 27 [watchdog/4] - root 0 0 00:01:08 252-22:46:11 28 [migration/4] - root 0 0 00:01:20 252-22:46:11 29 [ksoftirqd/4] - root 0 0 00:00:00 252-22:46:11 31 [kworker/4:0H] - root 0 0 00:01:28 252-22:46:11 32 [watchdog/5] - root 0 0 00:00:15 252-22:46:11 33 [migration/5] - root 0 0 00:06:47 252-22:46:11 34 [ksoftirqd/5] - root 0 0 00:00:00 252-22:46:11 36 [kworker/5:0H] - root 0 0 00:00:00 252-22:46:11 38 [kdevtmpfs] - root 0 0 00:00:00 252-22:46:11 39 [netns] - root 0 0 00:00:10 252-22:46:11 40 [khungtaskd] - root 0 0 00:00:00 252-22:46:11 41 [writeback] - root 0 0 00:00:00 252-22:46:11 42 [kintegrityd] - root 0 0 00:00:00 252-22:46:11 43 [bioset] - root 0 0 00:00:00 252-22:46:11 44 [bioset] - root 0 0 00:00:00 252-22:46:11 45 [bioset] - root 0 0 00:00:00 252-22:46:11 46 [kblockd] - root 0 0 00:00:00 252-22:46:11 47 [md] - root 0 0 00:00:00 252-22:46:11 48 [edac-poller] - root 0 0 00:00:00 252-22:46:11 49 [watchdogd] - root 0 0 00:04:55 252-22:46:11 55 [kswapd0] - root 0 0 00:00:00 252-22:46:11 56 [ksmd] - root 0 0 00:00:48 252-22:46:11 57 [khugepaged] - root 0 0 00:00:00 252-22:46:11 58 [crypto] - root 0 0 00:00:00 252-22:46:11 66 [kthrotld] - root 0 0 00:00:00 252-22:46:11 68 [kmpath_rdacd] - root 0 0 00:00:00 252-22:46:11 69 [kaluad] - root 0 0 00:00:00 252-22:46:11 70 [kpsmoused] - root 0 0 00:00:00 252-22:46:10 72 [ipv6_addrconf] - root 0 0 00:00:00 252-22:46:10 86 [deferwq] - root 0 0 00:14:22 252-22:46:10 197 [kauditd] - root 0 0 00:00:00 252-22:46:10 262 [ata_sff] - root 0 0 00:00:00 252-22:46:10 276 [ttm_swap] - root 0 0 00:00:00 252-22:46:10 280 [scsi_eh_0] - root 0 0 00:00:00 252-22:46:10 281 [scsi_tmf_0] - root 0 0 00:00:00 252-22:46:10 282 [scsi_eh_1] - root 0 0 00:00:00 252-22:46:10 283 [scsi_tmf_1] - root 0 0 00:03:22 252-22:46:10 289 [kworker/3:1H] - root 0 0 00:07:29 252-22:46:10 294 [kworker/0:1H] - root 0 0 00:03:11 252-22:46:10 301 [kworker/4:1H] - root 0 0 00:50:22 252-22:46:10 302 [jbd2/vda1-8] - root 0 0 00:00:00 252-22:46:10 303 [ext4-rsv-conver] - root 0 0 00:00:29 252-22:46:10 309 [kworker/2:1H] - root 0 0 00:03:21 252-22:46:09 372 [kworker/5:1H] - root 0 0 00:00:53 252-22:46:09 374 [kworker/1:1H] 6:devices:/system.slice/auditd.service,1:name=systemd:/system.slice/auditd.service root 55532 868 00:31:00 252-22:46:08 458 /sbin/auditd 6:devices:/system.slice/dbus.service,1:name=systemd:/system.slice/dbus.service dbus 58296 1660 01:12:26 252-22:46:08 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation - root 0 0 00:05:21 252-22:46:07 671 [loop0] - root 0 0 00:02:00 252-22:46:07 672 [jbd2/loop0-8] - root 0 0 00:00:00 252-22:46:07 673 [ext4-rsv-conver] 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1592 00:00:00 251-20:46:13 1006 nano pdns.conf 6:devices:/system.slice/dnsadmin.service,1:name=systemd:/system.slice/dnsadmin.service root 167292 4200 00:10:20 252-22:45:56 1491 dnsadmin - dormant mode 6:devices:/system.slice/cpdavd.service,1:name=systemd:/system.slice/cpdavd.service root 183660 6588 00:18:42 252-22:45:56 1494 cpdavd - accepting connections on: 2079, 2080, 2091, 2077, 2078 (dormant) 6:devices:/system.slice/tailwatchd.service,1:name=systemd:/system.slice/tailwatchd.service root 206512 19284 00:18:09 252-22:45:56 1495 tailwatchd 6:devices:/system.slice/cphulkd.service,1:name=systemd:/system.slice/cphulkd.service root 190000 12316 01:12:44 252-22:45:56 1497 cPhulkd - processor - root 0 0 00:00:00 04:11:32 1625 [kworker/2:1] - root 0 0 00:00:00 09:52:42 4207 [kworker/5:2] 6:devices:/system.slice/rpcbind.service,1:name=systemd:/system.slice/rpcbind.service rpc 69320 1424 00:00:03 13-13:23:04 6632 /sbin/rpcbind -w 6:devices:/system.slice/memcached.service,1:name=systemd:/system.slice/memcached.service memcached 80044 1616 00:00:56 13-13:23:04 6647 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 6:devices:/system.slice/exim.service,1:name=systemd:/system.slice/exim.service mailnull 86076 12236 00:00:38 13-13:23:04 6680 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 6:devices:/system.slice/mariadb.service,1:name=systemd:/system.slice/mariadb.service mysql 2624588 297884 01:20:05 13-13:23:02 6739 /usr/sbin/mysqld 6:devices:/system.slice/sshd.service,1:name=systemd:/system.slice/sshd.service root 111300 4292 00:01:22 13-13:23:01 6810 /usr/sbin/sshd -D 6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 372020 18832 00:00:20 13-13:23:01 6825 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php 6:devices:/system.slice/sw-engine.service,1:name=systemd:/system.slice/sw-engine.service root 366000 10676 00:00:16 13-13:23:01 6843 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 6:devices:/system.slice/wp-toolkit-background-tasks.service,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 382392 29312 00:09:48 13-13:23:01 6858 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service root 51636 2536 00:00:18 13-13:23:00 6876 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovecot 10304 1316 00:00:07 13-13:23:00 6880 dovecot/anvil 6:devices:/system.slice/pure-ftpd.service,1:name=systemd:/system.slice/pure-ftpd.service root 153400 3120 00:00:11 13-13:22:59 6901 pure-ftpd (SERVER) 6:devices:/system.slice/pure-authd.service,1:name=systemd:/system.slice/pure-authd.service root 152776 2032 00:00:11 13-13:22:59 6926 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth 6:devices:/system.slice/cpanel.service,1:name=systemd:/system.slice/cpanel.service root 168184 4788 01:52:51 218-13:22:40 8935 cpsrvd (SSL) - dormant mode - accepting connections 6:devices:/system.slice/atd.service,1:name=systemd:/system.slice/atd.service root 24208 872 00:00:00 208-13:23:13 8955 /usr/sbin/atd -f 6:devices:/system.slice/chronyd.service,1:name=systemd:/system.slice/chronyd.service chrony 103732 1592 00:00:13 70-12:58:43 9130 /usr/sbin/chronyd 6:devices:/system.slice/xinetd.service,1:name=systemd:/system.slice/xinetd.service root 27380 872 00:00:00 70-12:58:43 9174 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 6:devices:/system.slice/system-serial\x2dgetty.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 740 00:00:00 208-13:22:26 9698 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 6:devices:/system.slice/system-getty.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 728 00:00:00 208-13:22:26 9745 /sbin/agetty --noclear tty1 linux 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236208 13752 00:00:00 02:09:51 9878 /usr/sbin/httpd -k start 6:devices:/system.slice/acpid.service,1:name=systemd:/system.slice/acpid.service root 4388 456 00:00:00 208-13:22:22 10005 /usr/sbin/acpid 6:devices:/system.slice/crond.service,1:name=systemd:/system.slice/crond.service root 124500 1592 00:03:07 208-13:22:22 10027 /usr/sbin/crond -n 6:devices:/system.slice/pdns.service,1:name=systemd:/system.slice/pdns.service named 809548 12164 00:16:37 92-13:23:32 10057 /usr/sbin/pdns_server --socket-dir=/run/pdns --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no 6:devices:/system.slice/irqbalance.service,1:name=systemd:/system.slice/irqbalance.service root 21540 1100 00:24:21 208-13:22:21 10141 /usr/sbin/irqbalance --foreground 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236464 14056 00:00:00 01:59:06 10512 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236212 13912 00:00:00 01:26:36 12224 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236220 13924 00:00:00 01:26:31 12225 /usr/sbin/httpd -k start - root 0 0 00:00:00 01:22:43 12439 [kworker/2:0] 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236368 13892 00:00:00 01:21:18 12479 /usr/sbin/httpd -k start - root 0 0 00:00:00 01:12:42 12936 [kworker/5:1] - root 0 0 00:00:00 01:01:20 13648 [kworker/u12:0] 6:devices:/system.slice/qemu-guest-agent.service,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 1700 00:00:00 103-12:52:48 13850 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 6:devices:/system.slice/smartd.service,1:name=systemd:/system.slice/smartd.service root 52852 2376 00:00:01 103-12:52:47 13907 /usr/sbin/smartd -n -q never 6:devices:/system.slice/systemd-logind.service,1:name=systemd:/system.slice/systemd-logind.service root 24892 2000 00:15:46 103-12:52:47 13923 /usr/lib/systemd/systemd-logind 6:devices:/system.slice/ea-php74-php-fpm.service,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 610516 21620 00:01:25 6-13:18:12 13966 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) 6:devices:/system.slice/rsyslog.service,1:name=systemd:/system.slice/rsyslog.service root 538272 18512 00:32:53 103-12:52:44 14031 /usr/sbin/rsyslogd -n 6:devices:/system.slice/systemd-udevd.service,1:name=systemd:/system.slice/systemd-udevd.service root 43532 1324 00:00:00 103-12:52:42 14146 /usr/lib/systemd/systemd-udevd 6:devices:/system.slice/systemd-journald.service,1:name=systemd:/system.slice/systemd-journald.service root 64792 27532 00:51:43 103-12:52:41 14218 /usr/lib/systemd/systemd-journald 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236116 13508 00:00:00 45:11 14528 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236124 13632 00:00:00 45:10 14529 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236264 13540 00:00:00 45:09 14533 /usr/sbin/httpd -k start - root 0 0 00:00:00 32:43 15250 [kworker/4:1] - root 0 0 00:00:00 22:43 15834 [kworker/3:2] - root 0 0 00:00:01 14:00:35 16082 [kworker/u12:2] - root 0 0 00:00:00 17:38 16127 [kworker/0:0] - root 0 0 00:00:00 12:43 16375 [kworker/1:1] - root 0 0 00:00:00 07:42 16746 [kworker/3:0] - root 0 0 00:00:00 02:43 17093 [kworker/5:0] 6:devices:/system.slice/system-check_mk.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@59314-103.179.190.35:6556-185.3.94.183:58740.service root 113560 1864 00:00:00 00:00 17312 /bin/bash /usr/bin/check_mk_agent 6:devices:/system.slice/system-check_mk.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@59314-103.179.190.35:6556-185.3.94.183:58740.service root 49820 1560 00:00:00 00:00 17335 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service root 230216 9480 00:00:02 13:24:10 19019 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service root 12756 1416 00:00:00 13:24:10 19020 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service root 12768 1424 00:00:00 13:24:10 19021 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service root 53092 11752 00:00:00 13:24:10 19022 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect - root 0 0 00:00:15 1-02:42:43 19596 [kworker/1:0] 6:devices:/system.slice/spamd.service,1:name=systemd:/system.slice/spamd.service root 251432 124120 00:00:14 13:21:33 19888 /usr/local/cpanel/3rdparty/perl/532/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 6:devices:/system.slice/queueprocd.service,1:name=systemd:/system.slice/queueprocd.service root 223968 14892 00:01:19 12-13:24:09 20156 queueprocd - waiting up to 60s to process a task 6:devices:/system.slice/nscd.service,1:name=systemd:/system.slice/nscd.service nscd 1400016 2632 00:03:08 12-13:23:48 20363 /usr/sbin/nscd 6:devices:/system.slice/p0f.service,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 9872 3324 00:45:48 12-13:23:48 20462 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 6:devices:/system.slice/cpanellogd.service,1:name=systemd:/system.slice/cpanellogd.service root 130240 2736 00:00:06 12-13:23:48 20467 cpanellogd - sleeping for logs 6:devices:/system.slice/cphulkd.service,1:name=systemd:/system.slice/cphulkd.service root 153000 11700 00:07:07 12-13:23:48 20476 cPhulkd - dbprocessor 6:devices:/system.slice/cpanel_php_fpm.service,1:name=systemd:/system.slice/cpanel_php_fpm.service root 255320 6584 00:00:58 12-13:23:45 20541 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) 6:devices:/system.slice/spamd.service,1:name=systemd:/system.slice/spamd.service root 252580 121700 00:00:12 13:07:35 21034 spamd child 6:devices:/system.slice/spamd.service,1:name=systemd:/system.slice/spamd.service root 251432 120016 00:00:00 13:07:35 21035 spamd child 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81916 1256 00:00:00 9-13:22:31 22291 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81916 1748 00:03:08 9-13:22:31 22292 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81916 2176 00:00:00 9-13:22:31 22293 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81916 2176 00:00:00 9-13:22:31 22294 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81916 2176 00:00:00 9-13:22:31 22295 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81916 2204 00:01:07 9-13:22:31 22296 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236500 14248 00:00:00 05:53:35 25005 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236284 14188 00:00:00 05:18:53 27575 /usr/sbin/httpd -k start 6:devices:/system.slice/polkit.service,1:name=systemd:/system.slice/polkit.service polkitd 610540 11528 00:06:55 68-13:06:47 28815 /usr/lib/polkit-1/polkitd --no-debug - root 0 0 00:00:02 16:41:44 29271 [kworker/0:1] - root 0 0 00:00:00 04:40:39 30637 [kworker/4:2] 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovenull 47464 5316 00:00:01 6-16:14:27 31377 dovecot/pop3-login 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovenull 48496 5852 00:00:02 6-16:14:27 31378 dovecot/imap-login 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service root 10436 1616 00:00:02 6-16:14:27 31380 dovecot/log 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovenull 47964 5536 00:00:02 6-16:14:27 31381 dovecot/pop3-login 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovenull 47816 5248 00:00:01 6-16:14:27 31382 dovecot/imap-login 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service root 17852 5056 00:00:08 6-16:14:27 31383 dovecot/config 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovecot 13552 1520 00:00:03 6-16:14:27 31384 dovecot/stats Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2022-12-15 07:42 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadf0a985ef1Found public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2745.scope static acpid.service enabled aibolit-resident.service enabled alt-php-internal-fpm.service disabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-rquotad.service disabled nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-rquotad.service disabled rpcbind.service enabled rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 301 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK check_mk@58301-103.179.190.35:6556-147.182.144.10:42328.service loaded activating start start Check_MK (147.182.144.10:42328) * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.37 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WordPress Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WordPress Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191436 4016 05:29:25 249-02:45:44 1 /usr/lib/systemd/systemd --system --deserialize 24 - root 0 0 00:00:01 249-02:45:44 2 [kthreadd] - root 0 0 00:00:00 249-02:45:44 4 [kworker/0:0H] - root 0 0 00:00:47 249-02:45:44 6 [ksoftirqd/0] - root 0 0 00:00:09 249-02:45:44 7 [migration/0] - root 0 0 00:00:00 249-02:45:44 8 [rcu_bh] - root 0 0 04:49:08 249-02:45:44 9 [rcu_sched] - root 0 0 00:00:00 249-02:45:44 10 [lru-add-drain] - root 0 0 00:01:34 249-02:45:44 11 [watchdog/0] - root 0 0 00:01:26 249-02:45:44 12 [watchdog/1] - root 0 0 00:01:52 249-02:45:44 13 [migration/1] - root 0 0 00:00:40 249-02:45:44 14 [ksoftirqd/1] - root 0 0 00:00:00 249-02:45:44 16 [kworker/1:0H] - root 0 0 00:01:22 249-02:45:44 17 [watchdog/2] - root 0 0 00:00:14 249-02:45:44 18 [migration/2] - root 0 0 00:00:35 249-02:45:44 19 [ksoftirqd/2] - root 0 0 00:00:00 249-02:45:44 21 [kworker/2:0H] - root 0 0 00:01:20 249-02:45:44 22 [watchdog/3] - root 0 0 00:00:12 249-02:45:44 23 [migration/3] - root 0 0 00:01:00 249-02:45:44 24 [ksoftirqd/3] - root 0 0 00:00:00 249-02:45:44 26 [kworker/3:0H] - root 0 0 00:01:18 249-02:45:44 27 [watchdog/4] - root 0 0 00:01:07 249-02:45:44 28 [migration/4] - root 0 0 00:01:18 249-02:45:44 29 [ksoftirqd/4] - root 0 0 00:00:00 249-02:45:44 31 [kworker/4:0H] - root 0 0 00:01:27 249-02:45:44 32 [watchdog/5] - root 0 0 00:00:15 249-02:45:44 33 [migration/5] - root 0 0 00:06:41 249-02:45:44 34 [ksoftirqd/5] - root 0 0 00:00:00 249-02:45:44 36 [kworker/5:0H] - root 0 0 00:00:00 249-02:45:44 38 [kdevtmpfs] - root 0 0 00:00:00 249-02:45:44 39 [netns] - root 0 0 00:00:10 249-02:45:44 40 [khungtaskd] - root 0 0 00:00:00 249-02:45:44 41 [writeback] - root 0 0 00:00:00 249-02:45:44 42 [kintegrityd] - root 0 0 00:00:00 249-02:45:44 43 [bioset] - root 0 0 00:00:00 249-02:45:44 44 [bioset] - root 0 0 00:00:00 249-02:45:44 45 [bioset] - root 0 0 00:00:00 249-02:45:44 46 [kblockd] - root 0 0 00:00:00 249-02:45:44 47 [md] - root 0 0 00:00:00 249-02:45:44 48 [edac-poller] - root 0 0 00:00:00 249-02:45:44 49 [watchdogd] - root 0 0 00:04:55 249-02:45:44 55 [kswapd0] - root 0 0 00:00:00 249-02:45:44 56 [ksmd] - root 0 0 00:00:47 249-02:45:44 57 [khugepaged] - root 0 0 00:00:00 249-02:45:44 58 [crypto] - root 0 0 00:00:00 249-02:45:44 66 [kthrotld] - root 0 0 00:00:00 249-02:45:44 68 [kmpath_rdacd] - root 0 0 00:00:00 249-02:45:44 69 [kaluad] - root 0 0 00:00:00 249-02:45:44 70 [kpsmoused] - root 0 0 00:00:00 249-02:45:43 72 [ipv6_addrconf] - root 0 0 00:00:00 249-02:45:43 86 [deferwq] - root 0 0 00:14:08 249-02:45:43 197 [kauditd] - root 0 0 00:00:00 249-02:45:43 262 [ata_sff] - root 0 0 00:00:00 249-02:45:43 276 [ttm_swap] - root 0 0 00:00:00 249-02:45:43 280 [scsi_eh_0] - root 0 0 00:00:00 249-02:45:43 281 [scsi_tmf_0] - root 0 0 00:00:00 249-02:45:43 282 [scsi_eh_1] - root 0 0 00:00:00 249-02:45:43 283 [scsi_tmf_1] - root 0 0 00:03:20 249-02:45:43 289 [kworker/3:1H] - root 0 0 00:07:20 249-02:45:43 294 [kworker/0:1H] - root 0 0 00:03:09 249-02:45:43 301 [kworker/4:1H] - root 0 0 00:49:32 249-02:45:43 302 [jbd2/vda1-8] - root 0 0 00:00:00 249-02:45:43 303 [ext4-rsv-conver] - root 0 0 00:00:28 249-02:45:43 309 [kworker/2:1H] - root 0 0 00:03:18 249-02:45:42 372 [kworker/5:1H] - root 0 0 00:00:52 249-02:45:42 374 [kworker/1:1H] 6:devices:/system.slice/auditd.service,1:name=systemd:/system.slice/auditd.service root 55532 868 00:30:30 249-02:45:41 458 /sbin/auditd 6:devices:/system.slice/dbus.service,1:name=systemd:/system.slice/dbus.service dbus 58296 1660 01:11:16 249-02:45:41 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation - root 0 0 00:05:16 249-02:45:40 671 [loop0] - root 0 0 00:01:59 249-02:45:40 672 [jbd2/loop0-8] - root 0 0 00:00:00 249-02:45:40 673 [ext4-rsv-conver] 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1592 00:00:00 248-00:45:46 1006 nano pdns.conf 6:devices:/system.slice/dnsadmin.service,1:name=systemd:/system.slice/dnsadmin.service root 167292 4204 00:10:11 249-02:45:29 1491 dnsadmin - dormant mode 6:devices:/system.slice/cpdavd.service,1:name=systemd:/system.slice/cpdavd.service root 261876 24472 00:18:09 249-02:45:29 1494 cpdavd - accepting connections on: 2079, 2080, 2091, 2077, 2078 6:devices:/system.slice/tailwatchd.service,1:name=systemd:/system.slice/tailwatchd.service root 206540 19068 00:17:51 249-02:45:29 1495 tailwatchd 6:devices:/system.slice/cphulkd.service,1:name=systemd:/system.slice/cphulkd.service root 190000 12320 01:11:31 249-02:45:29 1497 cPhulkd - processor 6:devices:/system.slice/spamd.service,1:name=systemd:/system.slice/spamd.service root 251456 124180 00:00:17 17:18:42 5168 /usr/local/cpanel/3rdparty/perl/532/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 - root 0 0 00:00:01 17:12:16 5780 [kworker/5:2] 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236300 14448 00:00:01 06:19:07 5968 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236220 14368 00:00:01 06:19:07 5969 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236308 14480 00:00:01 06:19:06 5970 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236272 14324 00:00:01 06:19:06 5973 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236480 14444 00:00:01 06:17:35 6025 /usr/sbin/httpd -k start 6:devices:/system.slice/rpcbind.service,1:name=systemd:/system.slice/rpcbind.service rpc 69320 1424 00:00:02 9-17:22:37 6632 /sbin/rpcbind -w 6:devices:/system.slice/memcached.service,1:name=systemd:/system.slice/memcached.service memcached 80044 1616 00:00:40 9-17:22:37 6647 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 6:devices:/system.slice/exim.service,1:name=systemd:/system.slice/exim.service mailnull 86076 12236 00:00:31 9-17:22:37 6680 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 6:devices:/system.slice/spamd.service,1:name=systemd:/system.slice/spamd.service root 252572 121720 00:00:18 17:05:48 6720 spamd child 6:devices:/system.slice/spamd.service,1:name=systemd:/system.slice/spamd.service root 251456 120008 00:00:00 17:05:48 6721 spamd child 6:devices:/system.slice/mariadb.service,1:name=systemd:/system.slice/mariadb.service mysql 2624588 291432 00:53:26 9-17:22:35 6739 /usr/sbin/mysqld 6:devices:/system.slice/sshd.service,1:name=systemd:/system.slice/sshd.service root 111300 4292 00:00:55 9-17:22:34 6810 /usr/sbin/sshd -D 6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 372020 18832 00:00:14 9-17:22:34 6825 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php 6:devices:/system.slice/sw-engine.service,1:name=systemd:/system.slice/sw-engine.service root 366000 10676 00:00:11 9-17:22:34 6843 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 6:devices:/system.slice/wp-toolkit-background-tasks.service,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 382392 29312 00:07:03 9-17:22:34 6858 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service root 51636 2536 00:00:14 9-17:22:33 6876 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovecot 10304 1316 00:00:06 9-17:22:33 6880 dovecot/anvil 6:devices:/system.slice/pure-ftpd.service,1:name=systemd:/system.slice/pure-ftpd.service root 153400 3120 00:00:09 9-17:22:32 6901 pure-ftpd (SERVER) 6:devices:/system.slice/pure-authd.service,1:name=systemd:/system.slice/pure-authd.service root 152776 2032 00:00:09 9-17:22:32 6926 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth 6:devices:/system.slice/cpanel.service,1:name=systemd:/system.slice/cpanel.service root 254624 28712 01:50:58 214-17:22:13 8935 cpsrvd (SSL) - waiting for connections 6:devices:/system.slice/atd.service,1:name=systemd:/system.slice/atd.service root 24208 872 00:00:00 204-17:22:46 8955 /usr/sbin/atd -f 6:devices:/system.slice/chronyd.service,1:name=systemd:/system.slice/chronyd.service chrony 103732 1556 00:00:12 66-16:58:16 9130 /usr/sbin/chronyd 6:devices:/system.slice/xinetd.service,1:name=systemd:/system.slice/xinetd.service root 27380 872 00:00:00 66-16:58:16 9174 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 6:devices:/system.slice/system-serial\x2dgetty.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 740 00:00:00 204-17:21:59 9698 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 6:devices:/system.slice/system-getty.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 728 00:00:00 204-17:21:59 9745 /sbin/agetty --noclear tty1 linux 6:devices:/system.slice/acpid.service,1:name=systemd:/system.slice/acpid.service root 4388 456 00:00:00 204-17:21:55 10005 /usr/sbin/acpid 6:devices:/system.slice/crond.service,1:name=systemd:/system.slice/crond.service root 124500 1592 00:03:04 204-17:21:55 10027 /usr/sbin/crond -n 6:devices:/system.slice/pdns.service,1:name=systemd:/system.slice/pdns.service named 809548 12160 00:16:02 88-17:23:05 10057 /usr/sbin/pdns_server --socket-dir=/run/pdns --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no 6:devices:/system.slice/irqbalance.service,1:name=systemd:/system.slice/irqbalance.service root 21540 1100 00:23:55 204-17:21:54 10141 /usr/sbin/irqbalance --foreground - root 0 0 00:00:00 04:33:16 12222 [kworker/4:2] 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236256 14268 00:00:00 04:16:07 13435 /usr/sbin/httpd -k start 6:devices:/system.slice/qemu-guest-agent.service,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 1700 00:00:00 99-16:52:21 13850 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 6:devices:/system.slice/smartd.service,1:name=systemd:/system.slice/smartd.service root 52852 2296 00:00:01 99-16:52:20 13907 /usr/sbin/smartd -n -q never 6:devices:/system.slice/systemd-logind.service,1:name=systemd:/system.slice/systemd-logind.service root 24892 2000 00:15:11 99-16:52:20 13923 /usr/lib/systemd/systemd-logind 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service root 230216 8980 00:00:14 2-17:17:49 13931 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service root 12764 1288 00:00:02 2-17:17:49 13932 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service root 12776 1292 00:00:02 2-17:17:49 13933 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service root 53092 11752 00:00:00 2-17:17:49 13934 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect 6:devices:/system.slice/ea-php74-php-fpm.service,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 610516 17168 00:00:35 2-17:17:45 13966 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) - root 0 0 00:00:00 04:10:12 13968 [kworker/2:1] 6:devices:/system.slice/rsyslog.service,1:name=systemd:/system.slice/rsyslog.service root 514176 10540 00:31:36 99-16:52:17 14031 /usr/sbin/rsyslogd -n 6:devices:/system.slice/systemd-udevd.service,1:name=systemd:/system.slice/systemd-udevd.service root 43532 1324 00:00:00 99-16:52:15 14146 /usr/lib/systemd/systemd-udevd 6:devices:/system.slice/systemd-journald.service,1:name=systemd:/system.slice/systemd-journald.service root 48376 11056 00:49:35 99-16:52:14 14218 /usr/lib/systemd/systemd-journald - root 0 0 00:00:00 03:53:05 15011 [kworker/u12:0] 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236196 14160 00:00:00 03:32:42 16333 /usr/sbin/httpd -k start - root 0 0 00:00:03 22:10:14 16428 [kworker/0:0] - root 0 0 00:00:02 1-04:36:03 19835 [kworker/u12:2] 6:devices:/system.slice/queueprocd.service,1:name=systemd:/system.slice/queueprocd.service root 223968 14816 00:00:49 8-17:23:42 20156 queueprocd - waiting up to 60s to process a task 6:devices:/system.slice/nscd.service,1:name=systemd:/system.slice/nscd.service nscd 1400016 2616 00:02:11 8-17:23:21 20363 /usr/sbin/nscd 6:devices:/system.slice/p0f.service,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 9920 3368 00:31:45 8-17:23:21 20462 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 6:devices:/system.slice/cpanellogd.service,1:name=systemd:/system.slice/cpanellogd.service root 130240 2736 00:00:04 8-17:23:21 20467 cpanellogd - sleeping for logs 6:devices:/system.slice/cphulkd.service,1:name=systemd:/system.slice/cphulkd.service root 153000 11700 00:04:57 8-17:23:21 20476 cPhulkd - dbprocessor 6:devices:/system.slice/cpanel_php_fpm.service,1:name=systemd:/system.slice/cpanel_php_fpm.service root 255320 6584 00:00:40 8-17:23:18 20541 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) - root 0 0 00:00:00 02:32:16 20597 [kworker/0:2] - root 0 0 00:00:12 20:52:16 21793 [kworker/1:2] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81916 1256 00:00:00 5-17:22:04 22291 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81916 1748 00:01:52 5-17:22:04 22292 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81916 2176 00:00:00 5-17:22:04 22293 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81916 2176 00:00:00 5-17:22:04 22294 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81916 2176 00:00:00 5-17:22:04 22295 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81916 2204 00:00:40 5-17:22:04 22296 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] - root 0 0 00:00:00 01:10:12 26864 [kworker/5:0] - root 0 0 00:00:00 01:02:16 27388 [kworker/3:1] - root 0 0 00:00:00 47:12 28432 [kworker/4:1] - root 0 0 00:00:00 08:22:16 28631 [kworker/3:2] 6:devices:/system.slice/polkit.service,1:name=systemd:/system.slice/polkit.service polkitd 610540 11528 00:06:32 64-17:06:20 28815 /usr/lib/polkit-1/polkitd --no-debug - root 0 0 00:00:00 41:16 28854 [kworker/2:0] 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236076 13416 00:00:00 32:59 29559 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236304 14612 00:00:03 08:06:24 29949 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236248 14412 00:00:02 07:57:36 30649 /usr/sbin/httpd -k start - root 0 0 00:00:00 12:16 31360 [kworker/1:1] 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovenull 47404 5016 00:00:00 2-20:14:00 31377 dovecot/pop3-login 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovenull 47412 4992 00:00:01 2-20:14:00 31378 dovecot/imap-login 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service root 10436 1508 00:00:01 2-20:14:00 31380 dovecot/log 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovenull 47408 5124 00:00:01 2-20:14:00 31381 dovecot/pop3-login 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovenull 47420 4984 00:00:00 2-20:14:00 31382 dovecot/imap-login 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service root 17852 5056 00:00:04 2-20:14:00 31383 dovecot/config 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovecot 13552 1520 00:00:01 2-20:14:00 31384 dovecot/stats 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovecot 41104 2948 00:00:00 04:15 31960 dovecot/auth 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service root 41104 2768 00:00:00 04:14 31962 dovecot/auth -w - root 0 0 00:00:00 02:15 32132 [kworker/2:2] 6:devices:/system.slice/system-check_mk.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@58301-103.179.190.35:6556-147.182.144.10:42328.service root 113600 1864 00:00:00 00:00 32346 /bin/bash /usr/bin/check_mk_agent 6:devices:/system.slice/system-check_mk.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@58301-103.179.190.35:6556-147.182.144.10:42328.service root 49820 1560 00:00:00 00:00 32369 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2022-12-11 11:42 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadf6157bffeFound public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2745.scope static acpid.service enabled aibolit-resident.service enabled alt-php-internal-fpm.service disabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-rquotad.service disabled nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-rquotad.service disabled rpcbind.service enabled rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 301 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK check_mk@56529-103.179.190.35:6556-164.92.135.200:57640.service loaded activating start start Check_MK (164.92.135.200:57640) * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.37 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WordPress Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WordPress Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191436 4016 05:21:06 242-12:28:17 1 /usr/lib/systemd/systemd --system --deserialize 24 - root 0 0 00:00:01 242-12:28:17 2 [kthreadd] - root 0 0 00:00:00 242-12:28:17 4 [kworker/0:0H] - root 0 0 00:00:46 242-12:28:17 6 [ksoftirqd/0] - root 0 0 00:00:09 242-12:28:17 7 [migration/0] - root 0 0 00:00:00 242-12:28:17 8 [rcu_bh] - root 0 0 04:42:45 242-12:28:17 9 [rcu_sched] - root 0 0 00:00:00 242-12:28:17 10 [lru-add-drain] - root 0 0 00:01:31 242-12:28:17 11 [watchdog/0] - root 0 0 00:01:24 242-12:28:17 12 [watchdog/1] - root 0 0 00:01:49 242-12:28:17 13 [migration/1] - root 0 0 00:00:39 242-12:28:17 14 [ksoftirqd/1] - root 0 0 00:00:00 242-12:28:17 16 [kworker/1:0H] - root 0 0 00:01:20 242-12:28:17 17 [watchdog/2] - root 0 0 00:00:14 242-12:28:17 18 [migration/2] - root 0 0 00:00:35 242-12:28:17 19 [ksoftirqd/2] - root 0 0 00:00:00 242-12:28:17 21 [kworker/2:0H] - root 0 0 00:01:18 242-12:28:17 22 [watchdog/3] - root 0 0 00:00:12 242-12:28:17 23 [migration/3] - root 0 0 00:00:58 242-12:28:17 24 [ksoftirqd/3] - root 0 0 00:00:00 242-12:28:17 26 [kworker/3:0H] - root 0 0 00:01:16 242-12:28:17 27 [watchdog/4] - root 0 0 00:01:05 242-12:28:17 28 [migration/4] - root 0 0 00:01:16 242-12:28:17 29 [ksoftirqd/4] - root 0 0 00:00:00 242-12:28:17 31 [kworker/4:0H] - root 0 0 00:01:25 242-12:28:17 32 [watchdog/5] - root 0 0 00:00:15 242-12:28:17 33 [migration/5] - root 0 0 00:06:31 242-12:28:17 34 [ksoftirqd/5] - root 0 0 00:00:00 242-12:28:17 36 [kworker/5:0H] - root 0 0 00:00:00 242-12:28:17 38 [kdevtmpfs] - root 0 0 00:00:00 242-12:28:17 39 [netns] - root 0 0 00:00:09 242-12:28:17 40 [khungtaskd] - root 0 0 00:00:00 242-12:28:17 41 [writeback] - root 0 0 00:00:00 242-12:28:17 42 [kintegrityd] - root 0 0 00:00:00 242-12:28:17 43 [bioset] - root 0 0 00:00:00 242-12:28:17 44 [bioset] - root 0 0 00:00:00 242-12:28:17 45 [bioset] - root 0 0 00:00:00 242-12:28:17 46 [kblockd] - root 0 0 00:00:00 242-12:28:17 47 [md] - root 0 0 00:00:00 242-12:28:17 48 [edac-poller] - root 0 0 00:00:00 242-12:28:17 49 [watchdogd] - root 0 0 00:04:46 242-12:28:17 55 [kswapd0] - root 0 0 00:00:00 242-12:28:17 56 [ksmd] - root 0 0 00:00:46 242-12:28:17 57 [khugepaged] - root 0 0 00:00:00 242-12:28:17 58 [crypto] - root 0 0 00:00:00 242-12:28:17 66 [kthrotld] - root 0 0 00:00:00 242-12:28:17 68 [kmpath_rdacd] - root 0 0 00:00:00 242-12:28:17 69 [kaluad] - root 0 0 00:00:00 242-12:28:17 70 [kpsmoused] - root 0 0 00:00:00 242-12:28:16 72 [ipv6_addrconf] - root 0 0 00:00:00 242-12:28:16 86 [deferwq] - root 0 0 00:13:50 242-12:28:16 197 [kauditd] - root 0 0 00:00:00 242-12:28:16 262 [ata_sff] - root 0 0 00:00:00 242-12:28:16 276 [ttm_swap] - root 0 0 00:00:00 242-12:28:16 280 [scsi_eh_0] - root 0 0 00:00:00 242-12:28:16 281 [scsi_tmf_0] - root 0 0 00:00:00 242-12:28:16 282 [scsi_eh_1] - root 0 0 00:00:00 242-12:28:16 283 [scsi_tmf_1] - root 0 0 00:03:15 242-12:28:16 289 [kworker/3:1H] - root 0 0 00:07:06 242-12:28:16 294 [kworker/0:1H] - root 0 0 00:03:04 242-12:28:16 301 [kworker/4:1H] - root 0 0 00:48:08 242-12:28:16 302 [jbd2/vda1-8] - root 0 0 00:00:00 242-12:28:16 303 [ext4-rsv-conver] - root 0 0 00:00:27 242-12:28:16 309 [kworker/2:1H] - root 0 0 00:03:13 242-12:28:15 372 [kworker/5:1H] - root 0 0 00:00:50 242-12:28:15 374 [kworker/1:1H] 6:devices:/system.slice/auditd.service,1:name=systemd:/system.slice/auditd.service root 55532 868 00:29:49 242-12:28:14 458 /sbin/auditd 6:devices:/system.slice/dbus.service,1:name=systemd:/system.slice/dbus.service dbus 58296 1660 01:09:15 242-12:28:14 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation - root 0 0 00:05:08 242-12:28:13 671 [loop0] - root 0 0 00:01:55 242-12:28:13 672 [jbd2/loop0-8] - root 0 0 00:00:00 242-12:28:13 673 [ext4-rsv-conver] 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1592 00:00:00 241-10:28:19 1006 nano pdns.conf 6:devices:/system.slice/dnsadmin.service,1:name=systemd:/system.slice/dnsadmin.service root 167292 4200 00:09:54 242-12:28:02 1491 dnsadmin - dormant mode 6:devices:/system.slice/cpdavd.service,1:name=systemd:/system.slice/cpdavd.service root 261876 24712 00:17:19 242-12:28:02 1494 cpdavd - accepting connections on: 2079, 2080, 2091, 2077, 2078 6:devices:/system.slice/tailwatchd.service,1:name=systemd:/system.slice/tailwatchd.service root 206584 19092 00:17:06 242-12:28:02 1495 tailwatchd 6:devices:/system.slice/cphulkd.service,1:name=systemd:/system.slice/cphulkd.service root 189920 12240 01:09:29 242-12:28:02 1497 cPhulkd - processor - root 0 0 00:00:01 21:44:47 2640 [kworker/5:2] - root 0 0 00:00:02 16:04:48 3397 [kworker/0:1] - root 0 0 00:00:00 01:54:56 3455 [kworker/u12:2] - root 0 0 00:00:00 01:52:56 3693 [kworker/5:0] - root 0 0 00:00:03 2-00:24:48 5412 [kworker/2:2] 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236448 14544 00:00:01 08:59:24 5564 /usr/sbin/httpd -k start - root 0 0 00:00:00 08:53:02 5991 [kworker/4:1] 6:devices:/system.slice/ea-php74-php-fpm.service,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 610516 17496 00:00:41 3-03:05:11 6616 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) 6:devices:/system.slice/rpcbind.service,1:name=systemd:/system.slice/rpcbind.service rpc 69256 1352 00:00:00 3-03:05:10 6632 /sbin/rpcbind -w 6:devices:/system.slice/memcached.service,1:name=systemd:/system.slice/memcached.service memcached 80044 1616 00:00:12 3-03:05:10 6647 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 6:devices:/system.slice/exim.service,1:name=systemd:/system.slice/exim.service mailnull 86076 12232 00:00:14 3-03:05:10 6680 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 6:devices:/system.slice/mariadb.service,1:name=systemd:/system.slice/mariadb.service mysql 2558752 268416 00:17:48 3-03:05:08 6739 /usr/sbin/mysqld 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81916 1248 00:00:00 3-03:05:08 6791 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81916 1744 00:01:01 3-03:05:08 6792 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81916 2172 00:00:00 3-03:05:08 6793 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81916 2172 00:00:00 3-03:05:08 6794 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81916 2172 00:00:00 3-03:05:08 6795 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81916 2204 00:00:22 3-03:05:08 6796 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] 6:devices:/system.slice/sshd.service,1:name=systemd:/system.slice/sshd.service root 111300 4292 00:00:18 3-03:05:07 6810 /usr/sbin/sshd -D 6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 372020 19124 00:00:04 3-03:05:07 6825 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php 6:devices:/system.slice/sw-engine.service,1:name=systemd:/system.slice/sw-engine.service root 366000 10688 00:00:02 3-03:05:07 6843 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 6:devices:/system.slice/wp-toolkit-background-tasks.service,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 382392 29324 00:02:16 3-03:05:07 6858 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service root 51488 2416 00:00:04 3-03:05:06 6876 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovenull 47720 5292 00:00:01 3-03:05:06 6878 dovecot/pop3-login 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovenull 47420 5016 00:00:01 3-03:05:06 6879 dovecot/imap-login 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovecot 10304 1316 00:00:02 3-03:05:06 6880 dovecot/anvil 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service root 10436 1508 00:00:01 3-03:05:06 6881 dovecot/log 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovenull 47424 5000 00:00:00 3-03:05:06 6882 dovecot/pop3-login 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovenull 47432 4968 00:00:00 3-03:05:06 6883 dovecot/imap-login 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service root 17852 5060 00:00:04 3-03:05:06 6885 dovecot/config 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovecot 13552 1520 00:00:01 3-03:05:06 6886 dovecot/stats 6:devices:/system.slice/pure-ftpd.service,1:name=systemd:/system.slice/pure-ftpd.service root 153400 3136 00:00:02 3-03:05:05 6901 pure-ftpd (SERVER) 6:devices:/system.slice/pure-authd.service,1:name=systemd:/system.slice/pure-authd.service root 152776 2032 00:00:03 3-03:05:05 6926 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth - root 0 0 00:00:00 01:04:48 7263 [kworker/3:1] - root 0 0 00:00:00 54:48 7932 [kworker/1:1] - root 0 0 00:00:00 44:47 8672 [kworker/2:1] - root 0 0 00:00:00 44:44 8685 [kworker/3:0] - root 0 0 00:00:04 08:16:47 8755 [kworker/1:2] 6:devices:/system.slice/cpanel.service,1:name=systemd:/system.slice/cpanel.service root 254624 28568 01:49:29 208-03:04:46 8935 cpsrvd (SSL) - waiting for connections 6:devices:/system.slice/atd.service,1:name=systemd:/system.slice/atd.service root 24208 888 00:00:00 198-03:05:19 8955 /usr/sbin/atd -f 6:devices:/system.slice/chronyd.service,1:name=systemd:/system.slice/chronyd.service chrony 103732 1556 00:00:11 60-02:40:49 9130 /usr/sbin/chronyd 6:devices:/system.slice/xinetd.service,1:name=systemd:/system.slice/xinetd.service root 27380 872 00:00:00 60-02:40:49 9174 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 6:devices:/system.slice/system-serial\x2dgetty.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 740 00:00:00 198-03:04:32 9698 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 6:devices:/system.slice/system-getty.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 728 00:00:00 198-03:04:32 9745 /sbin/agetty --noclear tty1 linux - root 0 0 00:00:00 24:47 9945 [kworker/0:0] 6:devices:/system.slice/acpid.service,1:name=systemd:/system.slice/acpid.service root 4388 456 00:00:00 198-03:04:28 10005 /usr/sbin/acpid 6:devices:/system.slice/crond.service,1:name=systemd:/system.slice/crond.service root 124500 1592 00:02:58 198-03:04:28 10027 /usr/sbin/crond -n 6:devices:/system.slice/pdns.service,1:name=systemd:/system.slice/pdns.service named 809548 12152 00:15:00 82-03:05:38 10057 /usr/sbin/pdns_server --socket-dir=/run/pdns --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no 6:devices:/system.slice/irqbalance.service,1:name=systemd:/system.slice/irqbalance.service root 21540 1100 00:23:10 198-03:04:27 10141 /usr/sbin/irqbalance --foreground - root 0 0 00:00:00 17:47 10664 [kworker/4:0] 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236212 12716 00:00:00 13:38 10988 /usr/sbin/httpd -k start - root 0 0 00:00:00 04:47 11686 [kworker/0:2] 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovecot 41104 2948 00:00:00 04:45 11696 dovecot/auth 6:devices:/system.slice/sshd.service,1:name=systemd:/system.slice/sshd.service root 111300 4220 00:00:00 01:42 12015 sshd: [accepted] 6:devices:/system.slice/sshd.service,1:name=systemd:/system.slice/sshd.service root 111300 4220 00:00:00 01:39 12017 sshd: [accepted] 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service root 41104 2768 00:00:00 01:36 12019 dovecot/auth -w - root 0 0 00:00:00 00:27 12094 [cpsrvd (SSL) - ] <defunct> 6:devices:/system.slice/ea-php74-php-fpm.service,1:name=systemd:/system.slice/ea-php74-php-fpm.service hicorp 640624 51648 00:00:00 00:07 12112 php-fpm: pool hicorp_vn 6:devices:/system.slice/ea-php74-php-fpm.service,1:name=systemd:/system.slice/ea-php74-php-fpm.service hanoigroup 750852 89668 00:00:01 00:03 12113 php-fpm: pool hanoigroup_vn 6:devices:/system.slice/ea-php74-php-fpm.service,1:name=systemd:/system.slice/ea-php74-php-fpm.service hanoigroup 668680 80100 00:00:01 00:03 12115 php-fpm: pool hanoigroup_vn 6:devices:/system.slice/system-check_mk.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@56529-103.179.190.35:6556-164.92.135.200:57640.service root 113576 1864 00:00:00 00:00 12255 /bin/bash /usr/bin/check_mk_agent 6:devices:/system.slice/system-check_mk.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@56529-103.179.190.35:6556-164.92.135.200:57640.service root 49820 1560 00:00:00 00:00 12278 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service root 230396 11472 00:01:43 19-03:05:18 13609 /usr/sbin/httpd -k start 6:devices:/system.slice/qemu-guest-agent.service,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 1700 00:00:00 93-02:34:54 13850 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 6:devices:/system.slice/smartd.service,1:name=systemd:/system.slice/smartd.service root 52852 2336 00:00:01 93-02:34:53 13907 /usr/sbin/smartd -n -q never 6:devices:/system.slice/systemd-logind.service,1:name=systemd:/system.slice/systemd-logind.service root 24892 2000 00:14:11 93-02:34:53 13923 /usr/lib/systemd/systemd-logind 6:devices:/system.slice/rsyslog.service,1:name=systemd:/system.slice/rsyslog.service root 535320 19476 00:29:35 93-02:34:50 14031 /usr/sbin/rsyslogd -n 6:devices:/system.slice/systemd-udevd.service,1:name=systemd:/system.slice/systemd-udevd.service root 43532 1324 00:00:00 93-02:34:48 14146 /usr/lib/systemd/systemd-udevd 6:devices:/system.slice/systemd-journald.service,1:name=systemd:/system.slice/systemd-journald.service root 64752 29456 00:46:25 93-02:34:47 14218 /usr/lib/systemd/systemd-journald 6:devices:/system.slice/queueprocd.service,1:name=systemd:/system.slice/queueprocd.service root 223572 14212 00:00:18 2-03:06:15 20156 queueprocd - waiting up to 60s to process a task 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service root 12748 1296 00:00:02 2-03:05:56 20281 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service root 12760 1304 00:00:01 2-03:05:56 20282 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service root 53092 11752 00:00:00 2-03:05:56 20283 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect 6:devices:/system.slice/nscd.service,1:name=systemd:/system.slice/nscd.service nscd 1400016 2596 00:00:33 2-03:05:54 20363 /usr/sbin/nscd 6:devices:/system.slice/p0f.service,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 9860 3288 00:07:48 2-03:05:54 20462 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 6:devices:/system.slice/cpanellogd.service,1:name=systemd:/system.slice/cpanellogd.service root 130240 2736 00:00:01 2-03:05:54 20467 cpanellogd - sleeping for logs 6:devices:/system.slice/cphulkd.service,1:name=systemd:/system.slice/cphulkd.service root 153000 11676 00:01:23 2-03:05:54 20476 cPhulkd - dbprocessor 6:devices:/system.slice/cpanel_php_fpm.service,1:name=systemd:/system.slice/cpanel_php_fpm.service root 255320 6584 00:00:10 2-03:05:51 20541 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236600 14932 00:00:02 12:51:42 20855 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236432 14356 00:00:00 04:46:35 22234 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236464 14340 00:00:00 04:31:40 23690 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236424 14304 00:00:00 04:31:40 23691 /usr/sbin/httpd -k start - root 0 0 00:00:00 04:23:18 24406 [kworker/u12:0] 6:devices:/system.slice/polkit.service,1:name=systemd:/system.slice/polkit.service polkitd 610540 11532 00:05:52 58-02:48:53 28815 /usr/lib/polkit-1/polkitd --no-debug 6:devices:/system.slice/spamd.service,1:name=systemd:/system.slice/spamd.service root 249272 124016 00:00:07 03:03:39 31045 /usr/local/cpanel/3rdparty/perl/532/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 241128 15976 00:00:05 1-05:25:21 31460 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236452 14256 00:00:00 02:52:02 31996 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236420 14288 00:00:00 02:52:00 32006 /usr/sbin/httpd -k start 6:devices:/system.slice/spamd.service,1:name=systemd:/system.slice/spamd.service root 250400 121516 00:00:02 02:51:58 32008 spamd child 6:devices:/system.slice/spamd.service,1:name=systemd:/system.slice/spamd.service root 249272 119908 00:00:00 02:51:58 32009 spamd child 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236468 14644 00:00:01 10:03:10 32655 /usr/sbin/httpd -k start Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2022-12-04 21:24 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadf4d53898aFound public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2745.scope static acpid.service enabled aibolit-resident.service enabled alt-php-internal-fpm.service disabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-rquotad.service disabled nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-rquotad.service disabled rpcbind.service enabled rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 301 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK check_mk@53751-103.179.190.35:6556-139.144.69.48:41738.service loaded activating start start Check_MK (139.144.69.48:41738) * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.37 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WordPress Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WordPress Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191436 4016 05:07:46 231-12:58:55 1 /usr/lib/systemd/systemd --system --deserialize 24 - root 0 0 00:00:01 231-12:58:55 2 [kthreadd] - root 0 0 00:00:00 231-12:58:55 4 [kworker/0:0H] - root 0 0 00:00:44 231-12:58:55 6 [ksoftirqd/0] - root 0 0 00:00:09 231-12:58:55 7 [migration/0] - root 0 0 00:00:00 231-12:58:55 8 [rcu_bh] - root 0 0 04:31:40 231-12:58:55 9 [rcu_sched] - root 0 0 00:00:00 231-12:58:55 10 [lru-add-drain] - root 0 0 00:01:27 231-12:58:55 11 [watchdog/0] - root 0 0 00:01:20 231-12:58:55 12 [watchdog/1] - root 0 0 00:01:44 231-12:58:55 13 [migration/1] - root 0 0 00:00:38 231-12:58:55 14 [ksoftirqd/1] - root 0 0 00:00:00 231-12:58:55 16 [kworker/1:0H] - root 0 0 00:01:16 231-12:58:55 17 [watchdog/2] - root 0 0 00:00:13 231-12:58:55 18 [migration/2] - root 0 0 00:00:34 231-12:58:55 19 [ksoftirqd/2] - root 0 0 00:00:00 231-12:58:55 21 [kworker/2:0H] - root 0 0 00:01:14 231-12:58:55 22 [watchdog/3] - root 0 0 00:00:12 231-12:58:55 23 [migration/3] - root 0 0 00:00:55 231-12:58:55 24 [ksoftirqd/3] - root 0 0 00:00:00 231-12:58:55 26 [kworker/3:0H] - root 0 0 00:01:13 231-12:58:55 27 [watchdog/4] - root 0 0 00:01:02 231-12:58:55 28 [migration/4] - root 0 0 00:01:13 231-12:58:55 29 [ksoftirqd/4] - root 0 0 00:00:00 231-12:58:55 31 [kworker/4:0H] - root 0 0 00:01:21 231-12:58:55 32 [watchdog/5] - root 0 0 00:00:14 231-12:58:55 33 [migration/5] - root 0 0 00:06:14 231-12:58:55 34 [ksoftirqd/5] - root 0 0 00:00:00 231-12:58:55 36 [kworker/5:0H] - root 0 0 00:00:00 231-12:58:55 38 [kdevtmpfs] - root 0 0 00:00:00 231-12:58:55 39 [netns] - root 0 0 00:00:09 231-12:58:55 40 [khungtaskd] - root 0 0 00:00:00 231-12:58:55 41 [writeback] - root 0 0 00:00:00 231-12:58:55 42 [kintegrityd] - root 0 0 00:00:00 231-12:58:55 43 [bioset] - root 0 0 00:00:00 231-12:58:55 44 [bioset] - root 0 0 00:00:00 231-12:58:55 45 [bioset] - root 0 0 00:00:00 231-12:58:55 46 [kblockd] - root 0 0 00:00:00 231-12:58:55 47 [md] - root 0 0 00:00:00 231-12:58:55 48 [edac-poller] - root 0 0 00:00:00 231-12:58:55 49 [watchdogd] - root 0 0 00:04:27 231-12:58:55 55 [kswapd0] - root 0 0 00:00:00 231-12:58:55 56 [ksmd] - root 0 0 00:00:44 231-12:58:55 57 [khugepaged] - root 0 0 00:00:00 231-12:58:55 58 [crypto] - root 0 0 00:00:00 231-12:58:55 66 [kthrotld] - root 0 0 00:00:00 231-12:58:55 68 [kmpath_rdacd] - root 0 0 00:00:00 231-12:58:55 69 [kaluad] - root 0 0 00:00:00 231-12:58:55 70 [kpsmoused] - root 0 0 00:00:00 231-12:58:54 72 [ipv6_addrconf] - root 0 0 00:00:00 231-12:58:54 86 [deferwq] - root 0 0 00:13:13 231-12:58:54 197 [kauditd] - root 0 0 00:00:00 231-12:58:54 262 [ata_sff] - root 0 0 00:00:00 231-12:58:54 276 [ttm_swap] - root 0 0 00:00:00 231-12:58:54 280 [scsi_eh_0] - root 0 0 00:00:00 231-12:58:54 281 [scsi_tmf_0] - root 0 0 00:00:00 231-12:58:54 282 [scsi_eh_1] - root 0 0 00:00:00 231-12:58:54 283 [scsi_tmf_1] - root 0 0 00:03:07 231-12:58:54 289 [kworker/3:1H] - root 0 0 00:06:41 231-12:58:54 294 [kworker/0:1H] - root 0 0 00:02:55 231-12:58:54 301 [kworker/4:1H] - root 0 0 00:45:36 231-12:58:54 302 [jbd2/vda1-8] - root 0 0 00:00:00 231-12:58:54 303 [ext4-rsv-conver] - root 0 0 00:00:25 231-12:58:54 309 [kworker/2:1H] - root 0 0 00:03:05 231-12:58:53 372 [kworker/5:1H] - root 0 0 00:00:46 231-12:58:53 374 [kworker/1:1H] 6:devices:/system.slice/auditd.service,1:name=systemd:/system.slice/auditd.service root 55532 868 00:28:28 231-12:58:52 458 /sbin/auditd 6:devices:/system.slice/dbus.service,1:name=systemd:/system.slice/dbus.service dbus 58296 1660 01:06:01 231-12:58:52 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation - root 0 0 00:04:53 231-12:58:51 671 [loop0] - root 0 0 00:01:50 231-12:58:51 672 [jbd2/loop0-8] - root 0 0 00:00:00 231-12:58:51 673 [ext4-rsv-conver] 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1592 00:00:00 230-10:58:57 1006 nano pdns.conf 6:devices:/system.slice/dnsadmin.service,1:name=systemd:/system.slice/dnsadmin.service root 167292 4200 00:09:27 231-12:58:40 1491 dnsadmin - dormant mode 6:devices:/system.slice/cpdavd.service,1:name=systemd:/system.slice/cpdavd.service root 183660 6588 00:16:17 231-12:58:40 1494 cpdavd - accepting connections on: 2079, 2080, 2091, 2077, 2078 (dormant) 6:devices:/system.slice/tailwatchd.service,1:name=systemd:/system.slice/tailwatchd.service root 206656 19144 00:15:40 231-12:58:40 1495 tailwatchd 6:devices:/system.slice/cphulkd.service,1:name=systemd:/system.slice/cphulkd.service root 189920 12216 01:05:44 231-12:58:40 1497 cPhulkd - processor 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service root 51644 2348 00:00:35 33-03:24:20 5642 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovecot 10304 1028 00:00:09 33-03:24:20 5650 dovecot/anvil 6:devices:/system.slice/exim.service,1:name=systemd:/system.slice/exim.service mailnull 86076 12236 00:01:03 33-03:24:20 5692 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 6:devices:/system.slice/pure-authd.service,1:name=systemd:/system.slice/pure-authd.service root 152776 2036 00:00:14 33-03:24:20 5719 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth 6:devices:/system.slice/pure-ftpd.service,1:name=systemd:/system.slice/pure-ftpd.service root 153400 3036 00:00:14 33-03:24:20 5720 pure-ftpd (SERVER) - root 0 0 00:00:00 03:54:25 6741 [kworker/3:2] 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236384 14056 00:00:00 03:53:10 6984 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236272 13848 00:00:00 03:50:56 7250 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236412 14064 00:00:00 03:50:48 7268 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236392 14084 00:00:00 03:50:47 7274 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236408 14132 00:00:00 03:50:47 7277 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236268 13940 00:00:00 03:50:47 7284 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236280 13972 00:00:00 03:50:47 7285 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236388 14044 00:00:00 03:50:47 7286 /usr/sbin/httpd -k start - root 0 0 00:00:00 03:48:24 7608 [kworker/u12:1] 6:devices:/system.slice/cpanel.service,1:name=systemd:/system.slice/cpanel.service root 254624 28552 01:46:25 197-03:35:24 8935 cpsrvd (SSL) - waiting for connections 6:devices:/system.slice/atd.service,1:name=systemd:/system.slice/atd.service root 24208 920 00:00:00 187-03:35:57 8955 /usr/sbin/atd -f 6:devices:/system.slice/chronyd.service,1:name=systemd:/system.slice/chronyd.service chrony 103732 1724 00:00:09 49-03:11:27 9130 /usr/sbin/chronyd 6:devices:/system.slice/xinetd.service,1:name=systemd:/system.slice/xinetd.service root 27380 872 00:00:00 49-03:11:27 9174 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 6:devices:/system.slice/memcached.service,1:name=systemd:/system.slice/memcached.service memcached 80044 1596 00:03:32 49-03:11:27 9205 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 6:devices:/system.slice/sshd.service,1:name=systemd:/system.slice/sshd.service root 111300 3664 00:05:02 49-03:11:24 9390 /usr/sbin/sshd -D 6:devices:/system.slice/system-serial\x2dgetty.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 740 00:00:00 187-03:35:10 9698 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 6:devices:/system.slice/system-getty.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 728 00:00:00 187-03:35:10 9745 /sbin/agetty --noclear tty1 linux 6:devices:/system.slice/acpid.service,1:name=systemd:/system.slice/acpid.service root 4388 456 00:00:00 187-03:35:06 10005 /usr/sbin/acpid 6:devices:/system.slice/crond.service,1:name=systemd:/system.slice/crond.service root 124500 1592 00:02:48 187-03:35:06 10027 /usr/sbin/crond -n 6:devices:/system.slice/pdns.service,1:name=systemd:/system.slice/pdns.service named 809548 12036 00:13:17 71-03:36:16 10057 /usr/sbin/pdns_server --socket-dir=/run/pdns --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no 6:devices:/system.slice/irqbalance.service,1:name=systemd:/system.slice/irqbalance.service root 21540 1100 00:21:54 187-03:35:05 10141 /usr/sbin/irqbalance --foreground 6:devices:/system.slice/spamd.service,1:name=systemd:/system.slice/spamd.service root 249156 123876 00:00:07 03:33:41 10203 /usr/local/cpanel/3rdparty/perl/532/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 - root 0 0 00:00:00 17:25:24 10547 [kworker/4:0] 6:devices:/system.slice/spamd.service,1:name=systemd:/system.slice/spamd.service root 250268 121428 00:00:03 03:20:44 11565 spamd child 6:devices:/system.slice/spamd.service,1:name=systemd:/system.slice/spamd.service root 249156 119756 00:00:00 03:20:44 11566 spamd child 6:devices:/system.slice/queueprocd.service,1:name=systemd:/system.slice/queueprocd.service root 223980 15208 00:01:12 8-03:37:08 13089 queueprocd - waiting up to 60s to process a task 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service root 230396 12712 00:00:44 8-03:35:56 13609 /usr/sbin/httpd -k start 6:devices:/system.slice/ea-php74-php-fpm.service,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 610516 16764 00:01:39 8-03:35:52 13637 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) 6:devices:/system.slice/nscd.service,1:name=systemd:/system.slice/nscd.service nscd 1400016 2672 00:02:05 8-03:35:42 13764 /usr/sbin/nscd 6:devices:/system.slice/qemu-guest-agent.service,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 1700 00:00:00 82-03:05:32 13850 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 6:devices:/system.slice/p0f.service,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 9856 3308 00:29:31 8-03:35:40 13881 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 6:devices:/system.slice/cpanellogd.service,1:name=systemd:/system.slice/cpanellogd.service root 130240 2732 00:00:04 8-03:35:40 13891 cpanellogd - sleeping for logs 6:devices:/system.slice/cphulkd.service,1:name=systemd:/system.slice/cphulkd.service root 152864 11564 00:04:25 8-03:35:40 13897 cPhulkd - dbprocessor 6:devices:/system.slice/smartd.service,1:name=systemd:/system.slice/smartd.service root 52852 2216 00:00:01 82-03:05:31 13907 /usr/sbin/smartd -n -q never 6:devices:/system.slice/systemd-logind.service,1:name=systemd:/system.slice/systemd-logind.service root 24892 2000 00:12:33 82-03:05:31 13923 /usr/lib/systemd/systemd-logind 6:devices:/system.slice/cpanel_php_fpm.service,1:name=systemd:/system.slice/cpanel_php_fpm.service root 255320 4636 00:00:37 8-03:35:39 13939 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) 6:devices:/system.slice/rsyslog.service,1:name=systemd:/system.slice/rsyslog.service root 519080 10372 00:25:49 82-03:05:28 14031 /usr/sbin/rsyslogd -n 6:devices:/system.slice/systemd-udevd.service,1:name=systemd:/system.slice/systemd-udevd.service root 43532 1324 00:00:00 82-03:05:26 14146 /usr/lib/systemd/systemd-udevd 6:devices:/system.slice/rpcbind.service,1:name=systemd:/system.slice/rpcbind.service rpc 69256 1420 00:00:18 82-03:05:26 14163 /sbin/rpcbind -w 6:devices:/system.slice/systemd-journald.service,1:name=systemd:/system.slice/systemd-journald.service root 48376 10664 00:40:19 82-03:05:25 14218 /usr/lib/systemd/systemd-journald - root 0 0 00:00:00 02:45:24 14404 [kworker/5:0] - root 0 0 00:00:00 02:39:31 14706 [kworker/u12:2] 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236380 13960 00:00:00 02:16:02 16418 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236200 13752 00:00:00 02:16:01 16422 /usr/sbin/httpd -k start - root 0 0 00:00:00 02:13:02 16693 [kworker/3:1] - root 0 0 00:00:00 01:35:25 19174 [kworker/0:2] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81892 1236 00:00:00 21-03:37:00 23182 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81892 1732 00:07:04 21-03:37:00 23183 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81892 2168 00:00:00 21-03:37:00 23184 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81892 2168 00:00:00 21-03:37:00 23185 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81892 2168 00:00:00 21-03:37:00 23186 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81892 2200 00:02:30 21-03:37:00 23187 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovenull 46992 4568 00:00:00 06:27:11 25587 dovecot/pop3-login 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovenull 47008 4608 00:00:00 06:27:11 25588 dovecot/imap-login 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service root 10436 1512 00:00:00 06:27:11 25589 dovecot/log 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovenull 46996 4540 00:00:00 06:27:11 25590 dovecot/pop3-login 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovenull 47004 4592 00:00:00 06:27:11 25591 dovecot/imap-login 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service root 12776 1416 00:00:00 06:27:11 25592 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service root 12820 1432 00:00:00 06:27:11 25593 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service root 17852 5140 00:00:00 06:27:11 25594 dovecot/config 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovecot 13552 1564 00:00:00 06:27:11 25595 dovecot/stats 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service root 53092 11752 00:00:00 06:27:11 25596 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect - root 0 0 00:00:00 25:25 25757 [kworker/2:1] - root 0 0 00:00:00 06:24:13 26216 [kworker/2:0] - root 0 0 00:00:00 15:25 26815 [kworker/5:1] - root 0 0 00:00:00 05:24 27686 [kworker/4:2] - root 0 0 00:00:00 05:24 27689 [kworker/1:1] 6:devices:/system.slice/system-check_mk.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@53751-103.179.190.35:6556-139.144.69.48:41738.service root 113592 1860 00:00:00 00:00 28167 /bin/bash /usr/bin/check_mk_agent 6:devices:/system.slice/system-check_mk.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@53751-103.179.190.35:6556-139.144.69.48:41738.service root 49820 1560 00:00:00 00:00 28190 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 372020 17724 00:01:02 47-03:19:32 28745 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php 6:devices:/system.slice/sw-engine.service,1:name=systemd:/system.slice/sw-engine.service root 366000 10096 00:01:01 47-03:19:32 28762 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 6:devices:/system.slice/wp-toolkit-background-tasks.service,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 382412 28492 00:36:39 47-03:19:31 28777 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 6:devices:/system.slice/polkit.service,1:name=systemd:/system.slice/polkit.service polkitd 610540 11544 00:04:46 47-03:19:31 28815 /usr/lib/polkit-1/polkitd --no-debug 6:devices:/system.slice/mariadb.service,1:name=systemd:/system.slice/mariadb.service mysql 2552420 303816 01:22:46 15-03:36:31 29435 /usr/sbin/mysqld - root 0 0 00:00:03 05:40:21 30018 [kworker/1:2] - root 0 0 00:00:00 05:25:24 31213 [kworker/0:0] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2022-11-23 21:55 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadfa735284aFound public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2745.scope static acpid.service enabled aibolit-resident.service enabled alt-php-internal-fpm.service disabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-rquotad.service disabled nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-rquotad.service disabled rpcbind.service enabled rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 301 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK check_mk@52243-103.179.190.35:6556-164.92.143.142:36014.service loaded activating start start Check_MK (164.92.143.142:36014) * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.37 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WordPress Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WordPress Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191436 4100 05:00:36 225-15:28:55 1 /usr/lib/systemd/systemd --system --deserialize 24 - root 0 0 00:00:01 225-15:28:55 2 [kthreadd] - root 0 0 00:00:00 225-15:28:55 4 [kworker/0:0H] - root 0 0 00:00:43 225-15:28:55 6 [ksoftirqd/0] - root 0 0 00:00:08 225-15:28:55 7 [migration/0] - root 0 0 00:00:00 225-15:28:55 8 [rcu_bh] - root 0 0 04:26:09 225-15:28:55 9 [rcu_sched] - root 0 0 00:00:00 225-15:28:55 10 [lru-add-drain] - root 0 0 00:01:25 225-15:28:55 11 [watchdog/0] - root 0 0 00:01:18 225-15:28:55 12 [watchdog/1] - root 0 0 00:01:41 225-15:28:55 13 [migration/1] - root 0 0 00:00:37 225-15:28:55 14 [ksoftirqd/1] - root 0 0 00:00:00 225-15:28:55 16 [kworker/1:0H] - root 0 0 00:01:14 225-15:28:55 17 [watchdog/2] - root 0 0 00:00:13 225-15:28:55 18 [migration/2] - root 0 0 00:00:33 225-15:28:55 19 [ksoftirqd/2] - root 0 0 00:00:00 225-15:28:55 21 [kworker/2:0H] - root 0 0 00:01:13 225-15:28:55 22 [watchdog/3] - root 0 0 00:00:11 225-15:28:55 23 [migration/3] - root 0 0 00:00:54 225-15:28:55 24 [ksoftirqd/3] - root 0 0 00:00:00 225-15:28:55 26 [kworker/3:0H] - root 0 0 00:01:11 225-15:28:55 27 [watchdog/4] - root 0 0 00:01:00 225-15:28:55 28 [migration/4] - root 0 0 00:01:11 225-15:28:55 29 [ksoftirqd/4] - root 0 0 00:00:00 225-15:28:55 31 [kworker/4:0H] - root 0 0 00:01:19 225-15:28:55 32 [watchdog/5] - root 0 0 00:00:14 225-15:28:55 33 [migration/5] - root 0 0 00:06:06 225-15:28:55 34 [ksoftirqd/5] - root 0 0 00:00:00 225-15:28:55 36 [kworker/5:0H] - root 0 0 00:00:00 225-15:28:55 38 [kdevtmpfs] - root 0 0 00:00:00 225-15:28:55 39 [netns] - root 0 0 00:00:09 225-15:28:55 40 [khungtaskd] - root 0 0 00:00:00 225-15:28:55 41 [writeback] - root 0 0 00:00:00 225-15:28:55 42 [kintegrityd] - root 0 0 00:00:00 225-15:28:55 43 [bioset] - root 0 0 00:00:00 225-15:28:55 44 [bioset] - root 0 0 00:00:00 225-15:28:55 45 [bioset] - root 0 0 00:00:00 225-15:28:55 46 [kblockd] - root 0 0 00:00:00 225-15:28:55 47 [md] - root 0 0 00:00:00 225-15:28:55 48 [edac-poller] - root 0 0 00:00:00 225-15:28:55 49 [watchdogd] - root 0 0 00:04:18 225-15:28:55 55 [kswapd0] - root 0 0 00:00:00 225-15:28:55 56 [ksmd] - root 0 0 00:00:43 225-15:28:55 57 [khugepaged] - root 0 0 00:00:00 225-15:28:55 58 [crypto] - root 0 0 00:00:00 225-15:28:55 66 [kthrotld] - root 0 0 00:00:00 225-15:28:55 68 [kmpath_rdacd] - root 0 0 00:00:00 225-15:28:55 69 [kaluad] - root 0 0 00:00:00 225-15:28:55 70 [kpsmoused] - root 0 0 00:00:00 225-15:28:54 72 [ipv6_addrconf] - root 0 0 00:00:00 225-15:28:54 86 [deferwq] - root 0 0 00:12:54 225-15:28:54 197 [kauditd] - root 0 0 00:00:00 225-15:28:54 262 [ata_sff] - root 0 0 00:00:00 225-15:28:54 276 [ttm_swap] - root 0 0 00:00:00 225-15:28:54 280 [scsi_eh_0] - root 0 0 00:00:00 225-15:28:54 281 [scsi_tmf_0] - root 0 0 00:00:00 225-15:28:54 282 [scsi_eh_1] - root 0 0 00:00:00 225-15:28:54 283 [scsi_tmf_1] - root 0 0 00:03:02 225-15:28:54 289 [kworker/3:1H] - root 0 0 00:06:30 225-15:28:54 294 [kworker/0:1H] - root 0 0 00:02:51 225-15:28:54 301 [kworker/4:1H] - root 0 0 00:44:24 225-15:28:54 302 [jbd2/vda1-8] - root 0 0 00:00:00 225-15:28:54 303 [ext4-rsv-conver] - root 0 0 00:00:24 225-15:28:54 309 [kworker/2:1H] - root 0 0 00:03:00 225-15:28:53 372 [kworker/5:1H] - root 0 0 00:00:45 225-15:28:53 374 [kworker/1:1H] 6:devices:/system.slice/auditd.service,1:name=systemd:/system.slice/auditd.service root 55532 868 00:27:45 225-15:28:52 458 /sbin/auditd 6:devices:/system.slice/dbus.service,1:name=systemd:/system.slice/dbus.service dbus 58296 1664 01:04:16 225-15:28:52 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation - root 0 0 00:04:46 225-15:28:51 671 [loop0] - root 0 0 00:01:47 225-15:28:51 672 [jbd2/loop0-8] - root 0 0 00:00:00 225-15:28:51 673 [ext4-rsv-conver] 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1592 00:00:00 224-13:28:57 1006 nano pdns.conf 6:devices:/system.slice/dnsadmin.service,1:name=systemd:/system.slice/dnsadmin.service root 167292 4200 00:09:12 225-15:28:40 1491 dnsadmin - dormant mode 6:devices:/system.slice/cpdavd.service,1:name=systemd:/system.slice/cpdavd.service root 183660 6584 00:15:46 225-15:28:40 1494 cpdavd - accepting connections on: 2079, 2080, 2091, 2077, 2078 (dormant) 6:devices:/system.slice/tailwatchd.service,1:name=systemd:/system.slice/tailwatchd.service root 206520 19364 00:15:04 225-15:28:40 1495 tailwatchd 6:devices:/system.slice/cphulkd.service,1:name=systemd:/system.slice/cphulkd.service root 189920 12628 01:03:58 225-15:28:40 1497 cPhulkd - processor 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236320 14224 00:00:00 03:22:36 2388 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236632 14476 00:00:00 03:22:35 2389 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236656 14480 00:00:00 03:22:35 2390 /usr/sbin/httpd -k start 6:devices:/system.slice/spamd.service,1:name=systemd:/system.slice/spamd.service root 249196 123912 00:00:26 1-06:04:36 3409 /usr/local/cpanel/3rdparty/perl/532/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 6:devices:/system.slice/spamd.service,1:name=systemd:/system.slice/spamd.service root 250352 121544 00:00:13 1-05:52:47 4189 spamd child 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service root 51488 2124 00:00:26 27-05:54:20 5642 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovenull 47636 4792 00:00:05 27-05:54:20 5648 dovecot/pop3-login 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovenull 47756 4788 00:00:06 27-05:54:20 5649 dovecot/imap-login 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovecot 10304 1028 00:00:05 27-05:54:20 5650 dovecot/anvil 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service root 10436 1320 00:00:09 27-05:54:20 5651 dovecot/log 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovenull 47996 5176 00:00:08 27-05:54:20 5652 dovecot/pop3-login 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovenull 47824 5040 00:00:08 27-05:54:20 5653 dovecot/imap-login 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service root 17984 4764 00:00:26 27-05:54:20 5655 dovecot/config 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovecot 13552 1232 00:00:13 27-05:54:20 5656 dovecot/stats 6:devices:/system.slice/exim.service,1:name=systemd:/system.slice/exim.service mailnull 86076 12232 00:00:50 27-05:54:20 5692 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 6:devices:/system.slice/pure-authd.service,1:name=systemd:/system.slice/pure-authd.service root 152776 2036 00:00:13 27-05:54:20 5719 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth 6:devices:/system.slice/pure-ftpd.service,1:name=systemd:/system.slice/pure-ftpd.service root 153400 3036 00:00:12 27-05:54:20 5720 pure-ftpd (SERVER) - root 0 0 00:00:01 02:24:24 7025 [kworker/1:1] - root 0 0 00:00:00 02:24:24 7027 [kworker/4:0] 6:devices:/system.slice/cpanel.service,1:name=systemd:/system.slice/cpanel.service root 254624 28560 01:44:37 191-06:05:24 8935 cpsrvd (SSL) - waiting for connections 6:devices:/system.slice/atd.service,1:name=systemd:/system.slice/atd.service root 24208 936 00:00:00 181-06:05:57 8955 /usr/sbin/atd -f 6:devices:/system.slice/chronyd.service,1:name=systemd:/system.slice/chronyd.service chrony 103732 1556 00:00:07 43-05:41:27 9130 /usr/sbin/chronyd 6:devices:/system.slice/xinetd.service,1:name=systemd:/system.slice/xinetd.service root 27380 872 00:00:00 43-05:41:27 9174 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 6:devices:/system.slice/memcached.service,1:name=systemd:/system.slice/memcached.service memcached 80044 1596 00:03:07 43-05:41:27 9205 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 6:devices:/system.slice/sshd.service,1:name=systemd:/system.slice/sshd.service root 111300 3664 00:04:24 43-05:41:24 9390 /usr/sbin/sshd -D 6:devices:/system.slice/system-serial\x2dgetty.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 740 00:00:00 181-06:05:10 9698 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 6:devices:/system.slice/system-getty.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 728 00:00:00 181-06:05:10 9745 /sbin/agetty --noclear tty1 linux 6:devices:/system.slice/acpid.service,1:name=systemd:/system.slice/acpid.service root 4388 456 00:00:00 181-06:05:06 10005 /usr/sbin/acpid 6:devices:/system.slice/crond.service,1:name=systemd:/system.slice/crond.service root 124500 1592 00:02:43 181-06:05:06 10027 /usr/sbin/crond -n 6:devices:/system.slice/pdns.service,1:name=systemd:/system.slice/pdns.service named 809548 11868 00:12:21 65-06:06:16 10057 /usr/sbin/pdns_server --socket-dir=/run/pdns --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no 6:devices:/system.slice/irqbalance.service,1:name=systemd:/system.slice/irqbalance.service root 21540 1100 00:21:13 181-06:05:05 10141 /usr/sbin/irqbalance --foreground - root 0 0 00:00:00 01:35:24 11084 [kworker/0:0] 6:devices:/system.slice/queueprocd.service,1:name=systemd:/system.slice/queueprocd.service root 223856 17076 00:00:20 2-06:07:08 13089 queueprocd - waiting up to 60s to process a task - root 0 0 00:00:00 07:24:23 13336 [kworker/2:2] 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service root 230396 12664 00:00:12 2-06:05:56 13609 /usr/sbin/httpd -k start 6:devices:/system.slice/ea-php74-php-fpm.service,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 610516 21620 00:00:27 2-06:05:52 13637 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service root 12756 1420 00:00:02 2-06:05:43 13696 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service root 12768 1420 00:00:01 2-06:05:43 13698 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service root 53088 11852 00:00:00 2-06:05:43 13699 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect 6:devices:/system.slice/nscd.service,1:name=systemd:/system.slice/nscd.service nscd 1400016 2672 00:00:34 2-06:05:42 13764 /usr/sbin/nscd 6:devices:/system.slice/qemu-guest-agent.service,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 1700 00:00:00 76-05:35:32 13850 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 6:devices:/system.slice/p0f.service,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 9824 3324 00:08:04 2-06:05:40 13881 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 6:devices:/system.slice/cpanellogd.service,1:name=systemd:/system.slice/cpanellogd.service root 130240 2756 00:00:01 2-06:05:40 13891 cpanellogd - sleeping for logs 6:devices:/system.slice/cphulkd.service,1:name=systemd:/system.slice/cphulkd.service root 152644 11400 00:01:13 2-06:05:40 13897 cPhulkd - dbprocessor 6:devices:/system.slice/smartd.service,1:name=systemd:/system.slice/smartd.service root 52852 2256 00:00:01 76-05:35:31 13907 /usr/sbin/smartd -n -q never 6:devices:/system.slice/systemd-logind.service,1:name=systemd:/system.slice/systemd-logind.service root 24892 2000 00:11:40 76-05:35:31 13923 /usr/lib/systemd/systemd-logind 6:devices:/system.slice/cpanel_php_fpm.service,1:name=systemd:/system.slice/cpanel_php_fpm.service root 255320 5224 00:00:10 2-06:05:39 13939 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) 6:devices:/system.slice/rsyslog.service,1:name=systemd:/system.slice/rsyslog.service root 533780 18224 00:23:54 76-05:35:28 14031 /usr/sbin/rsyslogd -n 6:devices:/system.slice/systemd-udevd.service,1:name=systemd:/system.slice/systemd-udevd.service root 43532 1324 00:00:00 76-05:35:26 14146 /usr/lib/systemd/systemd-udevd 6:devices:/system.slice/rpcbind.service,1:name=systemd:/system.slice/rpcbind.service rpc 69256 1420 00:00:17 76-05:35:26 14163 /sbin/rpcbind -w 6:devices:/system.slice/systemd-journald.service,1:name=systemd:/system.slice/systemd-journald.service root 64760 27488 00:37:15 76-05:35:25 14218 /usr/lib/systemd/systemd-journald - root 0 0 00:00:00 55:24 14451 [kworker/3:2] 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236228 13392 00:00:00 44:43 15414 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236228 13344 00:00:00 44:43 15415 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236200 12884 00:00:00 30:56 16812 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236368 13420 00:00:00 30:55 16813 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236164 13168 00:00:00 30:55 16814 /usr/sbin/httpd -k start - root 0 0 00:00:00 25:24 17339 [kworker/2:0] - root 0 0 00:00:00 20:20 17672 [kworker/1:2] - root 0 0 00:00:01 13:12:24 17791 [kworker/u12:1] 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovecot 41228 3160 00:00:00 10:09 18570 dovecot/auth - root 0 0 00:00:00 05:24 18925 [kworker/5:1] 6:devices:/system.slice/cphulkd.service,1:name=systemd:/system.slice/cphulkd.service root 189920 11284 00:00:00 00:12 19386 cPhulkd - processor - http socket 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service root 41104 2768 00:00:00 00:10 19388 dovecot/auth -w - root 0 0 00:00:00 00:09 19389 [cpsrvd (SSL) - ] <defunct> 6:devices:/system.slice/exim.service,1:name=systemd:/system.slice/exim.service mailnull 86212 8704 00:00:00 00:00 19487 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 6:devices:/system.slice/exim.service,1:name=systemd:/system.slice/exim.service mailnull 86368 8516 00:00:00 00:00 19488 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 6:devices:/system.slice/system-check_mk.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@52243-103.179.190.35:6556-164.92.143.142:36014.service root 113584 1860 00:00:00 00:00 19531 /bin/bash /usr/bin/check_mk_agent 6:devices:/system.slice/system-check_mk.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@52243-103.179.190.35:6556-164.92.143.142:36014.service root 49820 1560 00:00:00 00:00 19554 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 - root 0 0 00:00:00 06:23:39 19587 [kworker/u12:0] 6:devices:/system.slice/spamd.service,1:name=systemd:/system.slice/spamd.service root 249196 119856 00:00:00 12:39:46 20251 spamd child - root 0 0 00:00:00 19:35:24 20857 [kworker/4:2] 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236444 14412 00:00:00 05:53:23 22567 /usr/sbin/httpd -k start 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81892 1236 00:00:00 15-06:07:00 23182 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81892 1732 00:05:08 15-06:07:00 23183 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81892 2168 00:00:00 15-06:07:00 23184 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81892 2156 00:00:00 15-06:07:00 23185 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81892 2164 00:00:00 15-06:07:00 23186 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81892 2200 00:01:48 15-06:07:00 23187 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] - root 0 0 00:00:00 05:15:22 26312 [kworker/5:0] 6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 372020 17724 00:00:54 41-05:49:32 28745 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php 6:devices:/system.slice/sw-engine.service,1:name=systemd:/system.slice/sw-engine.service root 366000 10100 00:00:53 41-05:49:32 28762 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 6:devices:/system.slice/wp-toolkit-background-tasks.service,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 382412 28496 00:32:14 41-05:49:31 28777 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 6:devices:/system.slice/polkit.service,1:name=systemd:/system.slice/polkit.service polkitd 610540 11548 00:04:11 41-05:49:31 28815 /usr/lib/polkit-1/polkitd --no-debug - root 0 0 00:00:01 10:44:23 29345 [kworker/0:1] 6:devices:/system.slice/mariadb.service,1:name=systemd:/system.slice/mariadb.service mysql 2420748 281512 00:50:38 9-06:06:31 29435 /usr/sbin/mysqld 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236372 14608 00:00:01 10:24:07 31042 /usr/sbin/httpd -k start - root 0 0 00:00:00 03:53:32 32610 [kworker/3:1] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2022-11-18 00:25 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadf049df8adFound public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2745.scope static acpid.service enabled aibolit-resident.service enabled alt-php-internal-fpm.service disabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-rquotad.service disabled nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-rquotad.service disabled rpcbind.service enabled rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 301 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK check_mk@49082-103.179.190.35:6556-164.92.224.29:54682.service loaded activating start start Check_MK (164.92.224.29:54682) * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.36 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WordPress Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WordPress Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191436 3932 04:45:09 212-21:57:35 1 /usr/lib/systemd/systemd --system --deserialize 24 - root 0 0 00:00:01 212-21:57:35 2 [kthreadd] - root 0 0 00:00:00 212-21:57:35 4 [kworker/0:0H] - root 0 0 00:00:41 212-21:57:35 6 [ksoftirqd/0] - root 0 0 00:00:08 212-21:57:35 7 [migration/0] - root 0 0 00:00:00 212-21:57:35 8 [rcu_bh] - root 0 0 04:13:54 212-21:57:35 9 [rcu_sched] - root 0 0 00:00:00 212-21:57:35 10 [lru-add-drain] - root 0 0 00:01:20 212-21:57:35 11 [watchdog/0] - root 0 0 00:01:14 212-21:57:35 12 [watchdog/1] - root 0 0 00:01:35 212-21:57:35 13 [migration/1] - root 0 0 00:00:35 212-21:57:35 14 [ksoftirqd/1] - root 0 0 00:00:00 212-21:57:35 16 [kworker/1:0H] - root 0 0 00:01:10 212-21:57:35 17 [watchdog/2] - root 0 0 00:00:12 212-21:57:35 18 [migration/2] - root 0 0 00:00:32 212-21:57:35 19 [ksoftirqd/2] - root 0 0 00:00:00 212-21:57:35 21 [kworker/2:0H] - root 0 0 00:01:08 212-21:57:35 22 [watchdog/3] - root 0 0 00:00:11 212-21:57:35 23 [migration/3] - root 0 0 00:00:51 212-21:57:35 24 [ksoftirqd/3] - root 0 0 00:00:00 212-21:57:35 26 [kworker/3:0H] - root 0 0 00:01:07 212-21:57:35 27 [watchdog/4] - root 0 0 00:00:57 212-21:57:35 28 [migration/4] - root 0 0 00:01:07 212-21:57:35 29 [ksoftirqd/4] - root 0 0 00:00:00 212-21:57:35 31 [kworker/4:0H] - root 0 0 00:01:15 212-21:57:35 32 [watchdog/5] - root 0 0 00:00:13 212-21:57:35 33 [migration/5] - root 0 0 00:05:51 212-21:57:35 34 [ksoftirqd/5] - root 0 0 00:00:00 212-21:57:35 36 [kworker/5:0H] - root 0 0 00:00:00 212-21:57:35 38 [kdevtmpfs] - root 0 0 00:00:00 212-21:57:35 39 [netns] - root 0 0 00:00:08 212-21:57:35 40 [khungtaskd] - root 0 0 00:00:00 212-21:57:35 41 [writeback] - root 0 0 00:00:00 212-21:57:35 42 [kintegrityd] - root 0 0 00:00:00 212-21:57:35 43 [bioset] - root 0 0 00:00:00 212-21:57:35 44 [bioset] - root 0 0 00:00:00 212-21:57:35 45 [bioset] - root 0 0 00:00:00 212-21:57:35 46 [kblockd] - root 0 0 00:00:00 212-21:57:35 47 [md] - root 0 0 00:00:00 212-21:57:35 48 [edac-poller] - root 0 0 00:00:00 212-21:57:35 49 [watchdogd] - root 0 0 00:04:06 212-21:57:35 55 [kswapd0] - root 0 0 00:00:00 212-21:57:35 56 [ksmd] - root 0 0 00:00:41 212-21:57:35 57 [khugepaged] - root 0 0 00:00:00 212-21:57:35 58 [crypto] - root 0 0 00:00:00 212-21:57:35 66 [kthrotld] - root 0 0 00:00:00 212-21:57:35 68 [kmpath_rdacd] - root 0 0 00:00:00 212-21:57:35 69 [kaluad] - root 0 0 00:00:00 212-21:57:35 70 [kpsmoused] - root 0 0 00:00:00 212-21:57:34 72 [ipv6_addrconf] - root 0 0 00:00:00 212-21:57:34 86 [deferwq] - root 0 0 00:12:07 212-21:57:34 197 [kauditd] - root 0 0 00:00:00 212-21:57:34 262 [ata_sff] - root 0 0 00:00:00 212-21:57:34 276 [ttm_swap] - root 0 0 00:00:00 212-21:57:34 280 [scsi_eh_0] - root 0 0 00:00:00 212-21:57:34 281 [scsi_tmf_0] - root 0 0 00:00:00 212-21:57:34 282 [scsi_eh_1] - root 0 0 00:00:00 212-21:57:34 283 [scsi_tmf_1] - root 0 0 00:02:52 212-21:57:34 289 [kworker/3:1H] - root 0 0 00:06:06 212-21:57:34 294 [kworker/0:1H] - root 0 0 00:02:41 212-21:57:34 301 [kworker/4:1H] - root 0 0 00:41:47 212-21:57:34 302 [jbd2/vda1-8] - root 0 0 00:00:00 212-21:57:34 303 [ext4-rsv-conver] - root 0 0 00:00:22 212-21:57:34 309 [kworker/2:1H] 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236084 13484 00:00:00 45:12 310 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236232 13744 00:00:00 45:11 311 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236204 13708 00:00:00 45:11 312 /usr/sbin/httpd -k start - root 0 0 00:00:00 44:02 362 [kworker/0:0] - root 0 0 00:02:50 212-21:57:33 372 [kworker/5:1H] - root 0 0 00:00:42 212-21:57:33 374 [kworker/1:1H] 6:devices:/system.slice/auditd.service,1:name=systemd:/system.slice/auditd.service root 55532 868 00:26:05 212-21:57:32 458 /sbin/auditd 6:devices:/system.slice/dbus.service,1:name=systemd:/system.slice/dbus.service dbus 58296 1660 01:00:23 212-21:57:32 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation - root 0 0 00:04:30 212-21:57:31 671 [loop0] - root 0 0 00:01:41 212-21:57:31 672 [jbd2/loop0-8] - root 0 0 00:00:00 212-21:57:31 673 [ext4-rsv-conver] 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1592 00:00:00 211-19:57:37 1006 nano pdns.conf 6:devices:/system.slice/dnsadmin.service,1:name=systemd:/system.slice/dnsadmin.service root 167292 4204 00:08:40 212-21:57:20 1491 dnsadmin - dormant mode 6:devices:/system.slice/cpdavd.service,1:name=systemd:/system.slice/cpdavd.service root 183660 6584 00:14:53 212-21:57:20 1494 cpdavd - accepting connections on: 2079, 2080, 2091, 2077, 2078 (dormant) 6:devices:/system.slice/tailwatchd.service,1:name=systemd:/system.slice/tailwatchd.service root 206512 18932 00:13:51 212-21:57:20 1495 tailwatchd 6:devices:/system.slice/cphulkd.service,1:name=systemd:/system.slice/cphulkd.service root 189916 12196 00:59:55 212-21:57:20 1497 cPhulkd - processor - root 0 0 00:00:00 22:24 1667 [kworker/4:0] 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service root 230280 8892 00:00:08 1-12:35:04 1856 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service root 12764 1332 00:00:02 1-12:35:04 1857 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service root 12772 1352 00:00:01 1-12:35:04 1858 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service root 53084 11624 00:00:00 1-12:35:04 1859 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect 6:devices:/system.slice/ea-php74-php-fpm.service,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 610516 13932 00:00:18 1-12:35:01 1895 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) - root 0 0 00:00:00 11:02 2469 [kworker/1:1] - root 0 0 00:00:00 08:02 2675 [kworker/2:2] - root 0 0 00:00:02 21:34:01 2837 [kworker/0:1] - root 0 0 00:00:00 04:02 2882 [kworker/5:0] 6:devices:/system.slice/system-check_mk.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@49082-103.179.190.35:6556-164.92.224.29:54682.service root 113416 1584 00:00:00 00:00 3299 /bin/bash /usr/bin/check_mk_agent 6:devices:/system.slice/system-check_mk.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@49082-103.179.190.35:6556-164.92.224.29:54682.service root 49820 1560 00:00:00 00:00 3322 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service root 51488 2124 00:00:13 14-12:23:00 5642 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovenull 47496 4612 00:00:03 14-12:23:00 5648 dovecot/pop3-login 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovenull 47504 4712 00:00:03 14-12:23:00 5649 dovecot/imap-login 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovecot 10304 1028 00:00:02 14-12:23:00 5650 dovecot/anvil 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service root 10436 1320 00:00:04 14-12:23:00 5651 dovecot/log 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovenull 47632 4808 00:00:04 14-12:23:00 5652 dovecot/pop3-login 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovenull 47552 4664 00:00:04 14-12:23:00 5653 dovecot/imap-login 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service root 17984 4768 00:00:13 14-12:23:00 5655 dovecot/config 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovecot 13552 1232 00:00:06 14-12:23:00 5656 dovecot/stats 6:devices:/system.slice/exim.service,1:name=systemd:/system.slice/exim.service mailnull 86076 11764 00:00:15 14-12:23:00 5692 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 6:devices:/system.slice/pure-authd.service,1:name=systemd:/system.slice/pure-authd.service root 152776 2036 00:00:02 14-12:23:00 5719 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth 6:devices:/system.slice/pure-ftpd.service,1:name=systemd:/system.slice/pure-ftpd.service root 153400 3036 00:00:03 14-12:23:00 5720 pure-ftpd (SERVER) 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236316 14560 00:00:04 20:52:29 5737 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236300 14568 00:00:02 13:56:48 6649 /usr/sbin/httpd -k start 6:devices:/system.slice/cphulkd.service,1:name=systemd:/system.slice/cphulkd.service root 152716 11284 00:00:35 1-03:19:00 8243 cPhulkd - dbprocessor 6:devices:/system.slice/cpanel.service,1:name=systemd:/system.slice/cpanel.service root 254624 28564 01:38:10 178-12:34:04 8935 cpsrvd (SSL) - waiting for connections 6:devices:/system.slice/atd.service,1:name=systemd:/system.slice/atd.service root 24208 952 00:00:00 168-12:34:37 8955 /usr/sbin/atd -f 6:devices:/system.slice/chronyd.service,1:name=systemd:/system.slice/chronyd.service chrony 103732 1508 00:00:05 30-12:10:07 9130 /usr/sbin/chronyd 6:devices:/system.slice/xinetd.service,1:name=systemd:/system.slice/xinetd.service root 27380 872 00:00:00 30-12:10:07 9174 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 6:devices:/system.slice/memcached.service,1:name=systemd:/system.slice/memcached.service memcached 80044 1608 00:02:13 30-12:10:07 9205 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 6:devices:/system.slice/mariadb.service,1:name=systemd:/system.slice/mariadb.service mysql 2558784 324532 03:36:09 30-12:10:05 9269 /usr/sbin/mysqld - root 0 0 00:00:00 05:57:44 9338 [kworker/2:1] 6:devices:/system.slice/sshd.service,1:name=systemd:/system.slice/sshd.service root 111300 4004 00:02:57 30-12:10:04 9390 /usr/sbin/sshd -D 6:devices:/system.slice/system-serial\x2dgetty.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 740 00:00:00 168-12:33:50 9698 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 6:devices:/system.slice/system-getty.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 728 00:00:00 168-12:33:50 9745 /sbin/agetty --noclear tty1 linux 6:devices:/system.slice/acpid.service,1:name=systemd:/system.slice/acpid.service root 4388 456 00:00:00 168-12:33:46 10005 /usr/sbin/acpid 6:devices:/system.slice/crond.service,1:name=systemd:/system.slice/crond.service root 124500 1592 00:02:31 168-12:33:46 10027 /usr/sbin/crond -n 6:devices:/system.slice/pdns.service,1:name=systemd:/system.slice/pdns.service named 809548 10884 00:08:25 52-12:34:56 10057 /usr/sbin/pdns_server --socket-dir=/run/pdns --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no 6:devices:/system.slice/irqbalance.service,1:name=systemd:/system.slice/irqbalance.service root 21540 1100 00:19:43 168-12:33:45 10141 /usr/sbin/irqbalance --foreground - root 0 0 00:00:06 13:04:01 10410 [kworker/1:0] 6:devices:/system.slice/spamd.service,1:name=systemd:/system.slice/spamd.service root 249340 123184 00:00:14 12:31:51 13465 /usr/local/cpanel/3rdparty/perl/532/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 6:devices:/system.slice/qemu-guest-agent.service,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 1700 00:00:00 63-12:04:12 13850 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 6:devices:/system.slice/smartd.service,1:name=systemd:/system.slice/smartd.service root 52852 2296 00:00:01 63-12:04:11 13907 /usr/sbin/smartd -n -q never 6:devices:/system.slice/systemd-logind.service,1:name=systemd:/system.slice/systemd-logind.service root 24892 2000 00:09:45 63-12:04:11 13923 /usr/lib/systemd/systemd-logind 6:devices:/system.slice/rsyslog.service,1:name=systemd:/system.slice/rsyslog.service root 536756 17744 00:19:20 63-12:04:08 14031 /usr/sbin/rsyslogd -n 6:devices:/system.slice/systemd-udevd.service,1:name=systemd:/system.slice/systemd-udevd.service root 43532 1324 00:00:00 63-12:04:06 14146 /usr/lib/systemd/systemd-udevd 6:devices:/system.slice/rpcbind.service,1:name=systemd:/system.slice/rpcbind.service rpc 69256 1420 00:00:14 63-12:04:06 14163 /sbin/rpcbind -w 6:devices:/system.slice/systemd-journald.service,1:name=systemd:/system.slice/systemd-journald.service root 64800 26996 00:29:50 63-12:04:05 14218 /usr/lib/systemd/systemd-journald 6:devices:/system.slice/spamd.service,1:name=systemd:/system.slice/spamd.service root 250488 121640 00:00:10 12:18:27 14599 spamd child 6:devices:/system.slice/spamd.service,1:name=systemd:/system.slice/spamd.service root 249340 119912 00:00:00 12:18:27 14600 spamd child 6:devices:/system.slice/queueprocd.service,1:name=systemd:/system.slice/queueprocd.service root 223968 14748 00:03:33 24-12:35:46 19423 queueprocd - waiting up to 60s to process a task 6:devices:/system.slice/nscd.service,1:name=systemd:/system.slice/nscd.service nscd 1467604 4576 00:05:44 24-12:35:25 19622 /usr/sbin/nscd 6:devices:/system.slice/p0f.service,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 9844 3300 01:28:27 24-12:35:25 19710 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 6:devices:/system.slice/cpanellogd.service,1:name=systemd:/system.slice/cpanellogd.service root 130240 2740 00:00:13 24-12:35:25 19720 cpanellogd - sleeping for logs 6:devices:/system.slice/cpanel_php_fpm.service,1:name=systemd:/system.slice/cpanel_php_fpm.service root 255320 6552 00:01:58 24-12:35:21 19796 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) - root 0 0 00:00:00 10:22:31 22044 [kworker/5:2] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81892 1240 00:00:00 2-12:35:40 23182 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81892 1736 00:00:51 2-12:35:40 23183 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81892 2168 00:00:00 2-12:35:40 23184 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81892 2148 00:00:00 2-12:35:40 23185 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81892 2172 00:00:00 2-12:35:40 23186 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81892 2208 00:00:18 2-12:35:40 23187 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] - root 0 0 00:00:00 02:51:10 23895 [kworker/u12:1] - root 0 0 00:00:00 02:24:02 25661 [kworker/4:1] - root 0 0 00:00:00 09:24:02 26544 [kworker/3:1] 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236228 13940 00:00:00 02:10:41 26849 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236256 13984 00:00:00 02:10:34 26880 /usr/sbin/httpd -k start 6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 372020 18004 00:00:37 28-12:18:12 28745 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php 6:devices:/system.slice/sw-engine.service,1:name=systemd:/system.slice/sw-engine.service root 366000 10380 00:00:36 28-12:18:12 28762 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 6:devices:/system.slice/wp-toolkit-background-tasks.service,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 382412 28776 00:22:28 28-12:18:11 28777 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 6:devices:/system.slice/polkit.service,1:name=systemd:/system.slice/polkit.service polkitd 610540 11608 00:02:55 28-12:18:11 28815 /usr/lib/polkit-1/polkitd --no-debug - root 0 0 00:00:00 01:37:55 29218 [kworker/u12:0] - root 0 0 00:00:00 01:34:02 29422 [kworker/5:1] 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236368 14668 00:00:02 15:46:13 29958 /usr/sbin/httpd -k start - root 0 0 00:00:00 01:24:03 29967 [kworker/3:2] 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236284 13780 00:00:00 01:17:29 30565 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236152 13656 00:00:00 01:17:28 30566 /usr/sbin/httpd -k start Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2022-11-05 06:54 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadf817f85faFound public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2745.scope static acpid.service enabled aibolit-resident.service enabled alt-php-internal-fpm.service disabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-rquotad.service disabled nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-rquotad.service disabled rpcbind.service enabled rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 301 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK check_mk@44367-103.179.190.35:6556-165.22.227.16:49518.service loaded activating start start Check_MK (165.22.227.16:49518) * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.36 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WordPress Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WordPress Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191436 3948 04:22:47 194-15:47:39 1 /usr/lib/systemd/systemd --system --deserialize 24 - root 0 0 00:00:01 194-15:47:39 2 [kthreadd] - root 0 0 00:00:00 194-15:47:39 4 [kworker/0:0H] - root 0 0 00:00:35 194-15:47:39 6 [ksoftirqd/0] - root 0 0 00:00:07 194-15:47:39 7 [migration/0] - root 0 0 00:00:00 194-15:47:39 8 [rcu_bh] - root 0 0 03:54:38 194-15:47:39 9 [rcu_sched] - root 0 0 00:00:00 194-15:47:39 10 [lru-add-drain] - root 0 0 00:01:13 194-15:47:39 11 [watchdog/0] - root 0 0 00:01:08 194-15:47:39 12 [watchdog/1] - root 0 0 00:01:27 194-15:47:39 13 [migration/1] - root 0 0 00:00:29 194-15:47:39 14 [ksoftirqd/1] - root 0 0 00:00:00 194-15:47:39 16 [kworker/1:0H] - root 0 0 00:01:03 194-15:47:39 17 [watchdog/2] - root 0 0 00:00:11 194-15:47:39 18 [migration/2] - root 0 0 00:00:27 194-15:47:39 19 [ksoftirqd/2] - root 0 0 00:00:00 194-15:47:39 21 [kworker/2:0H] - root 0 0 00:01:02 194-15:47:39 22 [watchdog/3] - root 0 0 00:00:10 194-15:47:39 23 [migration/3] - root 0 0 00:00:43 194-15:47:39 24 [ksoftirqd/3] - root 0 0 00:00:00 194-15:47:39 26 [kworker/3:0H] - root 0 0 00:01:01 194-15:47:39 27 [watchdog/4] - root 0 0 00:00:52 194-15:47:39 28 [migration/4] - root 0 0 00:00:55 194-15:47:39 29 [ksoftirqd/4] - root 0 0 00:00:00 194-15:47:39 31 [kworker/4:0H] - root 0 0 00:01:08 194-15:47:39 32 [watchdog/5] - root 0 0 00:00:12 194-15:47:39 33 [migration/5] - root 0 0 00:05:23 194-15:47:39 34 [ksoftirqd/5] - root 0 0 00:00:00 194-15:47:39 36 [kworker/5:0H] - root 0 0 00:00:00 194-15:47:39 38 [kdevtmpfs] - root 0 0 00:00:00 194-15:47:39 39 [netns] - root 0 0 00:00:07 194-15:47:39 40 [khungtaskd] - root 0 0 00:00:00 194-15:47:39 41 [writeback] - root 0 0 00:00:00 194-15:47:39 42 [kintegrityd] - root 0 0 00:00:00 194-15:47:39 43 [bioset] - root 0 0 00:00:00 194-15:47:39 44 [bioset] - root 0 0 00:00:00 194-15:47:39 45 [bioset] - root 0 0 00:00:00 194-15:47:39 46 [kblockd] - root 0 0 00:00:00 194-15:47:39 47 [md] - root 0 0 00:00:00 194-15:47:39 48 [edac-poller] - root 0 0 00:00:00 194-15:47:39 49 [watchdogd] - root 0 0 00:03:39 194-15:47:39 55 [kswapd0] - root 0 0 00:00:00 194-15:47:39 56 [ksmd] - root 0 0 00:00:38 194-15:47:39 57 [khugepaged] - root 0 0 00:00:00 194-15:47:39 58 [crypto] - root 0 0 00:00:00 194-15:47:39 66 [kthrotld] - root 0 0 00:00:00 194-15:47:39 68 [kmpath_rdacd] - root 0 0 00:00:00 194-15:47:39 69 [kaluad] - root 0 0 00:00:00 194-15:47:39 70 [kpsmoused] - root 0 0 00:00:00 194-15:47:38 72 [ipv6_addrconf] - root 0 0 00:00:00 194-15:47:38 86 [deferwq] - root 0 0 00:11:07 194-15:47:38 197 [kauditd] - root 0 0 00:00:00 194-15:47:38 262 [ata_sff] - root 0 0 00:00:00 194-15:47:38 276 [ttm_swap] - root 0 0 00:00:00 194-15:47:38 280 [scsi_eh_0] - root 0 0 00:00:00 194-15:47:38 281 [scsi_tmf_0] - root 0 0 00:00:00 194-15:47:38 282 [scsi_eh_1] - root 0 0 00:00:00 194-15:47:38 283 [scsi_tmf_1] - root 0 0 00:02:35 194-15:47:38 289 [kworker/3:1H] - root 0 0 00:05:30 194-15:47:38 294 [kworker/0:1H] - root 0 0 00:02:25 194-15:47:38 301 [kworker/4:1H] - root 0 0 00:37:42 194-15:47:38 302 [jbd2/vda1-8] - root 0 0 00:00:00 194-15:47:38 303 [ext4-rsv-conver] - root 0 0 00:00:20 194-15:47:38 309 [kworker/2:1H] - root 0 0 00:02:32 194-15:47:37 372 [kworker/5:1H] - root 0 0 00:00:38 194-15:47:37 374 [kworker/1:1H] 6:devices:/system.slice/auditd.service,1:name=systemd:/system.slice/auditd.service root 55532 868 00:23:55 194-15:47:36 458 /sbin/auditd 6:devices:/system.slice/dbus.service,1:name=systemd:/system.slice/dbus.service dbus 58296 1660 00:54:36 194-15:47:36 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation - root 0 0 00:04:04 194-15:47:35 671 [loop0] - root 0 0 00:01:31 194-15:47:35 672 [jbd2/loop0-8] - root 0 0 00:00:00 194-15:47:35 673 [ext4-rsv-conver] - root 0 0 00:00:00 05:14:05 717 [kworker/5:1] 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1592 00:00:00 193-13:47:41 1006 nano pdns.conf - root 0 0 00:00:00 05:05:43 1198 [kworker/u12:0] 6:devices:/system.slice/dnsadmin.service,1:name=systemd:/system.slice/dnsadmin.service root 167292 4204 00:07:55 194-15:47:24 1491 dnsadmin - dormant mode 6:devices:/system.slice/cpdavd.service,1:name=systemd:/system.slice/cpdavd.service root 183660 6588 00:13:34 194-15:47:24 1494 cpdavd - accepting connections on: 2079, 2080, 2091, 2077, 2078 (dormant) 6:devices:/system.slice/tailwatchd.service,1:name=systemd:/system.slice/tailwatchd.service root 206532 19068 00:12:47 194-15:47:24 1495 tailwatchd 6:devices:/system.slice/cphulkd.service,1:name=systemd:/system.slice/cphulkd.service root 189912 12632 00:55:11 194-15:47:24 1497 cPhulkd - processor - root 0 0 00:00:00 21:14:05 5029 [kworker/3:1] 6:devices:/system.slice/ea-php74-php-fpm.service,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 610520 17140 00:02:33 12-06:22:09 8105 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) 6:devices:/system.slice/cpanel.service,1:name=systemd:/system.slice/cpanel.service root 254624 28616 01:28:15 160-06:24:08 8935 cpsrvd (SSL) - waiting for connections 6:devices:/system.slice/atd.service,1:name=systemd:/system.slice/atd.service root 24208 920 00:00:00 150-06:24:41 8955 /usr/sbin/atd -f 6:devices:/system.slice/chronyd.service,1:name=systemd:/system.slice/chronyd.service chrony 103732 1740 00:00:02 12-06:00:11 9130 /usr/sbin/chronyd 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81892 1236 00:00:00 12-06:00:11 9153 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81892 1732 00:04:14 12-06:00:11 9154 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81892 2176 00:00:00 12-06:00:11 9155 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81892 2176 00:00:00 12-06:00:11 9156 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81892 2172 00:00:00 12-06:00:11 9157 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81892 2204 00:01:28 12-06:00:11 9158 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] 6:devices:/system.slice/xinetd.service,1:name=systemd:/system.slice/xinetd.service root 27380 872 00:00:00 12-06:00:11 9174 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236764 14484 00:00:00 02:45:57 9182 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236968 14316 00:00:00 02:45:57 9183 /usr/sbin/httpd -k start 6:devices:/system.slice/memcached.service,1:name=systemd:/system.slice/memcached.service memcached 80044 1612 00:00:53 12-06:00:11 9205 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 6:devices:/system.slice/mariadb.service,1:name=systemd:/system.slice/mariadb.service mysql 2552452 305452 01:17:41 12-06:00:09 9269 /usr/sbin/mysqld 6:devices:/system.slice/pure-authd.service,1:name=systemd:/system.slice/pure-authd.service root 152776 2032 00:00:02 12-06:00:09 9347 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth 6:devices:/system.slice/pure-ftpd.service,1:name=systemd:/system.slice/pure-ftpd.service root 153400 3096 00:00:02 12-06:00:09 9348 pure-ftpd (SERVER) 6:devices:/system.slice/sshd.service,1:name=systemd:/system.slice/sshd.service root 111300 4020 00:01:05 12-06:00:08 9390 /usr/sbin/sshd -D 6:devices:/system.slice/exim.service,1:name=systemd:/system.slice/exim.service mailnull 86072 12224 00:00:32 12-06:00:07 9435 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236604 14368 00:00:00 02:38:14 9663 /usr/sbin/httpd -k start 6:devices:/system.slice/system-serial\x2dgetty.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 740 00:00:00 150-06:23:54 9698 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 6:devices:/system.slice/system-getty.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 728 00:00:00 150-06:23:54 9745 /sbin/agetty --noclear tty1 linux 6:devices:/system.slice/acpid.service,1:name=systemd:/system.slice/acpid.service root 4388 456 00:00:00 150-06:23:50 10005 /usr/sbin/acpid 6:devices:/system.slice/crond.service,1:name=systemd:/system.slice/crond.service root 124500 1592 00:02:15 150-06:23:50 10027 /usr/sbin/crond -n 6:devices:/system.slice/pdns.service,1:name=systemd:/system.slice/pdns.service named 809548 11440 00:05:27 34-06:25:00 10057 /usr/sbin/pdns_server --socket-dir=/run/pdns --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no 6:devices:/system.slice/irqbalance.service,1:name=systemd:/system.slice/irqbalance.service root 21540 1104 00:17:30 150-06:23:49 10141 /usr/sbin/irqbalance --foreground - root 0 0 00:00:00 02:19:02 10499 [kworker/4:1] - root 0 0 00:00:00 01:54:05 11645 [kworker/5:2] - root 0 0 00:00:00 01:44:05 12027 [kworker/4:2] 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236576 14288 00:00:00 01:41:33 12179 /usr/sbin/httpd -k start 6:devices:/system.slice/qemu-guest-agent.service,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 1708 00:00:00 45-05:54:16 13850 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 6:devices:/system.slice/smartd.service,1:name=systemd:/system.slice/smartd.service root 52852 2300 00:00:00 45-05:54:15 13907 /usr/sbin/smartd -n -q never 6:devices:/system.slice/systemd-logind.service,1:name=systemd:/system.slice/systemd-logind.service root 24892 2004 00:06:52 45-05:54:15 13923 /usr/lib/systemd/systemd-logind 6:devices:/system.slice/rsyslog.service,1:name=systemd:/system.slice/rsyslog.service root 538840 17920 00:13:26 45-05:54:12 14031 /usr/sbin/rsyslogd -n 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service root 51604 2292 00:00:48 45-05:54:11 14084 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovecot 10304 1028 00:00:11 45-05:54:10 14087 dovecot/anvil 6:devices:/system.slice/systemd-udevd.service,1:name=systemd:/system.slice/systemd-udevd.service root 43532 1328 00:00:00 45-05:54:10 14146 /usr/lib/systemd/systemd-udevd 6:devices:/system.slice/rpcbind.service,1:name=systemd:/system.slice/rpcbind.service rpc 69256 1420 00:00:10 45-05:54:10 14163 /sbin/rpcbind -w - root 0 0 00:00:00 01:12:54 14213 [kworker/3:2] 6:devices:/system.slice/systemd-journald.service,1:name=systemd:/system.slice/systemd-journald.service root 68896 26932 00:20:34 45-05:54:09 14218 /usr/lib/systemd/systemd-journald - root 0 0 00:00:00 54:04 15556 [kworker/2:2] - root 0 0 00:00:00 24:05 17031 [kworker/u12:1] - root 0 0 00:00:00 19:03 17394 [kworker/0:1] - root 0 0 00:00:00 14:05 17669 [kworker/1:0] - root 0 0 00:00:00 12:53 17783 [kworker/0:0] 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236412 12932 00:00:00 12:08 17941 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236388 12784 00:00:00 12:05 17949 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236584 13468 00:00:00 12:04 17962 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236840 13624 00:00:00 12:03 17982 /usr/sbin/httpd -k start - root 0 0 00:00:00 04:05 18462 [kworker/4:0] - root 0 0 00:00:00 03:34 18598 [kworker/u12:2] 6:devices:/system.slice/sshd.service,1:name=systemd:/system.slice/sshd.service root 157112 5064 00:00:00 00:03 18724 sshd: unknown [priv] 6:devices:/system.slice/sshd.service,1:name=systemd:/system.slice/sshd.service sshd 111300 2220 00:00:00 00:03 18725 sshd: unknown [net] 6:devices:/system.slice/system-check_mk.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@44367-103.179.190.35:6556-165.22.227.16:49518.service root 113568 1860 00:00:00 00:00 18866 /bin/bash /usr/bin/check_mk_agent 6:devices:/system.slice/system-check_mk.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@44367-103.179.190.35:6556-165.22.227.16:49518.service root 49820 1564 00:00:00 00:00 18889 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 6:devices:/system.slice/queueprocd.service,1:name=systemd:/system.slice/queueprocd.service root 223844 14872 00:00:51 6-06:25:50 19423 queueprocd - waiting up to 60s to process a task 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service root 12752 1328 00:00:11 6-06:25:30 19538 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service root 12764 1332 00:00:09 6-06:25:30 19539 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service root 53088 11772 00:00:00 6-06:25:30 19540 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect 6:devices:/system.slice/nscd.service,1:name=systemd:/system.slice/nscd.service nscd 1467604 2660 00:01:25 6-06:25:29 19622 /usr/sbin/nscd 6:devices:/system.slice/p0f.service,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 9852 3332 00:22:37 6-06:25:29 19710 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 6:devices:/system.slice/cpanellogd.service,1:name=systemd:/system.slice/cpanellogd.service root 130240 2740 00:00:03 6-06:25:29 19720 cpanellogd - sleeping for logs 6:devices:/system.slice/cpanel_php_fpm.service,1:name=systemd:/system.slice/cpanel_php_fpm.service root 255320 6580 00:00:30 6-06:25:25 19796 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) - root 0 0 00:00:02 1-23:44:05 20373 [kworker/2:0] 6:devices:/system.slice/cphulkd.service,1:name=systemd:/system.slice/cphulkd.service root 152108 10876 00:00:27 1-07:52:12 20841 cPhulkd - dbprocessor - root 0 0 00:00:08 16:57:05 21141 [kworker/1:2] 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236792 14760 00:00:02 07:13:59 26100 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 237100 14944 00:00:01 07:13:58 26106 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service root 230732 11684 00:03:40 40-06:24:50 27955 /usr/sbin/httpd -k start 6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 372020 18372 00:00:13 10-06:08:16 28745 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php 6:devices:/system.slice/sw-engine.service,1:name=systemd:/system.slice/sw-engine.service root 366000 8720 00:00:12 10-06:08:16 28762 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 6:devices:/system.slice/wp-toolkit-background-tasks.service,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 382412 29148 00:08:08 10-06:08:15 28777 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 6:devices:/system.slice/polkit.service,1:name=systemd:/system.slice/polkit.service polkitd 610540 9628 00:01:03 10-06:08:15 28815 /usr/lib/polkit-1/polkitd --no-debug 6:devices:/system.slice/spamd.service,1:name=systemd:/system.slice/spamd.service root 249352 124132 00:00:09 06:16:04 29997 /usr/local/cpanel/3rdparty/perl/532/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 6:devices:/system.slice/spamd.service,1:name=systemd:/system.slice/spamd.service root 250488 121616 00:00:04 06:03:41 30752 spamd child 6:devices:/system.slice/spamd.service,1:name=systemd:/system.slice/spamd.service root 249352 119980 00:00:00 06:03:41 30753 spamd child 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovenull 48396 5496 00:00:03 14-12:36:50 32646 dovecot/pop3-login 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovenull 48304 5544 00:00:03 14-12:36:50 32647 dovecot/imap-login 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service root 10436 1324 00:00:05 14-12:36:50 32648 dovecot/log 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovenull 47876 5408 00:00:05 14-12:36:50 32649 dovecot/pop3-login 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovenull 48680 5944 00:00:05 14-12:36:50 32650 dovecot/imap-login 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service root 17984 4764 00:00:15 14-12:36:50 32651 dovecot/config 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovecot 13552 1236 00:00:07 14-12:36:50 32652 dovecot/stats Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2022-10-18 00:44 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadf6dede4feFound public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2745.scope static acpid.service enabled aibolit-resident.service enabled alt-php-internal-fpm.service disabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-rquotad.service disabled nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-rquotad.service disabled rpcbind.service enabled rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 301 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK check_mk@40602-103.179.190.35:6556-178.62.7.249:54590.service loaded activating start start Check_MK (178.62.7.249:54590) * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.36 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WordPress Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WordPress Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191360 3972 04:01:50 176-05:18:46 1 /usr/lib/systemd/systemd --system --deserialize 24 - root 0 0 00:00:01 176-05:18:46 2 [kthreadd] - root 0 0 00:00:00 176-05:18:46 4 [kworker/0:0H] - root 0 0 00:00:31 176-05:18:46 6 [ksoftirqd/0] - root 0 0 00:00:06 176-05:18:46 7 [migration/0] - root 0 0 00:00:00 176-05:18:46 8 [rcu_bh] - root 0 0 03:34:32 176-05:18:46 9 [rcu_sched] - root 0 0 00:00:00 176-05:18:46 10 [lru-add-drain] - root 0 0 00:01:06 176-05:18:46 11 [watchdog/0] - root 0 0 00:01:01 176-05:18:46 12 [watchdog/1] - root 0 0 00:01:19 176-05:18:46 13 [migration/1] - root 0 0 00:00:25 176-05:18:46 14 [ksoftirqd/1] - root 0 0 00:00:00 176-05:18:46 16 [kworker/1:0H] - root 0 0 00:00:57 176-05:18:46 17 [watchdog/2] - root 0 0 00:00:10 176-05:18:46 18 [migration/2] - root 0 0 00:00:24 176-05:18:46 19 [ksoftirqd/2] - root 0 0 00:00:00 176-05:18:46 21 [kworker/2:0H] - root 0 0 00:00:56 176-05:18:46 22 [watchdog/3] - root 0 0 00:00:09 176-05:18:46 23 [migration/3] - root 0 0 00:00:38 176-05:18:46 24 [ksoftirqd/3] - root 0 0 00:00:00 176-05:18:46 26 [kworker/3:0H] - root 0 0 00:00:55 176-05:18:46 27 [watchdog/4] - root 0 0 00:00:46 176-05:18:46 28 [migration/4] - root 0 0 00:00:48 176-05:18:46 29 [ksoftirqd/4] - root 0 0 00:00:00 176-05:18:46 31 [kworker/4:0H] - root 0 0 00:01:02 176-05:18:46 32 [watchdog/5] - root 0 0 00:00:11 176-05:18:46 33 [migration/5] - root 0 0 00:04:47 176-05:18:46 34 [ksoftirqd/5] - root 0 0 00:00:00 176-05:18:46 36 [kworker/5:0H] - root 0 0 00:00:00 176-05:18:46 38 [kdevtmpfs] - root 0 0 00:00:00 176-05:18:46 39 [netns] - root 0 0 00:00:07 176-05:18:46 40 [khungtaskd] - root 0 0 00:00:00 176-05:18:46 41 [writeback] - root 0 0 00:00:00 176-05:18:46 42 [kintegrityd] - root 0 0 00:00:00 176-05:18:46 43 [bioset] - root 0 0 00:00:00 176-05:18:46 44 [bioset] - root 0 0 00:00:00 176-05:18:46 45 [bioset] - root 0 0 00:00:00 176-05:18:46 46 [kblockd] - root 0 0 00:00:00 176-05:18:46 47 [md] - root 0 0 00:00:00 176-05:18:46 48 [edac-poller] - root 0 0 00:00:00 176-05:18:46 49 [watchdogd] - root 0 0 00:03:10 176-05:18:46 55 [kswapd0] - root 0 0 00:00:00 176-05:18:46 56 [ksmd] - root 0 0 00:00:34 176-05:18:46 57 [khugepaged] - root 0 0 00:00:00 176-05:18:46 58 [crypto] - root 0 0 00:00:00 176-05:18:46 66 [kthrotld] - root 0 0 00:00:00 176-05:18:46 68 [kmpath_rdacd] - root 0 0 00:00:00 176-05:18:46 69 [kaluad] - root 0 0 00:00:00 176-05:18:46 70 [kpsmoused] - root 0 0 00:00:00 176-05:18:45 72 [ipv6_addrconf] - root 0 0 00:00:00 176-05:18:45 86 [deferwq] - root 0 0 00:10:13 176-05:18:45 197 [kauditd] - root 0 0 00:00:00 176-05:18:45 262 [ata_sff] - root 0 0 00:00:00 176-05:18:45 276 [ttm_swap] - root 0 0 00:00:00 176-05:18:45 280 [scsi_eh_0] - root 0 0 00:00:00 176-05:18:45 281 [scsi_tmf_0] - root 0 0 00:00:00 176-05:18:45 282 [scsi_eh_1] - root 0 0 00:00:00 176-05:18:45 283 [scsi_tmf_1] - root 0 0 00:02:18 176-05:18:45 289 [kworker/3:1H] - root 0 0 00:05:00 176-05:18:45 294 [kworker/0:1H] - root 0 0 00:02:09 176-05:18:45 301 [kworker/4:1H] - root 0 0 00:34:06 176-05:18:45 302 [jbd2/vda1-8] - root 0 0 00:00:00 176-05:18:45 303 [ext4-rsv-conver] - root 0 0 00:00:18 176-05:18:45 309 [kworker/2:1H] - root 0 0 00:02:16 176-05:18:44 372 [kworker/5:1H] - root 0 0 00:00:34 176-05:18:44 374 [kworker/1:1H] 6:devices:/system.slice/auditd.service,1:name=systemd:/system.slice/auditd.service root 55532 868 00:22:00 176-05:18:43 458 /sbin/auditd 6:devices:/system.slice/dbus.service,1:name=systemd:/system.slice/dbus.service dbus 58296 1992 00:48:55 176-05:18:43 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation - root 0 0 00:03:41 176-05:18:42 671 [loop0] - root 0 0 00:01:23 176-05:18:42 672 [jbd2/loop0-8] - root 0 0 00:00:00 176-05:18:42 673 [ext4-rsv-conver] 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1592 00:00:00 175-03:18:48 1006 nano pdns.conf 6:devices:/system.slice/dnsadmin.service,1:name=systemd:/system.slice/dnsadmin.service root 167292 4200 00:07:09 176-05:18:31 1491 dnsadmin - dormant mode 6:devices:/system.slice/cpdavd.service,1:name=systemd:/system.slice/cpdavd.service root 183660 6584 00:11:59 176-05:18:31 1494 cpdavd - accepting connections on: 2079, 2080, 2091, 2077, 2078 (dormant) 6:devices:/system.slice/tailwatchd.service,1:name=systemd:/system.slice/tailwatchd.service root 206644 19108 00:11:09 176-05:18:31 1495 tailwatchd 6:devices:/system.slice/cphulkd.service,1:name=systemd:/system.slice/cphulkd.service root 189924 12180 00:50:55 176-05:18:31 1497 cPhulkd - processor - root 0 0 00:00:00 48:40 2372 [kworker/u12:1] - root 0 0 00:00:03 1-00:22:10 2993 [kworker/0:2] - root 0 0 00:00:00 08:40:10 3038 [kworker/5:2] - root 0 0 00:00:00 35:10 3510 [kworker/1:2] - root 0 0 00:00:00 25:09 4242 [kworker/5:0] 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service root 12760 1328 00:00:07 6-04:04:57 4502 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service root 12768 1332 00:00:05 6-04:04:57 4503 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovenull 47824 5564 00:00:02 6-04:04:57 4504 dovecot/pop3-login 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovenull 47764 5508 00:00:01 6-04:04:57 4506 dovecot/imap-login 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service root 10436 1500 00:00:02 6-04:04:57 4507 dovecot/log 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovenull 47828 5404 00:00:01 6-04:04:57 4510 dovecot/pop3-login 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovenull 47808 5572 00:00:01 6-04:04:57 4511 dovecot/imap-login 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service root 17892 4920 00:00:07 6-04:04:57 4512 dovecot/config 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovecot 13552 1528 00:00:03 6-04:04:57 4513 dovecot/stats 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service root 53092 11752 00:00:00 6-04:04:57 4514 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect - root 0 0 00:00:04 08:14:09 4714 [kworker/1:1] 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236052 13104 00:00:00 16:44 4741 /usr/sbin/httpd -k start - root 0 0 00:00:00 10:08 5206 [kworker/3:0] 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 235772 12172 00:00:00 02:46 5689 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 235772 12412 00:00:00 02:43 5690 /usr/sbin/httpd -k start 6:devices:/system.slice/ea-php74-php-fpm.service,1:name=systemd:/system.slice/ea-php74-php-fpm.service hicorp 639648 50100 00:00:00 00:08 5833 php-fpm: pool hicorp_vn 6:devices:/system.slice/system-check_mk.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@40602-103.179.190.35:6556-178.62.7.249:54590.service root 113416 1592 00:00:00 00:00 5979 /bin/bash /usr/bin/check_mk_agent 6:devices:/system.slice/system-check_mk.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@40602-103.179.190.35:6556-178.62.7.249:54590.service root 49820 1560 00:00:00 00:00 6002 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 6:devices:/system.slice/cpanel.service,1:name=systemd:/system.slice/cpanel.service root 168184 4792 01:17:46 141-19:55:15 8935 cpsrvd (SSL) - dormant mode - accepting connections 6:devices:/system.slice/atd.service,1:name=systemd:/system.slice/atd.service root 24208 972 00:00:00 131-19:55:48 8955 /usr/sbin/atd -f 6:devices:/system.slice/chronyd.service,1:name=systemd:/system.slice/chronyd.service chrony 103732 1812 00:00:23 131-19:55:02 9620 /usr/sbin/chronyd 6:devices:/system.slice/xinetd.service,1:name=systemd:/system.slice/xinetd.service root 27380 872 00:00:00 131-19:55:01 9667 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 6:devices:/system.slice/system-serial\x2dgetty.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 744 00:00:00 131-19:55:01 9698 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 6:devices:/system.slice/system-getty.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 732 00:00:00 131-19:55:01 9745 /sbin/agetty --noclear tty1 linux 6:devices:/system.slice/acpid.service,1:name=systemd:/system.slice/acpid.service root 4388 456 00:00:00 131-19:54:57 10005 /usr/sbin/acpid 6:devices:/system.slice/crond.service,1:name=systemd:/system.slice/crond.service root 124500 1592 00:01:58 131-19:54:57 10027 /usr/sbin/crond -n 6:devices:/system.slice/pdns.service,1:name=systemd:/system.slice/pdns.service named 735816 10992 00:02:32 15-19:56:07 10057 /usr/sbin/pdns_server --socket-dir=/run/pdns --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no 6:devices:/system.slice/irqbalance.service,1:name=systemd:/system.slice/irqbalance.service root 21540 1108 00:15:17 131-19:54:56 10141 /usr/sbin/irqbalance --foreground 6:devices:/system.slice/queueprocd.service,1:name=systemd:/system.slice/queueprocd.service root 224096 15284 00:01:16 7-19:56:46 10539 queueprocd - waiting up to 60s to process a task 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81876 1240 00:00:00 7-19:56:16 10685 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81876 1732 00:02:39 7-19:56:16 10686 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81876 2152 00:00:00 7-19:56:16 10687 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81876 2156 00:00:00 7-19:56:16 10688 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81876 2152 00:00:00 7-19:56:16 10689 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81876 2208 00:00:56 7-19:56:16 10690 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] 6:devices:/system.slice/nscd.service,1:name=systemd:/system.slice/nscd.service nscd 1467604 2700 00:01:49 7-19:56:09 10914 /usr/sbin/nscd 6:devices:/system.slice/cpanellogd.service,1:name=systemd:/system.slice/cpanellogd.service root 130240 2732 00:00:04 7-19:55:58 11050 cpanellogd - sleeping for logs 6:devices:/system.slice/p0f.service,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 9940 3388 00:29:04 7-19:55:58 11054 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 6:devices:/system.slice/cphulkd.service,1:name=systemd:/system.slice/cphulkd.service root 152564 11232 00:03:36 7-19:55:58 11056 cPhulkd - dbprocessor 6:devices:/system.slice/cpanel_php_fpm.service,1:name=systemd:/system.slice/cpanel_php_fpm.service root 255272 4656 00:00:35 7-19:55:58 11066 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) 6:devices:/system.slice/exim.service,1:name=systemd:/system.slice/exim.service mailnull 86072 12224 00:00:41 15-19:42:07 11597 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 6:devices:/system.slice/ea-php74-php-fpm.service,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 610496 17900 00:01:35 7-19:36:19 12641 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) 6:devices:/system.slice/qemu-guest-agent.service,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 1724 00:00:00 26-19:25:23 13850 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 6:devices:/system.slice/smartd.service,1:name=systemd:/system.slice/smartd.service root 52852 2220 00:00:00 26-19:25:22 13907 /usr/sbin/smartd -n -q never 6:devices:/system.slice/systemd-logind.service,1:name=systemd:/system.slice/systemd-logind.service root 24892 2020 00:04:03 26-19:25:22 13923 /usr/lib/systemd/systemd-logind 6:devices:/system.slice/mariadb.service,1:name=systemd:/system.slice/mariadb.service mysql 2749660 343060 02:37:27 26-19:25:20 13982 /usr/sbin/mysqld 6:devices:/system.slice/rsyslog.service,1:name=systemd:/system.slice/rsyslog.service root 512560 6440 00:07:58 26-19:25:19 14031 /usr/sbin/rsyslogd -n 6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 372000 18740 00:00:38 26-19:25:19 14049 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php 6:devices:/system.slice/wp-toolkit-background-tasks.service,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 382392 29204 00:19:46 26-19:25:19 14064 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service root 51604 2316 00:00:29 26-19:25:18 14084 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovecot 10304 1032 00:00:07 26-19:25:17 14087 dovecot/anvil 6:devices:/system.slice/systemd-udevd.service,1:name=systemd:/system.slice/systemd-udevd.service root 43532 1344 00:00:00 26-19:25:17 14146 /usr/lib/systemd/systemd-udevd 6:devices:/system.slice/rpcbind.service,1:name=systemd:/system.slice/rpcbind.service rpc 69256 1420 00:00:06 26-19:25:17 14163 /sbin/rpcbind -w 6:devices:/system.slice/sshd.service,1:name=systemd:/system.slice/sshd.service root 111284 4300 00:02:27 26-19:25:16 14185 /usr/sbin/sshd -D 6:devices:/system.slice/sw-engine.service,1:name=systemd:/system.slice/sw-engine.service root 365980 10776 00:00:34 26-19:25:16 14203 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 6:devices:/system.slice/systemd-journald.service,1:name=systemd:/system.slice/systemd-journald.service root 40164 5636 00:12:11 26-19:25:16 14218 /usr/lib/systemd/systemd-journald 6:devices:/system.slice/polkit.service,1:name=systemd:/system.slice/polkit.service polkitd 610532 10648 00:02:40 26-19:25:16 14233 /usr/lib/polkit-1/polkitd --no-debug - root 0 0 00:00:00 21:14:10 14826 [kworker/4:1] 6:devices:/system.slice/spamd.service,1:name=systemd:/system.slice/spamd.service root 249128 123880 00:00:58 2-19:43:27 15507 /usr/local/cpanel/3rdparty/perl/532/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 - root 0 0 00:00:00 04:50:00 17696 [kworker/u12:0] 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236160 14212 00:00:00 04:48:01 17746 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236128 14164 00:00:00 03:43:26 21442 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236108 14156 00:00:00 03:43:25 21459 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236116 14144 00:00:00 03:43:25 21468 /usr/sbin/httpd -k start 6:devices:/system.slice/spamd.service,1:name=systemd:/system.slice/spamd.service root 250256 121444 00:00:18 19:32:48 21845 spamd child 6:devices:/system.slice/spamd.service,1:name=systemd:/system.slice/spamd.service root 249128 119788 00:00:00 19:32:48 21846 spamd child 6:devices:/system.slice/pure-authd.service,1:name=systemd:/system.slice/pure-authd.service root 152776 2020 00:00:11 43-19:50:03 22746 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth 6:devices:/system.slice/pure-ftpd.service,1:name=systemd:/system.slice/pure-ftpd.service root 153400 3076 00:00:12 43-19:50:03 22747 pure-ftpd (SERVER) 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236164 14188 00:00:00 03:19:04 22971 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236568 14312 00:00:00 03:18:02 23061 /usr/sbin/httpd -k start - root 0 0 00:00:00 11:12:35 23731 [kworker/3:1] - root 0 0 00:00:00 10:43:32 27047 [kworker/2:2] 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service root 230484 11364 00:02:00 21-19:55:57 27955 /usr/sbin/httpd -k start - root 0 0 00:00:00 01:45:10 29761 [kworker/4:2] - root 0 0 00:00:00 01:44:10 29950 [kworker/2:1] - root 0 0 00:00:00 01:40:10 30370 [kworker/0:0] 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236232 14028 00:00:00 01:32:49 31048 /usr/sbin/httpd -k start 6:devices:/system.slice/memcached.service,1:name=systemd:/system.slice/memcached.service memcached 80044 1612 00:06:28 89-19:55:50 32186 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2022-09-29 14:15 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadf7826f2b1Found public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2745.scope static session-411030.scope static acpid.service enabled aibolit-resident.service enabled alt-php-internal-fpm.service disabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-rquotad.service disabled nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-rquotad.service disabled rpcbind.service enabled rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 302 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2745.scope loaded active abandoned Session 2745 of user root session-411030.scope loaded active running Session 411030 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK check_mk@37462-103.179.190.35:6556-104.200.20.186:46494.service loaded activating start start Check_MK (104.200.20.186:46494) * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.36 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WordPress Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WordPress Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191252 3928 03:46:24 163-09:14:51 1 /usr/lib/systemd/systemd --system --deserialize 24 - root 0 0 00:00:01 163-09:14:51 2 [kthreadd] - root 0 0 00:00:00 163-09:14:51 4 [kworker/0:0H] - root 0 0 00:00:29 163-09:14:51 6 [ksoftirqd/0] - root 0 0 00:00:06 163-09:14:51 7 [migration/0] - root 0 0 00:00:00 163-09:14:51 8 [rcu_bh] - root 0 0 03:20:39 163-09:14:51 9 [rcu_sched] - root 0 0 00:00:00 163-09:14:51 10 [lru-add-drain] - root 0 0 00:01:01 163-09:14:51 11 [watchdog/0] - root 0 0 00:00:57 163-09:14:51 12 [watchdog/1] - root 0 0 00:01:13 163-09:14:51 13 [migration/1] - root 0 0 00:00:24 163-09:14:51 14 [ksoftirqd/1] - root 0 0 00:00:00 163-09:14:51 16 [kworker/1:0H] - root 0 0 00:00:53 163-09:14:51 17 [watchdog/2] - root 0 0 00:00:09 163-09:14:51 18 [migration/2] - root 0 0 00:00:22 163-09:14:51 19 [ksoftirqd/2] - root 0 0 00:00:00 163-09:14:51 21 [kworker/2:0H] - root 0 0 00:00:52 163-09:14:51 22 [watchdog/3] - root 0 0 00:00:08 163-09:14:51 23 [migration/3] - root 0 0 00:00:36 163-09:14:51 24 [ksoftirqd/3] - root 0 0 00:00:00 163-09:14:51 26 [kworker/3:0H] - root 0 0 00:00:50 163-09:14:51 27 [watchdog/4] - root 0 0 00:00:43 163-09:14:51 28 [migration/4] - root 0 0 00:00:44 163-09:14:51 29 [ksoftirqd/4] - root 0 0 00:00:00 163-09:14:51 31 [kworker/4:0H] - root 0 0 00:00:57 163-09:14:51 32 [watchdog/5] - root 0 0 00:00:10 163-09:14:51 33 [migration/5] - root 0 0 00:04:24 163-09:14:51 34 [ksoftirqd/5] - root 0 0 00:00:00 163-09:14:51 36 [kworker/5:0H] - root 0 0 00:00:00 163-09:14:51 38 [kdevtmpfs] - root 0 0 00:00:00 163-09:14:51 39 [netns] - root 0 0 00:00:06 163-09:14:51 40 [khungtaskd] - root 0 0 00:00:00 163-09:14:51 41 [writeback] - root 0 0 00:00:00 163-09:14:51 42 [kintegrityd] - root 0 0 00:00:00 163-09:14:51 43 [bioset] - root 0 0 00:00:00 163-09:14:51 44 [bioset] - root 0 0 00:00:00 163-09:14:51 45 [bioset] - root 0 0 00:00:00 163-09:14:51 46 [kblockd] - root 0 0 00:00:00 163-09:14:51 47 [md] - root 0 0 00:00:00 163-09:14:51 48 [edac-poller] - root 0 0 00:00:00 163-09:14:51 49 [watchdogd] - root 0 0 00:02:51 163-09:14:51 55 [kswapd0] - root 0 0 00:00:00 163-09:14:51 56 [ksmd] - root 0 0 00:00:32 163-09:14:51 57 [khugepaged] - root 0 0 00:00:00 163-09:14:51 58 [crypto] - root 0 0 00:00:00 163-09:14:51 66 [kthrotld] - root 0 0 00:00:00 163-09:14:51 68 [kmpath_rdacd] - root 0 0 00:00:00 163-09:14:51 69 [kaluad] - root 0 0 00:00:00 163-09:14:51 70 [kpsmoused] - root 0 0 00:00:00 163-09:14:50 72 [ipv6_addrconf] - root 0 0 00:00:00 163-09:14:50 86 [deferwq] - root 0 0 00:09:35 163-09:14:50 197 [kauditd] - root 0 0 00:00:00 163-09:14:50 262 [ata_sff] - root 0 0 00:00:00 163-09:14:50 276 [ttm_swap] - root 0 0 00:00:00 163-09:14:50 280 [scsi_eh_0] - root 0 0 00:00:00 163-09:14:50 281 [scsi_tmf_0] - root 0 0 00:00:00 163-09:14:50 282 [scsi_eh_1] - root 0 0 00:00:00 163-09:14:50 283 [scsi_tmf_1] - root 0 0 00:02:08 163-09:14:50 289 [kworker/3:1H] - root 0 0 00:04:34 163-09:14:50 294 [kworker/0:1H] - root 0 0 00:01:59 163-09:14:50 301 [kworker/4:1H] - root 0 0 00:31:19 163-09:14:50 302 [jbd2/vda1-8] - root 0 0 00:00:00 163-09:14:50 303 [ext4-rsv-conver] - root 0 0 00:00:16 163-09:14:50 309 [kworker/2:1H] - root 0 0 00:02:06 163-09:14:49 372 [kworker/5:1H] - root 0 0 00:00:31 163-09:14:49 374 [kworker/1:1H] 6:devices:/system.slice/auditd.service,1:name=systemd:/system.slice/auditd.service root 55532 868 00:20:36 163-09:14:48 458 /sbin/auditd 6:devices:/system.slice/dbus.service,1:name=systemd:/system.slice/dbus.service dbus 58296 1660 00:44:56 163-09:14:48 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation - root 0 0 00:03:25 163-09:14:47 671 [loop0] - root 0 0 00:01:16 163-09:14:47 672 [jbd2/loop0-8] - root 0 0 00:00:00 163-09:14:47 673 [ext4-rsv-conver] - root 0 0 00:00:00 09:51:14 677 [kworker/5:1] 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1592 00:00:00 162-07:14:53 1006 nano pdns.conf 6:devices:/system.slice/dnsadmin.service,1:name=systemd:/system.slice/dnsadmin.service root 167292 4204 00:06:35 163-09:14:36 1491 dnsadmin - dormant mode 6:devices:/system.slice/cpdavd.service,1:name=systemd:/system.slice/cpdavd.service root 183660 6592 00:10:51 163-09:14:36 1494 cpdavd - accepting connections on: 2079, 2080, 2091, 2077, 2078 (dormant) 6:devices:/system.slice/tailwatchd.service,1:name=systemd:/system.slice/tailwatchd.service root 206612 19472 00:10:04 163-09:14:36 1495 tailwatchd 6:devices:/system.slice/cphulkd.service,1:name=systemd:/system.slice/cphulkd.service root 189920 12668 00:47:38 163-09:14:36 1497 cPhulkd - processor - root 0 0 00:00:00 01:40:01 5077 [kworker/2:1] - root 0 0 00:00:00 01:40:01 5121 [kworker/4:1] 6:devices:/system.slice/spamd.service,1:name=systemd:/system.slice/spamd.service root 249248 124012 00:00:21 23:20:00 5889 /usr/local/cpanel/3rdparty/perl/532/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 - root 0 0 00:00:00 01:31:15 6012 [kworker/1:2] 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 235896 14244 00:00:01 08:23:02 6719 /usr/sbin/httpd -k start 6:devices:/system.slice/spamd.service,1:name=systemd:/system.slice/spamd.service root 250420 121648 00:00:06 23:05:52 6837 spamd child 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81876 1236 00:00:00 17-23:52:46 7631 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81876 1720 00:06:00 17-23:52:46 7632 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81876 2156 00:00:00 17-23:52:46 7633 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81876 2156 00:00:00 17-23:52:46 7634 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81876 2156 00:00:00 17-23:52:46 7635 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81876 2192 00:02:07 17-23:52:46 7636 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] - root 0 0 00:00:00 01:01:14 8254 [kworker/3:0] - root 0 0 00:00:00 54:29 8625 [kworker/u12:2] 6:devices:/system.slice/cpanel.service,1:name=systemd:/system.slice/cpanel.service root 254620 28544 01:10:08 128-23:51:20 8935 cpsrvd (SSL) - waiting for connections 6:devices:/system.slice/atd.service,1:name=systemd:/system.slice/atd.service root 24208 948 00:00:00 118-23:51:53 8955 /usr/sbin/atd -f - root 0 0 00:00:00 39:58 9523 [kworker/2:2] 6:devices:/system.slice/chronyd.service,1:name=systemd:/system.slice/chronyd.service chrony 103732 1748 00:00:20 118-23:51:07 9620 /usr/sbin/chronyd 6:devices:/system.slice/xinetd.service,1:name=systemd:/system.slice/xinetd.service root 27380 872 00:00:00 118-23:51:06 9667 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 6:devices:/system.slice/system-serial\x2dgetty.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 760 00:00:00 118-23:51:06 9698 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 6:devices:/system.slice/system-getty.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 736 00:00:00 118-23:51:06 9745 /sbin/agetty --noclear tty1 linux 6:devices:/system.slice/acpid.service,1:name=systemd:/system.slice/acpid.service root 4388 456 00:00:00 118-23:51:02 10005 /usr/sbin/acpid 6:devices:/system.slice/crond.service,1:name=systemd:/system.slice/crond.service root 124500 1608 00:01:46 118-23:51:02 10027 /usr/sbin/crond -n 6:devices:/system.slice/pdns.service,1:name=systemd:/system.slice/pdns.service named 663088 9808 00:00:27 2-23:52:12 10057 /usr/sbin/pdns_server --socket-dir=/run/pdns --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no 6:devices:/system.slice/queueprocd.service,1:name=systemd:/system.slice/queueprocd.service root 223840 17048 00:00:30 2-23:52:11 10073 queueprocd - waiting up to 60s to process a task 6:devices:/system.slice/irqbalance.service,1:name=systemd:/system.slice/irqbalance.service root 21540 1108 00:13:43 118-23:51:01 10141 /usr/sbin/irqbalance --foreground - root 0 0 00:00:00 21:15 10811 [kworker/5:2] 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-411030.scope root 185000 2584 00:00:00 11:14 11366 /usr/sbin/CROND -n 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-411030.scope root 113280 1208 00:00:00 11:14 11371 /bin/sh -c sleep $((1 + RANDOM % 5))h $((1 + RANDOM % 60))m; /usr/local/bin/wp-toolkit update-configuration > /dev/null 2> /dev/null || /usr/local/cpanel/3rdparty/wp-toolkit/bin/wp-toolkit-installer.sh --generate-configs > /dev/null 2> /dev/null; /usr/bin/yum -y update wp-toolkit-cpanel > /dev/null 2> /dev/null 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-411030.scope root 108052 360 00:00:00 11:14 11375 sleep 4h 19m - root 0 0 00:00:00 11:14 11387 [kworker/0:1] 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service root 12752 1416 00:00:05 2-23:38:15 11438 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service root 12764 1428 00:00:04 2-23:38:15 11439 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service root 53088 11756 00:00:00 2-23:38:15 11440 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect 6:devices:/system.slice/nscd.service,1:name=systemd:/system.slice/nscd.service nscd 1400016 2648 00:00:41 2-23:38:14 11523 /usr/sbin/nscd 6:devices:/system.slice/exim.service,1:name=systemd:/system.slice/exim.service mailnull 85944 9112 00:00:14 2-23:38:12 11597 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid - root 0 0 00:00:00 14:31:14 11630 [kworker/3:1] 6:devices:/system.slice/p0f.service,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 10100 3620 00:11:15 2-23:38:12 11694 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 6:devices:/system.slice/cpanellogd.service,1:name=systemd:/system.slice/cpanellogd.service root 130240 2756 00:00:01 2-23:38:12 11697 cpanellogd - sleeping for logs 6:devices:/system.slice/cphulkd.service,1:name=systemd:/system.slice/cphulkd.service root 152504 11184 00:01:13 2-23:38:12 11703 cPhulkd - dbprocessor 6:devices:/system.slice/cpanel_php_fpm.service,1:name=systemd:/system.slice/cpanel_php_fpm.service root 255272 5224 00:00:13 2-23:38:11 11742 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovecot 41104 2968 00:00:00 01:31 11907 dovecot/auth 6:devices:/system.slice/ea-php74-php-fpm.service,1:name=systemd:/system.slice/ea-php74-php-fpm.service hanoigroup 707820 70048 00:00:02 00:33 12049 php-fpm: pool hanoigroup_vn 6:devices:/system.slice/ea-php74-php-fpm.service,1:name=systemd:/system.slice/ea-php74-php-fpm.service hanoigroup 634080 67912 00:00:01 00:30 12050 php-fpm: pool hanoigroup_vn 6:devices:/system.slice/exim.service,1:name=systemd:/system.slice/exim.service mailnull 86072 8552 00:00:00 00:22 12057 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 6:devices:/system.slice/ea-php74-php-fpm.service,1:name=systemd:/system.slice/ea-php74-php-fpm.service hicorp 617504 41872 00:00:00 00:11 12077 php-fpm: pool hicorp_vn 6:devices:/system.slice/exim.service,1:name=systemd:/system.slice/exim.service mailnull 86072 8552 00:00:00 00:03 12079 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 6:devices:/system.slice/system-check_mk.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@37462-103.179.190.35:6556-104.200.20.186:46494.service root 113560 1864 00:00:00 00:00 12219 /bin/bash /usr/bin/check_mk_agent 6:devices:/system.slice/system-check_mk.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@37462-103.179.190.35:6556-104.200.20.186:46494.service root 49820 1564 00:00:00 00:00 12242 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 6:devices:/system.slice/qemu-guest-agent.service,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 1724 00:00:00 13-23:21:28 13850 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 6:devices:/system.slice/smartd.service,1:name=systemd:/system.slice/smartd.service root 52852 2300 00:00:00 13-23:21:27 13907 /usr/sbin/smartd -n -q never 6:devices:/system.slice/systemd-logind.service,1:name=systemd:/system.slice/systemd-logind.service root 24892 2024 00:02:03 13-23:21:27 13923 /usr/lib/systemd/systemd-logind 6:devices:/system.slice/mariadb.service,1:name=systemd:/system.slice/mariadb.service mysql 2749660 292412 01:20:07 13-23:21:25 13982 /usr/sbin/mysqld 6:devices:/system.slice/rsyslog.service,1:name=systemd:/system.slice/rsyslog.service root 520796 11856 00:04:04 13-23:21:24 14031 /usr/sbin/rsyslogd -n 6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 372000 19064 00:00:18 13-23:21:24 14049 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php 6:devices:/system.slice/wp-toolkit-background-tasks.service,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 382392 29248 00:10:11 13-23:21:24 14064 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service root 51604 2296 00:00:14 13-23:21:23 14084 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovecot 10304 1032 00:00:03 13-23:21:22 14087 dovecot/anvil 6:devices:/system.slice/systemd-udevd.service,1:name=systemd:/system.slice/systemd-udevd.service root 43532 1344 00:00:00 13-23:21:22 14146 /usr/lib/systemd/systemd-udevd 6:devices:/system.slice/rpcbind.service,1:name=systemd:/system.slice/rpcbind.service rpc 69256 1444 00:00:03 13-23:21:22 14163 /sbin/rpcbind -w 6:devices:/system.slice/sshd.service,1:name=systemd:/system.slice/sshd.service root 111284 4300 00:01:14 13-23:21:21 14185 /usr/sbin/sshd -D 6:devices:/system.slice/sw-engine.service,1:name=systemd:/system.slice/sw-engine.service root 365980 10820 00:00:16 13-23:21:21 14203 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 6:devices:/system.slice/systemd-journald.service,1:name=systemd:/system.slice/systemd-journald.service root 48356 14328 00:06:08 13-23:21:21 14218 /usr/lib/systemd/systemd-journald 6:devices:/system.slice/polkit.service,1:name=systemd:/system.slice/polkit.service polkitd 610532 10652 00:01:22 13-23:21:21 14233 /usr/lib/polkit-1/polkitd --no-debug 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 235912 14488 00:00:02 13:49:24 14896 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 235892 14148 00:00:01 06:21:15 15895 /usr/sbin/httpd -k start 6:devices:/system.slice/spamd.service,1:name=systemd:/system.slice/spamd.service root 249248 119892 00:00:00 05:36:21 19815 spamd child - root 0 0 00:00:00 1-02:51:14 22003 [kworker/4:0] 6:devices:/system.slice/pure-authd.service,1:name=systemd:/system.slice/pure-authd.service root 152776 2036 00:00:07 30-23:46:08 22746 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth 6:devices:/system.slice/pure-ftpd.service,1:name=systemd:/system.slice/pure-ftpd.service root 153400 3084 00:00:07 30-23:46:08 22747 pure-ftpd (SERVER) 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovenull 47408 4708 00:00:02 7-02:35:00 23039 dovecot/pop3-login 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovenull 47136 4756 00:00:02 7-02:35:00 23040 dovecot/imap-login 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service root 10436 1216 00:00:02 7-02:35:00 23041 dovecot/log 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovenull 47408 4860 00:00:01 7-02:35:00 23042 dovecot/pop3-login 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovenull 47412 4988 00:00:01 7-02:35:00 23043 dovecot/imap-login 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service root 17760 4616 00:00:08 7-02:35:00 23044 dovecot/config 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovecot 13552 1240 00:00:03 7-02:35:00 23045 dovecot/stats 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 235912 14364 00:00:02 12:00:24 23502 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 235800 13896 00:00:01 04:31:48 24622 /usr/sbin/httpd -k start - root 0 0 00:00:02 18:28:15 25460 [kworker/0:0] 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236176 14532 00:00:02 11:22:38 26027 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 235928 14372 00:00:02 11:22:38 26028 /usr/sbin/httpd -k start - root 0 0 00:00:02 04:11:15 26201 [kworker/1:1] 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service root 230124 12472 00:00:49 8-23:52:02 27955 /usr/sbin/httpd -k start 6:devices:/system.slice/ea-php74-php-fpm.service,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 610488 17548 00:01:56 8-23:51:58 27990 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) - root 0 0 00:00:00 03:25:12 29578 [kworker/u12:0] 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 235948 14360 00:00:02 10:24:21 30677 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236276 14568 00:00:02 10:24:20 30683 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 235912 14320 00:00:02 10:24:20 30684 /usr/sbin/httpd -k start 6:devices:/system.slice/memcached.service,1:name=systemd:/system.slice/memcached.service memcached 80044 1612 00:05:32 76-23:51:55 32186 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2022-09-16 18:11 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadffb9e0b0cFound public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-2745.scope static acpid.service enabled aibolit-resident.service enabled alt-php-internal-fpm.service disabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-rquotad.service disabled nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-rquotad.service disabled rpcbind.service enabled rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 301 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-sys-fs-binfmt_misc.mount loaded inactive dead Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK check_mk@36630-103.179.190.35:6556-178.79.186.216:38272.service loaded activating start start Check_MK (178.79.186.216:38272) * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.36 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WordPress Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WordPress Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191248 3832 03:41:36 159-03:02:49 1 /usr/lib/systemd/systemd --system --deserialize 24 - root 0 0 00:00:01 159-03:02:49 2 [kthreadd] - root 0 0 00:00:00 159-03:02:49 4 [kworker/0:0H] - root 0 0 00:00:28 159-03:02:49 6 [ksoftirqd/0] - root 0 0 00:00:06 159-03:02:49 7 [migration/0] - root 0 0 00:00:00 159-03:02:49 8 [rcu_bh] - root 0 0 03:16:15 159-03:02:49 9 [rcu_sched] - root 0 0 00:00:00 159-03:02:49 10 [lru-add-drain] - root 0 0 00:00:59 159-03:02:49 11 [watchdog/0] - root 0 0 00:00:55 159-03:02:49 12 [watchdog/1] - root 0 0 00:01:12 159-03:02:49 13 [migration/1] - root 0 0 00:00:23 159-03:02:49 14 [ksoftirqd/1] - root 0 0 00:00:00 159-03:02:49 16 [kworker/1:0H] - root 0 0 00:00:51 159-03:02:49 17 [watchdog/2] - root 0 0 00:00:09 159-03:02:49 18 [migration/2] - root 0 0 00:00:21 159-03:02:49 19 [ksoftirqd/2] - root 0 0 00:00:00 159-03:02:49 21 [kworker/2:0H] - root 0 0 00:00:50 159-03:02:49 22 [watchdog/3] - root 0 0 00:00:08 159-03:02:49 23 [migration/3] - root 0 0 00:00:34 159-03:02:49 24 [ksoftirqd/3] - root 0 0 00:00:00 159-03:02:49 26 [kworker/3:0H] - root 0 0 00:00:49 159-03:02:49 27 [watchdog/4] - root 0 0 00:00:42 159-03:02:49 28 [migration/4] - root 0 0 00:00:42 159-03:02:49 29 [ksoftirqd/4] - root 0 0 00:00:00 159-03:02:49 31 [kworker/4:0H] - root 0 0 00:00:55 159-03:02:49 32 [watchdog/5] - root 0 0 00:00:10 159-03:02:49 33 [migration/5] - root 0 0 00:04:15 159-03:02:49 34 [ksoftirqd/5] - root 0 0 00:00:00 159-03:02:49 36 [kworker/5:0H] - root 0 0 00:00:00 159-03:02:49 38 [kdevtmpfs] - root 0 0 00:00:00 159-03:02:49 39 [netns] - root 0 0 00:00:06 159-03:02:49 40 [khungtaskd] - root 0 0 00:00:00 159-03:02:49 41 [writeback] - root 0 0 00:00:00 159-03:02:49 42 [kintegrityd] - root 0 0 00:00:00 159-03:02:49 43 [bioset] - root 0 0 00:00:00 159-03:02:49 44 [bioset] - root 0 0 00:00:00 159-03:02:49 45 [bioset] - root 0 0 00:00:00 159-03:02:49 46 [kblockd] - root 0 0 00:00:00 159-03:02:49 47 [md] - root 0 0 00:00:00 159-03:02:49 48 [edac-poller] - root 0 0 00:00:00 159-03:02:49 49 [watchdogd] - root 0 0 00:02:50 159-03:02:49 55 [kswapd0] - root 0 0 00:00:00 159-03:02:49 56 [ksmd] - root 0 0 00:00:31 159-03:02:49 57 [khugepaged] - root 0 0 00:00:00 159-03:02:49 58 [crypto] - root 0 0 00:00:00 159-03:02:49 66 [kthrotld] - root 0 0 00:00:00 159-03:02:49 68 [kmpath_rdacd] - root 0 0 00:00:00 159-03:02:49 69 [kaluad] - root 0 0 00:00:00 159-03:02:49 70 [kpsmoused] - root 0 0 00:00:00 159-03:02:48 72 [ipv6_addrconf] - root 0 0 00:00:00 159-03:02:48 86 [deferwq] - root 0 0 00:09:22 159-03:02:48 197 [kauditd] - root 0 0 00:00:00 159-03:02:48 262 [ata_sff] - root 0 0 00:00:00 159-03:02:48 276 [ttm_swap] - root 0 0 00:00:00 159-03:02:48 280 [scsi_eh_0] - root 0 0 00:00:00 159-03:02:48 281 [scsi_tmf_0] - root 0 0 00:00:00 159-03:02:48 282 [scsi_eh_1] - root 0 0 00:00:00 159-03:02:48 283 [scsi_tmf_1] - root 0 0 00:02:05 159-03:02:48 289 [kworker/3:1H] - root 0 0 00:04:26 159-03:02:48 294 [kworker/0:1H] - root 0 0 00:01:56 159-03:02:48 301 [kworker/4:1H] - root 0 0 00:30:21 159-03:02:48 302 [jbd2/vda1-8] - root 0 0 00:00:00 159-03:02:48 303 [ext4-rsv-conver] - root 0 0 00:00:16 159-03:02:48 309 [kworker/2:1H] - root 0 0 00:02:03 159-03:02:47 372 [kworker/5:1H] - root 0 0 00:00:30 159-03:02:47 374 [kworker/1:1H] 6:devices:/system.slice/system-check_mk.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@36630-103.179.190.35:6556-178.79.186.216:38272.service root 113416 1592 00:00:00 00:00 375 /bin/bash /usr/bin/check_mk_agent 6:devices:/system.slice/system-check_mk.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@36630-103.179.190.35:6556-178.79.186.216:38272.service root 49820 1560 00:00:00 00:00 399 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 6:devices:/system.slice/auditd.service,1:name=systemd:/system.slice/auditd.service root 55532 868 00:20:08 159-03:02:46 458 /sbin/auditd 6:devices:/system.slice/dbus.service,1:name=systemd:/system.slice/dbus.service dbus 58296 1660 00:43:41 159-03:02:46 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation - root 0 0 00:03:19 159-03:02:45 671 [loop0] - root 0 0 00:01:14 159-03:02:45 672 [jbd2/loop0-8] - root 0 0 00:00:00 159-03:02:45 673 [ext4-rsv-conver] 6:devices:/system.slice/cpanellogd.service,1:name=systemd:/system.slice/cpanellogd.service root 130240 2772 00:00:09 17-17:39:32 720 cpanellogd - sleeping for logs 6:devices:/system.slice/p0f.service,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 9972 3416 01:09:36 17-17:39:32 725 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1592 00:00:00 158-01:02:51 1006 nano pdns.conf 6:devices:/system.slice/dnsadmin.service,1:name=systemd:/system.slice/dnsadmin.service root 167288 4200 00:06:25 159-03:02:34 1491 dnsadmin - dormant mode 6:devices:/system.slice/cpdavd.service,1:name=systemd:/system.slice/cpdavd.service root 183644 6576 00:10:34 159-03:02:34 1494 cpdavd - accepting connections on: 2079, 2080, 2091, 2077, 2078 (dormant) 6:devices:/system.slice/tailwatchd.service,1:name=systemd:/system.slice/tailwatchd.service root 206664 19328 00:09:30 159-03:02:34 1495 tailwatchd 6:devices:/system.slice/cphulkd.service,1:name=systemd:/system.slice/cphulkd.service root 189808 12176 00:46:33 159-03:02:34 1497 cPhulkd - processor - root 0 0 00:00:00 06:49:11 1738 [kworker/5:0] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81876 1236 00:00:00 13-17:40:44 7631 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81876 1720 00:04:36 13-17:40:44 7632 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81876 2148 00:00:00 13-17:40:44 7633 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81876 2124 00:00:00 13-17:40:44 7634 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81876 2148 00:00:00 13-17:40:44 7635 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 81876 2192 00:01:37 13-17:40:44 7636 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] 6:devices:/system.slice/cpanel.service,1:name=systemd:/system.slice/cpanel.service root 254488 28496 01:07:32 124-17:39:18 8935 cpsrvd (SSL) - waiting for connections 6:devices:/system.slice/atd.service,1:name=systemd:/system.slice/atd.service root 24208 736 00:00:00 114-17:39:51 8955 /usr/sbin/atd -f 6:devices:/system.slice/chronyd.service,1:name=systemd:/system.slice/chronyd.service chrony 103732 1752 00:00:19 114-17:39:05 9620 /usr/sbin/chronyd 6:devices:/system.slice/xinetd.service,1:name=systemd:/system.slice/xinetd.service root 27380 872 00:00:00 114-17:39:04 9667 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 6:devices:/system.slice/system-serial\x2dgetty.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 760 00:00:00 114-17:39:04 9698 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 6:devices:/system.slice/system-getty.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 736 00:00:00 114-17:39:04 9745 /sbin/agetty --noclear tty1 linux 6:devices:/system.slice/acpid.service,1:name=systemd:/system.slice/acpid.service root 4388 456 00:00:00 114-17:39:00 10005 /usr/sbin/acpid 6:devices:/system.slice/crond.service,1:name=systemd:/system.slice/crond.service root 124500 1608 00:01:42 114-17:39:00 10027 /usr/sbin/crond -n 6:devices:/system.slice/irqbalance.service,1:name=systemd:/system.slice/irqbalance.service root 21540 1108 00:13:14 114-17:38:59 10141 /usr/sbin/irqbalance --foreground 6:devices:/system.slice/qemu-guest-agent.service,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 1724 00:00:00 9-17:09:26 13850 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 6:devices:/system.slice/pdns.service,1:name=systemd:/system.slice/pdns.service named 663088 10380 00:01:30 9-17:09:25 13886 /usr/sbin/pdns_server --socket-dir=/run/pdns --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no 6:devices:/system.slice/smartd.service,1:name=systemd:/system.slice/smartd.service root 52852 2300 00:00:00 9-17:09:25 13907 /usr/sbin/smartd -n -q never 6:devices:/system.slice/systemd-logind.service,1:name=systemd:/system.slice/systemd-logind.service root 24556 1648 00:01:26 9-17:09:25 13923 /usr/lib/systemd/systemd-logind 6:devices:/system.slice/mariadb.service,1:name=systemd:/system.slice/mariadb.service mysql 2749660 291136 00:49:32 9-17:09:23 13982 /usr/sbin/mysqld 6:devices:/system.slice/rsyslog.service,1:name=systemd:/system.slice/rsyslog.service root 523480 10180 00:02:45 9-17:09:22 14031 /usr/sbin/rsyslogd -n 6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 372000 19064 00:00:12 9-17:09:22 14049 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php 6:devices:/system.slice/wp-toolkit-background-tasks.service,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 382392 29248 00:07:07 9-17:09:22 14064 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service root 51604 2296 00:00:09 9-17:09:21 14084 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovecot 10304 1032 00:00:02 9-17:09:20 14087 dovecot/anvil 6:devices:/system.slice/nscd.service,1:name=systemd:/system.slice/nscd.service nscd 1467604 2676 00:02:06 9-17:09:20 14122 /usr/sbin/nscd 6:devices:/system.slice/systemd-udevd.service,1:name=systemd:/system.slice/systemd-udevd.service root 43532 1344 00:00:00 9-17:09:20 14146 /usr/lib/systemd/systemd-udevd 6:devices:/system.slice/rpcbind.service,1:name=systemd:/system.slice/rpcbind.service rpc 69256 1448 00:00:02 9-17:09:20 14163 /sbin/rpcbind -w 6:devices:/system.slice/sshd.service,1:name=systemd:/system.slice/sshd.service root 111284 4300 00:00:48 9-17:09:19 14185 /usr/sbin/sshd -D 6:devices:/system.slice/sw-engine.service,1:name=systemd:/system.slice/sw-engine.service root 365980 10820 00:00:11 9-17:09:19 14203 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 6:devices:/system.slice/systemd-journald.service,1:name=systemd:/system.slice/systemd-journald.service root 48348 10340 00:04:04 9-17:09:19 14218 /usr/lib/systemd/systemd-journald 6:devices:/system.slice/polkit.service,1:name=systemd:/system.slice/polkit.service polkitd 610532 10652 00:00:57 9-17:09:19 14233 /usr/lib/polkit-1/polkitd --no-debug - root 0 0 00:00:00 03:59:11 14490 [kworker/2:2] 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 235836 13960 00:00:00 03:54:41 14814 /usr/sbin/httpd -k start - root 0 0 00:00:00 17:59:08 15446 [kworker/2:0] 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 235916 14000 00:00:00 03:43:22 15779 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 235828 13900 00:00:00 03:28:59 16767 /usr/sbin/httpd -k start 6:devices:/system.slice/cphulkd.service,1:name=systemd:/system.slice/cphulkd.service root 152192 10904 00:01:42 4-20:19:05 16784 cPhulkd - dbprocessor - root 0 0 00:00:00 10:26:50 17125 [kworker/u12:0] 6:devices:/system.slice/spamd.service,1:name=systemd:/system.slice/spamd.service root 249168 123908 00:00:17 17:17:23 18148 /usr/local/cpanel/3rdparty/perl/532/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 235856 13776 00:00:00 03:07:55 18229 /usr/sbin/httpd -k start 6:devices:/system.slice/spamd.service,1:name=systemd:/system.slice/spamd.service root 250324 121500 00:00:15 17:04:20 19083 spamd child 6:devices:/system.slice/spamd.service,1:name=systemd:/system.slice/spamd.service root 249168 119780 00:00:00 17:04:20 19084 spamd child 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 235860 13824 00:00:00 02:55:15 19225 /usr/sbin/httpd -k start - root 0 0 00:00:00 02:29:11 21473 [kworker/0:0] 6:devices:/system.slice/exim.service,1:name=systemd:/system.slice/exim.service mailnull 85956 12044 00:00:49 26-17:34:06 22725 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 6:devices:/system.slice/pure-authd.service,1:name=systemd:/system.slice/pure-authd.service root 152776 2036 00:00:06 26-17:34:06 22746 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth 6:devices:/system.slice/pure-ftpd.service,1:name=systemd:/system.slice/pure-ftpd.service root 153400 3084 00:00:06 26-17:34:06 22747 pure-ftpd (SERVER) - root 0 0 00:00:00 02:09:11 22995 [kworker/5:2] 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service root 12752 1356 00:00:03 2-20:22:58 23029 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service root 12760 1364 00:00:02 2-20:22:58 23030 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service root 53092 11756 00:00:00 2-20:22:58 23031 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovenull 47408 4744 00:00:00 2-20:22:58 23039 dovecot/pop3-login 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovenull 47136 4532 00:00:00 2-20:22:58 23040 dovecot/imap-login 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service root 10436 1216 00:00:01 2-20:22:58 23041 dovecot/log 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovenull 47408 4636 00:00:00 2-20:22:58 23042 dovecot/pop3-login 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovenull 47412 4780 00:00:00 2-20:22:58 23043 dovecot/imap-login 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service root 17760 4616 00:00:03 2-20:22:58 23044 dovecot/config 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovecot 13552 1240 00:00:01 2-20:22:58 23045 dovecot/stats - root 0 0 00:00:00 01:59:11 23723 [kworker/4:1] 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 236220 13872 00:00:00 01:57:29 23895 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 235784 13704 00:00:00 01:56:37 23948 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 235860 13660 00:00:00 01:56:22 23959 /usr/sbin/httpd -k start - root 0 0 00:00:00 23:14:10 24599 [kworker/4:0] 6:devices:/system.slice/cpanel_php_fpm.service,1:name=systemd:/system.slice/cpanel_php_fpm.service root 255272 4640 00:00:59 12-15:51:47 25841 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) - root 0 0 00:00:00 01:05:12 27557 [kworker/1:0] - root 0 0 00:00:00 59:11 27939 [kworker/3:1] 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service root 230124 11268 00:00:26 4-17:40:00 27955 /usr/sbin/httpd -k start 6:devices:/system.slice/ea-php74-php-fpm.service,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 610488 17548 00:00:58 4-17:39:56 27990 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) - root 0 0 00:00:00 44:30 29019 [kworker/u12:2] - root 0 0 00:00:00 14:49:11 29416 [kworker/3:2] - root 0 0 00:00:00 19:11 31238 [kworker/1:2] 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 235564 12236 00:00:00 13:02 31850 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 235540 12024 00:00:00 13:01 31852 /usr/sbin/httpd -k start - root 0 0 00:00:00 09:11 32048 [kworker/0:2] 6:devices:/system.slice/memcached.service,1:name=systemd:/system.slice/memcached.service memcached 80044 1612 00:05:13 72-17:39:53 32186 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 - root 0 0 00:00:00 04:25 32345 [kworker/u12:1] 6:devices:/system.slice/queueprocd.service,1:name=systemd:/system.slice/queueprocd.service root 222456 14616 00:02:35 17-17:40:49 32432 queueprocd - waiting up to 60s to process a task 6:devices:/system.slice/exim.service,1:name=systemd:/system.slice/exim.service mailnull 86084 8548 00:00:00 00:33 32685 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 6:devices:/system.slice/exim.service,1:name=systemd:/system.slice/exim.service mailnull 86084 8548 00:00:00 00:10 32694 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 6:devices:/system.slice/sshd.service,1:name=systemd:/system.slice/sshd.service root 157096 5108 00:00:00 00:03 32695 sshd: unknown [priv] 6:devices:/system.slice/sshd.service,1:name=systemd:/system.slice/sshd.service sshd 111284 2220 00:00:00 00:02 32696 sshd: unknown [net] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2022-09-12 11:57 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb057506db601760fc1bb7d7d0b7c3eadf70e4b7c1Found public CheckMk agent: Version: 1.6.0p27 AgentOS: linux Hostname: vps1.hicorp.vn AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local Found Systemd service list through CheckMk: [list-unit-files] UNIT FILE STATE proc-sys-fs-binfmt_misc.automount static dev-hugepages.mount static dev-mqueue.mount static proc-sys-fs-binfmt_misc.mount static sys-fs-fuse-connections.mount static sys-kernel-config.mount static sys-kernel-debug.mount static tmp.mount disabled brandbot.path disabled systemd-ask-password-console.path static systemd-ask-password-plymouth.path static systemd-ask-password-wall.path static session-182127.scope static session-2745.scope static acpid.service enabled aibolit-resident.service enabled alt-php-internal-fpm.service disabled apache_php_fpm.service static arp-ethers.service disabled atd.service enabled auditd.service enabled autovt@.service enabled blk-availability.service disabled brandbot.service static check_mk@.service static chrony-dnssrv@.service static chrony-wait.service disabled chronyd.service enabled cloud-config.service enabled cloud-final.service enabled cloud-init-local.service enabled cloud-init.service enabled console-getty.service disabled console-shell.service disabled container-getty@.service static cpanalyticsd.service disabled cpanel.service enabled cpanel_php_fpm.service enabled cpanellogd.service disabled cpanelquotaonboot.service enabled cpcleartaskqueue.service static cpdavd.service disabled cpgreylistd.service disabled cphulkd.service disabled cpipv6.service enabled cpupower.service disabled crond.service enabled dbus-org.freedesktop.hostname1.service static dbus-org.freedesktop.import1.service static dbus-org.freedesktop.locale1.service static dbus-org.freedesktop.login1.service static dbus-org.freedesktop.machine1.service static dbus-org.freedesktop.timedate1.service static dbus.service static debug-shell.service disabled dnsadmin.service disabled dovecot.service enabled dracut-cmdline.service static dracut-initqueue.service static dracut-mount.service static dracut-pre-mount.service static dracut-pre-pivot.service static dracut-pre-trigger.service static dracut-pre-udev.service static dracut-shutdown.service static ea-php74-php-fpm.service enabled ea-php80-php-fpm.service disabled ea-php81-php-fpm.service disabled ebtables.service disabled emergency.service static exim.service enabled fastmail.service enabled firewalld.service disabled fstrim.service static garb.service disabled getty@.service enabled halt-local.service static htcacheclean.service static httpd.service enabled imunify-antivirus.service enabled imunify-notifier.service enabled initrd-cleanup.service static initrd-parse-etc.service static initrd-switch-root.service static initrd-udevadm-cleanup-db.service static ipaliases.service enabled iprdump.service disabled iprinit.service disabled iprupdate.service disabled irqbalance.service enabled kdump.service enabled kmod-static-nodes.service static mailman.service enabled mariadb.service enabled mariadb@.service disabled memcached.service enabled messagebus.service static microcode.service enabled mysql.service enabled mysqld.service enabled named-setup-rndc.service static named.service disabled NetworkManager-dispatcher.service disabled NetworkManager-wait-online.service disabled NetworkManager.service disabled nfs-rquotad.service disabled nscd.service enabled p0f.service disabled pdns.service enabled pdns@.service disabled plymouth-halt.service disabled plymouth-kexec.service disabled plymouth-poweroff.service disabled plymouth-quit-wait.service disabled plymouth-quit.service disabled plymouth-read-write.service disabled plymouth-reboot.service disabled plymouth-start.service disabled plymouth-switch-root.service static polkit.service static pure-authd.service enabled pure-ftpd.service enabled qemu-guest-agent.service enabled queueprocd.service disabled quotaon.service static rc-local.service static rdisc.service disabled rescue.service static rhel-autorelabel-mark.service enabled rhel-autorelabel.service enabled rhel-configure.service enabled rhel-dmesg.service enabled rhel-domainname.service enabled rhel-import-state.service enabled rhel-loadmodules.service enabled rhel-readonly.service enabled rpc-rquotad.service disabled rpcbind.service enabled rsyncd.service disabled rsyncd@.service static rsyslog.service enabled securetmp.service enabled selinux-policy-migrate-local-changes@.service static serial-getty@.service disabled smartd.service enabled smtpmailgidonly.service disabled snmpd.service disabled snmptrapd.service disabled spamd.service disabled sshd-keygen.service static sshd.service enabled sshd@.service static sw-engine.service enabled sysstat.service enabled systemd-ask-password-console.service static systemd-ask-password-plymouth.service static systemd-ask-password-wall.service static systemd-backlight@.service static systemd-binfmt.service static systemd-bootchart.service disabled systemd-firstboot.service static systemd-fsck-root.service static systemd-fsck@.service static systemd-halt.service static systemd-hibernate-resume@.service static systemd-hibernate.service static systemd-hostnamed.service static systemd-hwdb-update.service static systemd-hybrid-sleep.service static systemd-importd.service static systemd-initctl.service static systemd-journal-catalog-update.service static systemd-journal-flush.service static systemd-journald.service static systemd-kexec.service static systemd-localed.service static systemd-logind.service static systemd-machine-id-commit.service static systemd-machined.service static systemd-modules-load.service static systemd-nspawn@.service disabled systemd-poweroff.service static systemd-quotacheck.service static systemd-random-seed.service static systemd-readahead-collect.service enabled systemd-readahead-done.service indirect systemd-readahead-drop.service enabled systemd-readahead-replay.service enabled systemd-reboot.service static systemd-remount-fs.service static systemd-rfkill@.service static systemd-shutdownd.service static systemd-suspend.service static systemd-sysctl.service static systemd-timedated.service static systemd-tmpfiles-clean.service static systemd-tmpfiles-setup-dev.service static systemd-tmpfiles-setup.service static systemd-udev-settle.service static systemd-udev-trigger.service static systemd-udevd.service static systemd-update-done.service static systemd-update-utmp-runlevel.service static systemd-update-utmp.service static systemd-user-sessions.service static systemd-vconsole-setup.service static tailwatchd.service disabled teamd@.service static tuned.service enabled wp-toolkit-background-tasks.service enabled wp-toolkit-scheduled-tasks.service enabled wpa_supplicant.service disabled xinetd.service enabled zabbix-agent.service enabled zabbix-agent2.service disabled -.slice static machine.slice static system.slice static user-0.slice static user.slice static aibolit-resident.socket enabled check_mk.socket enabled dbus.socket static imunify-antivirus-sensor.socket enabled imunify-antivirus-user.socket enabled imunify-antivirus.socket enabled imunify-notifier.socket enabled nscd.socket enabled rpcbind.socket enabled rsyncd.socket disabled sshd.socket disabled syslog.socket static systemd-initctl.socket static systemd-journald.socket static systemd-shutdownd.socket static systemd-udevd-control.socket static systemd-udevd-kernel.socket static basic.target static bluetooth.target static cloud-config.target static cloud-init.target static cryptsetup-pre.target static cryptsetup.target static ctrl-alt-del.target disabled default.target enabled emergency.target static final.target static getty-pre.target static getty.target static graphical.target static halt.target disabled hibernate.target static hybrid-sleep.target static initrd-fs.target static initrd-root-fs.target static initrd-switch-root.target static initrd.target static iprutils.target disabled kexec.target disabled local-fs-pre.target static local-fs.target static machines.target disabled multi-user.target enabled network-online.target static network-pre.target static network.target static nss-lookup.target static nss-user-lookup.target static paths.target static poweroff.target disabled printer.target static reboot.target disabled remote-cryptsetup.target disabled remote-fs-pre.target static remote-fs.target enabled rescue.target disabled rpcbind.target static runlevel0.target disabled runlevel1.target disabled runlevel2.target enabled runlevel3.target enabled runlevel4.target enabled runlevel5.target static runlevel6.target disabled shutdown.target static sigpwr.target static sleep.target static slices.target static smartcard.target static sockets.target static sound.target static suspend.target static swap.target static sysinit.target static system-update.target static time-sync.target static timers.target static umount.target static chrony-dnssrv@.timer disabled fstrim.timer disabled systemd-readahead-done.timer indirect systemd-tmpfiles-clean.timer static 302 unit files listed. [all] UNIT LOAD ACTIVE SUB JOB proc-sys-fs-binfmt_misc.automount loaded active running Arbitrary Executable File Formats File System Automount Point dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9 dev-disk-by\x2did-virtio\x2d0e4c32f5\x2d3e22\x2d4897\x2d9\x2dpart1.device loaded active plugged /dev/disk/by-id/virtio-0e4c32f5-3e22-4897-9-part1 dev-disk-by\x2dpath-pci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0 dev-disk-by\x2dpath-pci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/pci-0000:00:05.0-part1 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0 dev-disk-by\x2dpath-virtio\x2dpci\x2d0000:00:05.0\x2dpart1.device loaded active plugged /dev/disk/by-path/virtio-pci-0000:00:05.0-part1 dev-disk-by\x2duuid-4a0aad12\x2db71a\x2d400e\x2da4e5\x2d76eee171b7a0.device loaded active plugged /dev/disk/by-uuid/4a0aad12-b71a-400e-a4e5-76eee171b7a0 dev-disk-by\x2duuid-6acbeb10\x2d20f8\x2d4f2a\x2dad0b\x2df125289da6b1.device loaded active plugged /dev/disk/by-uuid/6acbeb10-20f8-4f2a-ad0b-f125289da6b1 dev-loop0.device loaded active plugged /dev/loop0 dev-ttyS0.device loaded active plugged /dev/ttyS0 dev-ttyS1.device loaded active plugged /dev/ttyS1 dev-ttyS2.device loaded active plugged /dev/ttyS2 dev-ttyS3.device loaded active plugged /dev/ttyS3 dev-vda.device loaded active plugged /dev/vda dev-vda1.device loaded active plugged /dev/vda1 dev-virtio\x2dports-org.qemu.guest_agent.0.device loaded active plugged /dev/virtio-ports/org.qemu.guest_agent.0 dev-vport1p1.device loaded active plugged /dev/vport1p1 sys-devices-pci0000:00-0000:00:03.0-virtio0-net-eth0.device loaded active plugged Virtio network device sys-devices-pci0000:00-0000:00:04.0-virtio1-virtio\x2dports-vport1p1.device loaded active plugged /sys/devices/pci0000:00/0000:00:04.0/virtio1/virtio-ports/vport1p1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda-vda1.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda/vda1 sys-devices-pci0000:00-0000:00:05.0-virtio2-block-vda.device loaded active plugged /sys/devices/pci0000:00/0000:00:05.0/virtio2/block/vda sys-devices-platform-serial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1 sys-devices-platform-serial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2 sys-devices-platform-serial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3 sys-devices-pnp0-00:04-tty-ttyS0.device loaded active plugged /sys/devices/pnp0/00:04/tty/ttyS0 sys-devices-virtual-block-loop0.device loaded active plugged /sys/devices/virtual/block/loop0 sys-module-configfs.device loaded active plugged /sys/module/configfs sys-subsystem-net-devices-eth0.device loaded active plugged Virtio network device -.mount loaded active mounted / dev-hugepages.mount loaded active mounted Huge Pages File System dev-mqueue.mount loaded active mounted POSIX Message Queue File System proc-sys-fs-binfmt_misc.mount loaded active mounted Arbitrary Executable File Formats File System run-user-0.mount loaded active mounted /run/user/0 sys-fs-fuse-connections.mount loaded inactive dead FUSE Control File System sys-kernel-config.mount loaded active mounted Configuration File System sys-kernel-debug.mount loaded active mounted Debug File System * sysroot.mount not-found inactive dead sysroot.mount tmp.mount loaded active mounted /tmp var-tmp.mount loaded active mounted /var/tmp systemd-ask-password-console.path loaded inactive dead Dispatch Password Requests to Console Directory Watch systemd-ask-password-plymouth.path loaded active waiting Forward Password Requests to Plymouth Directory Watch systemd-ask-password-wall.path loaded active waiting Forward Password Requests to Wall Directory Watch session-182127.scope loaded active running Session 182127 of user root session-2745.scope loaded active abandoned Session 2745 of user root acpid.service loaded active running ACPI Event Daemon aibolit-resident.service loaded inactive dead AibolitResident atd.service loaded active running Job spooling tools auditd.service loaded active running Security Auditing Service * check_mk@12171-103.179.190.34:6556-171.25.193.78:57546.service loaded failed failed Check_MK * check_mk@13991-103.179.190.34:6556-171.25.193.20:42367.service loaded failed failed Check_MK check_mk@17167-103.179.190.35:6556-172.104.234.191:59504.service loaded activating start start Check_MK (172.104.234.191:59504) * check_mk@4668-103.179.190.34:6556-171.25.193.20:47560.service loaded failed failed Check_MK * check_mk@6445-103.179.190.35:6556-111.7.96.147:45308.service loaded failed failed Check_MK * check_mk@8741-103.179.190.35:6556-171.25.193.77:30022.service loaded failed failed Check_MK chronyd.service loaded active running NTP client/server * clamd.service not-found inactive dead clamd.service cloud-config.service loaded active exited Apply the settings specified in cloud-config cloud-final.service loaded active exited Execute cloud user/final scripts cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking) cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler) cpanel.service loaded active running cPanel services cpanel_php_fpm.service loaded active running FPM service for cPanel Daemons cpanellogd.service loaded active running cPanel Log services cpanelquotaonboot.service loaded active exited cPanel fix quotas on boot cpdavd.service loaded active running cPanel dav services * cpgreylistd.service loaded failed failed cPanel Greylisting Daemon cphulkd.service loaded active running cPanel brute force detector services * cpipv6.service loaded failed failed cPanel IPv6 service cpupower.service loaded inactive dead Configure CPU power related settings crond.service loaded active running Command Scheduler dbus.service loaded active running D-Bus System Message Bus * display-manager.service not-found inactive dead display-manager.service dnsadmin.service loaded active running cPanel DNS admin service dovecot.service loaded active running Dovecot Imap Server dracut-cmdline.service loaded inactive dead dracut cmdline hook dracut-initqueue.service loaded inactive dead dracut initqueue hook dracut-mount.service loaded inactive dead dracut mount hook dracut-pre-mount.service loaded inactive dead dracut pre-mount hook dracut-pre-pivot.service loaded inactive dead dracut pre-pivot and cleanup hook dracut-pre-trigger.service loaded inactive dead dracut pre-trigger hook dracut-pre-udev.service loaded inactive dead dracut pre-udev hook dracut-shutdown.service loaded inactive dead Restore /run/initramfs ea-php74-php-fpm.service loaded active running The PHP FastCGI Process Manager * ea-php80-php-fpm.service loaded failed failed The PHP FastCGI Process Manager * ea-php81-php-fpm.service loaded failed failed The PHP FastCGI Process Manager emergency.service loaded inactive dead Emergency Shell exim.service loaded active running Exim is a Mail Transport Agent, which is the program that moves mail from one machine to another. fastmail.service loaded inactive dead Fastmail Services getty@tty1.service loaded active running Getty on tty1 httpd.service loaded active running Apache web server managed by cPanel EasyApache imunify-antivirus.service loaded inactive dead ImunifyAV imunify-notifier.service loaded inactive dead Imunify360 notifications service * imunify360.service not-found inactive dead imunify360.service initrd-cleanup.service loaded inactive dead Cleaning Up and Shutting Down Daemons initrd-parse-etc.service loaded inactive dead Reload Configuration from the Real Root initrd-switch-root.service loaded inactive dead Switch Root initrd-udevadm-cleanup-db.service loaded inactive dead Cleanup udevd DB * ip6tables.service not-found inactive dead ip6tables.service ipaliases.service loaded inactive dead cPanel IP aliases service * iptables.service not-found inactive dead iptables.service irqbalance.service loaded active running irqbalance daemon kdump.service loaded active exited Crash recovery kernel arming kmod-static-nodes.service loaded active exited Create list of required static device nodes for the current kernel * mailman.service loaded failed failed mailman services mariadb.service loaded active running MariaDB 10.3.35 database server memcached.service loaded active running Memcached microcode.service loaded inactive dead Load CPU microcode update named-setup-rndc.service loaded inactive dead Generate rndc key for BIND (DNS) named.service loaded inactive dead Berkeley Internet Name Domain (DNS) network.service loaded active exited LSB: Bring up/down networking NetworkManager-wait-online.service loaded inactive dead Network Manager Wait Online NetworkManager.service loaded inactive dead Network Manager nscd.service loaded active running Name Service Cache Daemon * ntpd.service not-found inactive dead ntpd.service * ntpdate.service not-found inactive dead ntpdate.service p0f.service loaded active running p0f passive fingerprinter pdns.service loaded active running PowerDNS Authoritative Server plymouth-quit-wait.service loaded inactive dead Wait for Plymouth Boot Screen to Quit plymouth-quit.service loaded inactive dead Terminate Plymouth Boot Screen plymouth-read-write.service loaded inactive dead Tell Plymouth To Write Out Runtime Data plymouth-start.service loaded inactive dead Show Plymouth Boot Screen plymouth-switch-root.service loaded inactive dead Plymouth switch root service polkit.service loaded active running Authorization Manager * psa.service not-found inactive dead psa.service pure-authd.service loaded active running Pure-Authd pure-ftpd.service loaded active running Pure-FTPd qemu-guest-agent.service loaded active running QEMU Guest Agent queueprocd.service loaded active running cPanel Queue services quotaon.service loaded active exited Enable File System Quotas rc-local.service loaded active exited /etc/rc.d/rc.local Compatibility rescue.service loaded inactive dead Rescue Shell rhel-autorelabel-mark.service loaded inactive dead Mark the need to relabel after reboot rhel-autorelabel.service loaded inactive dead Relabel all filesystems, if necessary rhel-configure.service loaded inactive dead Reconfigure the system on administrator request rhel-dmesg.service loaded active exited Dump dmesg to /var/log/dmesg rhel-domainname.service loaded active exited Read and set NIS domainname from /etc/sysconfig/network rhel-import-state.service loaded active exited Import network configuration from initramfs rhel-loadmodules.service loaded inactive dead Load legacy module configuration rhel-readonly.service loaded active exited Configure read-only root support rpcbind.service loaded active running RPC bind service rsyslog.service loaded active running System Logging Service securetmp.service loaded active exited securetmp service selinux-policy-migrate-local-changes@targeted.service loaded inactive dead Migrate local SELinux policy changes from the old store structure to the new structure serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0 smartd.service loaded active running Self Monitoring and Reporting Technology (SMART) Daemon smtpmailgidonly.service loaded inactive dead SMTP Tweak * sntp.service not-found inactive dead sntp.service spamd.service loaded active running Apache SpamAssassin™ deferral daemon sshd-keygen.service loaded inactive dead OpenSSH Server Key Generation sshd.service loaded active running OpenSSH server daemon sw-engine.service loaded active running Startup script for Panel sw-engine * syslog.service not-found inactive dead syslog.service sysstat.service loaded active exited Resets System Activity Logs systemd-ask-password-console.service loaded inactive dead Dispatch Password Requests to Console systemd-ask-password-plymouth.service loaded inactive dead Forward Password Requests to Plymouth systemd-ask-password-wall.service loaded inactive dead Forward Password Requests to Wall systemd-binfmt.service loaded inactive dead Set Up Additional Binary Formats systemd-firstboot.service loaded inactive dead First Boot Wizard systemd-fsck-root.service loaded active exited File System Check on Root Device systemd-hwdb-update.service loaded active exited Rebuild Hardware Database systemd-initctl.service loaded inactive dead /dev/initctl Compatibility Daemon systemd-journal-catalog-update.service loaded active exited Rebuild Journal Catalog systemd-journal-flush.service loaded inactive dead Flush Journal to Persistent Storage systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running Login Service systemd-machine-id-commit.service loaded inactive dead Commit a transient machine-id on disk systemd-modules-load.service loaded inactive dead Load Kernel Modules systemd-quotacheck.service loaded active exited File System Quota Check systemd-random-seed.service loaded active exited Load/Save Random Seed systemd-readahead-collect.service loaded inactive dead Collect Read-Ahead Data systemd-readahead-done.service loaded inactive dead Stop Read-Ahead Data Collection systemd-readahead-replay.service loaded inactive dead Replay Read-Ahead Data systemd-reboot.service loaded inactive dead Reboot systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems systemd-shutdownd.service loaded inactive dead Delayed Shutdown Service systemd-sysctl.service loaded active exited Apply Kernel Variables * systemd-sysusers.service not-found inactive dead systemd-sysusers.service * systemd-timesyncd.service not-found inactive dead systemd-timesyncd.service systemd-tmpfiles-clean.service loaded inactive dead Cleanup of Temporary Directories systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories systemd-udev-trigger.service loaded active exited udev Coldplug all Devices systemd-udevd.service loaded active running udev Kernel Device Manager systemd-update-done.service loaded active exited Update is Completed systemd-update-utmp-runlevel.service loaded inactive dead Update UTMP about System Runlevel Changes systemd-update-utmp.service loaded active exited Update UTMP about System Boot/Shutdown systemd-user-sessions.service loaded active exited Permit User Sessions systemd-vconsole-setup.service loaded active exited Setup Virtual Console tailwatchd.service loaded active running tailwatchd tuned.service loaded inactive dead Dynamic System Tuning Daemon wp-toolkit-background-tasks.service loaded active running Background tasks executor for WordPress Toolkit wp-toolkit-scheduled-tasks.service loaded active running Scheduled tasks executor for WordPress Toolkit xinetd.service loaded active running Xinetd A Powerful Replacement For Inetd * ypbind.service not-found inactive dead ypbind.service * yppasswdd.service not-found inactive dead yppasswdd.service * ypserv.service not-found inactive dead ypserv.service * ypxfrd.service not-found inactive dead ypxfrd.service zabbix-agent.service loaded active running Zabbix Agent -.slice loaded active active Root Slice system-check_mk.slice loaded active active system-check_mk.slice system-getty.slice loaded active active system-getty.slice system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice loaded active active system-selinux\x2dpolicy\x2dmigrate\x2dlocal\x2dchanges.slice system-serial\x2dgetty.slice loaded active active system-serial\x2dgetty.slice system.slice loaded active active System Slice user-0.slice loaded active active User Slice of root user.slice loaded active active User and Session Slice aibolit-resident.socket loaded active listening AibolitResident Startup Socket check_mk.socket loaded active listening Check_MK Agent Socket dbus.socket loaded active running D-Bus System Message Bus Socket imunify-antivirus-sensor.socket loaded active listening ImunifyAV Generic Sensor Sockets imunify-antivirus-user.socket loaded active listening ImunifyAV User Sockets imunify-antivirus.socket loaded active listening ImunifyAV Sockets imunify-notifier.socket loaded active listening Imunify360 notifications socket nscd.socket loaded active running Name Service Cache Daemon Socket rpcbind.socket loaded active running RPCbind Server Activation Socket sshd.socket loaded inactive dead OpenSSH Server Socket syslog.socket loaded inactive dead Syslog Socket systemd-initctl.socket loaded active listening /dev/initctl Compatibility Named Pipe systemd-journald.socket loaded active running Journal Socket systemd-shutdownd.socket loaded active listening Delayed Shutdown Socket systemd-udevd-control.socket loaded active running udev Control Socket systemd-udevd-kernel.socket loaded active running udev Kernel Socket basic.target loaded active active Basic System cloud-config.target loaded active active Cloud-config availability cloud-init.target loaded active active Cloud-init target cryptsetup.target loaded active active Local Encrypted Volumes emergency.target loaded inactive dead Emergency Mode final.target loaded inactive dead Final Step * firewalld.target not-found inactive dead firewalld.target getty-pre.target loaded inactive dead Login Prompts (Pre) getty.target loaded active active Login Prompts graphical.target loaded inactive dead Graphical Interface initrd-fs.target loaded inactive dead Initrd File Systems initrd-root-fs.target loaded inactive dead Initrd Root File System initrd-switch-root.target loaded inactive dead Switch Root initrd.target loaded inactive dead Initrd Default Target local-fs-pre.target loaded active active Local File Systems (Pre) local-fs.target loaded active active Local File Systems multi-user.target loaded active active Multi-User System network-online.target loaded active active Network is Online network-pre.target loaded active active Network (Pre) network.target loaded active active Network nss-lookup.target loaded inactive dead Host and Network Name Lookups nss-user-lookup.target loaded inactive dead User and Group Name Lookups paths.target loaded active active Paths remote-fs-pre.target loaded inactive dead Remote File Systems (Pre) remote-fs.target loaded active active Remote File Systems rescue.target loaded inactive dead Rescue Mode rpcbind.target loaded active active RPC Port Mapper shutdown.target loaded inactive dead Shutdown slices.target loaded active active Slices sockets.target loaded active active Sockets swap.target loaded active active Swap sysinit.target loaded active active System Initialization * syslog.target not-found inactive dead syslog.target time-sync.target loaded inactive dead System Time Synchronized timers.target loaded active active Timers umount.target loaded inactive dead Unmount All Filesystems systemd-readahead-done.timer loaded inactive dead Stop Read-Ahead Data Collection 10s After Completed Startup systemd-tmpfiles-clean.timer loaded active waiting Daily Cleanup of Temporary Directories Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND - root 191376 3928 01:41:58 72-13:56:14 1 /usr/lib/systemd/systemd --system --deserialize 18 - root 0 0 00:00:00 72-13:56:14 2 [kthreadd] - root 0 0 00:00:00 72-13:56:14 4 [kworker/0:0H] - root 0 0 00:00:10 72-13:56:14 6 [ksoftirqd/0] - root 0 0 00:00:02 72-13:56:14 7 [migration/0] - root 0 0 00:00:00 72-13:56:14 8 [rcu_bh] - root 0 0 01:31:19 72-13:56:14 9 [rcu_sched] - root 0 0 00:00:00 72-13:56:14 10 [lru-add-drain] - root 0 0 00:00:27 72-13:56:14 11 [watchdog/0] - root 0 0 00:00:25 72-13:56:14 12 [watchdog/1] - root 0 0 00:00:32 72-13:56:14 13 [migration/1] - root 0 0 00:00:09 72-13:56:14 14 [ksoftirqd/1] - root 0 0 00:00:00 72-13:56:14 16 [kworker/1:0H] - root 0 0 00:00:23 72-13:56:14 17 [watchdog/2] - root 0 0 00:00:04 72-13:56:14 18 [migration/2] - root 0 0 00:00:08 72-13:56:14 19 [ksoftirqd/2] - root 0 0 00:00:00 72-13:56:14 21 [kworker/2:0H] - root 0 0 00:00:23 72-13:56:14 22 [watchdog/3] - root 0 0 00:00:03 72-13:56:14 23 [migration/3] - root 0 0 00:00:13 72-13:56:14 24 [ksoftirqd/3] - root 0 0 00:00:00 72-13:56:14 26 [kworker/3:0H] - root 0 0 00:00:22 72-13:56:14 27 [watchdog/4] - root 0 0 00:00:19 72-13:56:14 28 [migration/4] - root 0 0 00:00:14 72-13:56:14 29 [ksoftirqd/4] - root 0 0 00:00:00 72-13:56:14 31 [kworker/4:0H] - root 0 0 00:00:25 72-13:56:14 32 [watchdog/5] - root 0 0 00:00:04 72-13:56:14 33 [migration/5] - root 0 0 00:01:57 72-13:56:14 34 [ksoftirqd/5] - root 0 0 00:00:00 72-13:56:14 36 [kworker/5:0H] - root 0 0 00:00:00 72-13:56:14 38 [kdevtmpfs] - root 0 0 00:00:00 72-13:56:14 39 [netns] - root 0 0 00:00:03 72-13:56:14 40 [khungtaskd] - root 0 0 00:00:00 72-13:56:14 41 [writeback] - root 0 0 00:00:00 72-13:56:14 42 [kintegrityd] - root 0 0 00:00:00 72-13:56:14 43 [bioset] - root 0 0 00:00:00 72-13:56:14 44 [bioset] - root 0 0 00:00:00 72-13:56:14 45 [bioset] - root 0 0 00:00:00 72-13:56:14 46 [kblockd] - root 0 0 00:00:00 72-13:56:14 47 [md] - root 0 0 00:00:00 72-13:56:14 48 [edac-poller] - root 0 0 00:00:00 72-13:56:14 49 [watchdogd] - root 0 0 00:01:05 72-13:56:14 55 [kswapd0] - root 0 0 00:00:00 72-13:56:14 56 [ksmd] - root 0 0 00:00:16 72-13:56:14 57 [khugepaged] - root 0 0 00:00:00 72-13:56:14 58 [crypto] - root 0 0 00:00:00 72-13:56:14 66 [kthrotld] - root 0 0 00:00:00 72-13:56:14 68 [kmpath_rdacd] - root 0 0 00:00:00 72-13:56:14 69 [kaluad] - root 0 0 00:00:00 72-13:56:14 70 [kpsmoused] - root 0 0 00:00:00 72-13:56:13 72 [ipv6_addrconf] - root 0 0 00:00:00 72-13:56:13 86 [deferwq] - root 0 0 00:04:31 72-13:56:13 197 [kauditd] - root 0 0 00:00:00 72-13:56:13 262 [ata_sff] - root 0 0 00:00:00 72-13:56:13 276 [ttm_swap] - root 0 0 00:00:00 72-13:56:13 280 [scsi_eh_0] - root 0 0 00:00:00 72-13:56:13 281 [scsi_tmf_0] - root 0 0 00:00:00 72-13:56:13 282 [scsi_eh_1] - root 0 0 00:00:00 72-13:56:13 283 [scsi_tmf_1] - root 0 0 00:00:54 72-13:56:13 289 [kworker/3:1H] - root 0 0 00:01:51 72-13:56:13 294 [kworker/0:1H] - root 0 0 00:00:49 72-13:56:13 301 [kworker/4:1H] - root 0 0 00:12:39 72-13:56:13 302 [jbd2/vda1-8] - root 0 0 00:00:00 72-13:56:13 303 [ext4-rsv-conver] - root 0 0 00:00:04 72-13:56:13 309 [kworker/2:1H] - root 0 0 00:00:52 72-13:56:12 372 [kworker/5:1H] - root 0 0 00:00:10 72-13:56:12 374 [kworker/1:1H] 6:devices:/system.slice/auditd.service,1:name=systemd:/system.slice/auditd.service root 55532 864 00:09:35 72-13:56:11 458 /sbin/auditd 6:devices:/system.slice/dbus.service,1:name=systemd:/system.slice/dbus.service dbus 58232 1644 00:19:54 72-13:56:11 576 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation - root 0 0 00:01:33 72-13:56:10 671 [loop0] - root 0 0 00:00:34 72-13:56:10 672 [jbd2/loop0-8] - root 0 0 00:00:00 72-13:56:10 673 [ext4-rsv-conver] 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-2745.scope root 116020 1596 00:00:00 71-11:56:16 1006 nano pdns.conf - root 0 0 00:00:00 01:12:28 1139 [kworker/5:1] 6:devices:/system.slice/dnsadmin.service,1:name=systemd:/system.slice/dnsadmin.service root 167288 4196 00:02:51 72-13:55:59 1491 dnsadmin - dormant mode 6:devices:/system.slice/cpdavd.service,1:name=systemd:/system.slice/cpdavd.service root 183632 6580 00:04:31 72-13:55:59 1494 cpdavd - accepting connections on: 2079, 2080, 2091, 2077, 2078 (dormant) 6:devices:/system.slice/tailwatchd.service,1:name=systemd:/system.slice/tailwatchd.service root 206572 19060 00:03:33 72-13:55:59 1495 tailwatchd 6:devices:/system.slice/cphulkd.service,1:name=systemd:/system.slice/cphulkd.service root 189948 12324 00:22:41 72-13:55:59 1497 cPhulkd - processor - root 0 0 00:00:01 05:09:53 4275 [kworker/u12:1] - root 0 0 00:00:08 13:37:27 4308 [kworker/1:1] 6:devices:/system.slice/pure-authd.service,1:name=systemd:/system.slice/pure-authd.service root 152776 2036 00:00:00 2-18:13:56 4917 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin/pureauth 6:devices:/system.slice/pure-ftpd.service,1:name=systemd:/system.slice/pure-ftpd.service root 153400 3104 00:00:00 2-18:13:56 4918 pure-ftpd (SERVER) 6:devices:/system.slice/queueprocd.service,1:name=systemd:/system.slice/queueprocd.service root 222176 13832 00:00:33 2-18:13:53 5092 queueprocd - waiting up to 60s to process a task 6:devices:/system.slice/exim.service,1:name=systemd:/system.slice/exim.service mailnull 85952 8912 00:00:02 2-18:13:53 5122 /usr/sbin/exim -ps -bd -q15m -oP /var/spool/exim/exim-daemon.pid 6:devices:/system.slice/p0f.service,1:name=systemd:/system.slice/p0f.service cpanelconnecttrack 10384 3712 00:11:53 2-18:13:26 5552 /usr/local/cpanel/3rdparty/sbin/p0f -i any -u cpanelconnecttrack -d -s /var/cpanel/userhomes/cpanelconnecttrack/p0f.socket less 400 and not dst port 80 and not dst port 443 and tcp[13] & 8==0 6:devices:/system.slice/cpanellogd.service,1:name=systemd:/system.slice/cpanellogd.service root 130232 2724 00:00:01 2-18:13:26 5557 cpanellogd - sleeping for logs 6:devices:/system.slice/cphulkd.service,1:name=systemd:/system.slice/cphulkd.service root 152572 11280 00:01:51 2-18:13:26 5576 cPhulkd - dbprocessor 6:devices:/system.slice/ea-php74-php-fpm.service,1:name=systemd:/system.slice/ea-php74-php-fpm.service root 610472 16652 00:00:16 1-04:33:17 6007 php-fpm: master process (/opt/cpanel/ea-php74/root/etc/php-fpm.conf) 6:devices:/system.slice/qemu-guest-agent.service,1:name=systemd:/system.slice/qemu-guest-agent.service root 44168 1728 00:00:00 1-04:33:17 6022 /usr/bin/qemu-ga --method=virtio-serial --path=/dev/virtio-ports/org.qemu.guest_agent.0 --blacklist=guest-file-open,guest-file-close,guest-file-read,guest-file-write,guest-file-seek,guest-file-flush,guest-exec,guest-exec-status -F/etc/qemu-ga/fsfreeze-hook 6:devices:/system.slice/pdns.service,1:name=systemd:/system.slice/pdns.service named 663088 8668 00:00:10 1-04:33:16 6041 /usr/sbin/pdns_server --socket-dir=/run/pdns --guardian=no --daemon=no --disable-syslog --log-timestamp=no --write-pid=no 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 87596 1316 00:00:00 1-04:33:16 6066 /usr/sbin/zabbix_agentd -c /etc/zabbix/zabbix_agentd.conf 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 87664 2064 00:06:02 1-04:33:16 6067 /usr/sbin/zabbix_agentd: collector [idle 1 sec] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 87748 3328 00:00:16 1-04:33:16 6068 /usr/sbin/zabbix_agentd: listener #1 [waiting for connection] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 87748 3336 00:00:16 1-04:33:16 6069 /usr/sbin/zabbix_agentd: listener #2 [waiting for connection] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 87748 3336 00:00:16 1-04:33:16 6070 /usr/sbin/zabbix_agentd: listener #3 [waiting for connection] 6:devices:/system.slice/zabbix-agent.service,1:name=systemd:/system.slice/zabbix-agent.service zabbix 87596 2284 00:00:08 1-04:33:16 6071 /usr/sbin/zabbix_agentd: active checks #1 [idle 1 sec] 6:devices:/system.slice/smartd.service,1:name=systemd:/system.slice/smartd.service root 52852 2352 00:00:00 1-04:33:16 6086 /usr/sbin/smartd -n -q never 6:devices:/system.slice/mariadb.service,1:name=systemd:/system.slice/mariadb.service mysql 2486612 248732 00:07:22 1-04:33:14 6145 /usr/sbin/mysqld 6:devices:/system.slice/rsyslog.service,1:name=systemd:/system.slice/rsyslog.service root 533944 18856 00:00:30 1-04:33:14 6194 /usr/sbin/rsyslogd -n 6:devices:/system.slice/wp-toolkit-scheduled-tasks.service,1:name=systemd:/system.slice/wp-toolkit-scheduled-tasks.service wp-toolkit 372000 18680 00:00:01 1-04:33:14 6213 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script scheduled-tasks-executor.php 6:devices:/system.slice/wp-toolkit-background-tasks.service,1:name=systemd:/system.slice/wp-toolkit-background-tasks.service wp-toolkit 382384 29168 00:00:52 1-04:33:13 6228 /usr/bin/sw-engine /usr/local/cpanel/3rdparty/wp-toolkit/bin/run-script background-tasks-executor.php 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 238068 14316 00:00:03 20:36:14 6247 /usr/sbin/httpd -k start 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service root 51488 2412 00:00:01 1-04:33:12 6248 /usr/sbin/dovecot -F -c /etc/dovecot/dovecot.conf 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovenull 47324 5088 00:00:00 1-04:33:12 6249 dovecot/pop3-login 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovenull 47296 4940 00:00:00 1-04:33:12 6250 dovecot/imap-login 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovecot 10304 1316 00:00:00 1-04:33:12 6251 dovecot/anvil 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service root 10436 1508 00:00:00 1-04:33:12 6252 dovecot/log 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovenull 47308 5032 00:00:00 1-04:33:12 6253 dovecot/pop3-login 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovenull 47364 4920 00:00:00 1-04:33:12 6254 dovecot/imap-login 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service root 17760 4916 00:00:01 1-04:33:12 6255 dovecot/config 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovecot 13552 1524 00:00:00 1-04:33:12 6256 dovecot/stats 6:devices:/system.slice/nscd.service,1:name=systemd:/system.slice/nscd.service nscd 1400016 2516 00:00:19 1-04:33:12 6285 /usr/sbin/nscd 6:devices:/system.slice/systemd-udevd.service,1:name=systemd:/system.slice/systemd-udevd.service root 43532 1348 00:00:00 1-04:33:11 6310 /usr/lib/systemd/systemd-udevd 6:devices:/system.slice/cpanel_php_fpm.service,1:name=systemd:/system.slice/cpanel_php_fpm.service root 293644 5352 00:00:05 1-04:33:11 6318 php-fpm: master process (/usr/local/cpanel/etc/php-fpm.conf) 6:devices:/system.slice/rpcbind.service,1:name=systemd:/system.slice/rpcbind.service rpc 69256 1280 00:00:00 1-04:33:11 6336 /sbin/rpcbind -w 6:devices:/system.slice/sshd.service,1:name=systemd:/system.slice/sshd.service root 111284 4292 00:00:10 1-04:33:11 6357 /usr/sbin/sshd -D 6:devices:/system.slice/sw-engine.service,1:name=systemd:/system.slice/sw-engine.service root 365980 8580 00:00:00 1-04:33:10 6375 sw-engine-fpm: master process (/etc/sw-engine/sw-engine-fpm.conf) 6:devices:/system.slice/systemd-journald.service,1:name=systemd:/system.slice/systemd-journald.service root 63980 28308 00:00:50 1-04:33:10 6391 /usr/lib/systemd/systemd-journald 6:devices:/system.slice/polkit.service,1:name=systemd:/system.slice/polkit.service polkitd 610532 7616 00:00:07 1-04:33:10 6406 /usr/lib/polkit-1/polkitd --no-debug - root 0 0 00:00:00 27:29 6505 [kworker/1:2] 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-182127.scope root 185000 2584 00:00:00 04:52:28 6644 /usr/sbin/CROND -n 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-182127.scope root 113280 1176 00:00:00 04:52:28 6647 /bin/sh -c sleep $((1 + RANDOM % 5))h $((1 + RANDOM % 60))m; /usr/local/bin/wp-toolkit update-configuration > /dev/null 2> /dev/null || /usr/local/cpanel/3rdparty/wp-toolkit/bin/wp-toolkit-installer.sh --generate-configs > /dev/null 2> /dev/null; /usr/bin/yum -y update wp-toolkit-cpanel > /dev/null 2> /dev/null 6:devices:/user.slice,1:name=systemd:/user.slice/user-0.slice/session-182127.scope root 108052 340 00:00:00 04:52:28 6652 sleep 5h 43m - root 0 0 00:00:00 21:09 7452 [kworker/0:1] - root 0 0 00:00:00 17:25 7843 [kworker/4:2] - root 0 0 00:00:00 12:28 8437 [kworker/3:2] 6:devices:/system.slice/cpanel.service,1:name=systemd:/system.slice/cpanel.service root 254404 28548 00:19:33 38-04:32:43 8935 cpsrvd (SSL) - waiting for connections 6:devices:/system.slice/atd.service,1:name=systemd:/system.slice/atd.service root 24208 932 00:00:00 28-04:33:16 8955 /usr/sbin/atd -f - root 0 0 00:00:00 02:28 9341 [kworker/1:0] 6:devices:/system.slice/dovecot.service,1:name=systemd:/system.slice/dovecot.service dovecot 41104 2968 00:00:00 01:45 9419 dovecot/auth 6:devices:/system.slice/chronyd.service,1:name=systemd:/system.slice/chronyd.service chrony 103732 1660 00:00:04 28-04:32:30 9620 /usr/sbin/chronyd 6:devices:/system.slice/spamd.service,1:name=systemd:/system.slice/spamd.service root 249948 123936 00:00:08 04:30:48 9645 /usr/local/cpanel/3rdparty/perl/532/bin/perl -T -w /usr/local/cpanel/3rdparty/bin/spamd --allowed-ips=127.0.0.1,::1 --max-children=5 --pidfile=/var/run/spamd.pid --listen=5 6:devices:/system.slice/xinetd.service,1:name=systemd:/system.slice/xinetd.service root 27380 872 00:00:00 28-04:32:29 9667 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid 6:devices:/system.slice/system-serial\x2dgetty.slice,1:name=systemd:/system.slice/system-serial\x2dgetty.slice/serial-getty@ttyS0.service root 108292 764 00:00:00 28-04:32:29 9698 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220 6:devices:/system.slice/systemd-logind.service,1:name=systemd:/system.slice/systemd-logind.service root 24696 1816 00:03:59 28-04:32:29 9729 /usr/lib/systemd/systemd-logind 6:devices:/system.slice/system-getty.slice,1:name=systemd:/system.slice/system-getty.slice/getty@tty1.service root 108292 740 00:00:00 28-04:32:29 9745 /sbin/agetty --noclear tty1 linux 6:devices:/system.slice/system-check_mk.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@17167-103.179.190.35:6556-172.104.234.191:59504.service root 113576 1860 00:00:00 00:00 9795 /bin/bash /usr/bin/check_mk_agent 6:devices:/system.slice/system-check_mk.slice,1:name=systemd:/system.slice/system-check_mk.slice/check_mk@17167-103.179.190.35:6556-172.104.234.191:59504.service root 49820 1560 00:00:00 00:00 9818 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 6:devices:/system.slice/acpid.service,1:name=systemd:/system.slice/acpid.service root 4388 460 00:00:00 28-04:32:25 10005 /usr/sbin/acpid 6:devices:/system.slice/crond.service,1:name=systemd:/system.slice/crond.service root 124500 1612 00:00:24 28-04:32:25 10027 /usr/sbin/crond -n - root 0 0 00:00:02 12:51:28 10083 [kworker/0:0] 6:devices:/system.slice/irqbalance.service,1:name=systemd:/system.slice/irqbalance.service root 21540 1112 00:03:10 28-04:32:24 10141 /usr/sbin/irqbalance --foreground - root 0 0 00:00:01 20:02:28 10931 [kworker/5:2] 6:devices:/system.slice/spamd.service,1:name=systemd:/system.slice/spamd.service root 251096 122208 00:00:04 04:19:50 11204 spamd child 6:devices:/system.slice/spamd.service,1:name=systemd:/system.slice/spamd.service root 249948 120536 00:00:00 04:19:50 11205 spamd child 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 238308 14232 00:00:01 12:34:15 12177 /usr/sbin/httpd -k start - root 0 0 00:00:00 08:21:12 14438 [kworker/4:1] - root 0 0 00:00:00 03:54:29 14530 [kworker/2:0] 6:devices:/system.slice/memcached.service,1:name=systemd:/system.slice/memcached.service memcached 368716 29068 00:01:47 23-18:04:22 15545 /usr/bin/memcached -u memcached -p 11211 -m 64 -c 1024 -l 127.0.0.1 -U 0 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 237816 13760 00:00:01 11:26:47 21334 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service root 232076 8740 00:00:12 2-04:33:21 24160 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service root 12748 1292 00:00:03 2-04:33:21 24161 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --suffix=-bytes_log 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service root 12764 1304 00:00:03 2-04:33:21 24162 /usr/local/cpanel/bin/splitlogs --dir=/etc/apache2/logs/domlogs --main=vps1.hicorp.vn --mainout=/etc/apache2/logs/access_log 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service root 53088 11760 00:00:00 2-04:33:21 24163 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprotect 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 237820 13760 00:00:01 10:29:13 28652 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 238248 13896 00:00:01 10:29:12 28656 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 238228 13968 00:00:01 10:29:12 28657 /usr/sbin/httpd -k start - root 0 0 00:00:00 01:47:03 28941 [kworker/u12:2] 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 238100 13852 00:00:00 06:06:21 30091 /usr/sbin/httpd -k start - root 0 0 00:00:00 17:52:29 31150 [kworker/3:1] - root 0 0 00:00:01 1-01:22:28 31641 [kworker/2:1] 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 237856 13560 00:00:00 05:42:21 32736 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 237836 13620 00:00:00 05:42:20 32758 /usr/sbin/httpd -k start 6:devices:/system.slice/httpd.service,1:name=systemd:/system.slice/httpd.service nobody 238220 13728 00:00:00 05:42:20 32760 /usr/sbin/httpd -k start Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:b2:8e:1b brd ff:ff:ff:ff:ff:ff inet 103.179.190.34/24 brd 103.179.190.255 scope global eth0 valid_lft forever preferred_lft forever inet 103.179.190.35/24 brd 103.179.190.255 scope global secondary eth0:1 valid_lft forever preferred_lft forever [end_iplink]Found on 2022-06-17 22:52
Domain summary
No record