Host 141.9.249.156
Germany
Verein zur Foerderung eines Deutschen Forschungsnetzes e.V.
-
CheckMK monitoring endpoint publicly available
An open CheckMK agent is publicly available.
This could leak sensitive information such as :
- Process list ( maybe credentials )
- Network interfaces
- Running services
- Firewall rules
- Internal OS configuration
https://docs.checkmk.com/latest/en/wato_monitoringagents.html
First seen 2024-11-15 18:11
Last seen 2024-12-22 00:58
Open for 36 days-
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe568363c1f5376eFound public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12584,00:01:36/39-14:36:38,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:01/39-14:36:38,2) [kthreadd] (root,0,0,00:00:00/39-14:36:38,3) [rcu_gp] (root,0,0,00:00:00/39-14:36:38,4) [rcu_par_gp] (root,0,0,00:00:00/39-14:36:38,5) [slub_flushwq] (root,0,0,00:00:00/39-14:36:38,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/39-14:36:38,9) [mm_percpu_wq] (root,0,0,00:00:00/39-14:36:38,10) [rcu_tasks_kthre] (root,0,0,00:00:00/39-14:36:38,11) [rcu_tasks_rude_] (root,0,0,00:00:00/39-14:36:38,12) [rcu_tasks_trace] (root,0,0,00:01:15/39-14:36:38,13) [ksoftirqd/0] (root,0,0,01:45:18/39-14:36:38,14) [rcu_preempt] (root,0,0,00:00:15/39-14:36:38,15) [migration/0] (root,0,0,00:00:00/39-14:36:38,16) [idle_inject/0] (root,0,0,00:00:00/39-14:36:38,18) [cpuhp/0] (root,0,0,00:00:00/39-14:36:38,19) [cpuhp/1] (root,0,0,00:00:00/39-14:36:38,20) [idle_inject/1] (root,0,0,00:00:15/39-14:36:38,21) [migration/1] (root,0,0,00:01:05/39-14:36:38,22) [ksoftirqd/1] (root,0,0,00:00:00/39-14:36:38,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/39-14:36:38,25) [cpuhp/2] (root,0,0,00:00:00/39-14:36:38,26) [idle_inject/2] (root,0,0,00:00:12/39-14:36:38,27) [migration/2] (root,0,0,01:14:06/39-14:36:38,28) [ksoftirqd/2] (root,0,0,00:00:00/39-14:36:38,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/39-14:36:38,31) [cpuhp/3] (root,0,0,00:00:00/39-14:36:38,32) [idle_inject/3] (root,0,0,00:00:14/39-14:36:38,33) [migration/3] (root,0,0,00:03:31/39-14:36:38,34) [ksoftirqd/3] (root,0,0,00:00:00/39-14:36:38,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/39-14:36:38,39) [kdevtmpfs] (root,0,0,00:00:00/39-14:36:38,40) [netns] (root,0,0,00:00:00/39-14:36:38,41) [inet_frag_wq] (root,0,0,00:00:09/39-14:36:38,42) [kauditd] (root,0,0,00:00:00/39-14:36:38,43) [khungtaskd] (root,0,0,00:00:00/39-14:36:38,44) [oom_reaper] (root,0,0,00:00:00/39-14:36:38,45) [writeback] (root,0,0,00:01:56/39-14:36:38,46) [kcompactd0] (root,0,0,00:00:00/39-14:36:38,47) [ksmd] (root,0,0,00:01:57/39-14:36:38,48) [khugepaged] (root,0,0,00:00:00/39-14:36:38,74) [kintegrityd] (root,0,0,00:00:00/39-14:36:38,75) [kblockd] (root,0,0,00:00:00/39-14:36:38,76) [blkcg_punt_bio] (root,0,0,00:00:00/39-14:36:38,78) [tpm_dev_wq] (root,0,0,00:00:00/39-14:36:38,79) [edac-poller] (root,0,0,00:00:00/39-14:36:38,80) [devfreq_wq] (root,0,0,00:00:00/39-14:36:38,110) [watchdogd] (root,0,0,00:00:08/39-14:36:38,111) [kworker/2:1H-kblockd] (root,0,0,00:00:02/39-14:36:38,112) [kswapd0] (root,0,0,00:00:00/39-14:36:37,114) [kthrotld] (root,0,0,00:00:00/39-14:36:37,115) [mld] (root,0,0,00:00:00/39-14:36:37,116) [ipv6_addrconf] (root,0,0,00:00:17/39-14:36:37,117) [kworker/1:1H-kblockd] (root,0,0,00:00:00/39-14:36:37,122) [kstrp] (root,0,0,00:00:00/39-14:36:37,123) [zswap-shrink] (root,0,0,00:00:00/39-14:36:37,124) [kworker/u9:0] (root,0,0,00:00:00/39-14:36:37,129) [charger_manager] (root,0,0,00:00:08/39-14:36:36,172) [kworker/3:1H-kblockd] (root,0,0,00:00:09/39-14:36:36,175) [kworker/0:1H-kblockd] (root,0,0,00:00:00/39-14:36:36,205) [kaluad] (root,0,0,00:00:00/39-14:36:36,250) [kmpath_rdacd] (root,0,0,00:00:00/39-14:36:36,293) [kmpathd] (root,0,0,00:00:00/39-14:36:36,294) [kmpath_handlerd] (root,0,0,00:00:00/39-14:36:36,342) [ata_sff] (root,0,0,00:00:00/39-14:36:35,343) [scsi_eh_0] (root,0,0,00:00:00/39-14:36:35,344) [scsi_tmf_0] (root,0,0,00:00:00/39-14:36:35,345) [scsi_eh_1] (root,0,0,00:00:00/39-14:36:35,346) [scsi_tmf_1] (root,0,0,00:01:05/39-14:36:33,366) [jbd2/vda1-8] (root,0,0,00:00:00/39-14:36:33,367) [ext4-rsv-conver] (root,38604,7788,00:00:54/39-14:36:21,440) /usr/lib/systemd/systemd-journald (root,53164,9480,00:00:04/39-14:36:20,456) /usr/lib/systemd/systemd-udevd (root,8624,6716,00:00:59/39-14:36:18,491) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1628,00:00:19/39-14:35:44,512) /sbin/auditd (messagebus,22936,5548,00:01:45/39-14:35:44,518) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38748,8524,00:01:01/39-14:35:44,531) /usr/lib/systemd/systemd-logind (root,20556,5000,00:00:00/39-14:35:44,541) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,31876,16108,00:00:03/39-14:35:43,626) /usr/sbin/wickedd --systemd --foreground (root,31896,16848,00:00:00/39-14:35:43,627) /usr/sbin/wickedd-nanny --systemd --foreground (root,548616,32972,00:00:44/39-14:35:29,1172) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26404,00:00:00/39-14:35:29,1185) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4576,00:03:45/39-14:35:28,1194) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1744,00:00:00/39-14:35:28,1197) /sbin/agetty -o -p -- \u --noclear tty1 linux (syslogtunnel,40568,10524,00:00:00/39-14:35:28,1199) /usr/lib/systemd/systemd --user (cm-ssh,40568,10520,00:00:00/39-14:35:28,1200) /usr/lib/systemd/systemd --user (checkmk,40560,10484,00:00:00/39-14:35:28,1201) /usr/lib/systemd/systemd --user (root,448968,8396,00:00:50/39-14:35:28,1202) /usr/sbin/rsyslogd -n -iNONE (ntp,20660,6052,00:05:23/39-14:35:28,1204) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (root,2516,672,00:00:00/39-14:35:28,1206) bpfilter_umh (root,26204,8212,00:00:16/39-14:35:28,1214) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,22048,4188,00:00:00/39-14:35:28,1215) ntpd: asynchronous dns resolver (spot,299392,183072,2-02:58:41/39-14:35:28,1221) /usr/bin/python3.11 /usr/bin/spot (cm-ssh,48532,3192,00:00:00/39-14:35:27,1228) (sd-pam) (checkmk,48532,3192,00:00:00/39-14:35:27,1229) (sd-pam) (syslogtunnel,48532,3192,00:00:00/39-14:35:27,1245) (sd-pam) (root,6656,3484,00:00:00/00:00,1255) /bin/bash /usr/bin/check_mk_agent (root,13744,3488,00:00:00/00:00,1273) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,964,00:00:00/00:00,1274) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,24216,5344,00:00:13/39-14:35:26,1325) /usr/lib/postfix/bin//master -w (postfix,24292,8260,00:00:02/39-14:35:26,1327) qmgr -l -t fifo -u (root,8964,2668,00:00:05/39-14:35:25,1354) /usr/sbin/cron -n (root,698484,82656,00:51:44/39-14:35:19,1375) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,225728,66924,00:17:03/39-14:35:05,1380) /usr/bin/python3.11 /usr/bin/spot (root,0,0,00:00:01/01:59:27,2674) [kworker/0:2-events] (root,0,0,00:00:00/40:08,5528) [kworker/1:2-events] (root,0,0,00:00:00/05:55,7221) [kworker/3:0-events] (root,0,0,00:00:00/01:33:43,9266) [kworker/u8:0-flush-253:0] (root,0,0,00:00:00/01:56,10883) [kworker/0:1] (root,0,0,00:00:00/24:56,12385) [kworker/0:0-cgroup_destroy] (postfix,24244,8292,00:00:00/03:57,13685) pickup -l -t fifo -u (root,0,0,00:00:00/02:07:29,15256) [kworker/u8:2-ext4-rsv-conversion] (root,35308,10012,00:00:00/33-12:26:21,15389) sshd: cm-ssh [priv] (cm-ssh,35308,5508,00:01:51/33-12:26:20,15391) sshd: cm-ssh (root,0,0,00:00:00/03:49,15706) [kworker/1:1-ata_sff] (root,35308,10072,00:00:00/23-13:54:59,16975) sshd: syslogtunnel [priv] (syslogtunnel,35308,5588,00:01:22/23-13:54:58,16977) sshd: syslogtunnel (root,0,0,00:00:00/44:57,19043) [kworker/3:2-cgroup_destroy] (root,0,0,00:00:00/12:19,24965) [kworker/2:0-events] (root,0,0,00:00:00/20:50,29419) [kworker/2:2-cgroup_destroy] (postfix,44628,9272,00:00:01/33-19:12:06,30472) tlsmgr -l -t unix -u (root,0,0,00:00:00/09:02,31013) [kworker/1:0-ata_sff] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether d2:d8:79:3d:79:c8 brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 42:10:47:e6:ef:4b brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-12-22 00:58 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe568363fb42d0a7Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12576,00:01:26/37-14:05:17,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:01/37-14:05:17,2) [kthreadd] (root,0,0,00:00:00/37-14:05:17,3) [rcu_gp] (root,0,0,00:00:00/37-14:05:17,4) [rcu_par_gp] (root,0,0,00:00:00/37-14:05:17,5) [slub_flushwq] (root,0,0,00:00:00/37-14:05:17,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/37-14:05:17,9) [mm_percpu_wq] (root,0,0,00:00:00/37-14:05:17,10) [rcu_tasks_kthre] (root,0,0,00:00:00/37-14:05:17,11) [rcu_tasks_rude_] (root,0,0,00:00:00/37-14:05:17,12) [rcu_tasks_trace] (root,0,0,00:01:09/37-14:05:17,13) [ksoftirqd/0] (root,0,0,01:39:42/37-14:05:17,14) [rcu_preempt] (root,0,0,00:00:14/37-14:05:17,15) [migration/0] (root,0,0,00:00:00/37-14:05:17,16) [idle_inject/0] (root,0,0,00:00:00/37-14:05:17,18) [cpuhp/0] (root,0,0,00:00:00/37-14:05:17,19) [cpuhp/1] (root,0,0,00:00:00/37-14:05:17,20) [idle_inject/1] (root,0,0,00:00:14/37-14:05:17,21) [migration/1] (root,0,0,00:01:00/37-14:05:17,22) [ksoftirqd/1] (root,0,0,00:00:00/37-14:05:17,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/37-14:05:17,25) [cpuhp/2] (root,0,0,00:00:00/37-14:05:17,26) [idle_inject/2] (root,0,0,00:00:11/37-14:05:17,27) [migration/2] (root,0,0,01:10:40/37-14:05:17,28) [ksoftirqd/2] (root,0,0,00:00:00/37-14:05:17,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/37-14:05:17,31) [cpuhp/3] (root,0,0,00:00:00/37-14:05:17,32) [idle_inject/3] (root,0,0,00:00:14/37-14:05:17,33) [migration/3] (root,0,0,00:03:20/37-14:05:17,34) [ksoftirqd/3] (root,0,0,00:00:00/37-14:05:17,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/37-14:05:17,39) [kdevtmpfs] (root,0,0,00:00:00/37-14:05:17,40) [netns] (root,0,0,00:00:00/37-14:05:17,41) [inet_frag_wq] (root,0,0,00:00:08/37-14:05:17,42) [kauditd] (root,0,0,00:00:00/37-14:05:17,43) [khungtaskd] (root,0,0,00:00:00/37-14:05:17,44) [oom_reaper] (root,0,0,00:00:00/37-14:05:17,45) [writeback] (root,0,0,00:01:50/37-14:05:17,46) [kcompactd0] (root,0,0,00:00:00/37-14:05:17,47) [ksmd] (root,0,0,00:01:50/37-14:05:17,48) [khugepaged] (root,0,0,00:00:00/37-14:05:17,74) [kintegrityd] (root,0,0,00:00:00/37-14:05:17,75) [kblockd] (root,0,0,00:00:00/37-14:05:17,76) [blkcg_punt_bio] (root,0,0,00:00:00/37-14:05:17,78) [tpm_dev_wq] (root,0,0,00:00:00/37-14:05:17,79) [edac-poller] (root,0,0,00:00:00/37-14:05:17,80) [devfreq_wq] (root,0,0,00:00:00/37-14:05:17,110) [watchdogd] (root,0,0,00:00:07/37-14:05:17,111) [kworker/2:1H-kblockd] (root,0,0,00:00:02/37-14:05:17,112) [kswapd0] (root,0,0,00:00:00/37-14:05:16,114) [kthrotld] (root,0,0,00:00:00/37-14:05:16,115) [mld] (root,0,0,00:00:00/37-14:05:16,116) [ipv6_addrconf] (root,0,0,00:00:16/37-14:05:16,117) [kworker/1:1H-kblockd] (root,0,0,00:00:00/37-14:05:16,122) [kstrp] (root,0,0,00:00:00/37-14:05:16,123) [zswap-shrink] (root,0,0,00:00:00/37-14:05:16,124) [kworker/u9:0] (root,0,0,00:00:00/37-14:05:16,129) [charger_manager] (root,0,0,00:00:08/37-14:05:15,172) [kworker/3:1H-kblockd] (root,0,0,00:00:08/37-14:05:15,175) [kworker/0:1H-kblockd] (root,0,0,00:00:00/37-14:05:15,205) [kaluad] (root,0,0,00:00:00/37-14:05:15,250) [kmpath_rdacd] (root,0,0,00:00:00/37-14:05:15,293) [kmpathd] (root,0,0,00:00:00/37-14:05:15,294) [kmpath_handlerd] (root,0,0,00:00:00/37-14:05:15,342) [ata_sff] (root,0,0,00:00:00/37-14:05:14,343) [scsi_eh_0] (root,0,0,00:00:00/37-14:05:14,344) [scsi_tmf_0] (root,0,0,00:00:00/37-14:05:14,345) [scsi_eh_1] (root,0,0,00:00:00/37-14:05:14,346) [scsi_tmf_1] (root,0,0,00:01:01/37-14:05:12,366) [jbd2/vda1-8] (root,0,0,00:00:00/37-14:05:12,367) [ext4-rsv-conver] (root,38604,7788,00:00:48/37-14:05:00,440) /usr/lib/systemd/systemd-journald (root,53164,9480,00:00:04/37-14:04:59,456) /usr/lib/systemd/systemd-udevd (root,8624,6716,00:00:56/37-14:04:57,491) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1628,00:00:17/37-14:04:23,512) /sbin/auditd (messagebus,22936,5548,00:01:32/37-14:04:23,518) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38748,8524,00:00:54/37-14:04:23,531) /usr/lib/systemd/systemd-logind (root,20556,5000,00:00:00/37-14:04:23,541) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,31876,16108,00:00:03/37-14:04:22,626) /usr/sbin/wickedd --systemd --foreground (root,31896,16848,00:00:00/37-14:04:22,627) /usr/sbin/wickedd-nanny --systemd --foreground (root,548616,32972,00:00:42/37-14:04:08,1172) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26404,00:00:00/37-14:04:08,1185) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4576,00:03:32/37-14:04:07,1194) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1744,00:00:00/37-14:04:07,1197) /sbin/agetty -o -p -- \u --noclear tty1 linux (syslogtunnel,40568,10524,00:00:00/37-14:04:07,1199) /usr/lib/systemd/systemd --user (cm-ssh,40568,10520,00:00:00/37-14:04:07,1200) /usr/lib/systemd/systemd --user (checkmk,40560,10484,00:00:00/37-14:04:07,1201) /usr/lib/systemd/systemd --user (root,448968,8396,00:00:46/37-14:04:07,1202) /usr/sbin/rsyslogd -n -iNONE (ntp,20660,6052,00:05:06/37-14:04:07,1204) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (root,2516,672,00:00:00/37-14:04:07,1206) bpfilter_umh (root,26204,8212,00:00:14/37-14:04:07,1214) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,22048,4188,00:00:00/37-14:04:07,1215) ntpd: asynchronous dns resolver (spot,296352,182132,1-23:13:59/37-14:04:07,1221) /usr/bin/python3.11 /usr/bin/spot (cm-ssh,48532,3192,00:00:00/37-14:04:06,1228) (sd-pam) (checkmk,48532,3192,00:00:00/37-14:04:06,1229) (sd-pam) (syslogtunnel,48532,3192,00:00:00/37-14:04:06,1245) (sd-pam) (root,24216,5344,00:00:12/37-14:04:05,1325) /usr/lib/postfix/bin//master -w (postfix,24292,8260,00:00:02/37-14:04:05,1327) qmgr -l -t fifo -u (root,8964,2668,00:00:05/37-14:04:04,1354) /usr/sbin/cron -n (root,698484,82412,00:49:06/37-14:03:58,1375) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,224704,66044,00:16:08/37-14:03:44,1380) /usr/bin/python3.11 /usr/bin/spot (root,0,0,00:00:00/04:53,2838) [kworker/3:1-mm_percpu_wq] (root,0,0,00:00:00/04:18,4583) [kworker/u8:1-ext4-rsv-conversion] (root,0,0,00:00:00/03:56,6208) [kworker/1:2-ata_sff] (root,0,0,00:00:00/02:47,10180) [kworker/2:2-events] (root,0,0,00:00:00/01:39:07,13355) [kworker/3:0-cgroup_destroy] (root,35308,10012,00:00:00/31-11:55:00,15389) sshd: cm-ssh [priv] (cm-ssh,35308,5508,00:01:44/31-11:54:59,15391) sshd: cm-ssh (root,0,0,00:00:00/11:59,16397) [kworker/u8:0-flush-253:0] (root,35308,10072,00:00:00/21-13:23:38,16975) sshd: syslogtunnel [priv] (syslogtunnel,35308,5588,00:01:14/21-13:23:37,16977) sshd: syslogtunnel (root,0,0,00:00:00/01:47:19,17446) [kworker/0:2-events] (root,0,0,00:00:00/11:00,18386) [kworker/3:2-events] (root,6656,3480,00:00:00/00:00,18856) /bin/bash /usr/bin/check_mk_agent (root,13744,3516,00:00:00/00:00,18874) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,968,00:00:00/00:00,18875) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,0,0,00:00:00/41:56,19242) [kworker/u8:2-ext4-rsv-conversion] (root,0,0,00:00:00/55:49,21022) [kworker/1:1-events] (postfix,24244,8204,00:00:00/01:34:39,22497) pickup -l -t fifo -u (root,0,0,00:00:00/23:15,23807) [kworker/2:0-events] (root,0,0,00:00:00/09:06,26762) [kworker/1:0-ata_sff] (root,0,0,00:00:00/21:13,26953) [kworker/0:1-cgroup_destroy] (postfix,44628,9272,00:00:01/31-18:40:45,30472) tlsmgr -l -t unix -u (root,0,0,00:00:02/01:51:19,32596) [kworker/2:1-events] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether d2:d8:79:3d:79:c8 brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 42:10:47:e6:ef:4b brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-12-20 00:27 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe5683636e7b1bf9Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12576,00:01:22/35-15:07:55,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:00/35-15:07:55,2) [kthreadd] (root,0,0,00:00:00/35-15:07:55,3) [rcu_gp] (root,0,0,00:00:00/35-15:07:55,4) [rcu_par_gp] (root,0,0,00:00:00/35-15:07:55,5) [slub_flushwq] (root,0,0,00:00:00/35-15:07:55,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/35-15:07:55,9) [mm_percpu_wq] (root,0,0,00:00:00/35-15:07:55,10) [rcu_tasks_kthre] (root,0,0,00:00:00/35-15:07:55,11) [rcu_tasks_rude_] (root,0,0,00:00:00/35-15:07:55,12) [rcu_tasks_trace] (root,0,0,00:01:05/35-15:07:55,13) [ksoftirqd/0] (root,0,0,01:34:28/35-15:07:55,14) [rcu_preempt] (root,0,0,00:00:13/35-15:07:55,15) [migration/0] (root,0,0,00:00:00/35-15:07:55,16) [idle_inject/0] (root,0,0,00:00:00/35-15:07:55,18) [cpuhp/0] (root,0,0,00:00:00/35-15:07:55,19) [cpuhp/1] (root,0,0,00:00:00/35-15:07:55,20) [idle_inject/1] (root,0,0,00:00:14/35-15:07:55,21) [migration/1] (root,0,0,00:00:57/35-15:07:55,22) [ksoftirqd/1] (root,0,0,00:00:00/35-15:07:55,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/35-15:07:55,25) [cpuhp/2] (root,0,0,00:00:00/35-15:07:55,26) [idle_inject/2] (root,0,0,00:00:11/35-15:07:55,27) [migration/2] (root,0,0,01:07:41/35-15:07:55,28) [ksoftirqd/2] (root,0,0,00:00:00/35-15:07:55,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/35-15:07:55,31) [cpuhp/3] (root,0,0,00:00:00/35-15:07:55,32) [idle_inject/3] (root,0,0,00:00:13/35-15:07:55,33) [migration/3] (root,0,0,00:03:11/35-15:07:55,34) [ksoftirqd/3] (root,0,0,00:00:00/35-15:07:55,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/35-15:07:55,39) [kdevtmpfs] (root,0,0,00:00:00/35-15:07:55,40) [netns] (root,0,0,00:00:00/35-15:07:55,41) [inet_frag_wq] (root,0,0,00:00:07/35-15:07:55,42) [kauditd] (root,0,0,00:00:00/35-15:07:55,43) [khungtaskd] (root,0,0,00:00:00/35-15:07:55,44) [oom_reaper] (root,0,0,00:00:00/35-15:07:55,45) [writeback] (root,0,0,00:01:45/35-15:07:55,46) [kcompactd0] (root,0,0,00:00:00/35-15:07:55,47) [ksmd] (root,0,0,00:01:43/35-15:07:55,48) [khugepaged] (root,0,0,00:00:00/35-15:07:55,74) [kintegrityd] (root,0,0,00:00:00/35-15:07:55,75) [kblockd] (root,0,0,00:00:00/35-15:07:55,76) [blkcg_punt_bio] (root,0,0,00:00:00/35-15:07:55,78) [tpm_dev_wq] (root,0,0,00:00:00/35-15:07:55,79) [edac-poller] (root,0,0,00:00:00/35-15:07:55,80) [devfreq_wq] (root,0,0,00:00:00/35-15:07:55,110) [watchdogd] (root,0,0,00:00:07/35-15:07:55,111) [kworker/2:1H-kblockd] (root,0,0,00:00:02/35-15:07:55,112) [kswapd0] (root,0,0,00:00:00/35-15:07:54,114) [kthrotld] (root,0,0,00:00:00/35-15:07:54,115) [mld] (root,0,0,00:00:00/35-15:07:54,116) [ipv6_addrconf] (root,0,0,00:00:15/35-15:07:54,117) [kworker/1:1H-kblockd] (root,0,0,00:00:00/35-15:07:54,122) [kstrp] (root,0,0,00:00:00/35-15:07:54,123) [zswap-shrink] (root,0,0,00:00:00/35-15:07:54,124) [kworker/u9:0] (root,0,0,00:00:00/35-15:07:54,129) [charger_manager] (root,0,0,00:00:07/35-15:07:53,172) [kworker/3:1H-kblockd] (root,0,0,00:00:08/35-15:07:53,175) [kworker/0:1H-kblockd] (root,0,0,00:00:00/35-15:07:53,205) [kaluad] (root,0,0,00:00:00/35-15:07:53,250) [kmpath_rdacd] (root,0,0,00:00:00/35-15:07:53,293) [kmpathd] (root,0,0,00:00:00/35-15:07:53,294) [kmpath_handlerd] (root,0,0,00:00:00/35-15:07:53,342) [ata_sff] (root,0,0,00:00:00/35-15:07:52,343) [scsi_eh_0] (root,0,0,00:00:00/35-15:07:52,344) [scsi_tmf_0] (root,0,0,00:00:00/35-15:07:52,345) [scsi_eh_1] (root,0,0,00:00:00/35-15:07:52,346) [scsi_tmf_1] (root,0,0,00:00:58/35-15:07:50,366) [jbd2/vda1-8] (root,0,0,00:00:00/35-15:07:50,367) [ext4-rsv-conver] (root,38604,7788,00:00:46/35-15:07:38,440) /usr/lib/systemd/systemd-journald (root,53164,9480,00:00:04/35-15:07:37,456) /usr/lib/systemd/systemd-udevd (root,8624,6716,00:00:53/35-15:07:35,491) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1628,00:00:16/35-15:07:01,512) /sbin/auditd (messagebus,22936,5548,00:01:28/35-15:07:01,518) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38748,8524,00:00:51/35-15:07:01,531) /usr/lib/systemd/systemd-logind (root,20556,5000,00:00:00/35-15:07:01,541) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,31876,16108,00:00:03/35-15:07:00,626) /usr/sbin/wickedd --systemd --foreground (root,31896,16848,00:00:00/35-15:07:00,627) /usr/sbin/wickedd-nanny --systemd --foreground (root,548616,32960,00:00:40/35-15:06:46,1172) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26404,00:00:00/35-15:06:46,1185) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4576,00:03:21/35-15:06:45,1194) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1744,00:00:00/35-15:06:45,1197) /sbin/agetty -o -p -- \u --noclear tty1 linux (syslogtunnel,40568,10524,00:00:00/35-15:06:45,1199) /usr/lib/systemd/systemd --user (cm-ssh,40568,10520,00:00:00/35-15:06:45,1200) /usr/lib/systemd/systemd --user (checkmk,40560,10484,00:00:00/35-15:06:45,1201) /usr/lib/systemd/systemd --user (root,448968,8396,00:00:44/35-15:06:45,1202) /usr/sbin/rsyslogd -n -iNONE (ntp,20660,6052,00:04:50/35-15:06:45,1204) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (root,2516,672,00:00:00/35-15:06:45,1206) bpfilter_umh (root,26204,8212,00:00:13/35-15:06:45,1214) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,22048,4188,00:00:00/35-15:06:45,1215) ntpd: asynchronous dns resolver (spot,293352,179972,1-20:12:40/35-15:06:45,1221) /usr/bin/python3.11 /usr/bin/spot (cm-ssh,48532,3192,00:00:00/35-15:06:44,1228) (sd-pam) (checkmk,48532,3192,00:00:00/35-15:06:44,1229) (sd-pam) (syslogtunnel,48532,3192,00:00:00/35-15:06:44,1245) (sd-pam) (root,24216,5344,00:00:11/35-15:06:43,1325) /usr/lib/postfix/bin//master -w (postfix,24292,8260,00:00:02/35-15:06:43,1327) qmgr -l -t fifo -u (root,8964,2668,00:00:04/35-15:06:42,1354) /usr/sbin/cron -n (root,698228,81996,00:46:34/35-15:06:36,1375) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,223680,64164,00:15:16/35-15:06:22,1380) /usr/bin/python3.11 /usr/bin/spot (root,0,0,00:00:00/50:29,7081) [kworker/1:1-events] (root,0,0,00:00:00/08:59,10260) [kworker/1:0-ata_sff] (root,0,0,00:00:00/59:37,10630) [kworker/u8:2-ext4-rsv-conversion] (root,6656,3484,00:00:00/00:00,10799) /bin/bash /usr/bin/check_mk_agent (root,13744,3504,00:00:00/00:00,10817) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,964,00:00:00/00:00,10818) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,35308,10012,00:00:00/29-12:57:38,15389) sshd: cm-ssh [priv] (cm-ssh,35308,5508,00:01:37/29-12:57:37,15391) sshd: cm-ssh (root,0,0,00:00:00/04:43:11,15974) [kworker/u8:1-writeback] (postfix,24244,8228,00:00:00/01:19:03,16513) pickup -l -t fifo -u (root,35308,10072,00:00:00/19-14:26:16,16975) sshd: syslogtunnel [priv] (syslogtunnel,35308,5588,00:01:07/19-14:26:15,16977) sshd: syslogtunnel (root,0,0,00:00:00/44:36,19051) [kworker/0:0-events] (root,0,0,00:00:00/13:47,25607) [kworker/2:2] (root,0,0,00:00:00/02:01:28,25943) [kworker/3:1] (root,0,0,00:00:00/03:47,28071) [kworker/1:2-ata_sff] (root,0,0,00:00:00/02:29:57,29889) [kworker/3:0-events] (postfix,44628,9272,00:00:01/29-19:43:23,30472) tlsmgr -l -t unix -u (root,0,0,00:00:00/01:38:26,31877) [kworker/0:1-events] (root,0,0,00:00:00/21:23,32365) [kworker/2:1-events] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether d2:d8:79:3d:79:c8 brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 42:10:47:e6:ef:4b brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-12-18 01:30 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe568363f598da4cFound public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12576,00:01:18/33-12:52:44,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:00/33-12:52:44,2) [kthreadd] (root,0,0,00:00:00/33-12:52:44,3) [rcu_gp] (root,0,0,00:00:00/33-12:52:44,4) [rcu_par_gp] (root,0,0,00:00:00/33-12:52:44,5) [slub_flushwq] (root,0,0,00:00:00/33-12:52:44,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/33-12:52:44,9) [mm_percpu_wq] (root,0,0,00:00:00/33-12:52:44,10) [rcu_tasks_kthre] (root,0,0,00:00:00/33-12:52:44,11) [rcu_tasks_rude_] (root,0,0,00:00:00/33-12:52:44,12) [rcu_tasks_trace] (root,0,0,00:01:01/33-12:52:44,13) [ksoftirqd/0] (root,0,0,01:29:04/33-12:52:44,14) [rcu_preempt] (root,0,0,00:00:12/33-12:52:44,15) [migration/0] (root,0,0,00:00:00/33-12:52:44,16) [idle_inject/0] (root,0,0,00:00:00/33-12:52:44,18) [cpuhp/0] (root,0,0,00:00:00/33-12:52:44,19) [cpuhp/1] (root,0,0,00:00:00/33-12:52:44,20) [idle_inject/1] (root,0,0,00:00:13/33-12:52:44,21) [migration/1] (root,0,0,00:00:53/33-12:52:44,22) [ksoftirqd/1] (root,0,0,00:00:00/33-12:52:44,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/33-12:52:44,25) [cpuhp/2] (root,0,0,00:00:00/33-12:52:44,26) [idle_inject/2] (root,0,0,00:00:10/33-12:52:44,27) [migration/2] (root,0,0,01:04:48/33-12:52:44,28) [ksoftirqd/2] (root,0,0,00:00:00/33-12:52:44,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/33-12:52:44,31) [cpuhp/3] (root,0,0,00:00:00/33-12:52:44,32) [idle_inject/3] (root,0,0,00:00:12/33-12:52:44,33) [migration/3] (root,0,0,00:03:01/33-12:52:44,34) [ksoftirqd/3] (root,0,0,00:00:00/33-12:52:44,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/33-12:52:44,39) [kdevtmpfs] (root,0,0,00:00:00/33-12:52:44,40) [netns] (root,0,0,00:00:00/33-12:52:44,41) [inet_frag_wq] (root,0,0,00:00:07/33-12:52:44,42) [kauditd] (root,0,0,00:00:00/33-12:52:44,43) [khungtaskd] (root,0,0,00:00:00/33-12:52:44,44) [oom_reaper] (root,0,0,00:00:00/33-12:52:44,45) [writeback] (root,0,0,00:01:38/33-12:52:44,46) [kcompactd0] (root,0,0,00:00:00/33-12:52:44,47) [ksmd] (root,0,0,00:01:37/33-12:52:44,48) [khugepaged] (root,0,0,00:00:00/33-12:52:44,74) [kintegrityd] (root,0,0,00:00:00/33-12:52:44,75) [kblockd] (root,0,0,00:00:00/33-12:52:44,76) [blkcg_punt_bio] (root,0,0,00:00:00/33-12:52:44,78) [tpm_dev_wq] (root,0,0,00:00:00/33-12:52:44,79) [edac-poller] (root,0,0,00:00:00/33-12:52:44,80) [devfreq_wq] (root,0,0,00:00:00/33-12:52:44,110) [watchdogd] (root,0,0,00:00:07/33-12:52:44,111) [kworker/2:1H-kblockd] (root,0,0,00:00:02/33-12:52:44,112) [kswapd0] (root,0,0,00:00:00/33-12:52:43,114) [kthrotld] (root,0,0,00:00:00/33-12:52:43,115) [mld] (root,0,0,00:00:00/33-12:52:43,116) [ipv6_addrconf] (root,0,0,00:00:14/33-12:52:43,117) [kworker/1:1H-kblockd] (root,0,0,00:00:00/33-12:52:43,122) [kstrp] (root,0,0,00:00:00/33-12:52:43,123) [zswap-shrink] (root,0,0,00:00:00/33-12:52:43,124) [kworker/u9:0] (root,0,0,00:00:00/33-12:52:43,129) [charger_manager] (root,0,0,00:00:07/33-12:52:42,172) [kworker/3:1H-kblockd] (root,0,0,00:00:07/33-12:52:42,175) [kworker/0:1H-kblockd] (root,0,0,00:00:00/33-12:52:42,205) [kaluad] (root,0,0,00:00:00/33-12:52:42,250) [kmpath_rdacd] (root,0,0,00:00:00/33-12:52:42,293) [kmpathd] (root,0,0,00:00:00/33-12:52:42,294) [kmpath_handlerd] (root,0,0,00:00:00/33-12:52:42,342) [ata_sff] (root,0,0,00:00:00/33-12:52:41,343) [scsi_eh_0] (root,0,0,00:00:00/33-12:52:41,344) [scsi_tmf_0] (root,0,0,00:00:00/33-12:52:41,345) [scsi_eh_1] (root,0,0,00:00:00/33-12:52:41,346) [scsi_tmf_1] (root,0,0,00:00:54/33-12:52:39,366) [jbd2/vda1-8] (root,0,0,00:00:00/33-12:52:39,367) [ext4-rsv-conver] (root,38604,7788,00:00:44/33-12:52:27,440) /usr/lib/systemd/systemd-journald (root,53164,9480,00:00:03/33-12:52:26,456) /usr/lib/systemd/systemd-udevd (root,8624,6716,00:00:50/33-12:52:24,491) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1628,00:00:16/33-12:51:50,512) /sbin/auditd (messagebus,22936,5548,00:01:25/33-12:51:50,518) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38748,8524,00:00:49/33-12:51:50,531) /usr/lib/systemd/systemd-logind (root,20556,5000,00:00:00/33-12:51:50,541) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,31876,16108,00:00:03/33-12:51:49,626) /usr/sbin/wickedd --systemd --foreground (root,31896,16848,00:00:00/33-12:51:49,627) /usr/sbin/wickedd-nanny --systemd --foreground (root,0,0,00:00:00/01:44:23,727) [kworker/u8:2-ext4-rsv-conversion] (root,548360,32524,00:00:38/33-12:51:35,1172) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26404,00:00:00/33-12:51:35,1185) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4576,00:03:08/33-12:51:34,1194) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1744,00:00:00/33-12:51:34,1197) /sbin/agetty -o -p -- \u --noclear tty1 linux (syslogtunnel,40568,10524,00:00:00/33-12:51:34,1199) /usr/lib/systemd/systemd --user (cm-ssh,40568,10520,00:00:00/33-12:51:34,1200) /usr/lib/systemd/systemd --user (checkmk,40560,10484,00:00:00/33-12:51:34,1201) /usr/lib/systemd/systemd --user (root,448968,8444,00:00:42/33-12:51:34,1202) /usr/sbin/rsyslogd -n -iNONE (ntp,20660,6052,00:04:34/33-12:51:34,1204) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (root,2516,672,00:00:00/33-12:51:34,1206) bpfilter_umh (root,26204,8212,00:00:13/33-12:51:34,1214) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,22048,4188,00:00:00/33-12:51:34,1215) ntpd: asynchronous dns resolver (spot,293176,179972,1-17:43:28/33-12:51:34,1221) /usr/bin/python3.11 /usr/bin/spot (cm-ssh,48532,3192,00:00:00/33-12:51:33,1228) (sd-pam) (checkmk,48532,3192,00:00:00/33-12:51:33,1229) (sd-pam) (syslogtunnel,48532,3192,00:00:00/33-12:51:33,1245) (sd-pam) (root,24216,5344,00:00:11/33-12:51:32,1325) /usr/lib/postfix/bin//master -w (postfix,24292,8260,00:00:02/33-12:51:32,1327) qmgr -l -t fifo -u (root,8964,2668,00:00:04/33-12:51:31,1354) /usr/sbin/cron -n (root,697972,81828,00:43:51/33-12:51:25,1375) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,222656,63272,00:14:25/33-12:51:11,1380) /usr/bin/python3.11 /usr/bin/spot (root,0,0,00:00:00/46:06,3524) [kworker/2:2-events] (root,0,0,00:00:00/25:39,7957) [kworker/1:0-events] (postfix,24244,8272,00:00:00/01:04:47,13877) pickup -l -t fifo -u (root,0,0,00:00:00/10:06,13940) [kworker/1:1-ata_sff] (root,0,0,00:00:00/14:46,14111) [kworker/u8:0-flush-253:0] (root,35308,10012,00:00:00/27-10:42:27,15389) sshd: cm-ssh [priv] (cm-ssh,35308,5508,00:01:31/27-10:42:26,15391) sshd: cm-ssh (root,0,0,00:00:00/04:53,16673) [kworker/1:2-ata_sff] (root,35308,10072,00:00:00/17-12:11:05,16975) sshd: syslogtunnel [priv] (syslogtunnel,35308,5588,00:01:00/17-12:11:04,16977) sshd: syslogtunnel (root,0,0,00:00:00/01:23:01,18088) [kworker/3:2-cgroup_destroy] (root,0,0,00:00:00/16:25,19428) [kworker/0:2-events] (root,0,0,00:00:03/01:52:41,24863) [kworker/2:1-events] (root,0,0,00:00:01/02:14:59,29457) [kworker/3:0-events] (postfix,44628,9316,00:00:01/27-17:28:12,30472) tlsmgr -l -t unix -u (root,0,0,00:00:00/23:52,31017) [kworker/0:1-events] (root,6656,3488,00:00:00/00:00,31436) /bin/bash /usr/bin/check_mk_agent (root,13744,3508,00:00:00/00:00,31454) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,964,00:00:00/00:00,31455) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether d2:d8:79:3d:79:c8 brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 42:10:47:e6:ef:4b brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-12-15 23:14 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe568363374b48e9Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12576,00:01:15/31-12:45:14,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:00/31-12:45:14,2) [kthreadd] (root,0,0,00:00:00/31-12:45:14,3) [rcu_gp] (root,0,0,00:00:00/31-12:45:14,4) [rcu_par_gp] (root,0,0,00:00:00/31-12:45:14,5) [slub_flushwq] (root,0,0,00:00:00/31-12:45:14,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/31-12:45:14,9) [mm_percpu_wq] (root,0,0,00:00:00/31-12:45:14,10) [rcu_tasks_kthre] (root,0,0,00:00:00/31-12:45:14,11) [rcu_tasks_rude_] (root,0,0,00:00:00/31-12:45:14,12) [rcu_tasks_trace] (root,0,0,00:00:57/31-12:45:14,13) [ksoftirqd/0] (root,0,0,01:23:50/31-12:45:14,14) [rcu_preempt] (root,0,0,00:00:11/31-12:45:14,15) [migration/0] (root,0,0,00:00:00/31-12:45:14,16) [idle_inject/0] (root,0,0,00:00:00/31-12:45:14,18) [cpuhp/0] (root,0,0,00:00:00/31-12:45:14,19) [cpuhp/1] (root,0,0,00:00:00/31-12:45:14,20) [idle_inject/1] (root,0,0,00:00:12/31-12:45:14,21) [migration/1] (root,0,0,00:00:50/31-12:45:14,22) [ksoftirqd/1] (root,0,0,00:00:00/31-12:45:14,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/31-12:45:14,25) [cpuhp/2] (root,0,0,00:00:00/31-12:45:14,26) [idle_inject/2] (root,0,0,00:00:09/31-12:45:14,27) [migration/2] (root,0,0,01:01:43/31-12:45:14,28) [ksoftirqd/2] (root,0,0,00:00:00/31-12:45:14,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/31-12:45:14,31) [cpuhp/3] (root,0,0,00:00:00/31-12:45:14,32) [idle_inject/3] (root,0,0,00:00:11/31-12:45:14,33) [migration/3] (root,0,0,00:02:51/31-12:45:14,34) [ksoftirqd/3] (root,0,0,00:00:00/31-12:45:14,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/31-12:45:14,39) [kdevtmpfs] (root,0,0,00:00:00/31-12:45:14,40) [netns] (root,0,0,00:00:00/31-12:45:14,41) [inet_frag_wq] (root,0,0,00:00:07/31-12:45:14,42) [kauditd] (root,0,0,00:00:00/31-12:45:14,43) [khungtaskd] (root,0,0,00:00:00/31-12:45:14,44) [oom_reaper] (root,0,0,00:00:00/31-12:45:14,45) [writeback] (root,0,0,00:01:32/31-12:45:14,46) [kcompactd0] (root,0,0,00:00:00/31-12:45:14,47) [ksmd] (root,0,0,00:01:31/31-12:45:14,48) [khugepaged] (root,0,0,00:00:00/31-12:45:14,74) [kintegrityd] (root,0,0,00:00:00/31-12:45:14,75) [kblockd] (root,0,0,00:00:00/31-12:45:14,76) [blkcg_punt_bio] (root,0,0,00:00:00/31-12:45:14,78) [tpm_dev_wq] (root,0,0,00:00:00/31-12:45:14,79) [edac-poller] (root,0,0,00:00:00/31-12:45:14,80) [devfreq_wq] (root,0,0,00:00:00/31-12:45:14,110) [watchdogd] (root,0,0,00:00:06/31-12:45:14,111) [kworker/2:1H-kblockd] (root,0,0,00:00:02/31-12:45:14,112) [kswapd0] (root,0,0,00:00:00/31-12:45:13,114) [kthrotld] (root,0,0,00:00:00/31-12:45:13,115) [mld] (root,0,0,00:00:00/31-12:45:13,116) [ipv6_addrconf] (root,0,0,00:00:13/31-12:45:13,117) [kworker/1:1H-kblockd] (root,0,0,00:00:00/31-12:45:13,122) [kstrp] (root,0,0,00:00:00/31-12:45:13,123) [zswap-shrink] (root,0,0,00:00:00/31-12:45:13,124) [kworker/u9:0] (root,0,0,00:00:00/31-12:45:13,129) [charger_manager] (root,0,0,00:00:07/31-12:45:12,172) [kworker/3:1H-kblockd] (root,0,0,00:00:07/31-12:45:12,175) [kworker/0:1H-kblockd] (root,0,0,00:00:00/31-12:45:12,205) [kaluad] (root,0,0,00:00:00/31-12:45:12,250) [kmpath_rdacd] (root,0,0,00:00:00/31-12:45:12,293) [kmpathd] (root,0,0,00:00:00/31-12:45:12,294) [kmpath_handlerd] (root,0,0,00:00:00/31-12:45:12,342) [ata_sff] (root,0,0,00:00:00/31-12:45:11,343) [scsi_eh_0] (root,0,0,00:00:00/31-12:45:11,344) [scsi_tmf_0] (root,0,0,00:00:00/31-12:45:11,345) [scsi_eh_1] (root,0,0,00:00:00/31-12:45:11,346) [scsi_tmf_1] (root,0,0,00:00:51/31-12:45:09,366) [jbd2/vda1-8] (root,0,0,00:00:00/31-12:45:09,367) [ext4-rsv-conver] (root,38604,7788,00:00:42/31-12:44:57,440) /usr/lib/systemd/systemd-journald (root,53164,9480,00:00:03/31-12:44:56,456) /usr/lib/systemd/systemd-udevd (root,8624,6716,00:00:47/31-12:44:54,491) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1628,00:00:15/31-12:44:20,512) /sbin/auditd (messagebus,22936,5548,00:01:21/31-12:44:20,518) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38748,8524,00:00:47/31-12:44:20,531) /usr/lib/systemd/systemd-logind (root,20556,5000,00:00:00/31-12:44:20,541) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,31876,16108,00:00:03/31-12:44:19,626) /usr/sbin/wickedd --systemd --foreground (root,31896,16848,00:00:00/31-12:44:19,627) /usr/sbin/wickedd-nanny --systemd --foreground (root,0,0,00:00:00/01:01:54,843) [kworker/u8:2-ext4-rsv-conversion] (root,548360,31484,00:00:35/31-12:44:05,1172) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26404,00:00:00/31-12:44:05,1185) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4576,00:02:55/31-12:44:04,1194) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1744,00:00:00/31-12:44:04,1197) /sbin/agetty -o -p -- \u --noclear tty1 linux (syslogtunnel,40568,10524,00:00:00/31-12:44:04,1199) /usr/lib/systemd/systemd --user (cm-ssh,40568,10520,00:00:00/31-12:44:04,1200) /usr/lib/systemd/systemd --user (checkmk,40560,10484,00:00:00/31-12:44:04,1201) /usr/lib/systemd/systemd --user (root,448968,8444,00:00:40/31-12:44:04,1202) /usr/sbin/rsyslogd -n -iNONE (ntp,20660,6052,00:04:17/31-12:44:04,1204) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (root,2516,672,00:00:00/31-12:44:04,1206) bpfilter_umh (root,26204,8212,00:00:12/31-12:44:04,1214) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,22048,4188,00:00:00/31-12:44:04,1215) ntpd: asynchronous dns resolver (spot,286504,173732,1-15:26:53/31-12:44:04,1221) /usr/bin/python3.11 /usr/bin/spot (cm-ssh,48532,3192,00:00:00/31-12:44:03,1228) (sd-pam) (checkmk,48532,3192,00:00:00/31-12:44:03,1229) (sd-pam) (syslogtunnel,48532,3192,00:00:00/31-12:44:03,1245) (sd-pam) (root,24216,5344,00:00:10/31-12:44:02,1325) /usr/lib/postfix/bin//master -w (postfix,24292,8260,00:00:02/31-12:44:02,1327) qmgr -l -t fifo -u (root,8964,2668,00:00:04/31-12:44:01,1354) /usr/sbin/cron -n (root,697972,81512,00:41:14/31-12:43:55,1375) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,221632,61380,00:13:37/31-12:43:41,1380) /usr/bin/python3.11 /usr/bin/spot (root,0,0,00:00:02/03:58:36,5886) [kworker/3:1-events] (root,0,0,00:00:02/03:36:05,8787) [kworker/0:2-cgroup_destroy] (root,0,0,00:00:01/01:01:00,11542) [kworker/2:0-events] (root,35308,10012,00:00:00/25-10:34:57,15389) sshd: cm-ssh [priv] (cm-ssh,35308,5508,00:01:24/25-10:34:56,15391) sshd: cm-ssh (root,0,0,00:00:00/01:11:52,16327) [kworker/u8:0-flush-253:0] (root,35308,10072,00:00:00/15-12:03:35,16975) sshd: syslogtunnel [priv] (syslogtunnel,35308,5588,00:00:53/15-12:03:34,16977) sshd: syslogtunnel (root,0,0,00:00:00/02:04,21948) [kworker/1:1-ata_sff] (root,0,0,00:00:00/07:16,22377) [kworker/0:1-events] (root,0,0,00:00:00/07:15,23196) [kworker/1:2-events] (root,0,0,00:00:00/01:27,24430) [kworker/3:0-events] (postfix,24244,8232,00:00:00/01:19:14,25164) pickup -l -t fifo -u (root,0,0,00:00:00/09:08,27074) [kworker/3:2-cgroup_destroy] (root,6656,3488,00:00:00/00:00,27114) /bin/bash /usr/bin/check_mk_agent (root,13744,3528,00:00:00/00:00,27132) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,968,00:00:00/00:00,27133) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,0,0,00:00:00/38:37,29649) [kworker/2:2-events] (postfix,44628,9316,00:00:01/25-17:20:42,30472) tlsmgr -l -t unix -u (root,0,0,00:00:00/38:24,31543) [kworker/1:0-ata_sff] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether d2:d8:79:3d:79:c8 brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 42:10:47:e6:ef:4b brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-12-13 23:07 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe568363d687ae56Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12576,00:01:11/29-11:46:58,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:00/29-11:46:58,2) [kthreadd] (root,0,0,00:00:00/29-11:46:58,3) [rcu_gp] (root,0,0,00:00:00/29-11:46:58,4) [rcu_par_gp] (root,0,0,00:00:00/29-11:46:58,5) [slub_flushwq] (root,0,0,00:00:00/29-11:46:58,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/29-11:46:58,9) [mm_percpu_wq] (root,0,0,00:00:00/29-11:46:58,10) [rcu_tasks_kthre] (root,0,0,00:00:00/29-11:46:58,11) [rcu_tasks_rude_] (root,0,0,00:00:00/29-11:46:58,12) [rcu_tasks_trace] (root,0,0,00:00:52/29-11:46:58,13) [ksoftirqd/0] (root,0,0,01:18:33/29-11:46:58,14) [rcu_preempt] (root,0,0,00:00:11/29-11:46:58,15) [migration/0] (root,0,0,00:00:00/29-11:46:58,16) [idle_inject/0] (root,0,0,00:00:00/29-11:46:58,18) [cpuhp/0] (root,0,0,00:00:00/29-11:46:58,19) [cpuhp/1] (root,0,0,00:00:00/29-11:46:58,20) [idle_inject/1] (root,0,0,00:00:11/29-11:46:58,21) [migration/1] (root,0,0,00:00:46/29-11:46:58,22) [ksoftirqd/1] (root,0,0,00:00:00/29-11:46:58,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/29-11:46:58,25) [cpuhp/2] (root,0,0,00:00:00/29-11:46:58,26) [idle_inject/2] (root,0,0,00:00:09/29-11:46:58,27) [migration/2] (root,0,0,00:57:55/29-11:46:58,28) [ksoftirqd/2] (root,0,0,00:00:00/29-11:46:58,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/29-11:46:58,31) [cpuhp/3] (root,0,0,00:00:00/29-11:46:58,32) [idle_inject/3] (root,0,0,00:00:11/29-11:46:58,33) [migration/3] (root,0,0,00:02:39/29-11:46:58,34) [ksoftirqd/3] (root,0,0,00:00:00/29-11:46:58,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/29-11:46:58,39) [kdevtmpfs] (root,0,0,00:00:00/29-11:46:58,40) [netns] (root,0,0,00:00:00/29-11:46:58,41) [inet_frag_wq] (root,0,0,00:00:06/29-11:46:58,42) [kauditd] (root,0,0,00:00:00/29-11:46:58,43) [khungtaskd] (root,0,0,00:00:00/29-11:46:58,44) [oom_reaper] (root,0,0,00:00:00/29-11:46:58,45) [writeback] (root,0,0,00:01:26/29-11:46:58,46) [kcompactd0] (root,0,0,00:00:00/29-11:46:58,47) [ksmd] (root,0,0,00:01:25/29-11:46:58,48) [khugepaged] (root,0,0,00:00:00/29-11:46:58,74) [kintegrityd] (root,0,0,00:00:00/29-11:46:58,75) [kblockd] (root,0,0,00:00:00/29-11:46:58,76) [blkcg_punt_bio] (root,0,0,00:00:00/29-11:46:58,78) [tpm_dev_wq] (root,0,0,00:00:00/29-11:46:58,79) [edac-poller] (root,0,0,00:00:00/29-11:46:58,80) [devfreq_wq] (root,0,0,00:00:00/29-11:46:58,110) [watchdogd] (root,0,0,00:00:06/29-11:46:58,111) [kworker/2:1H-kblockd] (root,0,0,00:00:02/29-11:46:58,112) [kswapd0] (root,0,0,00:00:00/29-11:46:57,114) [kthrotld] (root,0,0,00:00:00/29-11:46:57,115) [mld] (root,0,0,00:00:00/29-11:46:57,116) [ipv6_addrconf] (root,0,0,00:00:12/29-11:46:57,117) [kworker/1:1H-kblockd] (root,0,0,00:00:00/29-11:46:57,122) [kstrp] (root,0,0,00:00:00/29-11:46:57,123) [zswap-shrink] (root,0,0,00:00:00/29-11:46:57,124) [kworker/u9:0] (root,0,0,00:00:00/29-11:46:57,129) [charger_manager] (root,0,0,00:00:06/29-11:46:56,172) [kworker/3:1H-kblockd] (root,0,0,00:00:06/29-11:46:56,175) [kworker/0:1H-kblockd] (root,0,0,00:00:00/29-11:46:56,205) [kaluad] (root,0,0,00:00:00/29-11:46:56,250) [kmpath_rdacd] (root,0,0,00:00:00/29-11:46:56,293) [kmpathd] (root,0,0,00:00:00/29-11:46:56,294) [kmpath_handlerd] (root,0,0,00:00:00/29-11:46:56,342) [ata_sff] (root,0,0,00:00:00/29-11:46:55,343) [scsi_eh_0] (root,0,0,00:00:00/29-11:46:55,344) [scsi_tmf_0] (root,0,0,00:00:00/29-11:46:55,345) [scsi_eh_1] (root,0,0,00:00:00/29-11:46:55,346) [scsi_tmf_1] (root,0,0,00:00:48/29-11:46:53,366) [jbd2/vda1-8] (root,0,0,00:00:00/29-11:46:53,367) [ext4-rsv-conver] (root,38604,7788,00:00:40/29-11:46:41,440) /usr/lib/systemd/systemd-journald (root,53164,9480,00:00:03/29-11:46:40,456) /usr/lib/systemd/systemd-udevd (root,8624,6716,00:00:44/29-11:46:38,491) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1628,00:00:14/29-11:46:04,512) /sbin/auditd (messagebus,22936,5548,00:01:18/29-11:46:04,518) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38748,8524,00:00:45/29-11:46:04,531) /usr/lib/systemd/systemd-logind (root,20556,5000,00:00:00/29-11:46:04,541) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,31876,16108,00:00:03/29-11:46:03,626) /usr/sbin/wickedd --systemd --foreground (root,31896,16848,00:00:00/29-11:46:03,627) /usr/sbin/wickedd-nanny --systemd --foreground (root,548360,31484,00:00:33/29-11:45:49,1172) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26404,00:00:00/29-11:45:49,1185) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4572,00:02:40/29-11:45:48,1194) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1744,00:00:00/29-11:45:48,1197) /sbin/agetty -o -p -- \u --noclear tty1 linux (syslogtunnel,40568,10524,00:00:00/29-11:45:48,1199) /usr/lib/systemd/systemd --user (cm-ssh,40568,10520,00:00:00/29-11:45:48,1200) /usr/lib/systemd/systemd --user (checkmk,40560,10484,00:00:00/29-11:45:48,1201) /usr/lib/systemd/systemd --user (root,448968,8444,00:00:38/29-11:45:48,1202) /usr/sbin/rsyslogd -n -iNONE (ntp,20660,6052,00:04:01/29-11:45:48,1204) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (root,2516,672,00:00:00/29-11:45:48,1206) bpfilter_umh (root,26204,8212,00:00:12/29-11:45:48,1214) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,22048,4188,00:00:00/29-11:45:48,1215) ntpd: asynchronous dns resolver (spot,291548,178800,1-12:53:12/29-11:45:48,1221) /usr/bin/python3.11 /usr/bin/spot (cm-ssh,48532,3192,00:00:00/29-11:45:47,1228) (sd-pam) (checkmk,48532,3192,00:00:00/29-11:45:47,1229) (sd-pam) (syslogtunnel,48532,3192,00:00:00/29-11:45:47,1245) (sd-pam) (root,24216,5344,00:00:09/29-11:45:46,1325) /usr/lib/postfix/bin//master -w (postfix,24292,8260,00:00:02/29-11:45:46,1327) qmgr -l -t fifo -u (root,8964,2668,00:00:04/29-11:45:45,1354) /usr/sbin/cron -n (root,697576,81128,00:38:34/29-11:45:39,1375) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,220608,60492,00:12:51/29-11:45:25,1380) /usr/bin/python3.11 /usr/bin/spot (root,0,0,00:00:00/00:22,1609) [kworker/1:2-ata_sff] (root,6656,3488,00:00:00/00:00,2632) /bin/bash /usr/bin/check_mk_agent (root,13744,3436,00:00:00/00:00,2650) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,960,00:00:00/00:00,2651) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,0,0,00:00:00/09:01:12,6101) [kworker/0:2-events] (root,0,0,00:00:00/54:05,8802) [kworker/u8:0] (root,0,0,00:00:00/05:33,14726) [kworker/1:1-ata_sff] (root,0,0,00:00:00/13:59,14764) [kworker/3:0-events] (root,35308,10012,00:00:00/23-09:36:41,15389) sshd: cm-ssh [priv] (cm-ssh,35308,5508,00:01:17/23-09:36:40,15391) sshd: cm-ssh (root,35308,10072,00:00:00/13-11:05:19,16975) sshd: syslogtunnel [priv] (syslogtunnel,35308,5588,00:00:46/13-11:05:18,16977) sshd: syslogtunnel (root,0,0,00:00:00/04:29:31,20264) [kworker/0:1-events] (root,0,0,00:00:00/04:22:21,20750) [kworker/3:2-events] (postfix,24244,8204,00:00:00/42:49,22540) pickup -l -t fifo -u (root,0,0,00:00:00/28:38,26154) [kworker/2:1-cgroup_destroy] (root,0,0,00:00:06/14:06:04,29407) [kworker/1:0-events] (postfix,44628,9316,00:00:01/23-16:22:26,30472) tlsmgr -l -t unix -u (root,0,0,00:00:01/01:32:42,31583) [kworker/2:2-events] (root,0,0,00:00:00/01:18:40,32428) [kworker/u8:2-flush-253:0] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether d2:d8:79:3d:79:c8 brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 42:10:47:e6:ef:4b brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-12-11 22:09 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe5683630e2622c9Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12816,00:01:04/25-14:20:33,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:00/25-14:20:33,2) [kthreadd] (root,0,0,00:00:00/25-14:20:33,3) [rcu_gp] (root,0,0,00:00:00/25-14:20:33,4) [rcu_par_gp] (root,0,0,00:00:00/25-14:20:33,5) [slub_flushwq] (root,0,0,00:00:00/25-14:20:33,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/25-14:20:33,9) [mm_percpu_wq] (root,0,0,00:00:00/25-14:20:33,10) [rcu_tasks_kthre] (root,0,0,00:00:00/25-14:20:33,11) [rcu_tasks_rude_] (root,0,0,00:00:00/25-14:20:33,12) [rcu_tasks_trace] (root,0,0,00:00:46/25-14:20:33,13) [ksoftirqd/0] (root,0,0,01:08:25/25-14:20:33,14) [rcu_preempt] (root,0,0,00:00:09/25-14:20:33,15) [migration/0] (root,0,0,00:00:00/25-14:20:33,16) [idle_inject/0] (root,0,0,00:00:00/25-14:20:33,18) [cpuhp/0] (root,0,0,00:00:00/25-14:20:33,19) [cpuhp/1] (root,0,0,00:00:00/25-14:20:33,20) [idle_inject/1] (root,0,0,00:00:10/25-14:20:33,21) [migration/1] (root,0,0,00:00:40/25-14:20:33,22) [ksoftirqd/1] (root,0,0,00:00:00/25-14:20:33,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/25-14:20:33,25) [cpuhp/2] (root,0,0,00:00:00/25-14:20:33,26) [idle_inject/2] (root,0,0,00:00:08/25-14:20:33,27) [migration/2] (root,0,0,00:52:17/25-14:20:33,28) [ksoftirqd/2] (root,0,0,00:00:00/25-14:20:33,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/25-14:20:33,31) [cpuhp/3] (root,0,0,00:00:00/25-14:20:33,32) [idle_inject/3] (root,0,0,00:00:09/25-14:20:33,33) [migration/3] (root,0,0,00:02:22/25-14:20:33,34) [ksoftirqd/3] (root,0,0,00:00:00/25-14:20:33,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/25-14:20:33,39) [kdevtmpfs] (root,0,0,00:00:00/25-14:20:33,40) [netns] (root,0,0,00:00:00/25-14:20:33,41) [inet_frag_wq] (root,0,0,00:00:06/25-14:20:33,42) [kauditd] (root,0,0,00:00:00/25-14:20:33,43) [khungtaskd] (root,0,0,00:00:00/25-14:20:33,44) [oom_reaper] (root,0,0,00:00:00/25-14:20:33,45) [writeback] (root,0,0,00:01:15/25-14:20:33,46) [kcompactd0] (root,0,0,00:00:00/25-14:20:33,47) [ksmd] (root,0,0,00:01:14/25-14:20:33,48) [khugepaged] (root,0,0,00:00:00/25-14:20:33,74) [kintegrityd] (root,0,0,00:00:00/25-14:20:33,75) [kblockd] (root,0,0,00:00:00/25-14:20:33,76) [blkcg_punt_bio] (root,0,0,00:00:00/25-14:20:33,78) [tpm_dev_wq] (root,0,0,00:00:00/25-14:20:33,79) [edac-poller] (root,0,0,00:00:00/25-14:20:33,80) [devfreq_wq] (root,0,0,00:00:00/25-14:20:33,110) [watchdogd] (root,0,0,00:00:05/25-14:20:33,111) [kworker/2:1H-kblockd] (root,0,0,00:00:01/25-14:20:33,112) [kswapd0] (root,0,0,00:00:00/25-14:20:32,114) [kthrotld] (root,0,0,00:00:00/25-14:20:32,115) [mld] (root,0,0,00:00:00/25-14:20:32,116) [ipv6_addrconf] (root,0,0,00:00:11/25-14:20:32,117) [kworker/1:1H-kblockd] (root,0,0,00:00:00/25-14:20:32,122) [kstrp] (root,0,0,00:00:00/25-14:20:32,123) [zswap-shrink] (root,0,0,00:00:00/25-14:20:32,124) [kworker/u9:0] (root,0,0,00:00:00/25-14:20:32,129) [charger_manager] (root,0,0,00:00:05/25-14:20:31,172) [kworker/3:1H-kblockd] (root,0,0,00:00:05/25-14:20:31,175) [kworker/0:1H-kblockd] (root,0,0,00:00:00/25-14:20:31,205) [kaluad] (root,0,0,00:00:00/25-14:20:31,250) [kmpath_rdacd] (root,0,0,00:00:00/25-14:20:31,293) [kmpathd] (root,0,0,00:00:00/25-14:20:31,294) [kmpath_handlerd] (root,0,0,00:00:00/25-14:20:31,342) [ata_sff] (root,0,0,00:00:00/25-14:20:30,343) [scsi_eh_0] (root,0,0,00:00:00/25-14:20:30,344) [scsi_tmf_0] (root,0,0,00:00:00/25-14:20:30,345) [scsi_eh_1] (root,0,0,00:00:00/25-14:20:30,346) [scsi_tmf_1] (root,0,0,00:00:41/25-14:20:28,366) [jbd2/vda1-8] (root,0,0,00:00:00/25-14:20:28,367) [ext4-rsv-conver] (root,38604,7876,00:00:36/25-14:20:16,440) /usr/lib/systemd/systemd-journald (root,53164,9544,00:00:03/25-14:20:15,456) /usr/lib/systemd/systemd-udevd (root,8624,6756,00:00:38/25-14:20:13,491) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1628,00:00:13/25-14:19:39,512) /sbin/auditd (messagebus,22936,5640,00:01:11/25-14:19:39,518) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38748,8556,00:00:40/25-14:19:39,531) /usr/lib/systemd/systemd-logind (root,20556,5076,00:00:00/25-14:19:39,541) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,31876,16156,00:00:03/25-14:19:38,626) /usr/sbin/wickedd --systemd --foreground (root,31896,16912,00:00:00/25-14:19:38,627) /usr/sbin/wickedd-nanny --systemd --foreground (root,548104,30844,00:00:29/25-14:19:24,1172) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26512,00:00:00/25-14:19:24,1185) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4572,00:02:21/25-14:19:23,1194) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1744,00:00:00/25-14:19:23,1197) /sbin/agetty -o -p -- \u --noclear tty1 linux (syslogtunnel,40568,10564,00:00:00/25-14:19:23,1199) /usr/lib/systemd/systemd --user (cm-ssh,40568,10520,00:00:00/25-14:19:23,1200) /usr/lib/systemd/systemd --user (checkmk,40560,10484,00:00:00/25-14:19:23,1201) /usr/lib/systemd/systemd --user (root,448968,8552,00:00:34/25-14:19:23,1202) /usr/sbin/rsyslogd -n -iNONE (ntp,20660,6064,00:03:29/25-14:19:23,1204) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (root,2516,672,00:00:00/25-14:19:23,1206) bpfilter_umh (root,26204,8300,00:00:11/25-14:19:23,1214) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,22048,4188,00:00:00/25-14:19:23,1215) ntpd: asynchronous dns resolver (spot,301920,188384,1-08:06:03/25-14:19:23,1221) /usr/bin/python3.11 /usr/bin/spot (cm-ssh,48532,3192,00:00:00/25-14:19:22,1228) (sd-pam) (checkmk,48532,3192,00:00:00/25-14:19:22,1229) (sd-pam) (syslogtunnel,48532,3192,00:00:00/25-14:19:22,1245) (sd-pam) (root,24216,5348,00:00:08/25-14:19:21,1325) /usr/lib/postfix/bin//master -w (postfix,24292,8260,00:00:01/25-14:19:21,1327) qmgr -l -t fifo -u (root,8964,2668,00:00:03/25-14:19:20,1354) /usr/sbin/cron -n (root,694116,77808,00:33:29/25-14:19:14,1375) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,218560,57996,00:10:11/25-14:19:00,1380) /usr/bin/python3.11 /usr/bin/spot (root,0,0,00:00:00/25:56,6090) [kworker/1:0-events] (root,0,0,00:00:00/27:39,6321) [kworker/u8:0-flush-253:0] (root,0,0,00:00:00/05:12,6582) [kworker/1:1-ata_sff] (root,0,0,00:00:00/01:15:46,14356) [kworker/2:0-events] (root,35308,10012,00:00:00/19-12:10:16,15389) sshd: cm-ssh [priv] (cm-ssh,35308,5508,00:01:05/19-12:10:15,15391) sshd: cm-ssh (root,0,0,00:00:01/01:43:20,16404) [kworker/0:1-events] (root,35308,10072,00:00:00/9-13:38:54,16975) sshd: syslogtunnel [priv] (syslogtunnel,35308,5588,00:00:33/9-13:38:53,16977) sshd: syslogtunnel (root,0,0,00:00:00/10:12:44,17512) [kworker/u8:2-ext4-rsv-conversion] (postfix,24244,8240,00:00:00/39:09,17853) pickup -l -t fifo -u (root,0,0,00:00:00/01:12,18061) [kworker/3:0] (root,0,0,00:00:02/08:37:34,18263) [kworker/3:2-cgroup_destroy] (root,0,0,00:00:07/07:23:08,21123) [kworker/2:1-events] (root,6656,3488,00:00:00/00:00,22579) /bin/bash /usr/bin/check_mk_agent (root,13744,3384,00:00:00/00:00,22597) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,956,00:00:00/00:00,22598) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (postfix,44628,9372,00:00:00/19-18:56:01,30472) tlsmgr -l -t unix -u (root,0,0,00:00:00/07:49,30755) [kworker/3:1-events] (root,0,0,00:00:00/14:30,31934) [kworker/0:2] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether d2:d8:79:3d:79:c8 brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 42:10:47:e6:ef:4b brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-12-08 00:42 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe5683637b75de34Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12812,00:01:01/23-14:01:04,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:00/23-14:01:04,2) [kthreadd] (root,0,0,00:00:00/23-14:01:04,3) [rcu_gp] (root,0,0,00:00:00/23-14:01:04,4) [rcu_par_gp] (root,0,0,00:00:00/23-14:01:04,5) [slub_flushwq] (root,0,0,00:00:00/23-14:01:04,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/23-14:01:04,9) [mm_percpu_wq] (root,0,0,00:00:00/23-14:01:04,10) [rcu_tasks_kthre] (root,0,0,00:00:00/23-14:01:04,11) [rcu_tasks_rude_] (root,0,0,00:00:00/23-14:01:04,12) [rcu_tasks_trace] (root,0,0,00:00:42/23-14:01:04,13) [ksoftirqd/0] (root,0,0,01:02:48/23-14:01:04,14) [rcu_preempt] (root,0,0,00:00:08/23-14:01:04,15) [migration/0] (root,0,0,00:00:00/23-14:01:04,16) [idle_inject/0] (root,0,0,00:00:00/23-14:01:04,18) [cpuhp/0] (root,0,0,00:00:00/23-14:01:04,19) [cpuhp/1] (root,0,0,00:00:00/23-14:01:04,20) [idle_inject/1] (root,0,0,00:00:09/23-14:01:04,21) [migration/1] (root,0,0,00:00:37/23-14:01:04,22) [ksoftirqd/1] (root,0,0,00:00:00/23-14:01:04,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/23-14:01:04,25) [cpuhp/2] (root,0,0,00:00:00/23-14:01:04,26) [idle_inject/2] (root,0,0,00:00:07/23-14:01:04,27) [migration/2] (root,0,0,00:47:33/23-14:01:04,28) [ksoftirqd/2] (root,0,0,00:00:00/23-14:01:04,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/23-14:01:04,31) [cpuhp/3] (root,0,0,00:00:00/23-14:01:04,32) [idle_inject/3] (root,0,0,00:00:08/23-14:01:04,33) [migration/3] (root,0,0,00:02:10/23-14:01:04,34) [ksoftirqd/3] (root,0,0,00:00:00/23-14:01:04,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/23-14:01:04,39) [kdevtmpfs] (root,0,0,00:00:00/23-14:01:04,40) [netns] (root,0,0,00:00:00/23-14:01:04,41) [inet_frag_wq] (root,0,0,00:00:05/23-14:01:04,42) [kauditd] (root,0,0,00:00:00/23-14:01:04,43) [khungtaskd] (root,0,0,00:00:00/23-14:01:04,44) [oom_reaper] (root,0,0,00:00:00/23-14:01:04,45) [writeback] (root,0,0,00:01:09/23-14:01:04,46) [kcompactd0] (root,0,0,00:00:00/23-14:01:04,47) [ksmd] (root,0,0,00:01:08/23-14:01:04,48) [khugepaged] (root,0,0,00:00:00/23-14:01:04,74) [kintegrityd] (root,0,0,00:00:00/23-14:01:04,75) [kblockd] (root,0,0,00:00:00/23-14:01:04,76) [blkcg_punt_bio] (root,0,0,00:00:00/23-14:01:04,78) [tpm_dev_wq] (root,0,0,00:00:00/23-14:01:04,79) [edac-poller] (root,0,0,00:00:00/23-14:01:04,80) [devfreq_wq] (root,0,0,00:00:00/23-14:01:04,110) [watchdogd] (root,0,0,00:00:04/23-14:01:04,111) [kworker/2:1H-kblockd] (root,0,0,00:00:01/23-14:01:04,112) [kswapd0] (root,0,0,00:00:00/23-14:01:03,114) [kthrotld] (root,0,0,00:00:00/23-14:01:03,115) [mld] (root,0,0,00:00:00/23-14:01:03,116) [ipv6_addrconf] (root,0,0,00:00:10/23-14:01:03,117) [kworker/1:1H-kblockd] (root,0,0,00:00:00/23-14:01:03,122) [kstrp] (root,0,0,00:00:00/23-14:01:03,123) [zswap-shrink] (root,0,0,00:00:00/23-14:01:03,124) [kworker/u9:0] (root,0,0,00:00:00/23-14:01:03,129) [charger_manager] (root,0,0,00:00:05/23-14:01:02,172) [kworker/3:1H-kblockd] (root,0,0,00:00:05/23-14:01:02,175) [kworker/0:1H-kblockd] (root,0,0,00:00:00/23-14:01:02,205) [kaluad] (root,0,0,00:00:00/23-14:01:02,250) [kmpath_rdacd] (root,0,0,00:00:00/23-14:01:02,293) [kmpathd] (root,0,0,00:00:00/23-14:01:02,294) [kmpath_handlerd] (root,0,0,00:00:00/23-14:01:02,342) [ata_sff] (root,0,0,00:00:00/23-14:01:01,343) [scsi_eh_0] (root,0,0,00:00:00/23-14:01:01,344) [scsi_tmf_0] (root,0,0,00:00:00/23-14:01:01,345) [scsi_eh_1] (root,0,0,00:00:00/23-14:01:01,346) [scsi_tmf_1] (root,0,0,00:00:37/23-14:00:59,366) [jbd2/vda1-8] (root,0,0,00:00:00/23-14:00:59,367) [ext4-rsv-conver] (root,38604,7876,00:00:34/23-14:00:47,440) /usr/lib/systemd/systemd-journald (root,53164,9544,00:00:02/23-14:00:46,456) /usr/lib/systemd/systemd-udevd (root,8624,6756,00:00:35/23-14:00:44,491) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1628,00:00:12/23-14:00:10,512) /sbin/auditd (messagebus,22936,5640,00:01:07/23-14:00:10,518) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38748,8556,00:00:38/23-14:00:10,531) /usr/lib/systemd/systemd-logind (root,20556,5076,00:00:00/23-14:00:10,541) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,31876,16156,00:00:03/23-14:00:09,626) /usr/sbin/wickedd --systemd --foreground (root,31896,16912,00:00:00/23-14:00:09,627) /usr/sbin/wickedd-nanny --systemd --foreground (root,548104,30324,00:00:26/23-13:59:55,1172) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26512,00:00:00/23-13:59:55,1185) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4572,00:02:08/23-13:59:54,1194) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1744,00:00:00/23-13:59:54,1197) /sbin/agetty -o -p -- \u --noclear tty1 linux (syslogtunnel,40568,10564,00:00:00/23-13:59:54,1199) /usr/lib/systemd/systemd --user (cm-ssh,40568,10520,00:00:00/23-13:59:54,1200) /usr/lib/systemd/systemd --user (checkmk,40560,10484,00:00:00/23-13:59:54,1201) /usr/lib/systemd/systemd --user (root,448968,8552,00:00:32/23-13:59:54,1202) /usr/sbin/rsyslogd -n -iNONE (ntp,20660,6064,00:03:12/23-13:59:54,1204) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (root,2516,672,00:00:00/23-13:59:54,1206) bpfilter_umh (root,26204,8300,00:00:10/23-13:59:54,1214) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,22048,4188,00:00:00/23-13:59:54,1215) ntpd: asynchronous dns resolver (spot,285356,172696,1-05:39:12/23-13:59:54,1221) /usr/bin/python3.11 /usr/bin/spot (cm-ssh,48532,3192,00:00:00/23-13:59:53,1228) (sd-pam) (checkmk,48532,3192,00:00:00/23-13:59:53,1229) (sd-pam) (syslogtunnel,48532,3192,00:00:00/23-13:59:53,1245) (sd-pam) (root,24216,5348,00:00:07/23-13:59:52,1325) /usr/lib/postfix/bin//master -w (postfix,24292,8260,00:00:01/23-13:59:52,1327) qmgr -l -t fifo -u (root,8964,2668,00:00:03/23-13:59:51,1354) /usr/sbin/cron -n (root,693860,77156,00:30:46/23-13:59:45,1375) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,217536,55852,00:08:44/23-13:59:31,1380) /usr/bin/python3.11 /usr/bin/spot (root,0,0,00:00:00/01:30:40,3891) [kworker/u8:2-writeback] (root,0,0,00:00:00/01:22:34,7143) [kworker/u8:1-ext4-rsv-conversion] (root,0,0,00:00:00/42:38,7327) [kworker/0:0-mm_percpu_wq] (root,0,0,00:00:00/09:13,7626) [kworker/1:1-ata_sff] (root,0,0,00:00:00/02:51:29,7973) [kworker/0:1-events] (root,6656,3484,00:00:00/00:00,12359) /bin/bash /usr/bin/check_mk_agent (root,13744,3408,00:00:00/00:00,12377) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,964,00:00:00/00:00,12378) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,35308,10012,00:00:00/17-11:50:47,15389) sshd: cm-ssh [priv] (cm-ssh,35308,5508,00:00:58/17-11:50:46,15391) sshd: cm-ssh (postfix,24244,8204,00:00:00/41:28,15690) pickup -l -t fifo -u (root,0,0,00:00:01/04:45:07,16672) [kworker/3:2-events] (root,35308,10072,00:00:00/7-13:19:25,16975) sshd: syslogtunnel [priv] (syslogtunnel,35308,5588,00:00:26/7-13:19:24,16977) sshd: syslogtunnel (root,0,0,00:00:01/49:23,19831) [kworker/2:1-events] (root,0,0,00:00:00/22:25,26074) [kworker/2:0] (root,0,0,00:00:00/04:03,28705) [kworker/1:0-ata_sff] (root,0,0,00:00:02/03:05:38,30106) [kworker/1:2-events] (postfix,44628,9372,00:00:00/17-18:36:32,30472) tlsmgr -l -t unix -u (root,0,0,00:00:00/01:50:44,31932) [kworker/3:1] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether d2:d8:79:3d:79:c8 brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 42:10:47:e6:ef:4b brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-12-06 00:23 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe56836372ee3b72Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12808,00:00:57/21-12:54:58,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:00/21-12:54:58,2) [kthreadd] (root,0,0,00:00:00/21-12:54:58,3) [rcu_gp] (root,0,0,00:00:00/21-12:54:58,4) [rcu_par_gp] (root,0,0,00:00:00/21-12:54:58,5) [slub_flushwq] (root,0,0,00:00:00/21-12:54:58,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/21-12:54:58,9) [mm_percpu_wq] (root,0,0,00:00:00/21-12:54:58,10) [rcu_tasks_kthre] (root,0,0,00:00:00/21-12:54:58,11) [rcu_tasks_rude_] (root,0,0,00:00:00/21-12:54:58,12) [rcu_tasks_trace] (root,0,0,00:00:39/21-12:54:58,13) [ksoftirqd/0] (root,0,0,00:57:19/21-12:54:58,14) [rcu_preempt] (root,0,0,00:00:08/21-12:54:58,15) [migration/0] (root,0,0,00:00:00/21-12:54:58,16) [idle_inject/0] (root,0,0,00:00:00/21-12:54:58,18) [cpuhp/0] (root,0,0,00:00:00/21-12:54:58,19) [cpuhp/1] (root,0,0,00:00:00/21-12:54:58,20) [idle_inject/1] (root,0,0,00:00:08/21-12:54:58,21) [migration/1] (root,0,0,00:00:34/21-12:54:58,22) [ksoftirqd/1] (root,0,0,00:00:00/21-12:54:58,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/21-12:54:58,25) [cpuhp/2] (root,0,0,00:00:00/21-12:54:58,26) [idle_inject/2] (root,0,0,00:00:06/21-12:54:58,27) [migration/2] (root,0,0,00:43:29/21-12:54:58,28) [ksoftirqd/2] (root,0,0,00:00:00/21-12:54:58,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/21-12:54:58,31) [cpuhp/3] (root,0,0,00:00:00/21-12:54:58,32) [idle_inject/3] (root,0,0,00:00:08/21-12:54:58,33) [migration/3] (root,0,0,00:01:59/21-12:54:58,34) [ksoftirqd/3] (root,0,0,00:00:00/21-12:54:58,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/21-12:54:58,39) [kdevtmpfs] (root,0,0,00:00:00/21-12:54:58,40) [netns] (root,0,0,00:00:00/21-12:54:58,41) [inet_frag_wq] (root,0,0,00:00:05/21-12:54:58,42) [kauditd] (root,0,0,00:00:00/21-12:54:58,43) [khungtaskd] (root,0,0,00:00:00/21-12:54:58,44) [oom_reaper] (root,0,0,00:00:00/21-12:54:58,45) [writeback] (root,0,0,00:01:03/21-12:54:58,46) [kcompactd0] (root,0,0,00:00:00/21-12:54:58,47) [ksmd] (root,0,0,00:01:02/21-12:54:58,48) [khugepaged] (root,0,0,00:00:00/21-12:54:58,74) [kintegrityd] (root,0,0,00:00:00/21-12:54:58,75) [kblockd] (root,0,0,00:00:00/21-12:54:58,76) [blkcg_punt_bio] (root,0,0,00:00:00/21-12:54:58,78) [tpm_dev_wq] (root,0,0,00:00:00/21-12:54:58,79) [edac-poller] (root,0,0,00:00:00/21-12:54:58,80) [devfreq_wq] (root,0,0,00:00:00/21-12:54:58,110) [watchdogd] (root,0,0,00:00:04/21-12:54:58,111) [kworker/2:1H-kblockd] (root,0,0,00:00:01/21-12:54:58,112) [kswapd0] (root,0,0,00:00:00/21-12:54:57,114) [kthrotld] (root,0,0,00:00:00/21-12:54:57,115) [mld] (root,0,0,00:00:00/21-12:54:57,116) [ipv6_addrconf] (root,0,0,00:00:09/21-12:54:57,117) [kworker/1:1H-kblockd] (root,0,0,00:00:00/21-12:54:57,122) [kstrp] (root,0,0,00:00:00/21-12:54:57,123) [zswap-shrink] (root,0,0,00:00:00/21-12:54:57,124) [kworker/u9:0] (root,0,0,00:00:00/21-12:54:57,129) [charger_manager] (root,0,0,00:00:04/21-12:54:56,172) [kworker/3:1H-kblockd] (root,0,0,00:00:04/21-12:54:56,175) [kworker/0:1H-kblockd] (root,0,0,00:00:00/21-12:54:56,205) [kaluad] (root,0,0,00:00:00/21-12:54:56,250) [kmpath_rdacd] (root,0,0,00:00:00/21-12:54:56,293) [kmpathd] (root,0,0,00:00:00/21-12:54:56,294) [kmpath_handlerd] (root,0,0,00:00:00/21-12:54:56,342) [ata_sff] (root,0,0,00:00:00/21-12:54:55,343) [scsi_eh_0] (root,0,0,00:00:00/21-12:54:55,344) [scsi_tmf_0] (root,0,0,00:00:00/21-12:54:55,345) [scsi_eh_1] (root,0,0,00:00:00/21-12:54:55,346) [scsi_tmf_1] (root,0,0,00:00:33/21-12:54:53,366) [jbd2/vda1-8] (root,0,0,00:00:00/21-12:54:53,367) [ext4-rsv-conver] (root,38604,7876,00:00:31/21-12:54:41,440) /usr/lib/systemd/systemd-journald (root,53164,9544,00:00:02/21-12:54:40,456) /usr/lib/systemd/systemd-udevd (root,8624,6756,00:00:32/21-12:54:38,491) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1628,00:00:11/21-12:54:04,512) /sbin/auditd (messagebus,22936,5640,00:01:02/21-12:54:04,518) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38748,8556,00:00:36/21-12:54:04,531) /usr/lib/systemd/systemd-logind (root,20556,5076,00:00:00/21-12:54:04,541) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,31876,16156,00:00:03/21-12:54:03,626) /usr/sbin/wickedd --systemd --foreground (root,31896,16912,00:00:00/21-12:54:03,627) /usr/sbin/wickedd-nanny --systemd --foreground (root,548104,29804,00:00:24/21-12:53:49,1172) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26512,00:00:00/21-12:53:49,1185) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4572,00:01:58/21-12:53:48,1194) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1744,00:00:00/21-12:53:48,1197) /sbin/agetty -o -p -- \u --noclear tty1 linux (syslogtunnel,40568,10564,00:00:00/21-12:53:48,1199) /usr/lib/systemd/systemd --user (cm-ssh,40568,10520,00:00:00/21-12:53:48,1200) /usr/lib/systemd/systemd --user (checkmk,40560,10484,00:00:00/21-12:53:48,1201) /usr/lib/systemd/systemd --user (root,448968,8552,00:00:30/21-12:53:48,1202) /usr/sbin/rsyslogd -n -iNONE (ntp,20660,6064,00:02:55/21-12:53:48,1204) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (root,2516,672,00:00:00/21-12:53:48,1206) bpfilter_umh (root,26204,8300,00:00:09/21-12:53:48,1214) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,22048,4188,00:00:00/21-12:53:48,1215) ntpd: asynchronous dns resolver (spot,285196,171876,1-03:14:15/21-12:53:48,1221) /usr/bin/python3.11 /usr/bin/spot (cm-ssh,48532,3192,00:00:00/21-12:53:47,1228) (sd-pam) (checkmk,48532,3192,00:00:00/21-12:53:47,1229) (sd-pam) (syslogtunnel,48532,3192,00:00:00/21-12:53:47,1245) (sd-pam) (root,24216,5348,00:00:07/21-12:53:46,1325) /usr/lib/postfix/bin//master -w (postfix,24292,8260,00:00:01/21-12:53:46,1327) qmgr -l -t fifo -u (root,8964,2668,00:00:02/21-12:53:45,1354) /usr/sbin/cron -n (root,693604,76796,00:28:02/21-12:53:39,1375) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,216512,54956,00:07:22/21-12:53:25,1380) /usr/bin/python3.11 /usr/bin/spot (root,0,0,00:00:02/01:35:41,1511) [kworker/2:0-events] (root,0,0,00:00:00/08:24,3242) [kworker/1:2-events] (root,0,0,00:00:00/19:01,4642) [kworker/2:2-events] (root,0,0,00:00:00/01:16:40,10019) [kworker/0:2-events] (root,0,0,00:00:03/07:14:40,10383) [kworker/1:0-ata_sff] (root,35308,10012,00:00:00/15-10:44:41,15389) sshd: cm-ssh [priv] (cm-ssh,35308,5508,00:00:51/15-10:44:40,15391) sshd: cm-ssh (root,35308,10072,00:00:00/5-12:13:19,16975) sshd: syslogtunnel [priv] (syslogtunnel,35308,5588,00:00:19/5-12:13:18,16977) sshd: syslogtunnel (root,0,0,00:00:00/02:26:49,20036) [kworker/3:0] (root,0,0,00:00:00/25:21,20180) [kworker/0:0-events] (root,0,0,00:00:00/03:14,22368) [kworker/1:1-ata_sff] (root,0,0,00:00:00/32:07,27154) [kworker/u8:0-flush-253:0] (root,0,0,00:00:00/03:29:58,28374) [kworker/u8:2-ext4-rsv-conversion] (root,0,0,00:00:01/07:26:15,30433) [kworker/3:1-events] (postfix,44628,9372,00:00:00/15-17:30:26,30472) tlsmgr -l -t unix -u (postfix,24244,8260,00:00:00/01:37:18,30884) pickup -l -t fifo -u (root,6656,3484,00:00:00/00:00,31445) /bin/bash /usr/bin/check_mk_agent (root,13744,3528,00:00:00/00:00,31463) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,968,00:00:00/00:00,31464) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether d2:d8:79:3d:79:c8 brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 42:10:47:e6:ef:4b brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-12-03 23:17 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe5683639bbc6259Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12828,00:00:53/19-14:26:53,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:00/19-14:26:53,2) [kthreadd] (root,0,0,00:00:00/19-14:26:53,3) [rcu_gp] (root,0,0,00:00:00/19-14:26:53,4) [rcu_par_gp] (root,0,0,00:00:00/19-14:26:53,5) [slub_flushwq] (root,0,0,00:00:00/19-14:26:53,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/19-14:26:53,9) [mm_percpu_wq] (root,0,0,00:00:00/19-14:26:53,10) [rcu_tasks_kthre] (root,0,0,00:00:00/19-14:26:53,11) [rcu_tasks_rude_] (root,0,0,00:00:00/19-14:26:53,12) [rcu_tasks_trace] (root,0,0,00:00:36/19-14:26:53,13) [ksoftirqd/0] (root,0,0,00:52:15/19-14:26:53,14) [rcu_preempt] (root,0,0,00:00:07/19-14:26:53,15) [migration/0] (root,0,0,00:00:00/19-14:26:53,16) [idle_inject/0] (root,0,0,00:00:00/19-14:26:53,18) [cpuhp/0] (root,0,0,00:00:00/19-14:26:53,19) [cpuhp/1] (root,0,0,00:00:00/19-14:26:53,20) [idle_inject/1] (root,0,0,00:00:07/19-14:26:53,21) [migration/1] (root,0,0,00:00:31/19-14:26:53,22) [ksoftirqd/1] (root,0,0,00:00:00/19-14:26:53,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/19-14:26:53,25) [cpuhp/2] (root,0,0,00:00:00/19-14:26:53,26) [idle_inject/2] (root,0,0,00:00:06/19-14:26:53,27) [migration/2] (root,0,0,00:39:03/19-14:26:53,28) [ksoftirqd/2] (root,0,0,00:00:00/19-14:26:53,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/19-14:26:53,31) [cpuhp/3] (root,0,0,00:00:00/19-14:26:53,32) [idle_inject/3] (root,0,0,00:00:07/19-14:26:53,33) [migration/3] (root,0,0,00:01:49/19-14:26:53,34) [ksoftirqd/3] (root,0,0,00:00:00/19-14:26:53,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/19-14:26:53,39) [kdevtmpfs] (root,0,0,00:00:00/19-14:26:53,40) [netns] (root,0,0,00:00:00/19-14:26:53,41) [inet_frag_wq] (root,0,0,00:00:05/19-14:26:53,42) [kauditd] (root,0,0,00:00:00/19-14:26:53,43) [khungtaskd] (root,0,0,00:00:00/19-14:26:53,44) [oom_reaper] (root,0,0,00:00:00/19-14:26:53,45) [writeback] (root,0,0,00:00:57/19-14:26:53,46) [kcompactd0] (root,0,0,00:00:00/19-14:26:53,47) [ksmd] (root,0,0,00:00:57/19-14:26:53,48) [khugepaged] (root,0,0,00:00:00/19-14:26:53,74) [kintegrityd] (root,0,0,00:00:00/19-14:26:53,75) [kblockd] (root,0,0,00:00:00/19-14:26:53,76) [blkcg_punt_bio] (root,0,0,00:00:00/19-14:26:53,78) [tpm_dev_wq] (root,0,0,00:00:00/19-14:26:53,79) [edac-poller] (root,0,0,00:00:00/19-14:26:53,80) [devfreq_wq] (root,0,0,00:00:00/19-14:26:53,110) [watchdogd] (root,0,0,00:00:03/19-14:26:53,111) [kworker/2:1H-kblockd] (root,0,0,00:00:01/19-14:26:53,112) [kswapd0] (root,0,0,00:00:00/19-14:26:52,114) [kthrotld] (root,0,0,00:00:00/19-14:26:52,115) [mld] (root,0,0,00:00:00/19-14:26:52,116) [ipv6_addrconf] (root,0,0,00:00:08/19-14:26:52,117) [kworker/1:1H-kblockd] (root,0,0,00:00:00/19-14:26:52,122) [kstrp] (root,0,0,00:00:00/19-14:26:52,123) [zswap-shrink] (root,0,0,00:00:00/19-14:26:52,124) [kworker/u9:0] (root,0,0,00:00:00/19-14:26:52,129) [charger_manager] (root,0,0,00:00:04/19-14:26:51,172) [kworker/3:1H-kblockd] (root,0,0,00:00:04/19-14:26:51,175) [kworker/0:1H-kblockd] (root,0,0,00:00:00/19-14:26:51,205) [kaluad] (root,0,0,00:00:00/19-14:26:51,250) [kmpath_rdacd] (root,0,0,00:00:00/19-14:26:51,293) [kmpathd] (root,0,0,00:00:00/19-14:26:51,294) [kmpath_handlerd] (root,0,0,00:00:00/19-14:26:51,342) [ata_sff] (root,0,0,00:00:00/19-14:26:50,343) [scsi_eh_0] (root,0,0,00:00:00/19-14:26:50,344) [scsi_tmf_0] (root,0,0,00:00:00/19-14:26:50,345) [scsi_eh_1] (root,0,0,00:00:00/19-14:26:50,346) [scsi_tmf_1] (root,0,0,00:00:29/19-14:26:48,366) [jbd2/vda1-8] (root,0,0,00:00:00/19-14:26:48,367) [ext4-rsv-conver] (root,38604,7876,00:00:29/19-14:26:36,440) /usr/lib/systemd/systemd-journald (root,53164,9648,00:00:02/19-14:26:35,456) /usr/lib/systemd/systemd-udevd (root,8624,6760,00:00:29/19-14:26:33,491) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1628,00:00:11/19-14:25:59,512) /sbin/auditd (messagebus,22936,5672,00:00:58/19-14:25:59,518) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38748,8556,00:00:33/19-14:25:59,531) /usr/lib/systemd/systemd-logind (root,20556,5140,00:00:00/19-14:25:59,541) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,31876,16220,00:00:03/19-14:25:58,626) /usr/sbin/wickedd --systemd --foreground (root,31896,16976,00:00:00/19-14:25:58,627) /usr/sbin/wickedd-nanny --systemd --foreground (root,548104,29812,00:00:22/19-14:25:44,1172) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26512,00:00:00/19-14:25:44,1185) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4572,00:01:49/19-14:25:43,1194) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1744,00:00:00/19-14:25:43,1197) /sbin/agetty -o -p -- \u --noclear tty1 linux (syslogtunnel,40568,10564,00:00:00/19-14:25:43,1199) /usr/lib/systemd/systemd --user (cm-ssh,40568,10520,00:00:00/19-14:25:43,1200) /usr/lib/systemd/systemd --user (checkmk,40560,10484,00:00:00/19-14:25:43,1201) /usr/lib/systemd/systemd --user (root,448968,8552,00:00:28/19-14:25:43,1202) /usr/sbin/rsyslogd -n -iNONE (ntp,20660,6112,00:02:40/19-14:25:43,1204) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (root,2516,672,00:00:00/19-14:25:43,1206) bpfilter_umh (root,26204,8300,00:00:09/19-14:25:43,1214) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,22048,4236,00:00:00/19-14:25:43,1215) ntpd: asynchronous dns resolver (spot,285020,171832,1-01:04:32/19-14:25:43,1221) /usr/bin/python3.11 /usr/bin/spot (cm-ssh,48532,3192,00:00:00/19-14:25:42,1228) (sd-pam) (checkmk,48532,3192,00:00:00/19-14:25:42,1229) (sd-pam) (syslogtunnel,48532,3192,00:00:00/19-14:25:42,1245) (sd-pam) (root,24216,5348,00:00:06/19-14:25:41,1325) /usr/lib/postfix/bin//master -w (postfix,24292,8260,00:00:01/19-14:25:41,1327) qmgr -l -t fifo -u (root,8964,2668,00:00:02/19-14:25:40,1354) /usr/sbin/cron -n (root,692836,75756,00:25:27/19-14:25:34,1375) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,215488,53056,00:06:34/19-14:25:20,1380) /usr/bin/python3.11 /usr/bin/spot (root,0,0,00:00:01/06:28:17,3898) [kworker/3:2-mm_percpu_wq] (root,0,0,00:00:00/01:28:31,4121) [kworker/u8:0-ext4-rsv-conversion] (postfix,24244,8224,00:00:00/10:04,8017) pickup -l -t fifo -u (root,0,0,00:00:00/07:15,10325) [kworker/1:0-ata_sff] (root,35308,10012,00:00:00/13-12:16:36,15389) sshd: cm-ssh [priv] (cm-ssh,35308,5508,00:00:45/13-12:16:35,15391) sshd: cm-ssh (root,35308,10072,00:00:00/3-13:45:14,16975) sshd: syslogtunnel [priv] (syslogtunnel,35308,5588,00:00:12/3-13:45:13,16977) sshd: syslogtunnel (root,0,0,00:00:00/02:05,18611) [kworker/1:1-ata_sff] (root,0,0,00:00:00/19:01,20923) [kworker/u8:2-flush-253:0] (root,0,0,00:00:00/30:49,21337) [kworker/2:0] (root,0,0,00:00:00/55:58,22032) [kworker/3:0-cgroup_destroy] (root,0,0,00:00:00/43:29,22794) [kworker/0:1] (root,0,0,00:00:00/55:46,23007) [kworker/2:2-events] (root,0,0,00:00:00/01:19:54,24029) [kworker/1:2-events] (root,6656,3488,00:00:00/00:00,25931) /bin/bash /usr/bin/check_mk_agent (root,13744,3404,00:00:00/00:00,25949) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,964,00:00:00/00:00,25950) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,0,0,00:00:01/02:52:55,26126) [kworker/0:2-events] (postfix,44628,9416,00:00:00/13-19:02:21,30472) tlsmgr -l -t unix -u Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether d2:d8:79:3d:79:c8 brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 42:10:47:e6:ef:4b brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-12-02 00:49 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe5683637ed0f597Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12824,00:00:49/17-13:29:38,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:00/17-13:29:38,2) [kthreadd] (root,0,0,00:00:00/17-13:29:38,3) [rcu_gp] (root,0,0,00:00:00/17-13:29:38,4) [rcu_par_gp] (root,0,0,00:00:00/17-13:29:38,5) [slub_flushwq] (root,0,0,00:00:00/17-13:29:38,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/17-13:29:38,9) [mm_percpu_wq] (root,0,0,00:00:00/17-13:29:38,10) [rcu_tasks_kthre] (root,0,0,00:00:00/17-13:29:38,11) [rcu_tasks_rude_] (root,0,0,00:00:00/17-13:29:38,12) [rcu_tasks_trace] (root,0,0,00:00:32/17-13:29:38,13) [ksoftirqd/0] (root,0,0,00:47:01/17-13:29:38,14) [rcu_preempt] (root,0,0,00:00:06/17-13:29:38,15) [migration/0] (root,0,0,00:00:00/17-13:29:38,16) [idle_inject/0] (root,0,0,00:00:00/17-13:29:38,18) [cpuhp/0] (root,0,0,00:00:00/17-13:29:38,19) [cpuhp/1] (root,0,0,00:00:00/17-13:29:38,20) [idle_inject/1] (root,0,0,00:00:07/17-13:29:38,21) [migration/1] (root,0,0,00:00:28/17-13:29:38,22) [ksoftirqd/1] (root,0,0,00:00:00/17-13:29:38,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/17-13:29:38,25) [cpuhp/2] (root,0,0,00:00:00/17-13:29:38,26) [idle_inject/2] (root,0,0,00:00:05/17-13:29:38,27) [migration/2] (root,0,0,00:35:48/17-13:29:38,28) [ksoftirqd/2] (root,0,0,00:00:00/17-13:29:38,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/17-13:29:38,31) [cpuhp/3] (root,0,0,00:00:00/17-13:29:38,32) [idle_inject/3] (root,0,0,00:00:06/17-13:29:38,33) [migration/3] (root,0,0,00:01:39/17-13:29:38,34) [ksoftirqd/3] (root,0,0,00:00:00/17-13:29:38,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/17-13:29:38,39) [kdevtmpfs] (root,0,0,00:00:00/17-13:29:38,40) [netns] (root,0,0,00:00:00/17-13:29:38,41) [inet_frag_wq] (root,0,0,00:00:04/17-13:29:38,42) [kauditd] (root,0,0,00:00:00/17-13:29:38,43) [khungtaskd] (root,0,0,00:00:00/17-13:29:38,44) [oom_reaper] (root,0,0,00:00:00/17-13:29:38,45) [writeback] (root,0,0,00:00:51/17-13:29:38,46) [kcompactd0] (root,0,0,00:00:00/17-13:29:38,47) [ksmd] (root,0,0,00:00:51/17-13:29:38,48) [khugepaged] (root,0,0,00:00:00/17-13:29:38,74) [kintegrityd] (root,0,0,00:00:00/17-13:29:38,75) [kblockd] (root,0,0,00:00:00/17-13:29:38,76) [blkcg_punt_bio] (root,0,0,00:00:00/17-13:29:38,78) [tpm_dev_wq] (root,0,0,00:00:00/17-13:29:38,79) [edac-poller] (root,0,0,00:00:00/17-13:29:38,80) [devfreq_wq] (root,0,0,00:00:00/17-13:29:38,110) [watchdogd] (root,0,0,00:00:03/17-13:29:38,111) [kworker/2:1H-kblockd] (root,0,0,00:00:01/17-13:29:38,112) [kswapd0] (root,0,0,00:00:00/17-13:29:37,114) [kthrotld] (root,0,0,00:00:00/17-13:29:37,115) [mld] (root,0,0,00:00:00/17-13:29:37,116) [ipv6_addrconf] (root,0,0,00:00:07/17-13:29:37,117) [kworker/1:1H-kblockd] (root,0,0,00:00:00/17-13:29:37,122) [kstrp] (root,0,0,00:00:00/17-13:29:37,123) [zswap-shrink] (root,0,0,00:00:00/17-13:29:37,124) [kworker/u9:0] (root,0,0,00:00:00/17-13:29:37,129) [charger_manager] (root,0,0,00:00:03/17-13:29:36,172) [kworker/3:1H-kblockd] (root,0,0,00:00:03/17-13:29:36,175) [kworker/0:1H-kblockd] (root,0,0,00:00:00/17-13:29:36,205) [kaluad] (root,0,0,00:00:00/17-13:29:36,250) [kmpath_rdacd] (root,0,0,00:00:00/17-13:29:36,293) [kmpathd] (root,0,0,00:00:00/17-13:29:36,294) [kmpath_handlerd] (root,0,0,00:00:00/17-13:29:36,342) [ata_sff] (root,0,0,00:00:00/17-13:29:35,343) [scsi_eh_0] (root,0,0,00:00:00/17-13:29:35,344) [scsi_tmf_0] (root,0,0,00:00:00/17-13:29:35,345) [scsi_eh_1] (root,0,0,00:00:00/17-13:29:35,346) [scsi_tmf_1] (root,0,0,00:00:26/17-13:29:33,366) [jbd2/vda1-8] (root,0,0,00:00:00/17-13:29:33,367) [ext4-rsv-conver] (root,38604,7876,00:00:27/17-13:29:21,440) /usr/lib/systemd/systemd-journald (root,53164,9648,00:00:02/17-13:29:20,456) /usr/lib/systemd/systemd-udevd (root,8624,6760,00:00:26/17-13:29:18,491) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1628,00:00:10/17-13:28:44,512) /sbin/auditd (messagebus,22936,5672,00:00:54/17-13:28:44,518) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38748,8556,00:00:31/17-13:28:44,531) /usr/lib/systemd/systemd-logind (root,20556,5140,00:00:00/17-13:28:44,541) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,31876,16220,00:00:03/17-13:28:43,626) /usr/sbin/wickedd --systemd --foreground (root,31896,16976,00:00:00/17-13:28:43,627) /usr/sbin/wickedd-nanny --systemd --foreground (root,547848,29016,00:00:19/17-13:28:29,1172) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26512,00:00:00/17-13:28:29,1185) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4572,00:01:36/17-13:28:28,1194) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1744,00:00:00/17-13:28:28,1197) /sbin/agetty -o -p -- \u --noclear tty1 linux (syslogtunnel,40568,10564,00:00:00/17-13:28:28,1199) /usr/lib/systemd/systemd --user (cm-ssh,40568,10520,00:00:00/17-13:28:28,1200) /usr/lib/systemd/systemd --user (checkmk,40560,10484,00:00:00/17-13:28:28,1201) /usr/lib/systemd/systemd --user (root,448968,8552,00:00:26/17-13:28:28,1202) /usr/sbin/rsyslogd -n -iNONE (ntp,20660,6112,00:02:22/17-13:28:28,1204) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (root,2516,672,00:00:00/17-13:28:28,1206) bpfilter_umh (root,26204,8300,00:00:08/17-13:28:28,1214) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,22048,4236,00:00:00/17-13:28:28,1215) ntpd: asynchronous dns resolver (spot,284956,171816,23:05:42/17-13:28:28,1221) /usr/bin/python3.11 /usr/bin/spot (cm-ssh,48532,3192,00:00:00/17-13:28:27,1228) (sd-pam) (checkmk,48532,3192,00:00:00/17-13:28:27,1229) (sd-pam) (syslogtunnel,48532,3192,00:00:00/17-13:28:27,1245) (sd-pam) (root,24216,5348,00:00:05/17-13:28:26,1325) /usr/lib/postfix/bin//master -w (postfix,24292,8260,00:00:01/17-13:28:26,1327) qmgr -l -t fifo -u (root,8964,2668,00:00:02/17-13:28:25,1354) /usr/sbin/cron -n (root,692236,75412,00:22:49/17-13:28:19,1375) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,214464,51012,00:05:52/17-13:28:05,1380) /usr/bin/python3.11 /usr/bin/spot (root,0,0,00:00:03/02:46:23,3299) [kworker/2:0-events] (root,6656,3480,00:00:00/00:00,5751) /bin/bash /usr/bin/check_mk_agent (root,13744,3424,00:00:00/00:00,5769) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,960,00:00:00/00:00,5770) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,0,0,00:00:00/55:50,6422) [kworker/0:2-events] (postfix,24244,8240,00:00:00/01:14:46,9878) pickup -l -t fifo -u (root,0,0,00:00:00/12:49,13668) [kworker/2:1] (root,35308,10012,00:00:00/11-11:19:21,15389) sshd: cm-ssh [priv] (cm-ssh,35308,5508,00:00:38/11-11:19:20,15391) sshd: cm-ssh (root,35308,10072,00:00:00/1-12:47:59,16975) sshd: syslogtunnel [priv] (syslogtunnel,35308,5588,00:00:05/1-12:47:58,16977) sshd: syslogtunnel (root,0,0,00:00:00/07:06,19315) [kworker/1:0-ata_sff] (root,0,0,00:00:03/05:13:13,19752) [kworker/1:2-events] (root,0,0,00:00:00/06:42,22787) [kworker/3:0-events] (root,0,0,00:00:01/04:30:57,24312) [kworker/0:0-mm_percpu_wq] (root,0,0,00:00:00/01:56,25795) [kworker/1:1-ata_sff] (root,0,0,00:00:00/06:16,26541) [kworker/u8:2-writeback] (root,0,0,00:00:00/07:34:44,28658) [kworker/u8:1-ext4-rsv-conversion] (postfix,44628,9416,00:00:00/11-18:05:06,30472) tlsmgr -l -t unix -u (root,0,0,00:00:01/03:16:47,32305) [kworker/3:1-events] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether d2:d8:79:3d:79:c8 brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 42:10:47:e6:ef:4b brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-11-29 23:51 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe568363e195e161Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12820,00:00:44/15-13:02:37,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:00/15-13:02:37,2) [kthreadd] (root,0,0,00:00:00/15-13:02:37,3) [rcu_gp] (root,0,0,00:00:00/15-13:02:37,4) [rcu_par_gp] (root,0,0,00:00:00/15-13:02:37,5) [slub_flushwq] (root,0,0,00:00:00/15-13:02:37,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/15-13:02:37,9) [mm_percpu_wq] (root,0,0,00:00:00/15-13:02:37,10) [rcu_tasks_kthre] (root,0,0,00:00:00/15-13:02:37,11) [rcu_tasks_rude_] (root,0,0,00:00:00/15-13:02:37,12) [rcu_tasks_trace] (root,0,0,00:00:29/15-13:02:37,13) [ksoftirqd/0] (root,0,0,00:41:43/15-13:02:37,14) [rcu_preempt] (root,0,0,00:00:05/15-13:02:37,15) [migration/0] (root,0,0,00:00:00/15-13:02:37,16) [idle_inject/0] (root,0,0,00:00:00/15-13:02:37,18) [cpuhp/0] (root,0,0,00:00:00/15-13:02:37,19) [cpuhp/1] (root,0,0,00:00:00/15-13:02:37,20) [idle_inject/1] (root,0,0,00:00:06/15-13:02:37,21) [migration/1] (root,0,0,00:00:25/15-13:02:37,22) [ksoftirqd/1] (root,0,0,00:00:00/15-13:02:37,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/15-13:02:37,25) [cpuhp/2] (root,0,0,00:00:00/15-13:02:37,26) [idle_inject/2] (root,0,0,00:00:05/15-13:02:37,27) [migration/2] (root,0,0,00:32:15/15-13:02:37,28) [ksoftirqd/2] (root,0,0,00:00:00/15-13:02:37,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/15-13:02:37,31) [cpuhp/3] (root,0,0,00:00:00/15-13:02:37,32) [idle_inject/3] (root,0,0,00:00:05/15-13:02:37,33) [migration/3] (root,0,0,00:01:29/15-13:02:37,34) [ksoftirqd/3] (root,0,0,00:00:00/15-13:02:37,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/15-13:02:37,39) [kdevtmpfs] (root,0,0,00:00:00/15-13:02:37,40) [netns] (root,0,0,00:00:00/15-13:02:37,41) [inet_frag_wq] (root,0,0,00:00:04/15-13:02:37,42) [kauditd] (root,0,0,00:00:00/15-13:02:37,43) [khungtaskd] (root,0,0,00:00:00/15-13:02:37,44) [oom_reaper] (root,0,0,00:00:00/15-13:02:37,45) [writeback] (root,0,0,00:00:45/15-13:02:37,46) [kcompactd0] (root,0,0,00:00:00/15-13:02:37,47) [ksmd] (root,0,0,00:00:46/15-13:02:37,48) [khugepaged] (root,0,0,00:00:00/15-13:02:37,74) [kintegrityd] (root,0,0,00:00:00/15-13:02:37,75) [kblockd] (root,0,0,00:00:00/15-13:02:37,76) [blkcg_punt_bio] (root,0,0,00:00:00/15-13:02:37,78) [tpm_dev_wq] (root,0,0,00:00:00/15-13:02:37,79) [edac-poller] (root,0,0,00:00:00/15-13:02:37,80) [devfreq_wq] (root,0,0,00:00:00/15-13:02:37,110) [watchdogd] (root,0,0,00:00:03/15-13:02:37,111) [kworker/2:1H-kblockd] (root,0,0,00:00:01/15-13:02:37,112) [kswapd0] (root,0,0,00:00:00/15-13:02:36,114) [kthrotld] (root,0,0,00:00:00/15-13:02:36,115) [mld] (root,0,0,00:00:00/15-13:02:36,116) [ipv6_addrconf] (root,0,0,00:00:06/15-13:02:36,117) [kworker/1:1H-kblockd] (root,0,0,00:00:00/15-13:02:36,122) [kstrp] (root,0,0,00:00:00/15-13:02:36,123) [zswap-shrink] (root,0,0,00:00:00/15-13:02:36,124) [kworker/u9:0] (root,0,0,00:00:00/15-13:02:36,129) [charger_manager] (root,0,0,00:00:03/15-13:02:35,172) [kworker/3:1H-kblockd] (root,0,0,00:00:03/15-13:02:35,175) [kworker/0:1H-kblockd] (root,0,0,00:00:00/15-13:02:35,205) [kaluad] (root,0,0,00:00:00/15-13:02:35,250) [kmpath_rdacd] (root,0,0,00:00:00/15-13:02:35,293) [kmpathd] (root,0,0,00:00:00/15-13:02:35,294) [kmpath_handlerd] (root,0,0,00:00:00/15-13:02:35,342) [ata_sff] (root,0,0,00:00:00/15-13:02:34,343) [scsi_eh_0] (root,0,0,00:00:00/15-13:02:34,344) [scsi_tmf_0] (root,0,0,00:00:00/15-13:02:34,345) [scsi_eh_1] (root,0,0,00:00:00/15-13:02:34,346) [scsi_tmf_1] (root,0,0,00:00:23/15-13:02:32,366) [jbd2/vda1-8] (root,0,0,00:00:00/15-13:02:32,367) [ext4-rsv-conver] (root,38604,7876,00:00:24/15-13:02:20,440) /usr/lib/systemd/systemd-journald (root,53164,9648,00:00:01/15-13:02:19,456) /usr/lib/systemd/systemd-udevd (root,8624,6760,00:00:23/15-13:02:17,491) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1628,00:00:09/15-13:01:43,512) /sbin/auditd (messagebus,22936,5672,00:00:49/15-13:01:43,518) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38748,8540,00:00:28/15-13:01:43,531) /usr/lib/systemd/systemd-logind (root,0,0,00:00:00/06:14,539) [kworker/0:2] (root,20556,5140,00:00:00/15-13:01:43,541) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,31876,16220,00:00:03/15-13:01:42,626) /usr/sbin/wickedd --systemd --foreground (root,31896,16976,00:00:00/15-13:01:42,627) /usr/sbin/wickedd-nanny --systemd --foreground (root,547848,27976,00:00:17/15-13:01:28,1172) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26512,00:00:00/15-13:01:28,1185) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4572,00:01:23/15-13:01:27,1194) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1744,00:00:00/15-13:01:27,1197) /sbin/agetty -o -p -- \u --noclear tty1 linux (syslogtunnel,40568,10564,00:00:00/15-13:01:27,1199) /usr/lib/systemd/systemd --user (cm-ssh,40568,10520,00:00:00/15-13:01:27,1200) /usr/lib/systemd/systemd --user (checkmk,40560,10484,00:00:00/15-13:01:27,1201) /usr/lib/systemd/systemd --user (root,448968,8584,00:00:24/15-13:01:27,1202) /usr/sbin/rsyslogd -n -iNONE (ntp,20660,6112,00:02:06/15-13:01:27,1204) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (root,2516,672,00:00:00/15-13:01:27,1206) bpfilter_umh (root,26204,8300,00:00:07/15-13:01:27,1214) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,22048,4236,00:00:00/15-13:01:27,1215) ntpd: asynchronous dns resolver (spot,285204,171320,20:54:09/15-13:01:27,1221) /usr/bin/python3.11 /usr/bin/spot (cm-ssh,48532,3192,00:00:00/15-13:01:26,1228) (sd-pam) (checkmk,48532,3192,00:00:00/15-13:01:26,1229) (sd-pam) (syslogtunnel,48532,3192,00:00:00/15-13:01:26,1245) (sd-pam) (root,24216,5348,00:00:05/15-13:01:25,1325) /usr/lib/postfix/bin//master -w (postfix,24292,8260,00:00:01/15-13:01:25,1327) qmgr -l -t fifo -u (root,8964,2668,00:00:02/15-13:01:24,1354) /usr/sbin/cron -n (root,691980,74872,00:20:07/15-13:01:18,1375) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,213440,49184,00:05:09/15-13:01:04,1380) /usr/bin/python3.11 /usr/bin/spot (postfix,24244,8220,00:00:00/01:09:50,7356) pickup -l -t fifo -u (root,0,0,00:00:00/04:09,7785) [kworker/1:1-ata_sff] (root,35308,10012,00:00:00/8-04:57:31,8747) sshd: syslogtunnel [priv] (syslogtunnel,35308,5532,00:00:29/8-04:57:31,8749) sshd: syslogtunnel (root,0,0,00:00:00/17:33,10640) [kworker/2:2-events] (root,35308,10012,00:00:00/9-10:52:20,15389) sshd: cm-ssh [priv] (cm-ssh,35308,5508,00:00:31/9-10:52:19,15391) sshd: cm-ssh (root,0,0,00:00:00/01:01:14,16510) [kworker/1:2-events] (root,0,0,00:00:00/39:52,17202) [kworker/3:1] (root,0,0,00:00:00/09:21,21327) [kworker/1:0-ata_sff] (root,6656,3492,00:00:00/00:00,23306) /bin/bash /usr/bin/check_mk_agent (root,6656,3492,00:00:00/00:00,23323) /bin/bash /usr/bin/check_mk_agent (root,13744,3376,00:00:00/00:00,23351) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,964,00:00:00/00:00,23352) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,0,0,00:00:00/28:43,26890) [kworker/0:1-events] (root,0,0,00:00:00/02:03:58,29534) [kworker/u8:0-writeback] (postfix,44628,9416,00:00:00/9-17:38:05,30472) tlsmgr -l -t unix -u (root,0,0,00:00:00/23:54,30764) [kworker/u8:2-ext4-rsv-conversion] (root,0,0,00:00:01/04:51:55,31041) [kworker/3:2-events] (root,0,0,00:00:00/23:13,32265) [kworker/2:1] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether d2:d8:79:3d:79:c8 brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 42:10:47:e6:ef:4b brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-11-27 23:24 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe5683635fe02853Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12812,00:00:40/13-14:36:17,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:00/13-14:36:17,2) [kthreadd] (root,0,0,00:00:00/13-14:36:17,3) [rcu_gp] (root,0,0,00:00:00/13-14:36:17,4) [rcu_par_gp] (root,0,0,00:00:00/13-14:36:17,5) [slub_flushwq] (root,0,0,00:00:00/13-14:36:17,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/13-14:36:17,9) [mm_percpu_wq] (root,0,0,00:00:00/13-14:36:17,10) [rcu_tasks_kthre] (root,0,0,00:00:00/13-14:36:17,11) [rcu_tasks_rude_] (root,0,0,00:00:00/13-14:36:17,12) [rcu_tasks_trace] (root,0,0,00:00:25/13-14:36:17,13) [ksoftirqd/0] (root,0,0,00:36:40/13-14:36:17,14) [rcu_preempt] (root,0,0,00:00:05/13-14:36:17,15) [migration/0] (root,0,0,00:00:00/13-14:36:17,16) [idle_inject/0] (root,0,0,00:00:00/13-14:36:17,18) [cpuhp/0] (root,0,0,00:00:00/13-14:36:17,19) [cpuhp/1] (root,0,0,00:00:00/13-14:36:17,20) [idle_inject/1] (root,0,0,00:00:05/13-14:36:17,21) [migration/1] (root,0,0,00:00:22/13-14:36:17,22) [ksoftirqd/1] (root,0,0,00:00:00/13-14:36:17,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/13-14:36:17,25) [cpuhp/2] (root,0,0,00:00:00/13-14:36:17,26) [idle_inject/2] (root,0,0,00:00:04/13-14:36:17,27) [migration/2] (root,0,0,00:28:55/13-14:36:17,28) [ksoftirqd/2] (root,0,0,00:00:00/13-14:36:17,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/13-14:36:17,31) [cpuhp/3] (root,0,0,00:00:00/13-14:36:17,32) [idle_inject/3] (root,0,0,00:00:05/13-14:36:17,33) [migration/3] (root,0,0,00:01:19/13-14:36:17,34) [ksoftirqd/3] (root,0,0,00:00:00/13-14:36:17,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/13-14:36:17,39) [kdevtmpfs] (root,0,0,00:00:00/13-14:36:17,40) [netns] (root,0,0,00:00:00/13-14:36:17,41) [inet_frag_wq] (root,0,0,00:00:04/13-14:36:17,42) [kauditd] (root,0,0,00:00:00/13-14:36:17,43) [khungtaskd] (root,0,0,00:00:00/13-14:36:17,44) [oom_reaper] (root,0,0,00:00:00/13-14:36:17,45) [writeback] (root,0,0,00:00:40/13-14:36:17,46) [kcompactd0] (root,0,0,00:00:00/13-14:36:17,47) [ksmd] (root,0,0,00:00:40/13-14:36:17,48) [khugepaged] (root,0,0,00:00:00/13-14:36:17,74) [kintegrityd] (root,0,0,00:00:00/13-14:36:17,75) [kblockd] (root,0,0,00:00:00/13-14:36:17,76) [blkcg_punt_bio] (root,0,0,00:00:00/13-14:36:17,78) [tpm_dev_wq] (root,0,0,00:00:00/13-14:36:17,79) [edac-poller] (root,0,0,00:00:00/13-14:36:17,80) [devfreq_wq] (root,0,0,00:00:00/13-14:36:17,110) [watchdogd] (root,0,0,00:00:02/13-14:36:17,111) [kworker/2:1H-kblockd] (root,0,0,00:00:01/13-14:36:17,112) [kswapd0] (root,0,0,00:00:00/13-14:36:16,114) [kthrotld] (root,0,0,00:00:00/13-14:36:16,115) [mld] (root,0,0,00:00:00/13-14:36:16,116) [ipv6_addrconf] (root,0,0,00:00:05/13-14:36:16,117) [kworker/1:1H-kblockd] (root,0,0,00:00:00/13-14:36:16,122) [kstrp] (root,0,0,00:00:00/13-14:36:16,123) [zswap-shrink] (root,0,0,00:00:00/13-14:36:16,124) [kworker/u9:0] (root,0,0,00:00:00/13-14:36:16,129) [charger_manager] (root,0,0,00:00:02/13-14:36:15,172) [kworker/3:1H-kblockd] (root,0,0,00:00:03/13-14:36:15,175) [kworker/0:1H-kblockd] (root,0,0,00:00:00/13-14:36:15,205) [kaluad] (root,0,0,00:00:00/13-14:36:15,250) [kmpath_rdacd] (root,0,0,00:00:00/13-14:36:15,293) [kmpathd] (root,0,0,00:00:00/13-14:36:15,294) [kmpath_handlerd] (root,0,0,00:00:00/13-14:36:15,342) [ata_sff] (root,0,0,00:00:00/13-14:36:14,343) [scsi_eh_0] (root,0,0,00:00:00/13-14:36:14,344) [scsi_tmf_0] (root,0,0,00:00:00/13-14:36:14,345) [scsi_eh_1] (root,0,0,00:00:00/13-14:36:14,346) [scsi_tmf_1] (root,0,0,00:00:20/13-14:36:12,366) [jbd2/vda1-8] (root,0,0,00:00:00/13-14:36:12,367) [ext4-rsv-conver] (root,38604,7876,00:00:22/13-14:36:00,440) /usr/lib/systemd/systemd-journald (root,53164,9648,00:00:01/13-14:35:59,456) /usr/lib/systemd/systemd-udevd (root,8624,6760,00:00:20/13-14:35:57,491) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1628,00:00:08/13-14:35:23,512) /sbin/auditd (messagebus,22936,5672,00:00:45/13-14:35:23,518) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38748,8536,00:00:25/13-14:35:23,531) /usr/lib/systemd/systemd-logind (root,20556,5140,00:00:00/13-14:35:23,541) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,31876,16220,00:00:03/13-14:35:22,626) /usr/sbin/wickedd --systemd --foreground (root,31896,16976,00:00:00/13-14:35:22,627) /usr/sbin/wickedd-nanny --systemd --foreground (root,547848,27716,00:00:15/13-14:35:08,1172) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26512,00:00:00/13-14:35:08,1185) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4572,00:01:13/13-14:35:07,1194) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1744,00:00:00/13-14:35:07,1197) /sbin/agetty -o -p -- \u --noclear tty1 linux (syslogtunnel,40568,10564,00:00:00/13-14:35:07,1199) /usr/lib/systemd/systemd --user (cm-ssh,40568,10520,00:00:00/13-14:35:07,1200) /usr/lib/systemd/systemd --user (checkmk,40560,10484,00:00:00/13-14:35:07,1201) /usr/lib/systemd/systemd --user (root,448968,8584,00:00:21/13-14:35:07,1202) /usr/sbin/rsyslogd -n -iNONE (ntp,20660,6112,00:01:50/13-14:35:07,1204) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (root,2516,672,00:00:00/13-14:35:07,1206) bpfilter_umh (root,26204,8300,00:00:07/13-14:35:07,1214) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,22048,4236,00:00:00/13-14:35:07,1215) ntpd: asynchronous dns resolver (spot,286868,171664,18:16:59/13-14:35:07,1221) /usr/bin/python3.11 /usr/bin/spot (cm-ssh,48532,3192,00:00:00/13-14:35:06,1228) (sd-pam) (checkmk,48532,3192,00:00:00/13-14:35:06,1229) (sd-pam) (syslogtunnel,48532,3192,00:00:00/13-14:35:06,1245) (sd-pam) (root,24216,5348,00:00:04/13-14:35:05,1325) /usr/lib/postfix/bin//master -w (postfix,24292,8260,00:00:00/13-14:35:05,1327) qmgr -l -t fifo -u (root,8964,2668,00:00:01/13-14:35:04,1354) /usr/sbin/cron -n (root,691980,74552,00:17:36/13-14:34:58,1375) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,212416,47908,00:04:29/13-14:34:44,1380) /usr/bin/python3.11 /usr/bin/spot (root,0,0,00:00:00/01:14:18,2659) [kworker/2:0-events] (root,0,0,00:00:05/04:32:55,4939) [kworker/2:2-events] (root,0,0,00:00:00/22:18,5857) [kworker/u8:0-ext4-rsv-conversion] (root,0,0,00:00:00/03:39,6124) [kworker/1:0-ata_sff] (root,35308,10012,00:00:00/6-06:31:11,8747) sshd: syslogtunnel [priv] (syslogtunnel,35308,5532,00:00:22/6-06:31:11,8749) sshd: syslogtunnel (root,0,0,00:00:00/01:19:18,13988) [kworker/0:0-events] (root,0,0,00:00:00/01:43,14012) [kworker/u8:2-writeback] (root,0,0,00:00:00/19:13,14384) [kworker/1:2-ata_sff] (root,0,0,00:00:00/08:50,15008) [kworker/1:1-events] (root,35308,10012,00:00:00/7-12:26:00,15389) sshd: cm-ssh [priv] (cm-ssh,35308,5508,00:00:25/7-12:25:59,15391) sshd: cm-ssh (postfix,24244,8212,00:00:00/01:25:19,19097) pickup -l -t fifo -u (root,6656,3484,00:00:00/00:00,23230) /bin/bash /usr/bin/check_mk_agent (root,13744,3528,00:00:00/00:00,23248) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,960,00:00:00/00:00,23249) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,0,0,00:00:00/01:39:45,23451) [kworker/3:1-events] (root,0,0,00:00:00/02:10:05,24348) [kworker/u8:1-ext4-rsv-conversion] (postfix,44628,9416,00:00:00/7-19:11:45,30472) tlsmgr -l -t unix -u (root,0,0,00:00:00/01:29:32,31001) [kworker/0:2-events] (root,0,0,00:00:01/05:03:35,31777) [kworker/3:0-events] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether d2:d8:79:3d:79:c8 brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 42:10:47:e6:ef:4b brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-11-26 00:58 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe568363437d5c56Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12812,00:00:35/11-14:25:04,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:00/11-14:25:04,2) [kthreadd] (root,0,0,00:00:00/11-14:25:04,3) [rcu_gp] (root,0,0,00:00:00/11-14:25:04,4) [rcu_par_gp] (root,0,0,00:00:00/11-14:25:04,5) [slub_flushwq] (root,0,0,00:00:00/11-14:25:04,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/11-14:25:04,9) [mm_percpu_wq] (root,0,0,00:00:00/11-14:25:04,10) [rcu_tasks_kthre] (root,0,0,00:00:00/11-14:25:04,11) [rcu_tasks_rude_] (root,0,0,00:00:00/11-14:25:04,12) [rcu_tasks_trace] (root,0,0,00:00:21/11-14:25:04,13) [ksoftirqd/0] (root,0,0,00:30:53/11-14:25:04,14) [rcu_preempt] (root,0,0,00:00:04/11-14:25:04,15) [migration/0] (root,0,0,00:00:00/11-14:25:04,16) [idle_inject/0] (root,0,0,00:00:00/11-14:25:04,18) [cpuhp/0] (root,0,0,00:00:00/11-14:25:04,19) [cpuhp/1] (root,0,0,00:00:00/11-14:25:04,20) [idle_inject/1] (root,0,0,00:00:04/11-14:25:04,21) [migration/1] (root,0,0,00:00:18/11-14:25:04,22) [ksoftirqd/1] (root,0,0,00:00:00/11-14:25:04,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/11-14:25:04,25) [cpuhp/2] (root,0,0,00:00:00/11-14:25:04,26) [idle_inject/2] (root,0,0,00:00:03/11-14:25:04,27) [migration/2] (root,0,0,00:24:21/11-14:25:04,28) [ksoftirqd/2] (root,0,0,00:00:00/11-14:25:04,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/11-14:25:04,31) [cpuhp/3] (root,0,0,00:00:00/11-14:25:04,32) [idle_inject/3] (root,0,0,00:00:04/11-14:25:04,33) [migration/3] (root,0,0,00:01:06/11-14:25:04,34) [ksoftirqd/3] (root,0,0,00:00:00/11-14:25:04,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/11-14:25:04,39) [kdevtmpfs] (root,0,0,00:00:00/11-14:25:04,40) [netns] (root,0,0,00:00:00/11-14:25:04,41) [inet_frag_wq] (root,0,0,00:00:03/11-14:25:04,42) [kauditd] (root,0,0,00:00:00/11-14:25:04,43) [khungtaskd] (root,0,0,00:00:00/11-14:25:04,44) [oom_reaper] (root,0,0,00:00:00/11-14:25:04,45) [writeback] (root,0,0,00:00:33/11-14:25:04,46) [kcompactd0] (root,0,0,00:00:00/11-14:25:04,47) [ksmd] (root,0,0,00:00:34/11-14:25:04,48) [khugepaged] (root,0,0,00:00:00/11-14:25:04,74) [kintegrityd] (root,0,0,00:00:00/11-14:25:04,75) [kblockd] (root,0,0,00:00:00/11-14:25:04,76) [blkcg_punt_bio] (root,0,0,00:00:00/11-14:25:04,78) [tpm_dev_wq] (root,0,0,00:00:00/11-14:25:04,79) [edac-poller] (root,0,0,00:00:00/11-14:25:04,80) [devfreq_wq] (root,0,0,00:00:00/11-14:25:04,110) [watchdogd] (root,0,0,00:00:02/11-14:25:04,111) [kworker/2:1H-kblockd] (root,0,0,00:00:00/11-14:25:04,112) [kswapd0] (root,0,0,00:00:00/11-14:25:03,114) [kthrotld] (root,0,0,00:00:00/11-14:25:03,115) [mld] (root,0,0,00:00:00/11-14:25:03,116) [ipv6_addrconf] (root,0,0,00:00:04/11-14:25:03,117) [kworker/1:1H-kblockd] (root,0,0,00:00:00/11-14:25:03,122) [kstrp] (root,0,0,00:00:00/11-14:25:03,123) [zswap-shrink] (root,0,0,00:00:00/11-14:25:03,124) [kworker/u9:0] (root,0,0,00:00:00/11-14:25:03,129) [charger_manager] (root,0,0,00:00:02/11-14:25:02,172) [kworker/3:1H-kblockd] (root,0,0,00:00:02/11-14:25:02,175) [kworker/0:1H-kblockd] (root,0,0,00:00:00/11-14:25:02,205) [kaluad] (root,0,0,00:00:00/11-14:25:02,250) [kmpath_rdacd] (root,0,0,00:00:00/11-14:25:02,293) [kmpathd] (root,0,0,00:00:00/11-14:25:02,294) [kmpath_handlerd] (root,0,0,00:00:00/11-14:25:02,342) [ata_sff] (root,0,0,00:00:00/11-14:25:01,343) [scsi_eh_0] (root,0,0,00:00:00/11-14:25:01,344) [scsi_tmf_0] (root,0,0,00:00:00/11-14:25:01,345) [scsi_eh_1] (root,0,0,00:00:00/11-14:25:01,346) [scsi_tmf_1] (root,0,0,00:00:17/11-14:24:59,366) [jbd2/vda1-8] (root,0,0,00:00:00/11-14:24:59,367) [ext4-rsv-conver] (root,38604,7900,00:00:19/11-14:24:47,440) /usr/lib/systemd/systemd-journald (root,53164,9680,00:00:01/11-14:24:46,456) /usr/lib/systemd/systemd-udevd (root,8624,6760,00:00:17/11-14:24:44,491) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1636,00:00:07/11-14:24:10,512) /sbin/auditd (messagebus,22936,5672,00:00:39/11-14:24:10,518) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38748,8548,00:00:22/11-14:24:10,531) /usr/lib/systemd/systemd-logind (root,20556,5140,00:00:00/11-14:24:10,541) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,31876,16220,00:00:03/11-14:24:09,626) /usr/sbin/wickedd --systemd --foreground (root,31896,16976,00:00:00/11-14:24:09,627) /usr/sbin/wickedd-nanny --systemd --foreground (root,547848,27724,00:00:13/11-14:23:55,1172) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26512,00:00:00/11-14:23:55,1185) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4572,00:01:02/11-14:23:54,1194) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1744,00:00:00/11-14:23:54,1197) /sbin/agetty -o -p -- \u --noclear tty1 linux (syslogtunnel,40568,10564,00:00:00/11-14:23:54,1199) /usr/lib/systemd/systemd --user (cm-ssh,40568,10520,00:00:00/11-14:23:54,1200) /usr/lib/systemd/systemd --user (checkmk,40560,10484,00:00:00/11-14:23:54,1201) /usr/lib/systemd/systemd --user (root,448968,9084,00:00:18/11-14:23:54,1202) /usr/sbin/rsyslogd -n -iNONE (ntp,20660,6224,00:01:33/11-14:23:54,1204) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (root,2516,672,00:00:00/11-14:23:54,1206) bpfilter_umh (root,26204,8300,00:00:06/11-14:23:54,1214) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,22048,4236,00:00:00/11-14:23:54,1215) ntpd: asynchronous dns resolver (spot,284932,171176,14:24:18/11-14:23:54,1221) /usr/bin/python3.11 /usr/bin/spot (cm-ssh,48532,3192,00:00:00/11-14:23:53,1228) (sd-pam) (checkmk,48532,3192,00:00:00/11-14:23:53,1229) (sd-pam) (syslogtunnel,48532,3192,00:00:00/11-14:23:53,1245) (sd-pam) (root,24216,5348,00:00:03/11-14:23:52,1325) /usr/lib/postfix/bin//master -w (postfix,24292,8260,00:00:00/11-14:23:52,1327) qmgr -l -t fifo -u (root,8964,2668,00:00:01/11-14:23:51,1354) /usr/sbin/cron -n (root,691724,74152,00:14:56/11-14:23:45,1375) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,211392,46620,00:03:47/11-14:23:31,1380) /usr/bin/python3.11 /usr/bin/spot (root,0,0,00:00:00/11:47:13,4619) [kworker/u8:0-ext4-rsv-conversion] (postfix,24244,8200,00:00:00/01:34:46,7853) pickup -l -t fifo -u (root,0,0,00:00:00/03:08,8058) [kworker/1:2-ata_sff] (root,35308,10012,00:00:00/4-06:19:58,8747) sshd: syslogtunnel [priv] (syslogtunnel,35308,5532,00:00:15/4-06:19:58,8749) sshd: syslogtunnel (root,0,0,00:00:00/02:56,8823) [kworker/3:2-events] (root,0,0,00:00:00/08:18,12648) [kworker/1:0-ata_sff] (root,35308,10012,00:00:00/5-12:14:47,15389) sshd: cm-ssh [priv] (cm-ssh,35308,5508,00:00:18/5-12:14:46,15391) sshd: cm-ssh (root,6764,3604,00:00:00/00:00,16653) /bin/bash /usr/bin/check_mk_agent (root,6656,3488,00:00:00/00:00,16772) /bin/bash /usr/bin/check_mk_agent (root,6656,1824,00:00:00/00:00,16837) /bin/bash /usr/bin/check_mk_agent (root,6656,2016,00:00:00/00:00,16838) /bin/bash /usr/bin/check_mk_agent (root,4480,1152,00:00:00/00:00,16839) awk /:/ { c[$4]++; } END { for (x in c) { print x, c[x]; } } (root,2728,824,00:00:00/00:00,16841) timeout 5 cat /proc/net/tcp /proc/net/tcp6 (root,2680,732,00:00:00/00:00,16843) cat /proc/net/tcp /proc/net/tcp6 (root,6292,3276,00:00:00/00:00,16848) /bin/bash ././spot.bash (root,6656,3484,00:00:00/00:00,16858) /bin/bash /usr/bin/check_mk_agent (root,13744,3404,00:00:00/00:00,16903) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,964,00:00:00/00:00,16904) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,6292,1700,00:00:00/00:00,16905) /bin/bash ././spot.bash (root,6292,424,00:00:00/00:00,16907) /bin/bash ././spot.bash (root,6292,424,00:00:00/00:00,16908) /bin/bash ././spot.bash (root,0,0,00:00:03/04:32:54,21671) [kworker/1:1-events] (root,0,0,00:00:00/31:37,23413) [kworker/0:1-events] (root,0,0,00:00:00/46:08,23908) [kworker/3:0-events] (root,0,0,00:00:01/01:28:40,27030) [kworker/2:0-events] (root,0,0,00:00:00/36:28,27246) [kworker/3:1-cgroup_destroy] (root,0,0,00:00:00/11:06,28081) [kworker/0:0-events] (root,0,0,00:00:00/23:21,28261) [kworker/2:2-events] (postfix,44628,9464,00:00:00/5-19:00:32,30472) tlsmgr -l -t unix -u (root,0,0,00:00:00/04:06:10,31970) [kworker/u8:2-writeback] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether d2:d8:79:3d:79:c8 brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 42:10:47:e6:ef:4b brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-11-24 00:47 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe568363fe519ae5Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12812,00:00:30/9-14:25:57,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:00/9-14:25:57,2) [kthreadd] (root,0,0,00:00:00/9-14:25:57,3) [rcu_gp] (root,0,0,00:00:00/9-14:25:57,4) [rcu_par_gp] (root,0,0,00:00:00/9-14:25:57,5) [slub_flushwq] (root,0,0,00:00:00/9-14:25:57,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/9-14:25:57,9) [mm_percpu_wq] (root,0,0,00:00:00/9-14:25:57,10) [rcu_tasks_kthre] (root,0,0,00:00:00/9-14:25:57,11) [rcu_tasks_rude_] (root,0,0,00:00:00/9-14:25:57,12) [rcu_tasks_trace] (root,0,0,00:00:17/9-14:25:57,13) [ksoftirqd/0] (root,0,0,00:25:25/9-14:25:57,14) [rcu_preempt] (root,0,0,00:00:03/9-14:25:57,15) [migration/0] (root,0,0,00:00:00/9-14:25:57,16) [idle_inject/0] (root,0,0,00:00:00/9-14:25:57,18) [cpuhp/0] (root,0,0,00:00:00/9-14:25:57,19) [cpuhp/1] (root,0,0,00:00:00/9-14:25:57,20) [idle_inject/1] (root,0,0,00:00:03/9-14:25:57,21) [migration/1] (root,0,0,00:00:14/9-14:25:57,22) [ksoftirqd/1] (root,0,0,00:00:00/9-14:25:57,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/9-14:25:57,25) [cpuhp/2] (root,0,0,00:00:00/9-14:25:57,26) [idle_inject/2] (root,0,0,00:00:03/9-14:25:57,27) [migration/2] (root,0,0,00:20:26/9-14:25:57,28) [ksoftirqd/2] (root,0,0,00:00:00/9-14:25:57,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/9-14:25:57,31) [cpuhp/3] (root,0,0,00:00:00/9-14:25:57,32) [idle_inject/3] (root,0,0,00:00:03/9-14:25:57,33) [migration/3] (root,0,0,00:00:54/9-14:25:57,34) [ksoftirqd/3] (root,0,0,00:00:00/9-14:25:57,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/9-14:25:57,39) [kdevtmpfs] (root,0,0,00:00:00/9-14:25:57,40) [netns] (root,0,0,00:00:00/9-14:25:57,41) [inet_frag_wq] (root,0,0,00:00:03/9-14:25:57,42) [kauditd] (root,0,0,00:00:00/9-14:25:57,43) [khungtaskd] (root,0,0,00:00:00/9-14:25:57,44) [oom_reaper] (root,0,0,00:00:00/9-14:25:57,45) [writeback] (root,0,0,00:00:27/9-14:25:57,46) [kcompactd0] (root,0,0,00:00:00/9-14:25:57,47) [ksmd] (root,0,0,00:00:29/9-14:25:57,48) [khugepaged] (root,0,0,00:00:00/9-14:25:57,74) [kintegrityd] (root,0,0,00:00:00/9-14:25:57,75) [kblockd] (root,0,0,00:00:00/9-14:25:57,76) [blkcg_punt_bio] (root,0,0,00:00:00/9-14:25:57,78) [tpm_dev_wq] (root,0,0,00:00:00/9-14:25:57,79) [edac-poller] (root,0,0,00:00:00/9-14:25:57,80) [devfreq_wq] (root,0,0,00:00:00/9-14:25:57,110) [watchdogd] (root,0,0,00:00:01/9-14:25:57,111) [kworker/2:1H-kblockd] (root,0,0,00:00:00/9-14:25:57,112) [kswapd0] (root,0,0,00:00:00/9-14:25:56,114) [kthrotld] (root,0,0,00:00:00/9-14:25:56,115) [mld] (root,0,0,00:00:00/9-14:25:56,116) [ipv6_addrconf] (root,0,0,00:00:04/9-14:25:56,117) [kworker/1:1H-kblockd] (root,0,0,00:00:00/9-14:25:56,122) [kstrp] (root,0,0,00:00:00/9-14:25:56,123) [zswap-shrink] (root,0,0,00:00:00/9-14:25:56,124) [kworker/u9:0] (root,0,0,00:00:00/9-14:25:56,129) [charger_manager] (root,0,0,00:00:02/9-14:25:55,172) [kworker/3:1H-kblockd] (root,0,0,00:00:02/9-14:25:55,175) [kworker/0:1H-kblockd] (root,0,0,00:00:00/9-14:25:55,205) [kaluad] (root,0,0,00:00:00/9-14:25:55,250) [kmpath_rdacd] (root,0,0,00:00:00/9-14:25:55,293) [kmpathd] (root,0,0,00:00:00/9-14:25:55,294) [kmpath_handlerd] (root,0,0,00:00:00/9-14:25:55,342) [ata_sff] (root,0,0,00:00:00/9-14:25:54,343) [scsi_eh_0] (root,0,0,00:00:00/9-14:25:54,344) [scsi_tmf_0] (root,0,0,00:00:00/9-14:25:54,345) [scsi_eh_1] (root,0,0,00:00:00/9-14:25:54,346) [scsi_tmf_1] (root,0,0,00:00:14/9-14:25:52,366) [jbd2/vda1-8] (root,0,0,00:00:00/9-14:25:52,367) [ext4-rsv-conver] (root,38604,7900,00:00:16/9-14:25:40,440) /usr/lib/systemd/systemd-journald (root,53164,9680,00:00:01/9-14:25:39,456) /usr/lib/systemd/systemd-udevd (root,8624,6760,00:00:14/9-14:25:37,491) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1636,00:00:06/9-14:25:03,512) /sbin/auditd (messagebus,22936,5672,00:00:33/9-14:25:03,518) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38748,8544,00:00:19/9-14:25:03,531) /usr/lib/systemd/systemd-logind (root,20556,5140,00:00:00/9-14:25:03,541) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,31876,16220,00:00:03/9-14:25:02,626) /usr/sbin/wickedd --systemd --foreground (root,31896,16976,00:00:00/9-14:25:02,627) /usr/sbin/wickedd-nanny --systemd --foreground (root,547592,26656,00:00:11/9-14:24:48,1172) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26512,00:00:00/9-14:24:48,1185) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4568,00:00:51/9-14:24:47,1194) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1744,00:00:00/9-14:24:47,1197) /sbin/agetty -o -p -- \u --noclear tty1 linux (syslogtunnel,40568,10564,00:00:00/9-14:24:47,1199) /usr/lib/systemd/systemd --user (cm-ssh,40568,10520,00:00:00/9-14:24:47,1200) /usr/lib/systemd/systemd --user (checkmk,40560,10484,00:00:00/9-14:24:47,1201) /usr/lib/systemd/systemd --user (root,448968,8820,00:00:16/9-14:24:47,1202) /usr/sbin/rsyslogd -n -iNONE (ntp,20660,6224,00:01:16/9-14:24:47,1204) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (root,2516,672,00:00:00/9-14:24:47,1206) bpfilter_umh (root,26204,8300,00:00:05/9-14:24:47,1214) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,22048,4236,00:00:00/9-14:24:47,1215) ntpd: asynchronous dns resolver (spot,284404,169604,11:14:49/9-14:24:47,1221) /usr/bin/python3.11 /usr/bin/spot (cm-ssh,48532,3192,00:00:00/9-14:24:46,1228) (sd-pam) (checkmk,48532,3192,00:00:00/9-14:24:46,1229) (sd-pam) (syslogtunnel,48532,3192,00:00:00/9-14:24:46,1245) (sd-pam) (root,24216,5348,00:00:03/9-14:24:45,1325) /usr/lib/postfix/bin//master -w (postfix,24292,8260,00:00:00/9-14:24:45,1327) qmgr -l -t fifo -u (root,8964,2668,00:00:01/9-14:24:44,1354) /usr/sbin/cron -n (root,691336,73836,00:12:21/9-14:24:38,1375) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,210368,45336,00:03:07/9-14:24:24,1380) /usr/bin/python3.11 /usr/bin/spot (root,0,0,00:00:06/05:53:04,2819) [kworker/2:2-events] (root,0,0,00:00:00/37:39,5542) [kworker/u8:2-writeback] (postfix,24244,8256,00:00:00/17:29,5772) pickup -l -t fifo -u (root,0,0,00:00:00/09:13,8672) [kworker/2:1] (root,35308,10012,00:00:00/2-06:20:51,8747) sshd: syslogtunnel [priv] (syslogtunnel,35308,5532,00:00:08/2-06:20:51,8749) sshd: syslogtunnel (root,0,0,00:00:00/00:13,10686) [kworker/1:0-ata_sff] (root,0,0,00:00:00/15:47,10958) [kworker/1:1-events] (root,6656,3488,00:00:00/00:00,11374) /bin/bash /usr/bin/check_mk_agent (root,13744,3492,00:00:00/00:00,11392) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,960,00:00:00/00:00,11393) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,35308,10012,00:00:00/3-12:15:40,15389) sshd: cm-ssh [priv] (cm-ssh,35308,5508,00:00:11/3-12:15:39,15391) sshd: cm-ssh (root,0,0,00:00:00/33:37,16880) [kworker/3:1-events] (root,0,0,00:00:00/14:05,17419) [kworker/3:0-events] (root,0,0,00:00:00/01:35:55,22486) [kworker/u8:1] (root,0,0,00:00:00/05:24,24364) [kworker/1:2-ata_sff] (root,0,0,00:00:00/48:20,24499) [kworker/0:0] (root,0,0,00:00:00/01:03:07,26656) [kworker/0:2-events] (postfix,44628,9464,00:00:00/3-19:01:25,30472) tlsmgr -l -t unix -u Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether d2:d8:79:3d:79:c8 brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 42:10:47:e6:ef:4b brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-11-22 00:48 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe568363d4a37eedFound public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12768,00:00:24/7-15:12:33,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:00/7-15:12:33,2) [kthreadd] (root,0,0,00:00:00/7-15:12:33,3) [rcu_gp] (root,0,0,00:00:00/7-15:12:33,4) [rcu_par_gp] (root,0,0,00:00:00/7-15:12:33,5) [slub_flushwq] (root,0,0,00:00:00/7-15:12:33,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/7-15:12:33,9) [mm_percpu_wq] (root,0,0,00:00:00/7-15:12:33,10) [rcu_tasks_kthre] (root,0,0,00:00:00/7-15:12:33,11) [rcu_tasks_rude_] (root,0,0,00:00:00/7-15:12:33,12) [rcu_tasks_trace] (root,0,0,00:00:13/7-15:12:33,13) [ksoftirqd/0] (root,0,0,00:20:07/7-15:12:33,14) [rcu_preempt] (root,0,0,00:00:02/7-15:12:33,15) [migration/0] (root,0,0,00:00:00/7-15:12:33,16) [idle_inject/0] (root,0,0,00:00:00/7-15:12:33,18) [cpuhp/0] (root,0,0,00:00:00/7-15:12:33,19) [cpuhp/1] (root,0,0,00:00:00/7-15:12:33,20) [idle_inject/1] (root,0,0,00:00:03/7-15:12:33,21) [migration/1] (root,0,0,00:00:11/7-15:12:33,22) [ksoftirqd/1] (root,0,0,00:00:00/7-15:12:33,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/7-15:12:33,25) [cpuhp/2] (root,0,0,00:00:00/7-15:12:33,26) [idle_inject/2] (root,0,0,00:00:02/7-15:12:33,27) [migration/2] (root,0,0,00:16:14/7-15:12:33,28) [ksoftirqd/2] (root,0,0,00:00:00/7-15:12:33,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/7-15:12:33,31) [cpuhp/3] (root,0,0,00:00:00/7-15:12:33,32) [idle_inject/3] (root,0,0,00:00:03/7-15:12:33,33) [migration/3] (root,0,0,00:00:43/7-15:12:33,34) [ksoftirqd/3] (root,0,0,00:00:00/7-15:12:33,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/7-15:12:33,39) [kdevtmpfs] (root,0,0,00:00:00/7-15:12:33,40) [netns] (root,0,0,00:00:00/7-15:12:33,41) [inet_frag_wq] (root,0,0,00:00:02/7-15:12:33,42) [kauditd] (root,0,0,00:00:00/7-15:12:33,43) [khungtaskd] (root,0,0,00:00:00/7-15:12:33,44) [oom_reaper] (root,0,0,00:00:00/7-15:12:33,45) [writeback] (root,0,0,00:00:22/7-15:12:33,46) [kcompactd0] (root,0,0,00:00:00/7-15:12:33,47) [ksmd] (root,0,0,00:00:23/7-15:12:33,48) [khugepaged] (root,0,0,00:00:00/7-15:12:33,74) [kintegrityd] (root,0,0,00:00:00/7-15:12:33,75) [kblockd] (root,0,0,00:00:00/7-15:12:33,76) [blkcg_punt_bio] (root,0,0,00:00:00/7-15:12:33,78) [tpm_dev_wq] (root,0,0,00:00:00/7-15:12:33,79) [edac-poller] (root,0,0,00:00:00/7-15:12:33,80) [devfreq_wq] (root,0,0,00:00:00/7-15:12:33,110) [watchdogd] (root,0,0,00:00:01/7-15:12:33,111) [kworker/2:1H-kblockd] (root,0,0,00:00:00/7-15:12:33,112) [kswapd0] (root,0,0,00:00:00/7-15:12:32,114) [kthrotld] (root,0,0,00:00:00/7-15:12:32,115) [mld] (root,0,0,00:00:00/7-15:12:32,116) [ipv6_addrconf] (root,0,0,00:00:03/7-15:12:32,117) [kworker/1:1H-kblockd] (root,0,0,00:00:00/7-15:12:32,122) [kstrp] (root,0,0,00:00:00/7-15:12:32,123) [zswap-shrink] (root,0,0,00:00:00/7-15:12:32,124) [kworker/u9:0] (root,0,0,00:00:00/7-15:12:32,129) [charger_manager] (root,0,0,00:00:01/7-15:12:31,172) [kworker/3:1H-kblockd] (root,0,0,00:00:01/7-15:12:31,175) [kworker/0:1H-kblockd] (root,0,0,00:00:00/7-15:12:31,205) [kaluad] (root,0,0,00:00:00/7-15:12:31,250) [kmpath_rdacd] (root,0,0,00:00:00/7-15:12:31,293) [kmpathd] (root,0,0,00:00:00/7-15:12:31,294) [kmpath_handlerd] (root,0,0,00:00:00/7-15:12:31,342) [ata_sff] (root,0,0,00:00:00/7-15:12:30,343) [scsi_eh_0] (root,0,0,00:00:00/7-15:12:30,344) [scsi_tmf_0] (root,0,0,00:00:00/7-15:12:30,345) [scsi_eh_1] (root,0,0,00:00:00/7-15:12:30,346) [scsi_tmf_1] (root,0,0,00:00:11/7-15:12:28,366) [jbd2/vda1-8] (root,0,0,00:00:00/7-15:12:28,367) [ext4-rsv-conver] (root,38604,7900,00:00:13/7-15:12:16,440) /usr/lib/systemd/systemd-journald (root,53164,9680,00:00:01/7-15:12:15,456) /usr/lib/systemd/systemd-udevd (root,8624,6760,00:00:11/7-15:12:13,491) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1636,00:00:04/7-15:11:39,512) /sbin/auditd (messagebus,22936,5672,00:00:27/7-15:11:39,518) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38748,8540,00:00:15/7-15:11:39,531) /usr/lib/systemd/systemd-logind (root,20556,5140,00:00:00/7-15:11:39,541) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,31876,16220,00:00:03/7-15:11:38,626) /usr/sbin/wickedd --systemd --foreground (root,31896,16976,00:00:00/7-15:11:38,627) /usr/sbin/wickedd-nanny --systemd --foreground (root,0,0,00:00:00/01:26:24,776) [kworker/3:0-events] (root,0,0,00:00:00/08:55,1151) [kworker/1:0-ata_sff] (root,547592,25356,00:00:08/7-15:11:24,1172) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26512,00:00:00/7-15:11:24,1185) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4568,00:00:42/7-15:11:23,1194) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1744,00:00:00/7-15:11:23,1197) /sbin/agetty -o -p -- \u --noclear tty1 linux (syslogtunnel,40568,10564,00:00:00/7-15:11:23,1199) /usr/lib/systemd/systemd --user (cm-ssh,40568,10520,00:00:00/7-15:11:23,1200) /usr/lib/systemd/systemd --user (checkmk,40560,10484,00:00:00/7-15:11:23,1201) /usr/lib/systemd/systemd --user (root,448968,8820,00:00:13/7-15:11:23,1202) /usr/sbin/rsyslogd -n -iNONE (ntp,20660,6224,00:01:00/7-15:11:23,1204) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (root,2516,672,00:00:00/7-15:11:23,1206) bpfilter_umh (root,26204,8300,00:00:04/7-15:11:23,1214) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,22048,4236,00:00:00/7-15:11:23,1215) ntpd: asynchronous dns resolver (spot,284580,169648,08:44:08/7-15:11:23,1221) /usr/bin/python3.11 /usr/bin/spot (cm-ssh,48532,3192,00:00:00/7-15:11:22,1228) (sd-pam) (checkmk,48532,3192,00:00:00/7-15:11:22,1229) (sd-pam) (syslogtunnel,48532,3192,00:00:00/7-15:11:22,1245) (sd-pam) (root,24216,5348,00:00:02/7-15:11:21,1325) /usr/lib/postfix/bin//master -w (postfix,24292,8260,00:00:00/7-15:11:21,1327) qmgr -l -t fifo -u (root,8964,2668,00:00:01/7-15:11:20,1354) /usr/sbin/cron -n (root,691080,73620,00:09:47/7-15:11:14,1375) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,209344,43792,00:02:27/7-15:11:00,1380) /usr/bin/python3.11 /usr/bin/spot (root,6656,3484,00:00:00/00:00,2739) /bin/bash /usr/bin/check_mk_agent (root,6656,1820,00:00:00/00:00,2807) /bin/bash /usr/bin/check_mk_agent (root,6656,2012,00:00:00/00:00,2808) /bin/bash /usr/bin/check_mk_agent (root,4480,1140,00:00:00/00:00,2809) awk /:/ { c[$4]++; } END { for (x in c) { print x, c[x]; } } (root,2728,828,00:00:00/00:00,2810) timeout 5 cat /proc/net/tcp /proc/net/tcp6 (root,2676,1200,00:00:00/00:00,2812) cat /proc/net/tcp /proc/net/tcp6 (root,6656,3492,00:00:00/00:00,2817) /bin/bash /usr/bin/check_mk_agent (root,13744,3412,00:00:00/00:00,2835) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,964,00:00:00/00:00,2836) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (postfix,24244,8216,00:00:00/01:25:53,3178) pickup -l -t fifo -u (root,0,0,00:00:01/03:51:28,7055) [kworker/3:2-events] (root,0,0,00:00:00/59:12,7981) [kworker/u8:0-ext4-rsv-conversion] (root,35308,10012,00:00:00/07:07:27,8747) sshd: syslogtunnel [priv] (syslogtunnel,35308,5532,00:00:01/07:07:27,8749) sshd: syslogtunnel (root,0,0,00:00:00/15:36,10528) [kworker/2:1-events] (root,0,0,00:00:00/15:35,10529) [kworker/u8:1-ext4-rsv-conversion] (root,0,0,00:00:00/57:20,13261) [kworker/0:2] (root,35308,10012,00:00:00/1-13:02:16,15389) sshd: cm-ssh [priv] (cm-ssh,35308,5508,00:00:05/1-13:02:15,15391) sshd: cm-ssh (root,0,0,00:00:00/03:42,20353) [kworker/1:2-ata_sff] (root,0,0,00:00:00/01:11:38,23924) [kworker/0:0-events] (root,0,0,00:00:00/45:12,24194) [kworker/1:1-events] (postfix,44628,9464,00:00:00/1-19:48:01,30472) tlsmgr -l -t unix -u (root,0,0,00:00:00/34:49,31725) [kworker/2:2-events] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether d2:d8:79:3d:79:c8 brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 42:10:47:e6:ef:4b brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-11-20 01:34 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe568363b1b8ed0dFound public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12768,00:00:24/7-12:38:30,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:00/7-12:38:30,2) [kthreadd] (root,0,0,00:00:00/7-12:38:30,3) [rcu_gp] (root,0,0,00:00:00/7-12:38:30,4) [rcu_par_gp] (root,0,0,00:00:00/7-12:38:30,5) [slub_flushwq] (root,0,0,00:00:00/7-12:38:30,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/7-12:38:30,9) [mm_percpu_wq] (root,0,0,00:00:00/7-12:38:30,10) [rcu_tasks_kthre] (root,0,0,00:00:00/7-12:38:30,11) [rcu_tasks_rude_] (root,0,0,00:00:00/7-12:38:30,12) [rcu_tasks_trace] (root,0,0,00:00:13/7-12:38:30,13) [ksoftirqd/0] (root,0,0,00:19:47/7-12:38:30,14) [rcu_preempt] (root,0,0,00:00:02/7-12:38:30,15) [migration/0] (root,0,0,00:00:00/7-12:38:30,16) [idle_inject/0] (root,0,0,00:00:00/7-12:38:30,18) [cpuhp/0] (root,0,0,00:00:00/7-12:38:30,19) [cpuhp/1] (root,0,0,00:00:00/7-12:38:30,20) [idle_inject/1] (root,0,0,00:00:03/7-12:38:30,21) [migration/1] (root,0,0,00:00:11/7-12:38:30,22) [ksoftirqd/1] (root,0,0,00:00:00/7-12:38:30,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/7-12:38:30,25) [cpuhp/2] (root,0,0,00:00:00/7-12:38:30,26) [idle_inject/2] (root,0,0,00:00:02/7-12:38:30,27) [migration/2] (root,0,0,00:15:55/7-12:38:30,28) [ksoftirqd/2] (root,0,0,00:00:00/7-12:38:30,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/7-12:38:30,31) [cpuhp/3] (root,0,0,00:00:00/7-12:38:30,32) [idle_inject/3] (root,0,0,00:00:03/7-12:38:30,33) [migration/3] (root,0,0,00:00:42/7-12:38:30,34) [ksoftirqd/3] (root,0,0,00:00:00/7-12:38:30,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/7-12:38:30,39) [kdevtmpfs] (root,0,0,00:00:00/7-12:38:30,40) [netns] (root,0,0,00:00:00/7-12:38:30,41) [inet_frag_wq] (root,0,0,00:00:02/7-12:38:30,42) [kauditd] (root,0,0,00:00:00/7-12:38:30,43) [khungtaskd] (root,0,0,00:00:00/7-12:38:30,44) [oom_reaper] (root,0,0,00:00:00/7-12:38:30,45) [writeback] (root,0,0,00:00:22/7-12:38:30,46) [kcompactd0] (root,0,0,00:00:00/7-12:38:30,47) [ksmd] (root,0,0,00:00:22/7-12:38:30,48) [khugepaged] (root,0,0,00:00:00/7-12:38:30,74) [kintegrityd] (root,0,0,00:00:00/7-12:38:30,75) [kblockd] (root,0,0,00:00:00/7-12:38:30,76) [blkcg_punt_bio] (root,0,0,00:00:00/7-12:38:30,78) [tpm_dev_wq] (root,0,0,00:00:00/7-12:38:30,79) [edac-poller] (root,0,0,00:00:00/7-12:38:30,80) [devfreq_wq] (root,0,0,00:00:00/7-12:38:30,110) [watchdogd] (root,0,0,00:00:01/7-12:38:30,111) [kworker/2:1H-kblockd] (root,0,0,00:00:00/7-12:38:30,112) [kswapd0] (root,0,0,00:00:00/7-12:38:29,114) [kthrotld] (root,0,0,00:00:00/7-12:38:29,115) [mld] (root,0,0,00:00:00/7-12:38:29,116) [ipv6_addrconf] (root,0,0,00:00:03/7-12:38:29,117) [kworker/1:1H-kblockd] (root,0,0,00:00:00/7-12:38:29,122) [kstrp] (root,0,0,00:00:00/7-12:38:29,123) [zswap-shrink] (root,0,0,00:00:00/7-12:38:29,124) [kworker/u9:0] (root,0,0,00:00:00/7-12:38:29,129) [charger_manager] (root,0,0,00:00:01/7-12:38:28,172) [kworker/3:1H-kblockd] (root,0,0,00:00:01/7-12:38:28,175) [kworker/0:1H-kblockd] (root,0,0,00:00:00/7-12:38:28,205) [kaluad] (root,0,0,00:00:00/7-12:38:28,250) [kmpath_rdacd] (root,0,0,00:00:00/7-12:38:28,293) [kmpathd] (root,0,0,00:00:00/7-12:38:28,294) [kmpath_handlerd] (root,0,0,00:00:00/7-12:38:28,342) [ata_sff] (root,0,0,00:00:00/7-12:38:27,343) [scsi_eh_0] (root,0,0,00:00:00/7-12:38:27,344) [scsi_tmf_0] (root,0,0,00:00:00/7-12:38:27,345) [scsi_eh_1] (root,0,0,00:00:00/7-12:38:27,346) [scsi_tmf_1] (root,0,0,00:00:11/7-12:38:25,366) [jbd2/vda1-8] (root,0,0,00:00:00/7-12:38:25,367) [ext4-rsv-conver] (root,38604,7900,00:00:13/7-12:38:13,440) /usr/lib/systemd/systemd-journald (root,53164,9680,00:00:01/7-12:38:12,456) /usr/lib/systemd/systemd-udevd (root,8624,6760,00:00:11/7-12:38:10,491) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1636,00:00:04/7-12:37:36,512) /sbin/auditd (messagebus,22936,5672,00:00:26/7-12:37:36,518) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38748,8540,00:00:15/7-12:37:36,531) /usr/lib/systemd/systemd-logind (root,20556,5140,00:00:00/7-12:37:36,541) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,0,0,00:00:00/22:36,589) [kworker/u8:0-flush-253:0] (root,31876,16220,00:00:03/7-12:37:35,626) /usr/sbin/wickedd --systemd --foreground (root,31896,16976,00:00:00/7-12:37:35,627) /usr/sbin/wickedd-nanny --systemd --foreground (root,547592,25356,00:00:08/7-12:37:21,1172) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26512,00:00:00/7-12:37:21,1185) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4568,00:00:39/7-12:37:20,1194) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1744,00:00:00/7-12:37:20,1197) /sbin/agetty -o -p -- \u --noclear tty1 linux (syslogtunnel,40568,10564,00:00:00/7-12:37:20,1199) /usr/lib/systemd/systemd --user (cm-ssh,40568,10520,00:00:00/7-12:37:20,1200) /usr/lib/systemd/systemd --user (checkmk,40560,10484,00:00:00/7-12:37:20,1201) /usr/lib/systemd/systemd --user (root,448968,8820,00:00:13/7-12:37:20,1202) /usr/sbin/rsyslogd -n -iNONE (ntp,20660,6224,00:00:59/7-12:37:20,1204) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (root,2516,672,00:00:00/7-12:37:20,1206) bpfilter_umh (root,26204,8300,00:00:04/7-12:37:20,1214) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,22048,4236,00:00:00/7-12:37:20,1215) ntpd: asynchronous dns resolver (spot,284532,169636,08:32:13/7-12:37:20,1221) /usr/bin/python3.11 /usr/bin/spot (cm-ssh,48532,3192,00:00:00/7-12:37:19,1228) (sd-pam) (checkmk,48532,3192,00:00:00/7-12:37:19,1229) (sd-pam) (syslogtunnel,48532,3192,00:00:00/7-12:37:19,1245) (sd-pam) (root,24216,5348,00:00:02/7-12:37:18,1325) /usr/lib/postfix/bin//master -w (postfix,24292,8260,00:00:00/7-12:37:18,1327) qmgr -l -t fifo -u (root,8964,2668,00:00:01/7-12:37:17,1354) /usr/sbin/cron -n (root,691080,73620,00:09:38/7-12:37:11,1375) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,209344,43784,00:02:24/7-12:36:57,1380) /usr/bin/python3.11 /usr/bin/spot (root,0,0,00:00:00/48:09,1729) [kworker/0:2-events] (root,0,0,00:00:00/40:56,3298) [kworker/2:1-events] (root,0,0,00:00:00/01:17:25,7055) [kworker/3:2-events] (root,0,0,00:00:00/55:31,8300) [kworker/3:1-cgroup_destroy] (root,0,0,00:00:00/00:07,8674) [kworker/1:1-events] (root,35308,10012,00:00:00/04:33:24,8747) sshd: syslogtunnel [priv] (syslogtunnel,35308,5532,00:00:00/04:33:24,8749) sshd: syslogtunnel (root,6656,3480,00:00:00/00:00,9041) /bin/bash /usr/bin/check_mk_agent (root,13744,3420,00:00:00/00:00,9059) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,964,00:00:00/00:00,9060) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,0,0,00:00:00/08:38,11800) [kworker/2:0-cgroup_destroy] (root,35308,10012,00:00:00/1-10:28:13,15389) sshd: cm-ssh [priv] (cm-ssh,35308,5508,00:00:04/1-10:28:12,15391) sshd: cm-ssh (root,0,0,00:00:00/19:31,17554) [kworker/0:1-events] (postfix,24244,8324,00:00:00/31:54,18194) pickup -l -t fifo -u (root,0,0,00:00:00/45:09,18809) [kworker/u8:1-ext4-rsv-conversion] (root,0,0,00:00:00/52:00,21988) [kworker/1:0-ata_sff] (root,0,0,00:00:00/00:32,28289) [kworker/u8:2] (root,0,0,00:00:00/05:18,28600) [kworker/1:2-ata_sff] (root,0,0,00:00:00/05:00,29535) [kworker/3:0] (postfix,44628,9464,00:00:00/1-17:13:58,30472) tlsmgr -l -t unix -u Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether d2:d8:79:3d:79:c8 brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 42:10:47:e6:ef:4b brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-11-19 23:00 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe568363b1a2554bFound public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12768,00:00:18/5-14:19:25,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:00/5-14:19:25,2) [kthreadd] (root,0,0,00:00:00/5-14:19:25,3) [rcu_gp] (root,0,0,00:00:00/5-14:19:25,4) [rcu_par_gp] (root,0,0,00:00:00/5-14:19:25,5) [slub_flushwq] (root,0,0,00:00:00/5-14:19:25,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/5-14:19:25,9) [mm_percpu_wq] (root,0,0,00:00:00/5-14:19:25,10) [rcu_tasks_kthre] (root,0,0,00:00:00/5-14:19:25,11) [rcu_tasks_rude_] (root,0,0,00:00:00/5-14:19:25,12) [rcu_tasks_trace] (root,0,0,00:00:09/5-14:19:25,13) [ksoftirqd/0] (root,0,0,00:14:35/5-14:19:25,14) [rcu_preempt] (root,0,0,00:00:02/5-14:19:25,15) [migration/0] (root,0,0,00:00:00/5-14:19:25,16) [idle_inject/0] (root,0,0,00:00:00/5-14:19:25,18) [cpuhp/0] (root,0,0,00:00:00/5-14:19:25,19) [cpuhp/1] (root,0,0,00:00:00/5-14:19:25,20) [idle_inject/1] (root,0,0,00:00:02/5-14:19:25,21) [migration/1] (root,0,0,00:00:08/5-14:19:25,22) [ksoftirqd/1] (root,0,0,00:00:00/5-14:19:25,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/5-14:19:25,25) [cpuhp/2] (root,0,0,00:00:00/5-14:19:25,26) [idle_inject/2] (root,0,0,00:00:01/5-14:19:25,27) [migration/2] (root,0,0,00:12:06/5-14:19:25,28) [ksoftirqd/2] (root,0,0,00:00:00/5-14:19:25,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/5-14:19:25,31) [cpuhp/3] (root,0,0,00:00:00/5-14:19:25,32) [idle_inject/3] (root,0,0,00:00:02/5-14:19:25,33) [migration/3] (root,0,0,00:00:31/5-14:19:25,34) [ksoftirqd/3] (root,0,0,00:00:00/5-14:19:25,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/5-14:19:25,39) [kdevtmpfs] (root,0,0,00:00:00/5-14:19:25,40) [netns] (root,0,0,00:00:00/5-14:19:25,41) [inet_frag_wq] (root,0,0,00:00:01/5-14:19:25,42) [kauditd] (root,0,0,00:00:00/5-14:19:25,43) [khungtaskd] (root,0,0,00:00:00/5-14:19:25,44) [oom_reaper] (root,0,0,00:00:00/5-14:19:25,45) [writeback] (root,0,0,00:00:15/5-14:19:25,46) [kcompactd0] (root,0,0,00:00:00/5-14:19:25,47) [ksmd] (root,0,0,00:00:16/5-14:19:25,48) [khugepaged] (root,0,0,00:00:00/5-14:19:25,74) [kintegrityd] (root,0,0,00:00:00/5-14:19:25,75) [kblockd] (root,0,0,00:00:00/5-14:19:25,76) [blkcg_punt_bio] (root,0,0,00:00:00/5-14:19:25,78) [tpm_dev_wq] (root,0,0,00:00:00/5-14:19:25,79) [edac-poller] (root,0,0,00:00:00/5-14:19:25,80) [devfreq_wq] (root,0,0,00:00:00/5-14:19:25,110) [watchdogd] (root,0,0,00:00:01/5-14:19:25,111) [kworker/2:1H-kblockd] (root,0,0,00:00:00/5-14:19:25,112) [kswapd0] (root,0,0,00:00:00/5-14:19:24,114) [kthrotld] (root,0,0,00:00:00/5-14:19:24,115) [mld] (root,0,0,00:00:00/5-14:19:24,116) [ipv6_addrconf] (root,0,0,00:00:02/5-14:19:24,117) [kworker/1:1H-kblockd] (root,0,0,00:00:00/5-14:19:24,122) [kstrp] (root,0,0,00:00:00/5-14:19:24,123) [zswap-shrink] (root,0,0,00:00:00/5-14:19:24,124) [kworker/u9:0] (root,0,0,00:00:00/5-14:19:24,129) [charger_manager] (root,0,0,00:00:01/5-14:19:23,172) [kworker/3:1H-kblockd] (root,0,0,00:00:01/5-14:19:23,175) [kworker/0:1H-kblockd] (root,0,0,00:00:00/5-14:19:23,205) [kaluad] (root,0,0,00:00:00/5-14:19:23,250) [kmpath_rdacd] (root,0,0,00:00:00/5-14:19:23,293) [kmpathd] (root,0,0,00:00:00/5-14:19:23,294) [kmpath_handlerd] (root,0,0,00:00:00/5-14:19:23,342) [ata_sff] (root,0,0,00:00:00/5-14:19:22,343) [scsi_eh_0] (root,0,0,00:00:00/5-14:19:22,344) [scsi_tmf_0] (root,0,0,00:00:00/5-14:19:22,345) [scsi_eh_1] (root,0,0,00:00:00/5-14:19:22,346) [scsi_tmf_1] (root,0,0,00:00:08/5-14:19:20,366) [jbd2/vda1-8] (root,0,0,00:00:00/5-14:19:20,367) [ext4-rsv-conver] (root,38604,7544,00:00:10/5-14:19:08,440) /usr/lib/systemd/systemd-journald (root,53164,9776,00:00:00/5-14:19:07,456) /usr/lib/systemd/systemd-udevd (root,8624,6760,00:00:08/5-14:19:05,491) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1652,00:00:03/5-14:18:31,512) /sbin/auditd (messagebus,22936,5824,00:00:20/5-14:18:31,518) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38748,8544,00:00:11/5-14:18:31,531) /usr/lib/systemd/systemd-logind (root,20556,6104,00:00:00/5-14:18:31,541) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,31876,17312,00:00:03/5-14:18:30,626) /usr/sbin/wickedd --systemd --foreground (root,31896,17960,00:00:00/5-14:18:30,627) /usr/sbin/wickedd-nanny --systemd --foreground (root,547592,25572,00:00:06/5-14:18:16,1172) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26748,00:00:00/5-14:18:16,1185) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4568,00:00:30/5-14:18:15,1194) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1756,00:00:00/5-14:18:15,1197) /sbin/agetty -o -p -- \u --noclear tty1 linux (syslogtunnel,40568,10564,00:00:00/5-14:18:15,1199) /usr/lib/systemd/systemd --user (cm-ssh,40568,10520,00:00:00/5-14:18:15,1200) /usr/lib/systemd/systemd --user (checkmk,40560,10484,00:00:00/5-14:18:15,1201) /usr/lib/systemd/systemd --user (root,448968,8640,00:00:10/5-14:18:15,1202) /usr/sbin/rsyslogd -n -iNONE (ntp,20660,6484,00:00:43/5-14:18:15,1204) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (root,2516,672,00:00:00/5-14:18:15,1206) bpfilter_umh (root,26204,8340,00:00:03/5-14:18:15,1214) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,22048,4384,00:00:00/5-14:18:15,1215) ntpd: asynchronous dns resolver (spot,276088,163720,06:08:08/5-14:18:15,1221) /usr/bin/python3.11 /usr/bin/spot (cm-ssh,48532,3192,00:00:00/5-14:18:14,1228) (sd-pam) (checkmk,48532,3192,00:00:00/5-14:18:14,1229) (sd-pam) (syslogtunnel,48532,3192,00:00:00/5-14:18:14,1245) (sd-pam) (root,24216,5348,00:00:01/5-14:18:13,1325) /usr/lib/postfix/bin//master -w (postfix,24292,8260,00:00:00/5-14:18:13,1327) qmgr -l -t fifo -u (root,8964,2668,00:00:00/5-14:18:12,1354) /usr/sbin/cron -n (root,691080,73464,00:07:06/5-14:18:06,1375) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,208320,42500,00:01:46/5-14:17:52,1380) /usr/bin/python3.11 /usr/bin/spot (root,0,0,00:00:00/06:33,3243) [kworker/u8:1-flush-253:0] (root,6656,3488,00:00:00/00:01,3827) /bin/bash /usr/bin/check_mk_agent (root,6656,3488,00:00:00/00:00,3876) /bin/bash /usr/bin/check_mk_agent (root,6656,1824,00:00:00/00:00,3877) /bin/bash /usr/bin/check_mk_agent (root,6656,2016,00:00:00/00:00,3878) /bin/bash /usr/bin/check_mk_agent (root,4480,1036,00:00:00/00:00,3879) awk /:/ { c[$4]++; } END { for (x in c) { print x, c[x]; } } (root,2728,788,00:00:00/00:00,3880) timeout 5 cat /proc/net/tcp /proc/net/tcp6 (root,2680,756,00:00:00/00:00,3881) cat /proc/net/tcp /proc/net/tcp6 (root,13744,3508,00:00:00/00:00,3899) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,964,00:00:00/00:00,3900) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,0,0,00:00:00/21:28,4281) [kworker/u8:2] (root,35308,10024,00:00:00/3-16:11:01,4679) sshd: syslogtunnel [priv] (syslogtunnel,35308,5592,00:00:12/3-16:11:01,4681) sshd: syslogtunnel (root,35308,10044,00:00:00/3-16:10:46,4686) sshd: cm-ssh [priv] (cm-ssh,35308,5396,00:00:11/3-16:10:46,4688) sshd: cm-ssh (root,0,0,00:00:00/02:30,7623) [kworker/3:2-events] (postfix,24244,8216,00:00:00/53:37,11162) pickup -l -t fifo -u (root,0,0,00:00:00/09:35,11660) [kworker/1:2-ata_sff] (root,0,0,00:00:00/23:43,16093) [kworker/2:0-events] (root,0,0,00:00:00/01:45:30,17810) [kworker/3:1-events] (root,0,0,00:00:00/19:58,18198) [kworker/1:1-events] (root,0,0,00:00:00/27:58,23223) [kworker/3:0-cgroup_destroy] (root,0,0,00:00:00/04:24,24345) [kworker/1:0-ata_sff] (root,0,0,00:00:00/49:31,29441) [kworker/0:0-events] (root,0,0,00:00:01/03:27:24,31879) [kworker/0:2-events] (root,0,0,00:00:02/01:28:09,32749) [kworker/2:1-events] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether d2:d8:79:3d:79:c8 brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 42:10:47:e6:ef:4b brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-11-18 00:41 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe5683636e68a1beFound public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12768,00:00:13/3-15:21:32,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:00/3-15:21:32,2) [kthreadd] (root,0,0,00:00:00/3-15:21:32,3) [rcu_gp] (root,0,0,00:00:00/3-15:21:32,4) [rcu_par_gp] (root,0,0,00:00:00/3-15:21:32,5) [slub_flushwq] (root,0,0,00:00:00/3-15:21:32,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/3-15:21:32,9) [mm_percpu_wq] (root,0,0,00:00:00/3-15:21:32,10) [rcu_tasks_kthre] (root,0,0,00:00:00/3-15:21:32,11) [rcu_tasks_rude_] (root,0,0,00:00:00/3-15:21:32,12) [rcu_tasks_trace] (root,0,0,00:00:06/3-15:21:32,13) [ksoftirqd/0] (root,0,0,00:09:31/3-15:21:32,14) [rcu_preempt] (root,0,0,00:00:01/3-15:21:32,15) [migration/0] (root,0,0,00:00:00/3-15:21:32,16) [idle_inject/0] (root,0,0,00:00:00/3-15:21:32,18) [cpuhp/0] (root,0,0,00:00:00/3-15:21:32,19) [cpuhp/1] (root,0,0,00:00:00/3-15:21:32,20) [idle_inject/1] (root,0,0,00:00:01/3-15:21:32,21) [migration/1] (root,0,0,00:00:05/3-15:21:32,22) [ksoftirqd/1] (root,0,0,00:00:00/3-15:21:32,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/3-15:21:32,25) [cpuhp/2] (root,0,0,00:00:00/3-15:21:32,26) [idle_inject/2] (root,0,0,00:00:01/3-15:21:32,27) [migration/2] (root,0,0,00:08:02/3-15:21:32,28) [ksoftirqd/2] (root,0,0,00:00:00/3-15:21:32,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/3-15:21:32,31) [cpuhp/3] (root,0,0,00:00:00/3-15:21:32,32) [idle_inject/3] (root,0,0,00:00:01/3-15:21:32,33) [migration/3] (root,0,0,00:00:20/3-15:21:32,34) [ksoftirqd/3] (root,0,0,00:00:00/3-15:21:32,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/3-15:21:32,39) [kdevtmpfs] (root,0,0,00:00:00/3-15:21:32,40) [netns] (root,0,0,00:00:00/3-15:21:32,41) [inet_frag_wq] (root,0,0,00:00:01/3-15:21:32,42) [kauditd] (root,0,0,00:00:00/3-15:21:32,43) [khungtaskd] (root,0,0,00:00:00/3-15:21:32,44) [oom_reaper] (root,0,0,00:00:00/3-15:21:32,45) [writeback] (root,0,0,00:00:09/3-15:21:32,46) [kcompactd0] (root,0,0,00:00:00/3-15:21:32,47) [ksmd] (root,0,0,00:00:10/3-15:21:32,48) [khugepaged] (root,0,0,00:00:00/3-15:21:32,74) [kintegrityd] (root,0,0,00:00:00/3-15:21:32,75) [kblockd] (root,0,0,00:00:00/3-15:21:32,76) [blkcg_punt_bio] (root,0,0,00:00:00/3-15:21:32,78) [tpm_dev_wq] (root,0,0,00:00:00/3-15:21:32,79) [edac-poller] (root,0,0,00:00:00/3-15:21:32,80) [devfreq_wq] (root,0,0,00:00:00/3-15:21:32,110) [watchdogd] (root,0,0,00:00:00/3-15:21:32,111) [kworker/2:1H-kblockd] (root,0,0,00:00:00/3-15:21:32,112) [kswapd0] (root,0,0,00:00:00/3-15:21:31,114) [kthrotld] (root,0,0,00:00:00/3-15:21:31,115) [mld] (root,0,0,00:00:00/3-15:21:31,116) [ipv6_addrconf] (root,0,0,00:00:01/3-15:21:31,117) [kworker/1:1H-kblockd] (root,0,0,00:00:00/3-15:21:31,122) [kstrp] (root,0,0,00:00:00/3-15:21:31,123) [zswap-shrink] (root,0,0,00:00:00/3-15:21:31,124) [kworker/u9:0] (root,0,0,00:00:00/3-15:21:31,129) [charger_manager] (root,0,0,00:00:00/3-15:21:30,172) [kworker/3:1H-kblockd] (root,0,0,00:00:00/3-15:21:30,175) [kworker/0:1H-kblockd] (root,0,0,00:00:00/3-15:21:30,205) [kaluad] (root,0,0,00:00:00/3-15:21:30,250) [kmpath_rdacd] (root,0,0,00:00:00/3-15:21:30,293) [kmpathd] (root,0,0,00:00:00/3-15:21:30,294) [kmpath_handlerd] (root,0,0,00:00:00/3-15:21:30,342) [ata_sff] (root,0,0,00:00:00/3-15:21:29,343) [scsi_eh_0] (root,0,0,00:00:00/3-15:21:29,344) [scsi_tmf_0] (root,0,0,00:00:00/3-15:21:29,345) [scsi_eh_1] (root,0,0,00:00:00/3-15:21:29,346) [scsi_tmf_1] (root,0,0,00:00:05/3-15:21:27,366) [jbd2/vda1-8] (root,0,0,00:00:00/3-15:21:27,367) [ext4-rsv-conver] (root,38604,7544,00:00:07/3-15:21:15,440) /usr/lib/systemd/systemd-journald (root,53164,9776,00:00:00/3-15:21:14,456) /usr/lib/systemd/systemd-udevd (root,8624,6760,00:00:05/3-15:21:12,491) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1652,00:00:02/3-15:20:38,512) /sbin/auditd (messagebus,22936,5824,00:00:14/3-15:20:38,518) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38748,8540,00:00:08/3-15:20:38,531) /usr/lib/systemd/systemd-logind (root,20556,6104,00:00:00/3-15:20:38,541) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,31876,17312,00:00:03/3-15:20:37,626) /usr/sbin/wickedd --systemd --foreground (root,31896,17960,00:00:00/3-15:20:37,627) /usr/sbin/wickedd-nanny --systemd --foreground (root,547336,24748,00:00:04/3-15:20:23,1172) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26748,00:00:00/3-15:20:23,1185) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4568,00:00:18/3-15:20:22,1194) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1756,00:00:00/3-15:20:22,1197) /sbin/agetty -o -p -- \u --noclear tty1 linux (syslogtunnel,40568,10564,00:00:00/3-15:20:22,1199) /usr/lib/systemd/systemd --user (cm-ssh,40568,10520,00:00:00/3-15:20:22,1200) /usr/lib/systemd/systemd --user (checkmk,40560,10484,00:00:00/3-15:20:22,1201) /usr/lib/systemd/systemd --user (root,448968,8640,00:00:07/3-15:20:22,1202) /usr/sbin/rsyslogd -n -iNONE (ntp,20660,6484,00:00:28/3-15:20:22,1204) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (root,2516,672,00:00:00/3-15:20:22,1206) bpfilter_umh (root,26204,8340,00:00:02/3-15:20:22,1214) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,22048,4384,00:00:00/3-15:20:22,1215) ntpd: asynchronous dns resolver (spot,273644,162244,04:12:39/3-15:20:22,1221) /usr/bin/python3.11 /usr/bin/spot (cm-ssh,48532,3192,00:00:00/3-15:20:21,1228) (sd-pam) (checkmk,48532,3192,00:00:00/3-15:20:21,1229) (sd-pam) (syslogtunnel,48532,3192,00:00:00/3-15:20:21,1245) (sd-pam) (root,24216,5348,00:00:01/3-15:20:20,1325) /usr/lib/postfix/bin//master -w (postfix,24292,8260,00:00:00/3-15:20:20,1327) qmgr -l -t fifo -u (root,8964,2668,00:00:00/3-15:20:19,1354) /usr/sbin/cron -n (root,689544,71904,00:04:39/3-15:20:13,1375) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,207296,41156,00:01:10/3-15:19:59,1380) /usr/bin/python3.11 /usr/bin/spot (root,0,0,00:00:00/01:17:34,1655) [kworker/0:1-events] (root,0,0,00:00:05/03:52:54,3235) [kworker/2:0-events] (root,6764,3592,00:00:00/00:01,3976) /bin/bash /usr/bin/check_mk_agent (root,6292,3136,00:00:00/00:01,4103) /bin/bash ././mk_inventory.linux (root,43924,23748,00:00:00/00:01,4107) rpm -qa --qf %{NAME}\t%{VERSION}\t%{ARCH}\trpm\t%{RELEASE}\t%{SUMMARY}\t-\n (root,6656,3488,00:00:00/00:00,4236) /bin/bash /usr/bin/check_mk_agent (root,6656,1824,00:00:00/00:00,4311) /bin/bash /usr/bin/check_mk_agent (root,6656,2016,00:00:00/00:00,4312) /bin/bash /usr/bin/check_mk_agent (root,4480,1184,00:00:00/00:00,4313) awk /:/ { c[$4]++; } END { for (x in c) { print x, c[x]; } } (root,2728,848,00:00:00/00:00,4314) timeout 5 cat /proc/net/tcp /proc/net/tcp6 (root,2680,712,00:00:00/00:00,4315) cat /proc/net/tcp /proc/net/tcp6 (root,6656,3480,00:00:00/00:00,4316) /bin/bash /usr/bin/check_mk_agent (root,13744,3408,00:00:00/00:00,4334) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,964,00:00:00/00:00,4335) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,35308,10024,00:00:00/1-17:13:08,4679) sshd: syslogtunnel [priv] (syslogtunnel,35308,5592,00:00:05/1-17:13:08,4681) sshd: syslogtunnel (root,35308,10044,00:00:00/1-17:12:53,4686) sshd: cm-ssh [priv] (cm-ssh,35308,5396,00:00:05/1-17:12:53,4688) sshd: cm-ssh (root,0,0,00:00:00/02:30:42,4707) [kworker/0:2-events] (postfix,24244,8164,00:00:00/37:42,13818) pickup -l -t fifo -u (root,0,0,00:00:01/01:39:51,19322) [kworker/1:1-events] (root,0,0,00:00:00/01:18,24315) [kworker/1:0-ata_sff] (root,0,0,00:00:00/01:38:11,25346) [kworker/u8:0-writeback] (root,0,0,00:00:00/06:28,25711) [kworker/1:2-ata_sff] (root,0,0,00:00:00/16:30,26463) [kworker/3:0-events] (root,0,0,00:00:00/05:28:09,30146) [kworker/u8:2] (root,0,0,00:00:00/51:44,30663) [kworker/3:1-events] (root,0,0,00:00:00/05:29,31815) [kworker/2:2] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether d2:d8:79:3d:79:c8 brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 42:10:47:e6:ef:4b brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-11-16 01:43 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe568363f0405de2Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12692,00:00:12/3-07:48:57,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:00/3-07:48:57,2) [kthreadd] (root,0,0,00:00:00/3-07:48:57,3) [rcu_gp] (root,0,0,00:00:00/3-07:48:57,4) [rcu_par_gp] (root,0,0,00:00:00/3-07:48:57,5) [slub_flushwq] (root,0,0,00:00:00/3-07:48:57,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/3-07:48:57,9) [mm_percpu_wq] (root,0,0,00:00:00/3-07:48:57,10) [rcu_tasks_kthre] (root,0,0,00:00:00/3-07:48:57,11) [rcu_tasks_rude_] (root,0,0,00:00:00/3-07:48:57,12) [rcu_tasks_trace] (root,0,0,00:00:04/3-07:48:57,13) [ksoftirqd/0] (root,0,0,00:08:39/3-07:48:57,14) [rcu_preempt] (root,0,0,00:00:01/3-07:48:57,15) [migration/0] (root,0,0,00:00:00/3-07:48:57,16) [idle_inject/0] (root,0,0,00:00:00/3-07:48:57,18) [cpuhp/0] (root,0,0,00:00:00/3-07:48:57,19) [cpuhp/1] (root,0,0,00:00:00/3-07:48:57,20) [idle_inject/1] (root,0,0,00:00:01/3-07:48:57,21) [migration/1] (root,0,0,00:00:04/3-07:48:57,22) [ksoftirqd/1] (root,0,0,00:00:00/3-07:48:57,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/3-07:48:57,25) [cpuhp/2] (root,0,0,00:00:00/3-07:48:57,26) [idle_inject/2] (root,0,0,00:00:01/3-07:48:57,27) [migration/2] (root,0,0,00:07:14/3-07:48:57,28) [ksoftirqd/2] (root,0,0,00:00:00/3-07:48:57,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/3-07:48:57,31) [cpuhp/3] (root,0,0,00:00:00/3-07:48:57,32) [idle_inject/3] (root,0,0,00:00:01/3-07:48:57,33) [migration/3] (root,0,0,00:00:18/3-07:48:57,34) [ksoftirqd/3] (root,0,0,00:00:00/3-07:48:57,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/3-07:48:57,39) [kdevtmpfs] (root,0,0,00:00:00/3-07:48:57,40) [netns] (root,0,0,00:00:00/3-07:48:57,41) [inet_frag_wq] (root,0,0,00:00:01/3-07:48:57,42) [kauditd] (root,0,0,00:00:00/3-07:48:57,43) [khungtaskd] (root,0,0,00:00:00/3-07:48:57,44) [oom_reaper] (root,0,0,00:00:00/3-07:48:57,45) [writeback] (root,0,0,00:00:08/3-07:48:57,46) [kcompactd0] (root,0,0,00:00:00/3-07:48:57,47) [ksmd] (root,0,0,00:00:09/3-07:48:57,48) [khugepaged] (root,0,0,00:00:00/3-07:48:57,74) [kintegrityd] (root,0,0,00:00:00/3-07:48:57,75) [kblockd] (root,0,0,00:00:00/3-07:48:57,76) [blkcg_punt_bio] (root,0,0,00:00:00/3-07:48:57,78) [tpm_dev_wq] (root,0,0,00:00:00/3-07:48:57,79) [edac-poller] (root,0,0,00:00:00/3-07:48:57,80) [devfreq_wq] (root,0,0,00:00:00/3-07:48:57,110) [watchdogd] (root,0,0,00:00:00/3-07:48:57,111) [kworker/2:1H-kblockd] (root,0,0,00:00:00/3-07:48:57,112) [kswapd0] (root,0,0,00:00:00/3-07:48:56,114) [kthrotld] (root,0,0,00:00:00/3-07:48:56,115) [mld] (root,0,0,00:00:00/3-07:48:56,116) [ipv6_addrconf] (root,0,0,00:00:01/3-07:48:56,117) [kworker/1:1H-kblockd] (root,0,0,00:00:00/3-07:48:56,122) [kstrp] (root,0,0,00:00:00/3-07:48:56,123) [zswap-shrink] (root,0,0,00:00:00/3-07:48:56,124) [kworker/u9:0] (root,0,0,00:00:00/3-07:48:56,129) [charger_manager] (root,0,0,00:00:00/3-07:48:55,172) [kworker/3:1H-kblockd] (root,0,0,00:00:00/3-07:48:55,175) [kworker/0:1H-kblockd] (root,0,0,00:00:00/3-07:48:55,205) [kaluad] (root,0,0,00:00:00/3-07:48:55,250) [kmpath_rdacd] (root,0,0,00:00:00/3-07:48:55,293) [kmpathd] (root,0,0,00:00:00/3-07:48:55,294) [kmpath_handlerd] (root,0,0,00:00:00/3-07:48:55,342) [ata_sff] (root,0,0,00:00:00/3-07:48:54,343) [scsi_eh_0] (root,0,0,00:00:00/3-07:48:54,344) [scsi_tmf_0] (root,0,0,00:00:00/3-07:48:54,345) [scsi_eh_1] (root,0,0,00:00:00/3-07:48:54,346) [scsi_tmf_1] (root,0,0,00:00:05/3-07:48:52,366) [jbd2/vda1-8] (root,0,0,00:00:00/3-07:48:52,367) [ext4-rsv-conver] (root,38604,7544,00:00:06/3-07:48:40,440) /usr/lib/systemd/systemd-journald (root,53164,9776,00:00:00/3-07:48:39,456) /usr/lib/systemd/systemd-udevd (root,8624,6760,00:00:05/3-07:48:37,491) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1652,00:00:02/3-07:48:03,512) /sbin/auditd (messagebus,22936,5824,00:00:13/3-07:48:03,518) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38748,8536,00:00:07/3-07:48:03,531) /usr/lib/systemd/systemd-logind (root,20556,6104,00:00:00/3-07:48:03,541) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,31876,17312,00:00:03/3-07:48:02,626) /usr/sbin/wickedd --systemd --foreground (root,31896,17960,00:00:00/3-07:48:02,627) /usr/sbin/wickedd-nanny --systemd --foreground (root,0,0,00:00:00/36:49,646) [kworker/0:1-events] (root,547336,24748,00:00:03/3-07:47:48,1172) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26748,00:00:00/3-07:47:48,1185) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4568,00:00:12/3-07:47:47,1194) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1756,00:00:00/3-07:47:47,1197) /sbin/agetty -o -p -- \u --noclear tty1 linux (syslogtunnel,40568,10564,00:00:00/3-07:47:47,1199) /usr/lib/systemd/systemd --user (cm-ssh,40568,10520,00:00:00/3-07:47:47,1200) /usr/lib/systemd/systemd --user (checkmk,40560,10484,00:00:00/3-07:47:47,1201) /usr/lib/systemd/systemd --user (root,448724,8116,00:00:07/3-07:47:47,1202) /usr/sbin/rsyslogd -n -iNONE (ntp,20660,6484,00:00:26/3-07:47:47,1204) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (root,2516,672,00:00:00/3-07:47:47,1206) bpfilter_umh (root,26204,8340,00:00:02/3-07:47:47,1214) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,22048,4384,00:00:00/3-07:47:47,1215) ntpd: asynchronous dns resolver (spot,200516,162832,03:51:17/3-07:47:47,1221) /usr/bin/python3.11 /usr/bin/spot (cm-ssh,48532,3192,00:00:00/3-07:47:46,1228) (sd-pam) (checkmk,48532,3192,00:00:00/3-07:47:46,1229) (sd-pam) (syslogtunnel,48532,3192,00:00:00/3-07:47:46,1245) (sd-pam) (root,24216,5348,00:00:00/3-07:47:45,1325) /usr/lib/postfix/bin//master -w (postfix,24292,8260,00:00:00/3-07:47:45,1327) qmgr -l -t fifo -u (root,8964,2668,00:00:00/3-07:47:44,1354) /usr/sbin/cron -n (root,689544,71836,00:04:16/3-07:47:38,1375) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,206272,41136,00:01:04/3-07:47:24,1380) /usr/bin/python3.11 /usr/bin/spot (root,0,0,00:00:00/01:58:19,4674) [kworker/1:1-events] (root,35308,10024,00:00:00/1-09:40:33,4679) sshd: syslogtunnel [priv] (syslogtunnel,35308,5592,00:00:04/1-09:40:33,4681) sshd: syslogtunnel (root,35308,10044,00:00:00/1-09:40:18,4686) sshd: cm-ssh [priv] (cm-ssh,35308,5396,00:00:04/1-09:40:18,4688) sshd: cm-ssh (root,0,0,00:00:00/20:01,8460) [kworker/u8:1] (root,0,0,00:00:00/19:45,9122) [kworker/2:1-events] (root,0,0,00:00:00/06:55:58,11985) [kworker/u8:0-writeback] (root,0,0,00:00:00/08:16,14615) [kworker/1:2-ata_sff] (postfix,24244,8252,00:00:00/01:25:28,16510) pickup -l -t fifo -u (root,0,0,00:00:00/03:06,16671) [kworker/1:0-ata_sff] (root,6656,3488,00:00:00/00:00,18106) /bin/bash /usr/bin/check_mk_agent (root,13744,3420,00:00:00/00:00,18124) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,964,00:00:00/00:00,18125) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,0,0,00:00:00/04:23:15,27110) [kworker/0:2-events] (root,0,0,00:00:00/01:10:51,29034) [kworker/3:1-events] (root,0,0,00:00:00/45:17,29186) [kworker/3:2] (root,0,0,00:00:01/02:23:13,31380) [kworker/2:2-events] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether d2:d8:79:3d:79:c8 brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 42:10:47:e6:ef:4b brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-11-15 18:11
Domain summary
No record