Host 141.9.65.242
Germany
Verein zur Foerderung eines Deutschen Forschungsnetzes e.V.
-
CheckMK monitoring endpoint publicly available
An open CheckMK agent is publicly available.
This could leak sensitive information such as :
- Process list ( maybe credentials )
- Network interfaces
- Running services
- Firewall rules
- Internal OS configuration
https://docs.checkmk.com/latest/en/wato_monitoringagents.html
First seen 2024-09-12 05:15
Last seen 2024-12-22 01:00
Open for 100 days-
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe568363a0ab2f12Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12712,00:05:09/39-14:37:49,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:01/39-14:37:49,2) [kthreadd] (root,0,0,00:00:00/39-14:37:49,3) [rcu_gp] (root,0,0,00:00:00/39-14:37:49,4) [rcu_par_gp] (root,0,0,00:00:00/39-14:37:49,5) [slub_flushwq] (root,0,0,00:00:00/39-14:37:49,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/39-14:37:49,9) [mm_percpu_wq] (root,0,0,00:00:00/39-14:37:49,10) [rcu_tasks_kthre] (root,0,0,00:00:00/39-14:37:49,11) [rcu_tasks_rude_] (root,0,0,00:00:00/39-14:37:49,12) [rcu_tasks_trace] (root,0,0,00:00:26/39-14:37:49,13) [ksoftirqd/0] (root,0,0,01:43:45/39-14:37:49,14) [rcu_preempt] (root,0,0,00:00:12/39-14:37:49,15) [migration/0] (root,0,0,00:00:00/39-14:37:49,16) [idle_inject/0] (root,0,0,00:00:00/39-14:37:49,18) [cpuhp/0] (root,0,0,00:00:00/39-14:37:49,19) [cpuhp/1] (root,0,0,00:00:00/39-14:37:49,20) [idle_inject/1] (root,0,0,00:00:12/39-14:37:49,21) [migration/1] (root,0,0,00:00:20/39-14:37:49,22) [ksoftirqd/1] (root,0,0,00:00:00/39-14:37:49,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/39-14:37:49,25) [cpuhp/2] (root,0,0,00:00:00/39-14:37:49,26) [idle_inject/2] (root,0,0,00:00:12/39-14:37:49,27) [migration/2] (root,0,0,00:10:19/39-14:37:49,28) [ksoftirqd/2] (root,0,0,00:00:00/39-14:37:49,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/39-14:37:49,31) [cpuhp/3] (root,0,0,00:00:00/39-14:37:49,32) [idle_inject/3] (root,0,0,00:00:12/39-14:37:49,33) [migration/3] (root,0,0,00:01:19/39-14:37:49,34) [ksoftirqd/3] (root,0,0,00:00:00/39-14:37:49,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/39-14:37:49,41) [kdevtmpfs] (root,0,0,00:00:00/39-14:37:49,42) [netns] (root,0,0,00:00:00/39-14:37:49,43) [inet_frag_wq] (root,0,0,00:00:11/39-14:37:49,44) [kauditd] (root,0,0,00:00:00/39-14:37:49,47) [khungtaskd] (root,0,0,00:00:00/39-14:37:49,48) [oom_reaper] (root,0,0,00:00:00/39-14:37:49,49) [writeback] (root,0,0,00:01:49/39-14:37:49,50) [kcompactd0] (root,0,0,00:00:00/39-14:37:49,51) [ksmd] (root,0,0,00:01:53/39-14:37:49,52) [khugepaged] (root,0,0,00:00:00/39-14:37:49,77) [kintegrityd] (root,0,0,00:00:00/39-14:37:49,78) [kblockd] (root,0,0,00:00:00/39-14:37:49,79) [blkcg_punt_bio] (root,0,0,00:00:00/39-14:37:49,80) [tpm_dev_wq] (root,0,0,00:00:00/39-14:37:49,81) [edac-poller] (root,0,0,00:00:00/39-14:37:49,82) [devfreq_wq] (root,0,0,00:00:00/39-14:37:49,111) [watchdogd] (root,0,0,00:00:14/39-14:37:49,112) [kworker/2:1H-kblockd] (root,0,0,00:00:00/39-14:37:49,113) [kswapd0] (root,0,0,00:00:00/39-14:37:48,115) [kthrotld] (root,0,0,00:00:00/39-14:37:48,116) [mld] (root,0,0,00:00:00/39-14:37:48,117) [ipv6_addrconf] (root,0,0,00:00:08/39-14:37:48,118) [kworker/1:1H-kblockd] (root,0,0,00:00:00/39-14:37:48,123) [kstrp] (root,0,0,00:00:00/39-14:37:48,125) [zswap-shrink] (root,0,0,00:00:00/39-14:37:48,126) [kworker/u9:0] (root,0,0,00:00:00/39-14:37:48,131) [charger_manager] (root,0,0,00:00:06/39-14:37:48,173) [kworker/3:1H-kblockd] (root,0,0,00:00:07/39-14:37:48,176) [kworker/0:1H-kblockd] (root,0,0,00:00:00/39-14:37:47,329) [ata_sff] (root,0,0,00:00:00/39-14:37:47,330) [scsi_eh_0] (root,0,0,00:00:00/39-14:37:47,331) [scsi_tmf_0] (root,0,0,00:00:00/39-14:37:47,332) [scsi_eh_1] (root,0,0,00:00:00/39-14:37:47,333) [scsi_tmf_1] (root,0,0,00:00:49/39-14:37:45,351) [jbd2/vda1-8] (root,0,0,00:00:00/39-14:37:45,352) [ext4-rsv-conver] (root,0,0,00:00:00/02:24:36,398) [kworker/u8:0-flush-254:0] (root,38736,8248,00:01:38/39-14:37:31,425) /usr/lib/systemd/systemd-journald (root,53172,9768,00:00:04/39-14:37:30,444) /usr/lib/systemd/systemd-udevd (root,8624,5224,00:01:00/39-14:37:28,469) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1604,00:00:24/39-14:36:34,486) /sbin/auditd (messagebus,22532,5400,00:03:35/39-14:36:34,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38928,8600,00:01:43/39-14:36:34,505) /usr/lib/systemd/systemd-logind (root,20556,6060,00:00:00/39-14:36:34,517) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9040,00:00:00/39-14:36:32,583) /usr/sbin/wickedd --systemd --foreground (root,23220,9312,00:00:00/39-14:36:32,584) /usr/sbin/wickedd-nanny --systemd --foreground (root,549128,32036,00:00:34/39-14:36:24,1143) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26780,00:00:00/39-14:36:23,1153) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4536,00:00:54/39-14:36:23,1166) /usr/sbin/xinetd -stayalive -dontfork (root,375116,12724,00:01:30/39-14:36:23,1168) /usr/sbin/rsyslogd -n -iNONE (root,2984,1800,00:00:00/39-14:36:23,1169) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,2516,684,00:00:00/39-14:36:23,1173) bpfilter_umh (ntp,19768,5896,00:03:35/39-14:36:23,1181) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (root,26204,8196,00:00:15/39-14:36:23,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,21768,4088,00:00:00/39-14:36:23,1187) ntpd: asynchronous dns resolver (spot,298708,133884,1-00:03:20/39-14:36:23,1193) /usr/bin/python3.11 /usr/bin/spot (root,23432,4664,00:00:12/39-14:36:21,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7648,00:00:02/39-14:36:21,1277) qmgr -l -t fifo -u (root,8960,2652,00:00:08/39-14:36:21,1296) /usr/sbin/cron -n (root,694476,75292,00:54:05/39-14:36:15,1325) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,217372,59248,00:13:26/39-14:36:05,1330) /usr/bin/python3.11 /usr/bin/spot (cm-ssh,40564,10632,00:00:30/39-14:35:29,1387) /usr/lib/systemd/systemd --user (cm-ssh,48564,3112,00:00:00/39-14:35:29,1388) (sd-pam) (root,0,0,00:00:00/09:15,1527) [kworker/1:2-cgroup_destroy] (root,0,0,00:00:00/03:15,3278) [kworker/0:1-events] (root,0,0,00:00:00/19:57,3376) [kworker/0:2-cgroup_destroy] (root,0,0,00:00:00/02:17,6801) [kworker/2:2-ata_sff] (root,35056,9940,00:00:00/21-13:31:45,8646) sshd: cm-ssh [priv] (cm-ssh,35056,4648,00:01:09/21-13:31:45,8648) sshd: cm-ssh (root,35064,9876,00:00:00/21-13:31:38,8650) sshd: syslogtunnel [priv] (syslogtunnel,40564,10628,00:00:14/21-13:31:38,8654) /usr/lib/systemd/systemd --user (syslogtunnel,196228,3424,00:00:00/21-13:31:38,8655) (sd-pam) (syslogtunnel,35064,4592,00:01:20/21-13:31:38,8661) sshd: syslogtunnel (root,6656,3484,00:00:00/00:00,14247) /bin/bash /usr/bin/check_mk_agent (root,13744,3508,00:00:00/00:00,14265) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,964,00:00:00/00:00,14266) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (postfix,23460,7572,00:00:00/07:35,15198) pickup -l -t fifo -u (root,0,0,00:00:00/15:40,15878) [kworker/1:1-events] (root,0,0,00:00:00/07:28,15919) [kworker/2:1-ata_sff] (postfix,43844,8768,00:00:01/33-21:23:26,17547) tlsmgr -l -t unix -u (root,0,0,00:00:01/01:09:43,19066) [kworker/2:0-events] (root,0,0,00:00:00/14:50,20763) [kworker/u8:2-ext4-rsv-conversion] (root,0,0,00:00:00/30:06,23913) [kworker/0:0-events] (root,0,0,00:00:00/05:15,27068) [kworker/3:0-events] (root,0,0,00:00:00/13:39,27292) [kworker/3:1-events] (root,0,0,00:00:00/04:46,29203) [kworker/u8:1-events_unbound] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-12-22 01:00 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe5683636b611fe6Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12712,00:04:34/37-14:08:41,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:01/37-14:08:41,2) [kthreadd] (root,0,0,00:00:00/37-14:08:41,3) [rcu_gp] (root,0,0,00:00:00/37-14:08:41,4) [rcu_par_gp] (root,0,0,00:00:00/37-14:08:41,5) [slub_flushwq] (root,0,0,00:00:00/37-14:08:41,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/37-14:08:41,9) [mm_percpu_wq] (root,0,0,00:00:00/37-14:08:41,10) [rcu_tasks_kthre] (root,0,0,00:00:00/37-14:08:41,11) [rcu_tasks_rude_] (root,0,0,00:00:00/37-14:08:41,12) [rcu_tasks_trace] (root,0,0,00:00:24/37-14:08:41,13) [ksoftirqd/0] (root,0,0,01:38:27/37-14:08:41,14) [rcu_preempt] (root,0,0,00:00:12/37-14:08:41,15) [migration/0] (root,0,0,00:00:00/37-14:08:41,16) [idle_inject/0] (root,0,0,00:00:00/37-14:08:41,18) [cpuhp/0] (root,0,0,00:00:00/37-14:08:41,19) [cpuhp/1] (root,0,0,00:00:00/37-14:08:41,20) [idle_inject/1] (root,0,0,00:00:12/37-14:08:41,21) [migration/1] (root,0,0,00:00:18/37-14:08:41,22) [ksoftirqd/1] (root,0,0,00:00:00/37-14:08:41,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/37-14:08:41,25) [cpuhp/2] (root,0,0,00:00:00/37-14:08:41,26) [idle_inject/2] (root,0,0,00:00:12/37-14:08:41,27) [migration/2] (root,0,0,00:09:49/37-14:08:41,28) [ksoftirqd/2] (root,0,0,00:00:00/37-14:08:41,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/37-14:08:41,31) [cpuhp/3] (root,0,0,00:00:00/37-14:08:41,32) [idle_inject/3] (root,0,0,00:00:12/37-14:08:41,33) [migration/3] (root,0,0,00:01:14/37-14:08:41,34) [ksoftirqd/3] (root,0,0,00:00:00/37-14:08:41,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/37-14:08:41,41) [kdevtmpfs] (root,0,0,00:00:00/37-14:08:41,42) [netns] (root,0,0,00:00:00/37-14:08:41,43) [inet_frag_wq] (root,0,0,00:00:10/37-14:08:41,44) [kauditd] (root,0,0,00:00:00/37-14:08:41,47) [khungtaskd] (root,0,0,00:00:00/37-14:08:41,48) [oom_reaper] (root,0,0,00:00:00/37-14:08:41,49) [writeback] (root,0,0,00:01:44/37-14:08:41,50) [kcompactd0] (root,0,0,00:00:00/37-14:08:41,51) [ksmd] (root,0,0,00:01:46/37-14:08:41,52) [khugepaged] (root,0,0,00:00:00/37-14:08:41,77) [kintegrityd] (root,0,0,00:00:00/37-14:08:41,78) [kblockd] (root,0,0,00:00:00/37-14:08:41,79) [blkcg_punt_bio] (root,0,0,00:00:00/37-14:08:41,80) [tpm_dev_wq] (root,0,0,00:00:00/37-14:08:41,81) [edac-poller] (root,0,0,00:00:00/37-14:08:41,82) [devfreq_wq] (root,0,0,00:00:00/37-14:08:41,111) [watchdogd] (root,0,0,00:00:14/37-14:08:41,112) [kworker/2:1H-kblockd] (root,0,0,00:00:00/37-14:08:41,113) [kswapd0] (root,0,0,00:00:00/37-14:08:40,115) [kthrotld] (root,0,0,00:00:00/37-14:08:40,116) [mld] (root,0,0,00:00:00/37-14:08:40,117) [ipv6_addrconf] (root,0,0,00:00:08/37-14:08:40,118) [kworker/1:1H-kblockd] (root,0,0,00:00:00/37-14:08:40,123) [kstrp] (root,0,0,00:00:00/37-14:08:40,125) [zswap-shrink] (root,0,0,00:00:00/37-14:08:40,126) [kworker/u9:0] (root,0,0,00:00:00/37-14:08:40,131) [charger_manager] (root,0,0,00:00:06/37-14:08:40,173) [kworker/3:1H-kblockd] (root,0,0,00:00:07/37-14:08:40,176) [kworker/0:1H-kblockd] (root,0,0,00:00:00/37-14:08:39,329) [ata_sff] (root,0,0,00:00:00/37-14:08:39,330) [scsi_eh_0] (root,0,0,00:00:00/37-14:08:39,331) [scsi_tmf_0] (root,0,0,00:00:00/37-14:08:39,332) [scsi_eh_1] (root,0,0,00:00:00/37-14:08:39,333) [scsi_tmf_1] (root,0,0,00:00:46/37-14:08:37,351) [jbd2/vda1-8] (root,0,0,00:00:00/37-14:08:37,352) [ext4-rsv-conver] (root,38736,8248,00:01:27/37-14:08:23,425) /usr/lib/systemd/systemd-journald (root,53172,9768,00:00:04/37-14:08:22,444) /usr/lib/systemd/systemd-udevd (root,8624,5224,00:00:57/37-14:08:20,469) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1604,00:00:21/37-14:07:26,486) /sbin/auditd (messagebus,22532,5400,00:03:10/37-14:07:26,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38920,8604,00:01:31/37-14:07:26,505) /usr/lib/systemd/systemd-logind (root,20556,6060,00:00:00/37-14:07:26,517) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9040,00:00:00/37-14:07:24,583) /usr/sbin/wickedd --systemd --foreground (root,23220,9312,00:00:00/37-14:07:24,584) /usr/sbin/wickedd-nanny --systemd --foreground (root,0,0,00:00:00/23:26,929) [kworker/2:1-events] (root,549128,32036,00:00:33/37-14:07:16,1143) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26780,00:00:00/37-14:07:15,1153) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4536,00:00:50/37-14:07:15,1166) /usr/sbin/xinetd -stayalive -dontfork (root,375116,12752,00:01:20/37-14:07:15,1168) /usr/sbin/rsyslogd -n -iNONE (root,2984,1800,00:00:00/37-14:07:15,1169) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,2516,684,00:00:00/37-14:07:15,1173) bpfilter_umh (ntp,19768,5896,00:03:24/37-14:07:15,1181) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (root,26204,8196,00:00:13/37-14:07:15,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,21768,4088,00:00:00/37-14:07:15,1187) ntpd: asynchronous dns resolver (spot,296516,133336,22:18:22/37-14:07:15,1193) /usr/bin/python3.11 /usr/bin/spot (root,23432,4664,00:00:12/37-14:07:13,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7648,00:00:02/37-14:07:13,1277) qmgr -l -t fifo -u (root,8960,2652,00:00:08/37-14:07:13,1296) /usr/sbin/cron -n (root,694220,75188,00:51:18/37-14:07:07,1325) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,216348,57432,00:12:41/37-14:06:57,1330) /usr/bin/python3.11 /usr/bin/spot (cm-ssh,40564,10632,00:00:26/37-14:06:21,1387) /usr/lib/systemd/systemd --user (cm-ssh,48564,3112,00:00:00/37-14:06:21,1388) (sd-pam) (root,0,0,00:00:00/20:42,3819) [kworker/1:0-cgroup_destroy] (root,0,0,00:00:00/16:20,7979) [kworker/3:1-events] (root,35056,9940,00:00:00/19-13:02:37,8646) sshd: cm-ssh [priv] (cm-ssh,35056,4648,00:01:03/19-13:02:37,8648) sshd: cm-ssh (root,35064,9876,00:00:00/19-13:02:30,8650) sshd: syslogtunnel [priv] (syslogtunnel,40564,10628,00:00:10/19-13:02:30,8654) /usr/lib/systemd/systemd --user (syslogtunnel,196228,3424,00:00:00/19-13:02:30,8655) (sd-pam) (syslogtunnel,35064,4592,00:01:10/19-13:02:30,8661) sshd: syslogtunnel (root,0,0,00:00:00/10:17,14001) [kworker/0:2-events] (root,0,0,00:00:00/08:13,15039) [kworker/1:1-events] (root,0,0,00:00:00/07:53,15235) [kworker/2:2-ata_sff] (root,0,0,00:00:00/07:51,15236) [kworker/u8:2-flush-254:0] (root,0,0,00:00:00/06:18,17031) [kworker/3:0-cgroup_destroy] (postfix,43844,8768,00:00:01/31-20:54:18,17547) tlsmgr -l -t unix -u (root,0,0,00:00:00/02:40,20013) [kworker/2:0-ata_sff] (postfix,23460,7568,00:00:00/00:23,21664) pickup -l -t fifo -u (root,6656,3488,00:00:00/00:00,22141) /bin/bash /usr/bin/check_mk_agent (root,13744,3416,00:00:00/00:00,22159) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,964,00:00:00/00:00,22160) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,0,0,00:00:00/57:12,23744) [kworker/u8:0-ext4-rsv-conversion] (root,0,0,00:00:00/53:06,29302) [kworker/0:0-cgroup_destroy] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-12-20 00:31 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe56836359ba037cFound public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12712,00:04:21/35-15:20:34,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:01/35-15:20:34,2) [kthreadd] (root,0,0,00:00:00/35-15:20:34,3) [rcu_gp] (root,0,0,00:00:00/35-15:20:34,4) [rcu_par_gp] (root,0,0,00:00:00/35-15:20:34,5) [slub_flushwq] (root,0,0,00:00:00/35-15:20:34,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/35-15:20:34,9) [mm_percpu_wq] (root,0,0,00:00:00/35-15:20:34,10) [rcu_tasks_kthre] (root,0,0,00:00:00/35-15:20:34,11) [rcu_tasks_rude_] (root,0,0,00:00:00/35-15:20:34,12) [rcu_tasks_trace] (root,0,0,00:00:22/35-15:20:34,13) [ksoftirqd/0] (root,0,0,01:33:26/35-15:20:34,14) [rcu_preempt] (root,0,0,00:00:11/35-15:20:34,15) [migration/0] (root,0,0,00:00:00/35-15:20:34,16) [idle_inject/0] (root,0,0,00:00:00/35-15:20:34,18) [cpuhp/0] (root,0,0,00:00:00/35-15:20:34,19) [cpuhp/1] (root,0,0,00:00:00/35-15:20:34,20) [idle_inject/1] (root,0,0,00:00:11/35-15:20:34,21) [migration/1] (root,0,0,00:00:17/35-15:20:34,22) [ksoftirqd/1] (root,0,0,00:00:00/35-15:20:34,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/35-15:20:34,25) [cpuhp/2] (root,0,0,00:00:00/35-15:20:34,26) [idle_inject/2] (root,0,0,00:00:11/35-15:20:34,27) [migration/2] (root,0,0,00:09:27/35-15:20:34,28) [ksoftirqd/2] (root,0,0,00:00:00/35-15:20:34,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/35-15:20:34,31) [cpuhp/3] (root,0,0,00:00:00/35-15:20:34,32) [idle_inject/3] (root,0,0,00:00:11/35-15:20:34,33) [migration/3] (root,0,0,00:01:11/35-15:20:34,34) [ksoftirqd/3] (root,0,0,00:00:00/35-15:20:34,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/35-15:20:34,41) [kdevtmpfs] (root,0,0,00:00:00/35-15:20:34,42) [netns] (root,0,0,00:00:00/35-15:20:34,43) [inet_frag_wq] (root,0,0,00:00:09/35-15:20:34,44) [kauditd] (root,0,0,00:00:00/35-15:20:34,47) [khungtaskd] (root,0,0,00:00:00/35-15:20:34,48) [oom_reaper] (root,0,0,00:00:00/35-15:20:34,49) [writeback] (root,0,0,00:01:38/35-15:20:34,50) [kcompactd0] (root,0,0,00:00:00/35-15:20:34,51) [ksmd] (root,0,0,00:01:40/35-15:20:34,52) [khugepaged] (root,0,0,00:00:00/35-15:20:34,77) [kintegrityd] (root,0,0,00:00:00/35-15:20:34,78) [kblockd] (root,0,0,00:00:00/35-15:20:34,79) [blkcg_punt_bio] (root,0,0,00:00:00/35-15:20:34,80) [tpm_dev_wq] (root,0,0,00:00:00/35-15:20:34,81) [edac-poller] (root,0,0,00:00:00/35-15:20:34,82) [devfreq_wq] (root,0,0,00:00:00/35-15:20:34,111) [watchdogd] (root,0,0,00:00:13/35-15:20:34,112) [kworker/2:1H-kblockd] (root,0,0,00:00:00/35-15:20:34,113) [kswapd0] (root,0,0,00:00:00/35-15:20:33,115) [kthrotld] (root,0,0,00:00:00/35-15:20:33,116) [mld] (root,0,0,00:00:00/35-15:20:33,117) [ipv6_addrconf] (root,0,0,00:00:07/35-15:20:33,118) [kworker/1:1H-kblockd] (root,0,0,00:00:00/35-15:20:33,123) [kstrp] (root,0,0,00:00:00/35-15:20:33,125) [zswap-shrink] (root,0,0,00:00:00/35-15:20:33,126) [kworker/u9:0] (root,0,0,00:00:00/35-15:20:33,131) [charger_manager] (root,0,0,00:00:06/35-15:20:33,173) [kworker/3:1H-kblockd] (root,0,0,00:00:06/35-15:20:33,176) [kworker/0:1H-kblockd] (root,0,0,00:00:00/35-15:20:32,329) [ata_sff] (root,0,0,00:00:00/35-15:20:32,330) [scsi_eh_0] (root,0,0,00:00:00/35-15:20:32,331) [scsi_tmf_0] (root,0,0,00:00:00/35-15:20:32,332) [scsi_eh_1] (root,0,0,00:00:00/35-15:20:32,333) [scsi_tmf_1] (root,0,0,00:00:44/35-15:20:30,351) [jbd2/vda1-8] (root,0,0,00:00:00/35-15:20:30,352) [ext4-rsv-conver] (root,38736,8248,00:01:23/35-15:20:16,425) /usr/lib/systemd/systemd-journald (root,53172,9768,00:00:04/35-15:20:15,444) /usr/lib/systemd/systemd-udevd (root,8624,5224,00:00:54/35-15:20:13,469) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1604,00:00:20/35-15:19:19,486) /sbin/auditd (messagebus,22532,5400,00:03:01/35-15:19:19,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38920,8604,00:01:27/35-15:19:19,505) /usr/lib/systemd/systemd-logind (root,20556,6060,00:00:00/35-15:19:19,517) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9040,00:00:00/35-15:19:17,583) /usr/sbin/wickedd --systemd --foreground (root,23220,9312,00:00:00/35-15:19:17,584) /usr/sbin/wickedd-nanny --systemd --foreground (root,548872,30836,00:00:31/35-15:19:09,1143) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26780,00:00:00/35-15:19:08,1153) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4536,00:00:48/35-15:19:08,1166) /usr/sbin/xinetd -stayalive -dontfork (root,375116,12752,00:01:17/35-15:19:08,1168) /usr/sbin/rsyslogd -n -iNONE (root,2984,1800,00:00:00/35-15:19:08,1169) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,2516,684,00:00:00/35-15:19:08,1173) bpfilter_umh (ntp,19768,5896,00:03:14/35-15:19:08,1181) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (root,26204,8196,00:00:13/35-15:19:08,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,21768,4088,00:00:00/35-15:19:08,1187) ntpd: asynchronous dns resolver (spot,296196,130716,20:47:58/35-15:19:08,1193) /usr/bin/python3.11 /usr/bin/spot (root,23432,4664,00:00:11/35-15:19:06,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7648,00:00:02/35-15:19:06,1277) qmgr -l -t fifo -u (root,8960,2652,00:00:07/35-15:19:06,1296) /usr/sbin/cron -n (root,694220,77204,00:48:39/35-15:19:00,1325) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,215324,56552,00:11:57/35-15:18:50,1330) /usr/bin/python3.11 /usr/bin/spot (cm-ssh,40564,10632,00:00:25/35-15:18:14,1387) /usr/lib/systemd/systemd --user (cm-ssh,48564,3112,00:00:00/35-15:18:14,1388) (sd-pam) (root,0,0,00:00:00/01:43:32,3495) [kworker/0:0-events] (root,0,0,00:00:00/17:49,5527) [kworker/0:2] (root,35056,9940,00:00:00/17-14:14:30,8646) sshd: cm-ssh [priv] (cm-ssh,35056,4648,00:00:57/17-14:14:30,8648) sshd: cm-ssh (root,35064,9876,00:00:00/17-14:14:23,8650) sshd: syslogtunnel [priv] (syslogtunnel,40564,10628,00:00:09/17-14:14:23,8654) /usr/lib/systemd/systemd --user (syslogtunnel,196228,3424,00:00:00/17-14:14:23,8655) (sd-pam) (syslogtunnel,35064,4592,00:01:03/17-14:14:23,8661) sshd: syslogtunnel (postfix,23460,7568,00:00:00/01:34:17,13434) pickup -l -t fifo -u (root,0,0,00:00:00/57:23,13579) [kworker/u8:2-events_unbound] (root,0,0,00:00:00/08:45,15262) [kworker/1:2-cgroup_destroy] (root,0,0,00:00:00/07:25,15440) [kworker/2:0-ata_sff] (root,0,0,00:00:00/49:23,17015) [kworker/3:0-events] (postfix,43844,8768,00:00:00/29-22:06:11,17547) tlsmgr -l -t unix -u (root,0,0,00:00:00/41:48,20453) [kworker/1:0-events] (root,0,0,00:00:00/02:15,20917) [kworker/2:2-ata_sff] (root,6656,3488,00:00:00/00:00,23124) /bin/bash /usr/bin/check_mk_agent (root,13744,3488,00:00:00/00:00,23142) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,964,00:00:00/00:00,23143) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,0,0,00:00:03/02:53:26,23735) [kworker/2:1-events] (root,0,0,00:00:00/37:23,24148) [kworker/u8:0-writeback] (root,0,0,00:00:00/34:00,27556) [kworker/3:1] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-12-18 01:42 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe5683634ec6c85eFound public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12712,00:04:11/33-13:30:22,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:01/33-13:30:22,2) [kthreadd] (root,0,0,00:00:00/33-13:30:22,3) [rcu_gp] (root,0,0,00:00:00/33-13:30:22,4) [rcu_par_gp] (root,0,0,00:00:00/33-13:30:22,5) [slub_flushwq] (root,0,0,00:00:00/33-13:30:22,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/33-13:30:22,9) [mm_percpu_wq] (root,0,0,00:00:00/33-13:30:22,10) [rcu_tasks_kthre] (root,0,0,00:00:00/33-13:30:22,11) [rcu_tasks_rude_] (root,0,0,00:00:00/33-13:30:22,12) [rcu_tasks_trace] (root,0,0,00:00:21/33-13:30:22,13) [ksoftirqd/0] (root,0,0,01:28:06/33-13:30:22,14) [rcu_preempt] (root,0,0,00:00:11/33-13:30:22,15) [migration/0] (root,0,0,00:00:00/33-13:30:22,16) [idle_inject/0] (root,0,0,00:00:00/33-13:30:22,18) [cpuhp/0] (root,0,0,00:00:00/33-13:30:22,19) [cpuhp/1] (root,0,0,00:00:00/33-13:30:22,20) [idle_inject/1] (root,0,0,00:00:10/33-13:30:22,21) [migration/1] (root,0,0,00:00:16/33-13:30:22,22) [ksoftirqd/1] (root,0,0,00:00:00/33-13:30:22,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/33-13:30:22,25) [cpuhp/2] (root,0,0,00:00:00/33-13:30:22,26) [idle_inject/2] (root,0,0,00:00:11/33-13:30:22,27) [migration/2] (root,0,0,00:09:03/33-13:30:22,28) [ksoftirqd/2] (root,0,0,00:00:00/33-13:30:22,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/33-13:30:22,31) [cpuhp/3] (root,0,0,00:00:00/33-13:30:22,32) [idle_inject/3] (root,0,0,00:00:10/33-13:30:22,33) [migration/3] (root,0,0,00:01:08/33-13:30:22,34) [ksoftirqd/3] (root,0,0,00:00:00/33-13:30:22,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/33-13:30:22,41) [kdevtmpfs] (root,0,0,00:00:00/33-13:30:22,42) [netns] (root,0,0,00:00:00/33-13:30:22,43) [inet_frag_wq] (root,0,0,00:00:09/33-13:30:22,44) [kauditd] (root,0,0,00:00:00/33-13:30:22,47) [khungtaskd] (root,0,0,00:00:00/33-13:30:22,48) [oom_reaper] (root,0,0,00:00:00/33-13:30:22,49) [writeback] (root,0,0,00:01:33/33-13:30:22,50) [kcompactd0] (root,0,0,00:00:00/33-13:30:22,51) [ksmd] (root,0,0,00:01:34/33-13:30:22,52) [khugepaged] (root,0,0,00:00:00/33-13:30:22,77) [kintegrityd] (root,0,0,00:00:00/33-13:30:22,78) [kblockd] (root,0,0,00:00:00/33-13:30:22,79) [blkcg_punt_bio] (root,0,0,00:00:00/33-13:30:22,80) [tpm_dev_wq] (root,0,0,00:00:00/33-13:30:22,81) [edac-poller] (root,0,0,00:00:00/33-13:30:22,82) [devfreq_wq] (root,0,0,00:00:00/33-13:30:22,111) [watchdogd] (root,0,0,00:00:12/33-13:30:22,112) [kworker/2:1H-kblockd] (root,0,0,00:00:00/33-13:30:22,113) [kswapd0] (root,0,0,00:00:00/33-13:30:21,115) [kthrotld] (root,0,0,00:00:00/33-13:30:21,116) [mld] (root,0,0,00:00:00/33-13:30:21,117) [ipv6_addrconf] (root,0,0,00:00:07/33-13:30:21,118) [kworker/1:1H-kblockd] (root,0,0,00:00:00/33-13:30:21,123) [kstrp] (root,0,0,00:00:00/33-13:30:21,125) [zswap-shrink] (root,0,0,00:00:00/33-13:30:21,126) [kworker/u9:0] (root,0,0,00:00:00/33-13:30:21,131) [charger_manager] (root,0,0,00:00:05/33-13:30:21,173) [kworker/3:1H-kblockd] (root,0,0,00:00:06/33-13:30:21,176) [kworker/0:1H-kblockd] (root,0,0,00:00:00/33-13:30:20,329) [ata_sff] (root,0,0,00:00:00/33-13:30:20,330) [scsi_eh_0] (root,0,0,00:00:00/33-13:30:20,331) [scsi_tmf_0] (root,0,0,00:00:00/33-13:30:20,332) [scsi_eh_1] (root,0,0,00:00:00/33-13:30:20,333) [scsi_tmf_1] (root,0,0,00:00:41/33-13:30:18,351) [jbd2/vda1-8] (root,0,0,00:00:00/33-13:30:18,352) [ext4-rsv-conver] (root,38736,8248,00:01:19/33-13:30:04,425) /usr/lib/systemd/systemd-journald (root,53172,9768,00:00:04/33-13:30:03,444) /usr/lib/systemd/systemd-udevd (root,8624,5224,00:00:51/33-13:30:01,469) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1604,00:00:19/33-13:29:07,486) /sbin/auditd (messagebus,22532,5400,00:02:54/33-13:29:07,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38920,8604,00:01:23/33-13:29:07,505) /usr/lib/systemd/systemd-logind (root,20556,6060,00:00:00/33-13:29:07,517) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9040,00:00:00/33-13:29:05,583) /usr/sbin/wickedd --systemd --foreground (root,23220,9312,00:00:00/33-13:29:05,584) /usr/sbin/wickedd-nanny --systemd --foreground (root,548872,30836,00:00:29/33-13:28:57,1143) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26780,00:00:00/33-13:28:56,1153) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4536,00:00:45/33-13:28:56,1166) /usr/sbin/xinetd -stayalive -dontfork (root,375116,12780,00:01:13/33-13:28:56,1168) /usr/sbin/rsyslogd -n -iNONE (root,2984,1800,00:00:00/33-13:28:56,1169) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,2516,684,00:00:00/33-13:28:56,1173) bpfilter_umh (ntp,19768,5896,00:03:02/33-13:28:56,1181) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (root,26204,8196,00:00:12/33-13:28:56,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,21768,4088,00:00:00/33-13:28:56,1187) ntpd: asynchronous dns resolver (spot,295908,130632,19:28:16/33-13:28:56,1193) /usr/bin/python3.11 /usr/bin/spot (root,23432,4664,00:00:10/33-13:28:54,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7648,00:00:02/33-13:28:54,1277) qmgr -l -t fifo -u (root,8960,2652,00:00:07/33-13:28:54,1296) /usr/sbin/cron -n (root,694220,76848,00:45:49/33-13:28:48,1325) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,214300,54488,00:11:13/33-13:28:38,1330) /usr/bin/python3.11 /usr/bin/spot (cm-ssh,40564,10632,00:00:24/33-13:28:02,1387) /usr/lib/systemd/systemd --user (cm-ssh,48564,3112,00:00:00/33-13:28:02,1388) (sd-pam) (root,0,0,00:00:00/26:25,2471) [kworker/2:2-events] (root,0,0,00:00:00/02:00:50,3939) [kworker/u8:0-writeback] (root,0,0,00:00:00/23:10,5408) [kworker/u8:1] (root,0,0,00:00:00/38:34,7582) [kworker/3:0-events] (root,35056,9940,00:00:00/15-12:24:18,8646) sshd: cm-ssh [priv] (cm-ssh,35056,4648,00:00:50/15-12:24:18,8648) sshd: cm-ssh (root,35064,9876,00:00:00/15-12:24:11,8650) sshd: syslogtunnel [priv] (syslogtunnel,40564,10628,00:00:08/15-12:24:11,8654) /usr/lib/systemd/systemd --user (syslogtunnel,196228,3424,00:00:00/15-12:24:11,8655) (sd-pam) (syslogtunnel,35064,4592,00:00:56/15-12:24:11,8661) sshd: syslogtunnel (root,0,0,00:00:00/15:49,9647) [kworker/1:2-cgroup_destroy] (postfix,43844,8768,00:00:00/27-20:15:59,17547) tlsmgr -l -t unix -u (root,0,0,00:00:00/08:29,19715) [kworker/1:0-events] (root,0,0,00:00:00/05:39,22233) [kworker/2:1-ata_sff] (postfix,23460,7552,00:00:00/04:08,24511) pickup -l -t fifo -u (root,0,0,00:00:00/01:16:25,25721) [kworker/0:1-cgroup_destroy] (root,0,0,00:00:00/00:29,29248) [kworker/2:0-events] (root,0,0,00:00:00/30:57,29381) [kworker/3:2-events] (root,0,0,00:00:00/30:47,29570) [kworker/0:2-events] (root,6656,3480,00:00:00/00:00,29757) /bin/bash /usr/bin/check_mk_agent (root,13744,3464,00:00:00/00:00,29775) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,964,00:00:00/00:00,29776) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-12-15 23:52 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe5683630b2c1bf8Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12708,00:04:00/31-13:40:33,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:01/31-13:40:33,2) [kthreadd] (root,0,0,00:00:00/31-13:40:33,3) [rcu_gp] (root,0,0,00:00:00/31-13:40:33,4) [rcu_par_gp] (root,0,0,00:00:00/31-13:40:33,5) [slub_flushwq] (root,0,0,00:00:00/31-13:40:33,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/31-13:40:33,9) [mm_percpu_wq] (root,0,0,00:00:00/31-13:40:33,10) [rcu_tasks_kthre] (root,0,0,00:00:00/31-13:40:33,11) [rcu_tasks_rude_] (root,0,0,00:00:00/31-13:40:33,12) [rcu_tasks_trace] (root,0,0,00:00:20/31-13:40:33,13) [ksoftirqd/0] (root,0,0,01:22:55/31-13:40:33,14) [rcu_preempt] (root,0,0,00:00:10/31-13:40:33,15) [migration/0] (root,0,0,00:00:00/31-13:40:33,16) [idle_inject/0] (root,0,0,00:00:00/31-13:40:33,18) [cpuhp/0] (root,0,0,00:00:00/31-13:40:33,19) [cpuhp/1] (root,0,0,00:00:00/31-13:40:33,20) [idle_inject/1] (root,0,0,00:00:10/31-13:40:33,21) [migration/1] (root,0,0,00:00:15/31-13:40:33,22) [ksoftirqd/1] (root,0,0,00:00:00/31-13:40:33,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/31-13:40:33,25) [cpuhp/2] (root,0,0,00:00:00/31-13:40:33,26) [idle_inject/2] (root,0,0,00:00:10/31-13:40:33,27) [migration/2] (root,0,0,00:08:39/31-13:40:33,28) [ksoftirqd/2] (root,0,0,00:00:00/31-13:40:33,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/31-13:40:33,31) [cpuhp/3] (root,0,0,00:00:00/31-13:40:33,32) [idle_inject/3] (root,0,0,00:00:10/31-13:40:33,33) [migration/3] (root,0,0,00:01:04/31-13:40:33,34) [ksoftirqd/3] (root,0,0,00:00:00/31-13:40:33,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/31-13:40:33,41) [kdevtmpfs] (root,0,0,00:00:00/31-13:40:33,42) [netns] (root,0,0,00:00:00/31-13:40:33,43) [inet_frag_wq] (root,0,0,00:00:09/31-13:40:33,44) [kauditd] (root,0,0,00:00:00/31-13:40:33,47) [khungtaskd] (root,0,0,00:00:00/31-13:40:33,48) [oom_reaper] (root,0,0,00:00:00/31-13:40:33,49) [writeback] (root,0,0,00:01:27/31-13:40:33,50) [kcompactd0] (root,0,0,00:00:00/31-13:40:33,51) [ksmd] (root,0,0,00:01:27/31-13:40:33,52) [khugepaged] (root,0,0,00:00:00/31-13:40:33,77) [kintegrityd] (root,0,0,00:00:00/31-13:40:33,78) [kblockd] (root,0,0,00:00:00/31-13:40:33,79) [blkcg_punt_bio] (root,0,0,00:00:00/31-13:40:33,80) [tpm_dev_wq] (root,0,0,00:00:00/31-13:40:33,81) [edac-poller] (root,0,0,00:00:00/31-13:40:33,82) [devfreq_wq] (root,0,0,00:00:00/31-13:40:33,111) [watchdogd] (root,0,0,00:00:11/31-13:40:33,112) [kworker/2:1H-kblockd] (root,0,0,00:00:00/31-13:40:33,113) [kswapd0] (root,0,0,00:00:00/31-13:40:32,115) [kthrotld] (root,0,0,00:00:00/31-13:40:32,116) [mld] (root,0,0,00:00:00/31-13:40:32,117) [ipv6_addrconf] (root,0,0,00:00:06/31-13:40:32,118) [kworker/1:1H-kblockd] (root,0,0,00:00:00/31-13:40:32,123) [kstrp] (root,0,0,00:00:00/31-13:40:32,125) [zswap-shrink] (root,0,0,00:00:00/31-13:40:32,126) [kworker/u9:0] (root,0,0,00:00:00/31-13:40:32,131) [charger_manager] (root,0,0,00:00:05/31-13:40:32,173) [kworker/3:1H-kblockd] (root,0,0,00:00:06/31-13:40:32,176) [kworker/0:1H-kblockd] (root,0,0,00:00:00/31-13:40:31,329) [ata_sff] (root,0,0,00:00:00/31-13:40:31,330) [scsi_eh_0] (root,0,0,00:00:00/31-13:40:31,331) [scsi_tmf_0] (root,0,0,00:00:00/31-13:40:31,332) [scsi_eh_1] (root,0,0,00:00:00/31-13:40:31,333) [scsi_tmf_1] (root,0,0,00:00:39/31-13:40:29,351) [jbd2/vda1-8] (root,0,0,00:00:00/31-13:40:29,352) [ext4-rsv-conver] (root,38736,8248,00:01:16/31-13:40:15,425) /usr/lib/systemd/systemd-journald (root,53172,9768,00:00:03/31-13:40:14,444) /usr/lib/systemd/systemd-udevd (root,8624,5224,00:00:48/31-13:40:12,469) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1604,00:00:19/31-13:39:18,486) /sbin/auditd (messagebus,22532,5400,00:02:47/31-13:39:18,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38916,8608,00:01:20/31-13:39:18,505) /usr/lib/systemd/systemd-logind (root,20556,6060,00:00:00/31-13:39:18,517) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9040,00:00:00/31-13:39:16,583) /usr/sbin/wickedd --systemd --foreground (root,23220,9312,00:00:00/31-13:39:16,584) /usr/sbin/wickedd-nanny --systemd --foreground (root,548872,30836,00:00:27/31-13:39:08,1143) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26780,00:00:00/31-13:39:07,1153) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4536,00:00:42/31-13:39:07,1166) /usr/sbin/xinetd -stayalive -dontfork (root,375116,12780,00:01:10/31-13:39:07,1168) /usr/sbin/rsyslogd -n -iNONE (root,2984,1800,00:00:00/31-13:39:07,1169) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,2516,684,00:00:00/31-13:39:07,1173) bpfilter_umh (ntp,19768,5896,00:02:52/31-13:39:07,1181) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (root,26204,8196,00:00:12/31-13:39:07,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,21768,4088,00:00:00/31-13:39:07,1187) ntpd: asynchronous dns resolver (spot,295556,130556,18:16:38/31-13:39:07,1193) /usr/bin/python3.11 /usr/bin/spot (root,23432,4664,00:00:10/31-13:39:05,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7648,00:00:02/31-13:39:05,1277) qmgr -l -t fifo -u (root,8960,2652,00:00:06/31-13:39:05,1296) /usr/sbin/cron -n (root,693964,76636,00:43:04/31-13:38:59,1325) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,213276,53868,00:10:32/31-13:38:49,1330) /usr/bin/python3.11 /usr/bin/spot (cm-ssh,40564,10632,00:00:23/31-13:38:13,1387) /usr/lib/systemd/systemd --user (cm-ssh,48564,3112,00:00:00/31-13:38:13,1388) (sd-pam) (root,0,0,00:00:00/01:26:46,1457) [kworker/u8:3-writeback] (root,0,0,00:00:00/02:03:51,1777) [kworker/0:0-events] (root,0,0,00:00:00/19:58,2756) [kworker/1:1-events] (root,0,0,00:00:00/19:37,2757) [kworker/u8:0-writeback] (root,35056,9940,00:00:00/13-12:34:29,8646) sshd: cm-ssh [priv] (cm-ssh,35056,4648,00:00:44/13-12:34:29,8648) sshd: cm-ssh (root,35064,9876,00:00:00/13-12:34:22,8650) sshd: syslogtunnel [priv] (syslogtunnel,40564,10628,00:00:07/13-12:34:22,8654) /usr/lib/systemd/systemd --user (syslogtunnel,196228,3424,00:00:00/13-12:34:22,8655) (sd-pam) (syslogtunnel,35064,4592,00:00:49/13-12:34:22,8661) sshd: syslogtunnel (root,0,0,00:00:00/42:05,14293) [kworker/3:1-events] (root,0,0,00:00:00/01:04:46,15595) [kworker/1:0-events] (postfix,43844,8768,00:00:00/25-20:26:10,17547) tlsmgr -l -t unix -u (root,0,0,00:00:00/01:41,18398) [kworker/2:1-events] (postfix,23460,7600,00:00:00/36:22,18649) pickup -l -t fifo -u (root,6656,3488,00:00:00/00:00,19890) /bin/bash /usr/bin/check_mk_agent (root,13744,3420,00:00:00/00:00,19908) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,960,00:00:00/00:00,19909) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,0,0,00:00:00/34:44,20858) [kworker/3:2] (root,0,0,00:00:00/12:47,24667) [kworker/0:1] (root,0,0,00:00:01/01:09:09,30293) [kworker/2:0-ata_sff] (root,0,0,00:00:00/06:53,31989) [kworker/2:2-ata_sff] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-12-14 00:02 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe56836305108333Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12708,00:03:50/29-14:33:34,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:01/29-14:33:34,2) [kthreadd] (root,0,0,00:00:00/29-14:33:34,3) [rcu_gp] (root,0,0,00:00:00/29-14:33:34,4) [rcu_par_gp] (root,0,0,00:00:00/29-14:33:34,5) [slub_flushwq] (root,0,0,00:00:00/29-14:33:34,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/29-14:33:34,9) [mm_percpu_wq] (root,0,0,00:00:00/29-14:33:34,10) [rcu_tasks_kthre] (root,0,0,00:00:00/29-14:33:34,11) [rcu_tasks_rude_] (root,0,0,00:00:00/29-14:33:34,12) [rcu_tasks_trace] (root,0,0,00:00:18/29-14:33:34,13) [ksoftirqd/0] (root,0,0,01:17:50/29-14:33:34,14) [rcu_preempt] (root,0,0,00:00:09/29-14:33:34,15) [migration/0] (root,0,0,00:00:00/29-14:33:34,16) [idle_inject/0] (root,0,0,00:00:00/29-14:33:34,18) [cpuhp/0] (root,0,0,00:00:00/29-14:33:34,19) [cpuhp/1] (root,0,0,00:00:00/29-14:33:34,20) [idle_inject/1] (root,0,0,00:00:09/29-14:33:34,21) [migration/1] (root,0,0,00:00:14/29-14:33:34,22) [ksoftirqd/1] (root,0,0,00:00:00/29-14:33:34,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/29-14:33:34,25) [cpuhp/2] (root,0,0,00:00:00/29-14:33:34,26) [idle_inject/2] (root,0,0,00:00:09/29-14:33:34,27) [migration/2] (root,0,0,00:08:09/29-14:33:34,28) [ksoftirqd/2] (root,0,0,00:00:00/29-14:33:34,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/29-14:33:34,31) [cpuhp/3] (root,0,0,00:00:00/29-14:33:34,32) [idle_inject/3] (root,0,0,00:00:09/29-14:33:34,33) [migration/3] (root,0,0,00:01:00/29-14:33:34,34) [ksoftirqd/3] (root,0,0,00:00:00/29-14:33:34,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/29-14:33:34,41) [kdevtmpfs] (root,0,0,00:00:00/29-14:33:34,42) [netns] (root,0,0,00:00:00/29-14:33:34,43) [inet_frag_wq] (root,0,0,00:00:08/29-14:33:34,44) [kauditd] (root,0,0,00:00:00/29-14:33:34,47) [khungtaskd] (root,0,0,00:00:00/29-14:33:34,48) [oom_reaper] (root,0,0,00:00:00/29-14:33:34,49) [writeback] (root,0,0,00:01:22/29-14:33:34,50) [kcompactd0] (root,0,0,00:00:00/29-14:33:34,51) [ksmd] (root,0,0,00:01:21/29-14:33:34,52) [khugepaged] (root,0,0,00:00:00/29-14:33:34,77) [kintegrityd] (root,0,0,00:00:00/29-14:33:34,78) [kblockd] (root,0,0,00:00:00/29-14:33:34,79) [blkcg_punt_bio] (root,0,0,00:00:00/29-14:33:34,80) [tpm_dev_wq] (root,0,0,00:00:00/29-14:33:34,81) [edac-poller] (root,0,0,00:00:00/29-14:33:34,82) [devfreq_wq] (root,0,0,00:00:00/29-14:33:34,111) [watchdogd] (root,0,0,00:00:11/29-14:33:34,112) [kworker/2:1H-kblockd] (root,0,0,00:00:00/29-14:33:34,113) [kswapd0] (root,0,0,00:00:00/29-14:33:33,115) [kthrotld] (root,0,0,00:00:00/29-14:33:33,116) [mld] (root,0,0,00:00:00/29-14:33:33,117) [ipv6_addrconf] (root,0,0,00:00:06/29-14:33:33,118) [kworker/1:1H-kblockd] (root,0,0,00:00:00/29-14:33:33,123) [kstrp] (root,0,0,00:00:00/29-14:33:33,125) [zswap-shrink] (root,0,0,00:00:00/29-14:33:33,126) [kworker/u9:0] (root,0,0,00:00:00/29-14:33:33,131) [charger_manager] (root,0,0,00:00:05/29-14:33:33,173) [kworker/3:1H-kblockd] (root,0,0,00:00:05/29-14:33:33,176) [kworker/0:1H-kblockd] (root,0,0,00:00:00/29-14:33:32,329) [ata_sff] (root,0,0,00:00:00/29-14:33:32,330) [scsi_eh_0] (root,0,0,00:00:00/29-14:33:32,331) [scsi_tmf_0] (root,0,0,00:00:00/29-14:33:32,332) [scsi_eh_1] (root,0,0,00:00:00/29-14:33:32,333) [scsi_tmf_1] (root,0,0,00:00:36/29-14:33:30,351) [jbd2/vda1-8] (root,0,0,00:00:00/29-14:33:30,352) [ext4-rsv-conver] (root,38736,8248,00:01:12/29-14:33:16,425) /usr/lib/systemd/systemd-journald (root,53172,9768,00:00:03/29-14:33:15,444) /usr/lib/systemd/systemd-udevd (root,8624,5224,00:00:45/29-14:33:13,469) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1604,00:00:18/29-14:32:19,486) /sbin/auditd (messagebus,22532,5400,00:02:40/29-14:32:19,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38916,8608,00:01:16/29-14:32:19,505) /usr/lib/systemd/systemd-logind (root,20556,6060,00:00:00/29-14:32:19,517) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9040,00:00:00/29-14:32:17,583) /usr/sbin/wickedd --systemd --foreground (root,23220,9312,00:00:00/29-14:32:17,584) /usr/sbin/wickedd-nanny --systemd --foreground (root,548616,29784,00:00:26/29-14:32:09,1143) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26780,00:00:00/29-14:32:08,1153) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4536,00:00:38/29-14:32:08,1166) /usr/sbin/xinetd -stayalive -dontfork (root,375116,12780,00:01:07/29-14:32:08,1168) /usr/sbin/rsyslogd -n -iNONE (root,2984,1800,00:00:00/29-14:32:08,1169) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,2516,684,00:00:00/29-14:32:08,1173) bpfilter_umh (ntp,19768,5896,00:02:41/29-14:32:08,1181) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (root,26204,8196,00:00:11/29-14:32:08,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,21768,4088,00:00:00/29-14:32:08,1187) ntpd: asynchronous dns resolver (spot,295588,128944,17:06:27/29-14:32:08,1193) /usr/bin/python3.11 /usr/bin/spot (root,23432,4664,00:00:09/29-14:32:06,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7648,00:00:02/29-14:32:06,1277) qmgr -l -t fifo -u (root,8960,2652,00:00:06/29-14:32:06,1296) /usr/sbin/cron -n (root,693564,74224,00:40:23/29-14:32:00,1325) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,212252,52040,00:09:54/29-14:31:50,1330) /usr/bin/python3.11 /usr/bin/spot (cm-ssh,40564,10632,00:00:22/29-14:31:14,1387) /usr/lib/systemd/systemd --user (cm-ssh,48564,3112,00:00:00/29-14:31:14,1388) (sd-pam) (root,0,0,00:00:00/01:48:48,1952) [kworker/3:1-events] (root,0,0,00:00:00/03:56,4562) [kworker/2:2-ata_sff] (root,0,0,00:00:00/00:23,7154) [kworker/u8:2-writeback] (root,0,0,00:00:01/01:11:24,7723) [kworker/2:1-events] (root,6656,3484,00:00:00/00:00,8025) /bin/bash /usr/bin/check_mk_agent (root,13744,3504,00:00:00/00:00,8043) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,964,00:00:00/00:00,8044) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,35056,9940,00:00:00/11-13:27:30,8646) sshd: cm-ssh [priv] (cm-ssh,35056,4648,00:00:37/11-13:27:30,8648) sshd: cm-ssh (root,35064,9876,00:00:00/11-13:27:23,8650) sshd: syslogtunnel [priv] (syslogtunnel,40564,10628,00:00:06/11-13:27:23,8654) /usr/lib/systemd/systemd --user (syslogtunnel,196228,3424,00:00:00/11-13:27:23,8655) (sd-pam) (syslogtunnel,35064,4592,00:00:42/11-13:27:23,8661) sshd: syslogtunnel (root,0,0,00:00:00/36:08,8963) [kworker/3:0-events] (root,0,0,00:00:00/29:18,13606) [kworker/0:2-cgroup_destroy] (root,0,0,00:00:00/29:08,13607) [kworker/u8:1-ext4-rsv-conversion] (root,0,0,00:00:00/02:16:40,15801) [kworker/1:0-events] (postfix,43844,8768,00:00:00/23-21:19:11,17547) tlsmgr -l -t unix -u (root,0,0,00:00:00/21:33,18156) [kworker/u8:0-ext4-rsv-conversion] (root,0,0,00:00:00/57:40,23290) [kworker/1:2-cgroup_destroy] (root,0,0,00:00:00/14:52,23611) [kworker/0:0-events] (postfix,23460,7628,00:00:00/11:23,28125) pickup -l -t fifo -u (root,0,0,00:00:00/09:08,30345) [kworker/2:0-ata_sff] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-12-12 00:55 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe56836384d51f69Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12700,00:03:39/27-14:35:21,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:00/27-14:35:21,2) [kthreadd] (root,0,0,00:00:00/27-14:35:21,3) [rcu_gp] (root,0,0,00:00:00/27-14:35:21,4) [rcu_par_gp] (root,0,0,00:00:00/27-14:35:21,5) [slub_flushwq] (root,0,0,00:00:00/27-14:35:21,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/27-14:35:21,9) [mm_percpu_wq] (root,0,0,00:00:00/27-14:35:21,10) [rcu_tasks_kthre] (root,0,0,00:00:00/27-14:35:21,11) [rcu_tasks_rude_] (root,0,0,00:00:00/27-14:35:21,12) [rcu_tasks_trace] (root,0,0,00:00:17/27-14:35:21,13) [ksoftirqd/0] (root,0,0,01:12:43/27-14:35:21,14) [rcu_preempt] (root,0,0,00:00:09/27-14:35:21,15) [migration/0] (root,0,0,00:00:00/27-14:35:21,16) [idle_inject/0] (root,0,0,00:00:00/27-14:35:21,18) [cpuhp/0] (root,0,0,00:00:00/27-14:35:21,19) [cpuhp/1] (root,0,0,00:00:00/27-14:35:21,20) [idle_inject/1] (root,0,0,00:00:08/27-14:35:21,21) [migration/1] (root,0,0,00:00:13/27-14:35:21,22) [ksoftirqd/1] (root,0,0,00:00:00/27-14:35:21,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/27-14:35:21,25) [cpuhp/2] (root,0,0,00:00:00/27-14:35:21,26) [idle_inject/2] (root,0,0,00:00:09/27-14:35:21,27) [migration/2] (root,0,0,00:07:46/27-14:35:21,28) [ksoftirqd/2] (root,0,0,00:00:00/27-14:35:21,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/27-14:35:21,31) [cpuhp/3] (root,0,0,00:00:00/27-14:35:21,32) [idle_inject/3] (root,0,0,00:00:08/27-14:35:21,33) [migration/3] (root,0,0,00:00:57/27-14:35:21,34) [ksoftirqd/3] (root,0,0,00:00:00/27-14:35:21,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/27-14:35:21,41) [kdevtmpfs] (root,0,0,00:00:00/27-14:35:21,42) [netns] (root,0,0,00:00:00/27-14:35:21,43) [inet_frag_wq] (root,0,0,00:00:08/27-14:35:21,44) [kauditd] (root,0,0,00:00:00/27-14:35:21,47) [khungtaskd] (root,0,0,00:00:00/27-14:35:21,48) [oom_reaper] (root,0,0,00:00:00/27-14:35:21,49) [writeback] (root,0,0,00:01:16/27-14:35:21,50) [kcompactd0] (root,0,0,00:00:00/27-14:35:21,51) [ksmd] (root,0,0,00:01:14/27-14:35:21,52) [khugepaged] (root,0,0,00:00:00/27-14:35:21,77) [kintegrityd] (root,0,0,00:00:00/27-14:35:21,78) [kblockd] (root,0,0,00:00:00/27-14:35:21,79) [blkcg_punt_bio] (root,0,0,00:00:00/27-14:35:21,80) [tpm_dev_wq] (root,0,0,00:00:00/27-14:35:21,81) [edac-poller] (root,0,0,00:00:00/27-14:35:21,82) [devfreq_wq] (root,0,0,00:00:00/27-14:35:21,111) [watchdogd] (root,0,0,00:00:10/27-14:35:21,112) [kworker/2:1H-kblockd] (root,0,0,00:00:00/27-14:35:21,113) [kswapd0] (root,0,0,00:00:00/27-14:35:20,115) [kthrotld] (root,0,0,00:00:00/27-14:35:20,116) [mld] (root,0,0,00:00:00/27-14:35:20,117) [ipv6_addrconf] (root,0,0,00:00:05/27-14:35:20,118) [kworker/1:1H-kblockd] (root,0,0,00:00:00/27-14:35:20,123) [kstrp] (root,0,0,00:00:00/27-14:35:20,125) [zswap-shrink] (root,0,0,00:00:00/27-14:35:20,126) [kworker/u9:0] (root,0,0,00:00:00/27-14:35:20,131) [charger_manager] (root,0,0,00:00:04/27-14:35:20,173) [kworker/3:1H-kblockd] (root,0,0,00:00:05/27-14:35:20,176) [kworker/0:1H-kblockd] (root,0,0,00:00:00/27-14:35:19,329) [ata_sff] (root,0,0,00:00:00/27-14:35:19,330) [scsi_eh_0] (root,0,0,00:00:00/27-14:35:19,331) [scsi_tmf_0] (root,0,0,00:00:00/27-14:35:19,332) [scsi_eh_1] (root,0,0,00:00:00/27-14:35:19,333) [scsi_tmf_1] (root,0,0,00:00:34/27-14:35:17,351) [jbd2/vda1-8] (root,0,0,00:00:00/27-14:35:17,352) [ext4-rsv-conver] (root,38736,8248,00:01:09/27-14:35:03,425) /usr/lib/systemd/systemd-journald (root,53172,9768,00:00:03/27-14:35:02,444) /usr/lib/systemd/systemd-udevd (root,8624,5224,00:00:42/27-14:35:00,469) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1604,00:00:17/27-14:34:06,486) /sbin/auditd (messagebus,22532,5400,00:02:32/27-14:34:06,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38916,8608,00:01:13/27-14:34:06,505) /usr/lib/systemd/systemd-logind (root,20556,6060,00:00:00/27-14:34:06,517) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9040,00:00:00/27-14:34:04,583) /usr/sbin/wickedd --systemd --foreground (root,23220,9312,00:00:00/27-14:34:04,584) /usr/sbin/wickedd-nanny --systemd --foreground (root,0,0,00:00:00/04:24,1045) [kworker/2:1-ata_sff] (root,548616,29784,00:00:24/27-14:33:56,1143) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26780,00:00:00/27-14:33:55,1153) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4536,00:00:37/27-14:33:55,1166) /usr/sbin/xinetd -stayalive -dontfork (root,375116,12780,00:01:04/27-14:33:55,1168) /usr/sbin/rsyslogd -n -iNONE (root,2984,1800,00:00:00/27-14:33:55,1169) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,2516,684,00:00:00/27-14:33:55,1173) bpfilter_umh (ntp,19768,5896,00:02:30/27-14:33:55,1181) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (root,26204,8196,00:00:10/27-14:33:55,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,21768,4088,00:00:00/27-14:33:55,1187) ntpd: asynchronous dns resolver (spot,295588,128860,16:02:00/27-14:33:55,1193) /usr/bin/python3.11 /usr/bin/spot (root,23432,4664,00:00:08/27-14:33:53,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7648,00:00:01/27-14:33:53,1277) qmgr -l -t fifo -u (root,8960,2652,00:00:06/27-14:33:53,1296) /usr/sbin/cron -n (root,693308,76072,00:37:39/27-14:33:47,1325) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,211228,51164,00:09:03/27-14:33:37,1330) /usr/bin/python3.11 /usr/bin/spot (cm-ssh,40564,10632,00:00:21/27-14:33:01,1387) /usr/lib/systemd/systemd --user (cm-ssh,48564,3112,00:00:00/27-14:33:01,1388) (sd-pam) (root,0,0,00:00:00/01:09,3296) [kworker/0:1-events] (root,6656,3476,00:00:00/00:00,5537) /bin/bash /usr/bin/check_mk_agent (root,13744,3496,00:00:00/00:00,5555) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,964,00:00:00/00:00,5556) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,35056,9940,00:00:00/9-13:29:17,8646) sshd: cm-ssh [priv] (cm-ssh,35056,4648,00:00:31/9-13:29:17,8648) sshd: cm-ssh (root,35064,9876,00:00:00/9-13:29:10,8650) sshd: syslogtunnel [priv] (syslogtunnel,40564,10628,00:00:05/9-13:29:10,8654) /usr/lib/systemd/systemd --user (syslogtunnel,196228,3424,00:00:00/9-13:29:10,8655) (sd-pam) (syslogtunnel,35064,4592,00:00:34/9-13:29:10,8661) sshd: syslogtunnel (postfix,23460,7588,00:00:00/35:17,10705) pickup -l -t fifo -u (root,0,0,00:00:00/01:05:50,13960) [kworker/3:2-events] (root,0,0,00:00:03/02:55:36,14931) [kworker/2:2-events] (postfix,43844,8768,00:00:00/21-21:20:58,17547) tlsmgr -l -t unix -u (root,0,0,00:00:00/23:04,18064) [kworker/0:2-cgroup_destroy] (root,0,0,00:00:00/02:03:22,18319) [kworker/3:1-events] (root,0,0,00:00:00/15:47,24959) [kworker/u8:1-writeback] (root,0,0,00:00:00/15:47,24961) [kworker/1:0-events] (root,0,0,00:00:00/52:09,25614) [kworker/u8:0-events_unbound] (root,0,0,00:00:00/09:34,29680) [kworker/2:0-ata_sff] (root,0,0,00:00:00/08:50,30378) [kworker/1:1-events] (root,0,0,00:00:00/08:40,30380) [kworker/0:0-cgroup_destroy] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-12-10 00:57 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe568363346fdc6cFound public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12700,00:03:28/25-14:18:53,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:00/25-14:18:53,2) [kthreadd] (root,0,0,00:00:00/25-14:18:53,3) [rcu_gp] (root,0,0,00:00:00/25-14:18:53,4) [rcu_par_gp] (root,0,0,00:00:00/25-14:18:53,5) [slub_flushwq] (root,0,0,00:00:00/25-14:18:53,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/25-14:18:53,9) [mm_percpu_wq] (root,0,0,00:00:00/25-14:18:53,10) [rcu_tasks_kthre] (root,0,0,00:00:00/25-14:18:53,11) [rcu_tasks_rude_] (root,0,0,00:00:00/25-14:18:53,12) [rcu_tasks_trace] (root,0,0,00:00:16/25-14:18:53,13) [ksoftirqd/0] (root,0,0,01:07:21/25-14:18:53,14) [rcu_preempt] (root,0,0,00:00:08/25-14:18:53,15) [migration/0] (root,0,0,00:00:00/25-14:18:53,16) [idle_inject/0] (root,0,0,00:00:00/25-14:18:53,18) [cpuhp/0] (root,0,0,00:00:00/25-14:18:53,19) [cpuhp/1] (root,0,0,00:00:00/25-14:18:53,20) [idle_inject/1] (root,0,0,00:00:08/25-14:18:53,21) [migration/1] (root,0,0,00:00:12/25-14:18:53,22) [ksoftirqd/1] (root,0,0,00:00:00/25-14:18:53,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/25-14:18:53,25) [cpuhp/2] (root,0,0,00:00:00/25-14:18:53,26) [idle_inject/2] (root,0,0,00:00:08/25-14:18:53,27) [migration/2] (root,0,0,00:07:19/25-14:18:53,28) [ksoftirqd/2] (root,0,0,00:00:00/25-14:18:53,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/25-14:18:53,31) [cpuhp/3] (root,0,0,00:00:00/25-14:18:53,32) [idle_inject/3] (root,0,0,00:00:08/25-14:18:53,33) [migration/3] (root,0,0,00:00:53/25-14:18:53,34) [ksoftirqd/3] (root,0,0,00:00:00/25-14:18:53,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/25-14:18:53,41) [kdevtmpfs] (root,0,0,00:00:00/25-14:18:53,42) [netns] (root,0,0,00:00:00/25-14:18:53,43) [inet_frag_wq] (root,0,0,00:00:07/25-14:18:53,44) [kauditd] (root,0,0,00:00:00/25-14:18:53,47) [khungtaskd] (root,0,0,00:00:00/25-14:18:53,48) [oom_reaper] (root,0,0,00:00:00/25-14:18:53,49) [writeback] (root,0,0,00:01:11/25-14:18:53,50) [kcompactd0] (root,0,0,00:00:00/25-14:18:53,51) [ksmd] (root,0,0,00:01:08/25-14:18:53,52) [khugepaged] (root,0,0,00:00:00/25-14:18:53,77) [kintegrityd] (root,0,0,00:00:00/25-14:18:53,78) [kblockd] (root,0,0,00:00:00/25-14:18:53,79) [blkcg_punt_bio] (root,0,0,00:00:00/25-14:18:53,80) [tpm_dev_wq] (root,0,0,00:00:00/25-14:18:53,81) [edac-poller] (root,0,0,00:00:00/25-14:18:53,82) [devfreq_wq] (root,0,0,00:00:00/25-14:18:53,111) [watchdogd] (root,0,0,00:00:09/25-14:18:53,112) [kworker/2:1H-kblockd] (root,0,0,00:00:00/25-14:18:53,113) [kswapd0] (root,0,0,00:00:00/25-14:18:52,115) [kthrotld] (root,0,0,00:00:00/25-14:18:52,116) [mld] (root,0,0,00:00:00/25-14:18:52,117) [ipv6_addrconf] (root,0,0,00:00:05/25-14:18:52,118) [kworker/1:1H-kblockd] (root,0,0,00:00:00/25-14:18:52,123) [kstrp] (root,0,0,00:00:00/25-14:18:52,125) [zswap-shrink] (root,0,0,00:00:00/25-14:18:52,126) [kworker/u9:0] (root,0,0,00:00:00/25-14:18:52,131) [charger_manager] (root,0,0,00:00:04/25-14:18:52,173) [kworker/3:1H-kblockd] (root,0,0,00:00:04/25-14:18:52,176) [kworker/0:1H-kblockd] (root,0,0,00:00:00/25-14:18:51,329) [ata_sff] (root,0,0,00:00:00/25-14:18:51,330) [scsi_eh_0] (root,0,0,00:00:00/25-14:18:51,331) [scsi_tmf_0] (root,0,0,00:00:00/25-14:18:51,332) [scsi_eh_1] (root,0,0,00:00:00/25-14:18:51,333) [scsi_tmf_1] (root,0,0,00:00:31/25-14:18:49,351) [jbd2/vda1-8] (root,0,0,00:00:00/25-14:18:49,352) [ext4-rsv-conver] (root,0,0,00:00:00/07:05,382) [kworker/2:0-ata_sff] (root,38604,8248,00:01:05/25-14:18:35,425) /usr/lib/systemd/systemd-journald (root,53172,9768,00:00:03/25-14:18:34,444) /usr/lib/systemd/systemd-udevd (root,8624,5224,00:00:39/25-14:18:32,469) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1604,00:00:16/25-14:17:38,486) /sbin/auditd (messagebus,22532,5400,00:02:25/25-14:17:38,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38920,8604,00:01:09/25-14:17:38,505) /usr/lib/systemd/systemd-logind (root,20556,6060,00:00:00/25-14:17:38,517) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9040,00:00:00/25-14:17:36,583) /usr/sbin/wickedd --systemd --foreground (root,23220,9312,00:00:00/25-14:17:36,584) /usr/sbin/wickedd-nanny --systemd --foreground (root,548616,29784,00:00:22/25-14:17:28,1143) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26780,00:00:00/25-14:17:27,1153) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4536,00:00:34/25-14:17:27,1166) /usr/sbin/xinetd -stayalive -dontfork (root,375116,12516,00:01:01/25-14:17:27,1168) /usr/sbin/rsyslogd -n -iNONE (root,2984,1800,00:00:00/25-14:17:27,1169) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,2516,684,00:00:00/25-14:17:27,1173) bpfilter_umh (ntp,19768,5896,00:02:19/25-14:17:27,1181) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (root,26204,8196,00:00:10/25-14:17:27,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,21768,4088,00:00:00/25-14:17:27,1187) ntpd: asynchronous dns resolver (spot,300664,129876,14:57:17/25-14:17:27,1193) /usr/bin/python3.11 /usr/bin/spot (root,23432,4664,00:00:08/25-14:17:25,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7648,00:00:01/25-14:17:25,1277) qmgr -l -t fifo -u (root,8960,2652,00:00:05/25-14:17:25,1296) /usr/sbin/cron -n (root,692996,75780,00:34:54/25-14:17:19,1325) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,210204,49108,00:08:10/25-14:17:09,1330) /usr/bin/python3.11 /usr/bin/spot (cm-ssh,40564,10632,00:00:20/25-14:16:33,1387) /usr/lib/systemd/systemd --user (cm-ssh,48564,3112,00:00:00/25-14:16:33,1388) (sd-pam) (root,0,0,00:00:00/02:59,4571) [kworker/3:2-events] (root,0,0,00:00:00/03:06:46,5201) [kworker/0:2-cgroup_destroy] (root,0,0,00:00:00/01:53,5401) [kworker/2:1-ata_sff] (root,0,0,00:00:00/16:11,6255) [kworker/u8:2] (root,6656,3488,00:00:00/00:00,7093) /bin/bash /usr/bin/check_mk_agent (root,13744,3372,00:00:00/00:00,7111) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,964,00:00:00/00:00,7112) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,0,0,00:00:00/01:40:18,7862) [kworker/u8:0-flush-254:0] (root,35056,9940,00:00:00/7-13:12:49,8646) sshd: cm-ssh [priv] (cm-ssh,35056,4648,00:00:24/7-13:12:49,8648) sshd: cm-ssh (root,35064,9876,00:00:00/7-13:12:42,8650) sshd: syslogtunnel [priv] (syslogtunnel,40564,10628,00:00:04/7-13:12:42,8654) /usr/lib/systemd/systemd --user (syslogtunnel,196228,3424,00:00:00/7-13:12:42,8655) (sd-pam) (syslogtunnel,35064,4592,00:00:27/7-13:12:42,8661) sshd: syslogtunnel (postfix,23460,7648,00:00:00/38:42,11577) pickup -l -t fifo -u (root,0,0,00:00:00/01:30:57,15047) [kworker/1:2-events] (root,0,0,00:00:00/23:03,15166) [kworker/1:0-cgroup_destroy] (postfix,43844,8768,00:00:00/19-21:04:30,17547) tlsmgr -l -t unix -u (root,0,0,00:00:00/29:42,20814) [kworker/3:0-events] (root,0,0,00:00:01/01:24:54,21675) [kworker/2:2-events] (root,0,0,00:00:00/09:36,30414) [kworker/3:1-cgroup_destroy] (root,0,0,00:00:00/09:26,30748) [kworker/0:0-events] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-12-08 00:41 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe568363f1bad42cFound public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12700,00:03:16/23-14:06:02,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:00/23-14:06:02,2) [kthreadd] (root,0,0,00:00:00/23-14:06:02,3) [rcu_gp] (root,0,0,00:00:00/23-14:06:02,4) [rcu_par_gp] (root,0,0,00:00:00/23-14:06:02,5) [slub_flushwq] (root,0,0,00:00:00/23-14:06:02,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/23-14:06:02,9) [mm_percpu_wq] (root,0,0,00:00:00/23-14:06:02,10) [rcu_tasks_kthre] (root,0,0,00:00:00/23-14:06:02,11) [rcu_tasks_rude_] (root,0,0,00:00:00/23-14:06:02,12) [rcu_tasks_trace] (root,0,0,00:00:15/23-14:06:02,13) [ksoftirqd/0] (root,0,0,01:01:56/23-14:06:02,14) [rcu_preempt] (root,0,0,00:00:07/23-14:06:02,15) [migration/0] (root,0,0,00:00:00/23-14:06:02,16) [idle_inject/0] (root,0,0,00:00:00/23-14:06:02,18) [cpuhp/0] (root,0,0,00:00:00/23-14:06:02,19) [cpuhp/1] (root,0,0,00:00:00/23-14:06:02,20) [idle_inject/1] (root,0,0,00:00:07/23-14:06:02,21) [migration/1] (root,0,0,00:00:11/23-14:06:02,22) [ksoftirqd/1] (root,0,0,00:00:00/23-14:06:02,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/23-14:06:02,25) [cpuhp/2] (root,0,0,00:00:00/23-14:06:02,26) [idle_inject/2] (root,0,0,00:00:07/23-14:06:02,27) [migration/2] (root,0,0,00:06:47/23-14:06:02,28) [ksoftirqd/2] (root,0,0,00:00:00/23-14:06:02,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/23-14:06:02,31) [cpuhp/3] (root,0,0,00:00:00/23-14:06:02,32) [idle_inject/3] (root,0,0,00:00:07/23-14:06:02,33) [migration/3] (root,0,0,00:00:49/23-14:06:02,34) [ksoftirqd/3] (root,0,0,00:00:00/23-14:06:02,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/23-14:06:02,41) [kdevtmpfs] (root,0,0,00:00:00/23-14:06:02,42) [netns] (root,0,0,00:00:00/23-14:06:02,43) [inet_frag_wq] (root,0,0,00:00:07/23-14:06:02,44) [kauditd] (root,0,0,00:00:00/23-14:06:02,47) [khungtaskd] (root,0,0,00:00:00/23-14:06:02,48) [oom_reaper] (root,0,0,00:00:00/23-14:06:02,49) [writeback] (root,0,0,00:01:05/23-14:06:02,50) [kcompactd0] (root,0,0,00:00:00/23-14:06:02,51) [ksmd] (root,0,0,00:01:02/23-14:06:02,52) [khugepaged] (root,0,0,00:00:00/23-14:06:02,77) [kintegrityd] (root,0,0,00:00:00/23-14:06:02,78) [kblockd] (root,0,0,00:00:00/23-14:06:02,79) [blkcg_punt_bio] (root,0,0,00:00:00/23-14:06:02,80) [tpm_dev_wq] (root,0,0,00:00:00/23-14:06:02,81) [edac-poller] (root,0,0,00:00:00/23-14:06:02,82) [devfreq_wq] (root,0,0,00:00:00/23-14:06:02,111) [watchdogd] (root,0,0,00:00:08/23-14:06:02,112) [kworker/2:1H-kblockd] (root,0,0,00:00:00/23-14:06:02,113) [kswapd0] (root,0,0,00:00:00/23-14:06:01,115) [kthrotld] (root,0,0,00:00:00/23-14:06:01,116) [mld] (root,0,0,00:00:00/23-14:06:01,117) [ipv6_addrconf] (root,0,0,00:00:04/23-14:06:01,118) [kworker/1:1H-kblockd] (root,0,0,00:00:00/23-14:06:01,123) [kstrp] (root,0,0,00:00:00/23-14:06:01,125) [zswap-shrink] (root,0,0,00:00:00/23-14:06:01,126) [kworker/u9:0] (root,0,0,00:00:00/23-14:06:01,131) [charger_manager] (root,0,0,00:00:03/23-14:06:01,173) [kworker/3:1H-kblockd] (root,0,0,00:00:04/23-14:06:01,176) [kworker/0:1H-kblockd] (root,0,0,00:00:00/23-14:06:00,329) [ata_sff] (root,0,0,00:00:00/23-14:06:00,330) [scsi_eh_0] (root,0,0,00:00:00/23-14:06:00,331) [scsi_tmf_0] (root,0,0,00:00:00/23-14:06:00,332) [scsi_eh_1] (root,0,0,00:00:00/23-14:06:00,333) [scsi_tmf_1] (root,0,0,00:00:28/23-14:05:58,351) [jbd2/vda1-8] (root,0,0,00:00:00/23-14:05:58,352) [ext4-rsv-conver] (root,38604,8248,00:01:01/23-14:05:44,425) /usr/lib/systemd/systemd-journald (root,53172,9768,00:00:03/23-14:05:43,444) /usr/lib/systemd/systemd-udevd (root,8624,5224,00:00:36/23-14:05:41,469) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1604,00:00:15/23-14:04:47,486) /sbin/auditd (messagebus,22532,5400,00:02:17/23-14:04:47,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38920,8604,00:01:05/23-14:04:47,505) /usr/lib/systemd/systemd-logind (root,20556,6060,00:00:00/23-14:04:47,517) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9040,00:00:00/23-14:04:45,583) /usr/sbin/wickedd --systemd --foreground (root,23220,9312,00:00:00/23-14:04:45,584) /usr/sbin/wickedd-nanny --systemd --foreground (root,548360,28436,00:00:20/23-14:04:37,1143) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26780,00:00:00/23-14:04:36,1153) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4536,00:00:31/23-14:04:36,1166) /usr/sbin/xinetd -stayalive -dontfork (root,375116,12532,00:00:57/23-14:04:36,1168) /usr/sbin/rsyslogd -n -iNONE (root,2984,1800,00:00:00/23-14:04:36,1169) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,2516,684,00:00:00/23-14:04:36,1173) bpfilter_umh (ntp,19768,5896,00:02:08/23-14:04:36,1181) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (root,26204,8196,00:00:09/23-14:04:36,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,21768,4088,00:00:00/23-14:04:36,1187) ntpd: asynchronous dns resolver (spot,300760,129900,13:51:47/23-14:04:36,1193) /usr/bin/python3.11 /usr/bin/spot (root,23432,4664,00:00:07/23-14:04:34,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7648,00:00:01/23-14:04:34,1277) qmgr -l -t fifo -u (root,8960,2652,00:00:05/23-14:04:34,1296) /usr/sbin/cron -n (root,690180,72888,00:32:07/23-14:04:28,1325) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,209180,48212,00:07:16/23-14:04:18,1330) /usr/bin/python3.11 /usr/bin/spot (cm-ssh,40564,10632,00:00:19/23-14:03:42,1387) /usr/lib/systemd/systemd --user (cm-ssh,48564,3112,00:00:00/23-14:03:42,1388) (sd-pam) (root,0,0,00:00:00/03:39:11,2289) [kworker/1:2-events] (root,0,0,00:00:00/10:22,7114) [kworker/2:1-events] (root,35056,9940,00:00:00/5-12:59:58,8646) sshd: cm-ssh [priv] (cm-ssh,35056,4648,00:00:18/5-12:59:58,8648) sshd: cm-ssh (root,35064,9876,00:00:00/5-12:59:51,8650) sshd: syslogtunnel [priv] (syslogtunnel,40564,10628,00:00:03/5-12:59:51,8654) /usr/lib/systemd/systemd --user (syslogtunnel,196228,3424,00:00:00/5-12:59:51,8655) (sd-pam) (syslogtunnel,35064,4592,00:00:20/5-12:59:51,8661) sshd: syslogtunnel (root,0,0,00:00:00/36:43,11386) [kworker/3:2-cgroup_destroy] (root,0,0,00:00:00/05:12,12814) [kworker/2:0-ata_sff] (root,0,0,00:00:00/02:58,16231) [kworker/3:0-events] (root,0,0,00:00:00/01:03:42,17086) [kworker/0:2-events] (postfix,43844,8768,00:00:00/17-20:51:39,17547) tlsmgr -l -t unix -u (root,6656,3488,00:00:00/00:00,23085) /bin/bash /usr/bin/check_mk_agent (root,13744,3508,00:00:00/00:00,23106) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,956,00:00:00/00:00,23107) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,0,0,00:00:00/23:04,24731) [kworker/3:1-events] (root,0,0,00:00:00/02:18:11,27329) [kworker/u8:0-ext4-rsv-conversion] (postfix,23460,7572,00:00:00/47:53,30713) pickup -l -t fifo -u (root,0,0,00:00:00/16:33,32167) [kworker/1:0-events] (root,0,0,00:00:00/16:28,32168) [kworker/u8:1-writeback] (root,0,0,00:00:00/16:23,32170) [kworker/0:1] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-12-06 00:28 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe568363857125cdFound public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12700,00:03:04/21-12:48:50,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:00/21-12:48:50,2) [kthreadd] (root,0,0,00:00:00/21-12:48:50,3) [rcu_gp] (root,0,0,00:00:00/21-12:48:50,4) [rcu_par_gp] (root,0,0,00:00:00/21-12:48:50,5) [slub_flushwq] (root,0,0,00:00:00/21-12:48:50,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/21-12:48:50,9) [mm_percpu_wq] (root,0,0,00:00:00/21-12:48:50,10) [rcu_tasks_kthre] (root,0,0,00:00:00/21-12:48:50,11) [rcu_tasks_rude_] (root,0,0,00:00:00/21-12:48:50,12) [rcu_tasks_trace] (root,0,0,00:00:13/21-12:48:50,13) [ksoftirqd/0] (root,0,0,00:56:35/21-12:48:50,14) [rcu_preempt] (root,0,0,00:00:07/21-12:48:50,15) [migration/0] (root,0,0,00:00:00/21-12:48:50,16) [idle_inject/0] (root,0,0,00:00:00/21-12:48:50,18) [cpuhp/0] (root,0,0,00:00:00/21-12:48:50,19) [cpuhp/1] (root,0,0,00:00:00/21-12:48:50,20) [idle_inject/1] (root,0,0,00:00:07/21-12:48:50,21) [migration/1] (root,0,0,00:00:10/21-12:48:50,22) [ksoftirqd/1] (root,0,0,00:00:00/21-12:48:50,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/21-12:48:50,25) [cpuhp/2] (root,0,0,00:00:00/21-12:48:50,26) [idle_inject/2] (root,0,0,00:00:07/21-12:48:50,27) [migration/2] (root,0,0,00:06:16/21-12:48:50,28) [ksoftirqd/2] (root,0,0,00:00:00/21-12:48:50,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/21-12:48:50,31) [cpuhp/3] (root,0,0,00:00:00/21-12:48:50,32) [idle_inject/3] (root,0,0,00:00:07/21-12:48:50,33) [migration/3] (root,0,0,00:00:45/21-12:48:50,34) [ksoftirqd/3] (root,0,0,00:00:00/21-12:48:50,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/21-12:48:50,41) [kdevtmpfs] (root,0,0,00:00:00/21-12:48:50,42) [netns] (root,0,0,00:00:00/21-12:48:50,43) [inet_frag_wq] (root,0,0,00:00:07/21-12:48:50,44) [kauditd] (root,0,0,00:00:00/21-12:48:50,47) [khungtaskd] (root,0,0,00:00:00/21-12:48:50,48) [oom_reaper] (root,0,0,00:00:00/21-12:48:50,49) [writeback] (root,0,0,00:00:59/21-12:48:50,50) [kcompactd0] (root,0,0,00:00:00/21-12:48:50,51) [ksmd] (root,0,0,00:00:56/21-12:48:50,52) [khugepaged] (root,0,0,00:00:00/21-12:48:50,77) [kintegrityd] (root,0,0,00:00:00/21-12:48:50,78) [kblockd] (root,0,0,00:00:00/21-12:48:50,79) [blkcg_punt_bio] (root,0,0,00:00:00/21-12:48:50,80) [tpm_dev_wq] (root,0,0,00:00:00/21-12:48:50,81) [edac-poller] (root,0,0,00:00:00/21-12:48:50,82) [devfreq_wq] (root,0,0,00:00:00/21-12:48:50,111) [watchdogd] (root,0,0,00:00:07/21-12:48:50,112) [kworker/2:1H-kblockd] (root,0,0,00:00:00/21-12:48:50,113) [kswapd0] (root,0,0,00:00:00/21-12:48:49,115) [kthrotld] (root,0,0,00:00:00/21-12:48:49,116) [mld] (root,0,0,00:00:00/21-12:48:49,117) [ipv6_addrconf] (root,0,0,00:00:04/21-12:48:49,118) [kworker/1:1H-kblockd] (root,0,0,00:00:00/21-12:48:49,123) [kstrp] (root,0,0,00:00:00/21-12:48:49,125) [zswap-shrink] (root,0,0,00:00:00/21-12:48:49,126) [kworker/u9:0] (root,0,0,00:00:00/21-12:48:49,131) [charger_manager] (root,0,0,00:00:03/21-12:48:49,173) [kworker/3:1H-kblockd] (root,0,0,00:00:04/21-12:48:49,176) [kworker/0:1H-kblockd] (root,0,0,00:00:00/21-12:48:48,329) [ata_sff] (root,0,0,00:00:00/21-12:48:48,330) [scsi_eh_0] (root,0,0,00:00:00/21-12:48:48,331) [scsi_tmf_0] (root,0,0,00:00:00/21-12:48:48,332) [scsi_eh_1] (root,0,0,00:00:00/21-12:48:48,333) [scsi_tmf_1] (root,0,0,00:00:25/21-12:48:46,351) [jbd2/vda1-8] (root,0,0,00:00:00/21-12:48:46,352) [ext4-rsv-conver] (root,38604,8248,00:00:57/21-12:48:32,425) /usr/lib/systemd/systemd-journald (root,53172,9768,00:00:02/21-12:48:31,444) /usr/lib/systemd/systemd-udevd (root,8624,5224,00:00:33/21-12:48:29,469) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1604,00:00:14/21-12:47:35,486) /sbin/auditd (messagebus,22532,5400,00:02:08/21-12:47:35,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38920,8604,00:01:01/21-12:47:35,505) /usr/lib/systemd/systemd-logind (root,20556,6060,00:00:00/21-12:47:35,517) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9040,00:00:00/21-12:47:33,583) /usr/sbin/wickedd --systemd --foreground (root,23220,9312,00:00:00/21-12:47:33,584) /usr/sbin/wickedd-nanny --systemd --foreground (root,548360,28436,00:00:19/21-12:47:25,1143) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26780,00:00:00/21-12:47:24,1153) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4536,00:00:28/21-12:47:24,1166) /usr/sbin/xinetd -stayalive -dontfork (root,375116,12532,00:00:53/21-12:47:24,1168) /usr/sbin/rsyslogd -n -iNONE (root,2984,1800,00:00:00/21-12:47:24,1169) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,2516,684,00:00:00/21-12:47:24,1173) bpfilter_umh (ntp,19768,5896,00:01:57/21-12:47:24,1181) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (root,26204,8196,00:00:09/21-12:47:24,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,21768,4088,00:00:00/21-12:47:24,1187) ntpd: asynchronous dns resolver (spot,295508,128884,12:40:55/21-12:47:24,1193) /usr/bin/python3.11 /usr/bin/spot (root,23432,4664,00:00:06/21-12:47:22,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7648,00:00:01/21-12:47:22,1277) qmgr -l -t fifo -u (root,8960,2652,00:00:04/21-12:47:22,1296) /usr/sbin/cron -n (root,690180,72660,00:29:17/21-12:47:16,1325) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,208156,46136,00:06:23/21-12:47:06,1330) /usr/bin/python3.11 /usr/bin/spot (cm-ssh,40564,10632,00:00:17/21-12:46:30,1387) /usr/lib/systemd/systemd --user (cm-ssh,48564,3112,00:00:00/21-12:46:30,1388) (sd-pam) (root,0,0,00:00:00/02:01,3325) [kworker/2:0-ata_sff] (root,6656,3492,00:00:00/00:00,6360) /bin/bash /usr/bin/check_mk_agent (root,13744,3528,00:00:00/00:00,6378) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,968,00:00:00/00:00,6379) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,0,0,00:00:00/38:35,8412) [kworker/1:0-cgroup_destroy] (root,35056,9940,00:00:00/3-11:42:46,8646) sshd: cm-ssh [priv] (cm-ssh,35056,4648,00:00:11/3-11:42:46,8648) sshd: cm-ssh (root,35064,9876,00:00:00/3-11:42:39,8650) sshd: syslogtunnel [priv] (syslogtunnel,40564,10628,00:00:02/3-11:42:39,8654) /usr/lib/systemd/systemd --user (syslogtunnel,196228,3424,00:00:00/3-11:42:39,8655) (sd-pam) (syslogtunnel,35064,4592,00:00:12/3-11:42:39,8661) sshd: syslogtunnel (root,0,0,00:00:00/32:19,13859) [kworker/3:1-events] (root,0,0,00:00:00/32:08,13860) [kworker/u8:0-writeback] (root,0,0,00:00:00/01:04:17,15929) [kworker/0:1-cgroup_destroy] (postfix,43844,8768,00:00:00/15-19:34:27,17547) tlsmgr -l -t unix -u (postfix,23460,7620,00:00:00/01:32:53,19182) pickup -l -t fifo -u (root,0,0,00:00:01/59:06,20730) [kworker/2:2-events] (root,0,0,00:00:00/19:10,24570) [kworker/u8:2-events_unbound] (root,0,0,00:00:00/51:18,27767) [kworker/0:2-events] (root,0,0,00:00:00/13:00,28813) [kworker/3:2] (root,0,0,00:00:00/10:15,30773) [kworker/1:1-events] (root,0,0,00:00:00/07:13,32340) [kworker/2:1-ata_sff] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-12-03 23:11 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe56836310398ea2Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12700,00:02:52/19-14:34:24,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:00/19-14:34:24,2) [kthreadd] (root,0,0,00:00:00/19-14:34:24,3) [rcu_gp] (root,0,0,00:00:00/19-14:34:24,4) [rcu_par_gp] (root,0,0,00:00:00/19-14:34:24,5) [slub_flushwq] (root,0,0,00:00:00/19-14:34:24,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/19-14:34:24,9) [mm_percpu_wq] (root,0,0,00:00:00/19-14:34:24,10) [rcu_tasks_kthre] (root,0,0,00:00:00/19-14:34:24,11) [rcu_tasks_rude_] (root,0,0,00:00:00/19-14:34:24,12) [rcu_tasks_trace] (root,0,0,00:00:12/19-14:34:24,13) [ksoftirqd/0] (root,0,0,00:51:35/19-14:34:24,14) [rcu_preempt] (root,0,0,00:00:06/19-14:34:24,15) [migration/0] (root,0,0,00:00:00/19-14:34:24,16) [idle_inject/0] (root,0,0,00:00:00/19-14:34:24,18) [cpuhp/0] (root,0,0,00:00:00/19-14:34:24,19) [cpuhp/1] (root,0,0,00:00:00/19-14:34:24,20) [idle_inject/1] (root,0,0,00:00:06/19-14:34:24,21) [migration/1] (root,0,0,00:00:09/19-14:34:24,22) [ksoftirqd/1] (root,0,0,00:00:00/19-14:34:24,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/19-14:34:24,25) [cpuhp/2] (root,0,0,00:00:00/19-14:34:24,26) [idle_inject/2] (root,0,0,00:00:06/19-14:34:24,27) [migration/2] (root,0,0,00:05:43/19-14:34:24,28) [ksoftirqd/2] (root,0,0,00:00:00/19-14:34:24,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/19-14:34:24,31) [cpuhp/3] (root,0,0,00:00:00/19-14:34:24,32) [idle_inject/3] (root,0,0,00:00:06/19-14:34:24,33) [migration/3] (root,0,0,00:00:41/19-14:34:24,34) [ksoftirqd/3] (root,0,0,00:00:00/19-14:34:24,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/19-14:34:24,41) [kdevtmpfs] (root,0,0,00:00:00/19-14:34:24,42) [netns] (root,0,0,00:00:00/19-14:34:24,43) [inet_frag_wq] (root,0,0,00:00:06/19-14:34:24,44) [kauditd] (root,0,0,00:00:00/19-14:34:24,47) [khungtaskd] (root,0,0,00:00:00/19-14:34:24,48) [oom_reaper] (root,0,0,00:00:00/19-14:34:24,49) [writeback] (root,0,0,00:00:54/19-14:34:24,50) [kcompactd0] (root,0,0,00:00:00/19-14:34:24,51) [ksmd] (root,0,0,00:00:51/19-14:34:24,52) [khugepaged] (root,0,0,00:00:00/19-14:34:24,77) [kintegrityd] (root,0,0,00:00:00/19-14:34:24,78) [kblockd] (root,0,0,00:00:00/19-14:34:24,79) [blkcg_punt_bio] (root,0,0,00:00:00/19-14:34:24,80) [tpm_dev_wq] (root,0,0,00:00:00/19-14:34:24,81) [edac-poller] (root,0,0,00:00:00/19-14:34:24,82) [devfreq_wq] (root,0,0,00:00:00/19-14:34:24,111) [watchdogd] (root,0,0,00:00:06/19-14:34:24,112) [kworker/2:1H-kblockd] (root,0,0,00:00:00/19-14:34:24,113) [kswapd0] (root,0,0,00:00:00/19-14:34:23,115) [kthrotld] (root,0,0,00:00:00/19-14:34:23,116) [mld] (root,0,0,00:00:00/19-14:34:23,117) [ipv6_addrconf] (root,0,0,00:00:03/19-14:34:23,118) [kworker/1:1H-kblockd] (root,0,0,00:00:00/19-14:34:23,123) [kstrp] (root,0,0,00:00:00/19-14:34:23,125) [zswap-shrink] (root,0,0,00:00:00/19-14:34:23,126) [kworker/u9:0] (root,0,0,00:00:00/19-14:34:23,131) [charger_manager] (root,0,0,00:00:03/19-14:34:23,173) [kworker/3:1H-kblockd] (root,0,0,00:00:03/19-14:34:23,176) [kworker/0:1H-kblockd] (root,0,0,00:00:00/19-14:34:22,329) [ata_sff] (root,0,0,00:00:00/19-14:34:22,330) [scsi_eh_0] (root,0,0,00:00:00/19-14:34:22,331) [scsi_tmf_0] (root,0,0,00:00:00/19-14:34:22,332) [scsi_eh_1] (root,0,0,00:00:00/19-14:34:22,333) [scsi_tmf_1] (root,0,0,00:00:23/19-14:34:20,351) [jbd2/vda1-8] (root,0,0,00:00:00/19-14:34:20,352) [ext4-rsv-conver] (root,38604,8248,00:00:54/19-14:34:06,425) /usr/lib/systemd/systemd-journald (root,53172,9768,00:00:02/19-14:34:05,444) /usr/lib/systemd/systemd-udevd (root,8624,5224,00:00:30/19-14:34:03,469) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1604,00:00:13/19-14:33:09,486) /sbin/auditd (messagebus,22532,5400,00:02:00/19-14:33:09,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38920,8604,00:00:57/19-14:33:09,505) /usr/lib/systemd/systemd-logind (root,20556,6060,00:00:00/19-14:33:09,517) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9040,00:00:00/19-14:33:07,583) /usr/sbin/wickedd --systemd --foreground (root,23220,9312,00:00:00/19-14:33:07,584) /usr/sbin/wickedd-nanny --systemd --foreground (root,548360,28436,00:00:17/19-14:32:59,1143) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26780,00:00:00/19-14:32:58,1153) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4536,00:00:26/19-14:32:58,1166) /usr/sbin/xinetd -stayalive -dontfork (root,375116,12532,00:00:50/19-14:32:58,1168) /usr/sbin/rsyslogd -n -iNONE (root,2984,1800,00:00:00/19-14:32:58,1169) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,2516,684,00:00:00/19-14:32:58,1173) bpfilter_umh (ntp,19768,5896,00:01:46/19-14:32:58,1181) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (root,26204,8196,00:00:08/19-14:32:58,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,21768,4088,00:00:00/19-14:32:58,1187) ntpd: asynchronous dns resolver (spot,295796,128452,11:40:42/19-14:32:58,1193) /usr/bin/python3.11 /usr/bin/spot (root,23432,4664,00:00:06/19-14:32:56,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7648,00:00:01/19-14:32:56,1277) qmgr -l -t fifo -u (root,8960,2652,00:00:04/19-14:32:56,1296) /usr/sbin/cron -n (root,689924,69948,00:26:38/19-14:32:50,1325) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,207132,45164,00:05:45/19-14:32:40,1330) /usr/bin/python3.11 /usr/bin/spot (cm-ssh,40564,10632,00:00:16/19-14:32:04,1387) /usr/lib/systemd/systemd --user (cm-ssh,48564,3112,00:00:00/19-14:32:04,1388) (sd-pam) (root,0,0,00:00:00/37:10,1654) [kworker/2:1-events] (root,0,0,00:00:00/01:09:26,7548) [kworker/3:2-cgroup_destroy] (root,35056,9940,00:00:00/1-13:28:20,8646) sshd: cm-ssh [priv] (cm-ssh,35056,4648,00:00:05/1-13:28:20,8648) sshd: cm-ssh (root,35064,9876,00:00:00/1-13:28:13,8650) sshd: syslogtunnel [priv] (syslogtunnel,40564,10628,00:00:01/1-13:28:13,8654) /usr/lib/systemd/systemd --user (syslogtunnel,196228,3424,00:00:00/1-13:28:13,8655) (sd-pam) (syslogtunnel,35064,4592,00:00:05/1-13:28:13,8661) sshd: syslogtunnel (root,0,0,00:00:00/25:23,8975) [kworker/u8:2] (root,0,0,00:00:00/19:47,11477) [kworker/0:2-cgroup_destroy] (root,0,0,00:00:00/19:37,11479) [kworker/3:1-cgroup_destroy] (postfix,23460,7544,00:00:00/18:26,12022) pickup -l -t fifo -u (root,0,0,00:00:00/01:36:14,12790) [kworker/u8:1-writeback] (root,0,0,00:00:00/13:28,14506) [kworker/1:1] (postfix,43844,8768,00:00:00/13-21:20:01,17547) tlsmgr -l -t unix -u (root,0,0,00:00:00/01:27:44,18832) [kworker/1:2-events] (root,0,0,00:00:00/06:03,20245) [kworker/2:2-ata_sff] (root,0,0,00:00:00/01:24,23755) [kworker/0:1] (root,0,0,00:00:00/01:14,23980) [kworker/3:0-events] (root,0,0,00:00:00/00:50,23984) [kworker/2:0-ata_sff] (root,6656,3488,00:00:00/00:00,25027) /bin/bash /usr/bin/check_mk_agent (root,13744,3528,00:00:00/00:00,25045) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,960,00:00:00/00:00,25046) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,0,0,00:00:00/44:31,26306) [kworker/0:0-events] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-12-02 00:56 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe5683637c06e518Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12700,00:02:40/17-13:35:33,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:00/17-13:35:33,2) [kthreadd] (root,0,0,00:00:00/17-13:35:33,3) [rcu_gp] (root,0,0,00:00:00/17-13:35:33,4) [rcu_par_gp] (root,0,0,00:00:00/17-13:35:33,5) [slub_flushwq] (root,0,0,00:00:00/17-13:35:33,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/17-13:35:33,9) [mm_percpu_wq] (root,0,0,00:00:00/17-13:35:33,10) [rcu_tasks_kthre] (root,0,0,00:00:00/17-13:35:33,11) [rcu_tasks_rude_] (root,0,0,00:00:00/17-13:35:33,12) [rcu_tasks_trace] (root,0,0,00:00:11/17-13:35:33,13) [ksoftirqd/0] (root,0,0,00:46:23/17-13:35:33,14) [rcu_preempt] (root,0,0,00:00:05/17-13:35:33,15) [migration/0] (root,0,0,00:00:00/17-13:35:33,16) [idle_inject/0] (root,0,0,00:00:00/17-13:35:33,18) [cpuhp/0] (root,0,0,00:00:00/17-13:35:33,19) [cpuhp/1] (root,0,0,00:00:00/17-13:35:33,20) [idle_inject/1] (root,0,0,00:00:05/17-13:35:33,21) [migration/1] (root,0,0,00:00:08/17-13:35:33,22) [ksoftirqd/1] (root,0,0,00:00:00/17-13:35:33,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/17-13:35:33,25) [cpuhp/2] (root,0,0,00:00:00/17-13:35:33,26) [idle_inject/2] (root,0,0,00:00:05/17-13:35:33,27) [migration/2] (root,0,0,00:05:16/17-13:35:33,28) [ksoftirqd/2] (root,0,0,00:00:00/17-13:35:33,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/17-13:35:33,31) [cpuhp/3] (root,0,0,00:00:00/17-13:35:33,32) [idle_inject/3] (root,0,0,00:00:05/17-13:35:33,33) [migration/3] (root,0,0,00:00:37/17-13:35:33,34) [ksoftirqd/3] (root,0,0,00:00:00/17-13:35:33,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/17-13:35:33,41) [kdevtmpfs] (root,0,0,00:00:00/17-13:35:33,42) [netns] (root,0,0,00:00:00/17-13:35:33,43) [inet_frag_wq] (root,0,0,00:00:06/17-13:35:33,44) [kauditd] (root,0,0,00:00:00/17-13:35:33,47) [khungtaskd] (root,0,0,00:00:00/17-13:35:33,48) [oom_reaper] (root,0,0,00:00:00/17-13:35:33,49) [writeback] (root,0,0,00:00:48/17-13:35:33,50) [kcompactd0] (root,0,0,00:00:00/17-13:35:33,51) [ksmd] (root,0,0,00:00:46/17-13:35:33,52) [khugepaged] (root,0,0,00:00:00/17-13:35:33,77) [kintegrityd] (root,0,0,00:00:00/17-13:35:33,78) [kblockd] (root,0,0,00:00:00/17-13:35:33,79) [blkcg_punt_bio] (root,0,0,00:00:00/17-13:35:33,80) [tpm_dev_wq] (root,0,0,00:00:00/17-13:35:33,81) [edac-poller] (root,0,0,00:00:00/17-13:35:33,82) [devfreq_wq] (root,0,0,00:00:00/17-13:35:33,111) [watchdogd] (root,0,0,00:00:06/17-13:35:33,112) [kworker/2:1H-kblockd] (root,0,0,00:00:00/17-13:35:33,113) [kswapd0] (root,0,0,00:00:00/17-13:35:32,115) [kthrotld] (root,0,0,00:00:00/17-13:35:32,116) [mld] (root,0,0,00:00:00/17-13:35:32,117) [ipv6_addrconf] (root,0,0,00:00:03/17-13:35:32,118) [kworker/1:1H-kblockd] (root,0,0,00:00:00/17-13:35:32,123) [kstrp] (root,0,0,00:00:00/17-13:35:32,125) [zswap-shrink] (root,0,0,00:00:00/17-13:35:32,126) [kworker/u9:0] (root,0,0,00:00:00/17-13:35:32,131) [charger_manager] (root,0,0,00:00:02/17-13:35:32,173) [kworker/3:1H-kblockd] (root,0,0,00:00:03/17-13:35:32,176) [kworker/0:1H-kblockd] (root,0,0,00:00:00/17-13:35:31,329) [ata_sff] (root,0,0,00:00:00/17-13:35:31,330) [scsi_eh_0] (root,0,0,00:00:00/17-13:35:31,331) [scsi_tmf_0] (root,0,0,00:00:00/17-13:35:31,332) [scsi_eh_1] (root,0,0,00:00:00/17-13:35:31,333) [scsi_tmf_1] (root,0,0,00:00:20/17-13:35:29,351) [jbd2/vda1-8] (root,0,0,00:00:00/17-13:35:29,352) [ext4-rsv-conver] (root,38604,8248,00:00:49/17-13:35:15,425) /usr/lib/systemd/systemd-journald (root,53172,9768,00:00:02/17-13:35:14,444) /usr/lib/systemd/systemd-udevd (root,8624,5224,00:00:27/17-13:35:12,469) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1604,00:00:12/17-13:34:18,486) /sbin/auditd (messagebus,22532,5400,00:01:51/17-13:34:18,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38920,8604,00:00:53/17-13:34:18,505) /usr/lib/systemd/systemd-logind (root,20556,6060,00:00:00/17-13:34:18,517) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9040,00:00:00/17-13:34:16,583) /usr/sbin/wickedd --systemd --foreground (root,23220,9312,00:00:00/17-13:34:16,584) /usr/sbin/wickedd-nanny --systemd --foreground (root,0,0,00:00:00/01:01,853) [kworker/2:0-ata_sff] (root,548104,27300,00:00:15/17-13:34:08,1143) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26780,00:00:00/17-13:34:07,1153) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4536,00:00:23/17-13:34:07,1166) /usr/sbin/xinetd -stayalive -dontfork (root,375116,12564,00:00:46/17-13:34:07,1168) /usr/sbin/rsyslogd -n -iNONE (root,2984,1800,00:00:00/17-13:34:07,1169) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,2516,684,00:00:00/17-13:34:07,1173) bpfilter_umh (ntp,19768,5896,00:01:35/17-13:34:07,1181) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (root,26204,8196,00:00:08/17-13:34:07,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,21768,4088,00:00:00/17-13:34:07,1187) ntpd: asynchronous dns resolver (spot,295444,128364,10:45:21/17-13:34:07,1193) /usr/bin/python3.11 /usr/bin/spot (root,23432,4664,00:00:05/17-13:34:05,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7648,00:00:01/17-13:34:05,1277) qmgr -l -t fifo -u (root,8960,2652,00:00:03/17-13:34:05,1296) /usr/sbin/cron -n (syslogtunnel,40568,10556,00:00:15/17-13:34:02,1307) /usr/lib/systemd/systemd --user (syslogtunnel,48564,3092,00:00:00/17-13:34:02,1308) (sd-pam) (root,689924,71828,00:23:53/17-13:33:59,1325) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,206108,43908,00:05:07/17-13:33:49,1330) /usr/bin/python3.11 /usr/bin/spot (cm-ssh,40564,10632,00:00:15/17-13:33:13,1387) /usr/lib/systemd/systemd --user (cm-ssh,48564,3112,00:00:00/17-13:33:13,1388) (sd-pam) (root,0,0,00:00:00/04:49:08,2574) [kworker/u8:1-ext4-rsv-conversion] (root,0,0,00:00:00/00:14,2981) [kworker/u8:2] (root,0,0,00:00:00/00:14,2983) [kworker/0:0-events] (root,0,0,00:00:00/43:22,4072) [kworker/1:1-events] (root,6656,3492,00:00:00/00:00,4291) /bin/bash /usr/bin/check_mk_agent (root,13744,3368,00:00:00/00:00,4309) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,964,00:00:00/00:00,4310) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (postfix,23460,7616,00:00:00/01:21:32,5651) pickup -l -t fifo -u (root,0,0,00:00:00/03:29:02,6683) [kworker/3:2-cgroup_destroy] (root,0,0,00:00:09/07:47:57,9324) [kworker/2:2-events] (root,35064,10032,00:00:00/15-15:26:57,9396) sshd: syslogtunnel [priv] (syslogtunnel,35064,4704,00:01:00/15-15:26:57,9398) sshd: syslogtunnel (root,0,0,00:00:00/57:10,14610) [kworker/1:2-events] (postfix,43844,8768,00:00:00/11-20:21:10,17547) tlsmgr -l -t unix -u (root,0,0,00:00:00/06:35,21785) [kworker/0:2-cgroup_destroy] (root,0,0,00:00:00/06:25,21866) [kworker/u8:0-flush-254:0] (root,0,0,00:00:00/06:25,21868) [kworker/3:1-events] (root,0,0,00:00:00/06:13,21869) [kworker/2:1-ata_sff] (root,35056,9880,00:00:00/1-12:54:10,22453) sshd: cm-ssh [priv] (cm-ssh,35056,4584,00:00:05/1-12:54:10,22455) sshd: cm-ssh (root,0,0,00:00:00/18:42,22644) [kworker/0:1-cgroup_destroy] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-11-29 23:57 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe5683630bc98f09Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12684,00:02:13/13-14:01:33,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:00/13-14:01:33,2) [kthreadd] (root,0,0,00:00:00/13-14:01:33,3) [rcu_gp] (root,0,0,00:00:00/13-14:01:33,4) [rcu_par_gp] (root,0,0,00:00:00/13-14:01:33,5) [slub_flushwq] (root,0,0,00:00:00/13-14:01:33,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/13-14:01:33,9) [mm_percpu_wq] (root,0,0,00:00:00/13-14:01:33,10) [rcu_tasks_kthre] (root,0,0,00:00:00/13-14:01:33,11) [rcu_tasks_rude_] (root,0,0,00:00:00/13-14:01:33,12) [rcu_tasks_trace] (root,0,0,00:00:09/13-14:01:33,13) [ksoftirqd/0] (root,0,0,00:35:52/13-14:01:33,14) [rcu_preempt] (root,0,0,00:00:04/13-14:01:33,15) [migration/0] (root,0,0,00:00:00/13-14:01:33,16) [idle_inject/0] (root,0,0,00:00:00/13-14:01:33,18) [cpuhp/0] (root,0,0,00:00:00/13-14:01:33,19) [cpuhp/1] (root,0,0,00:00:00/13-14:01:33,20) [idle_inject/1] (root,0,0,00:00:04/13-14:01:33,21) [migration/1] (root,0,0,00:00:06/13-14:01:33,22) [ksoftirqd/1] (root,0,0,00:00:00/13-14:01:33,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/13-14:01:33,25) [cpuhp/2] (root,0,0,00:00:00/13-14:01:33,26) [idle_inject/2] (root,0,0,00:00:04/13-14:01:33,27) [migration/2] (root,0,0,00:04:16/13-14:01:33,28) [ksoftirqd/2] (root,0,0,00:00:00/13-14:01:33,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/13-14:01:33,31) [cpuhp/3] (root,0,0,00:00:00/13-14:01:33,32) [idle_inject/3] (root,0,0,00:00:04/13-14:01:33,33) [migration/3] (root,0,0,00:00:30/13-14:01:33,34) [ksoftirqd/3] (root,0,0,00:00:00/13-14:01:33,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/13-14:01:33,41) [kdevtmpfs] (root,0,0,00:00:00/13-14:01:33,42) [netns] (root,0,0,00:00:00/13-14:01:33,43) [inet_frag_wq] (root,0,0,00:00:05/13-14:01:33,44) [kauditd] (root,0,0,00:00:00/13-14:01:33,47) [khungtaskd] (root,0,0,00:00:00/13-14:01:33,48) [oom_reaper] (root,0,0,00:00:00/13-14:01:33,49) [writeback] (root,0,0,00:00:37/13-14:01:33,50) [kcompactd0] (root,0,0,00:00:00/13-14:01:33,51) [ksmd] (root,0,0,00:00:35/13-14:01:33,52) [khugepaged] (root,0,0,00:00:00/13-14:01:33,77) [kintegrityd] (root,0,0,00:00:00/13-14:01:33,78) [kblockd] (root,0,0,00:00:00/13-14:01:33,79) [blkcg_punt_bio] (root,0,0,00:00:00/13-14:01:33,80) [tpm_dev_wq] (root,0,0,00:00:00/13-14:01:33,81) [edac-poller] (root,0,0,00:00:00/13-14:01:33,82) [devfreq_wq] (root,0,0,00:00:00/13-14:01:33,111) [watchdogd] (root,0,0,00:00:04/13-14:01:33,112) [kworker/2:1H-kblockd] (root,0,0,00:00:00/13-14:01:33,113) [kswapd0] (root,0,0,00:00:00/13-14:01:32,115) [kthrotld] (root,0,0,00:00:00/13-14:01:32,116) [mld] (root,0,0,00:00:00/13-14:01:32,117) [ipv6_addrconf] (root,0,0,00:00:02/13-14:01:32,118) [kworker/1:1H-kblockd] (root,0,0,00:00:00/13-14:01:32,123) [kstrp] (root,0,0,00:00:00/13-14:01:32,125) [zswap-shrink] (root,0,0,00:00:00/13-14:01:32,126) [kworker/u9:0] (root,0,0,00:00:00/13-14:01:32,131) [charger_manager] (root,0,0,00:00:02/13-14:01:32,173) [kworker/3:1H-kblockd] (root,0,0,00:00:02/13-14:01:32,176) [kworker/0:1H-kblockd] (root,0,0,00:00:00/13-14:01:31,329) [ata_sff] (root,0,0,00:00:00/13-14:01:31,330) [scsi_eh_0] (root,0,0,00:00:00/13-14:01:31,331) [scsi_tmf_0] (root,0,0,00:00:00/13-14:01:31,332) [scsi_eh_1] (root,0,0,00:00:00/13-14:01:31,333) [scsi_tmf_1] (root,0,0,00:00:15/13-14:01:29,351) [jbd2/vda1-8] (root,0,0,00:00:00/13-14:01:29,352) [ext4-rsv-conver] (root,38604,8248,00:00:41/13-14:01:15,425) /usr/lib/systemd/systemd-journald (root,53172,9768,00:00:01/13-14:01:14,444) /usr/lib/systemd/systemd-udevd (root,8624,5224,00:00:21/13-14:01:12,469) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1604,00:00:10/13-14:00:18,486) /sbin/auditd (messagebus,22532,5400,00:01:33/13-14:00:18,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38916,8604,00:00:44/13-14:00:18,505) /usr/lib/systemd/systemd-logind (root,20556,6060,00:00:00/13-14:00:18,517) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9040,00:00:00/13-14:00:16,583) /usr/sbin/wickedd --systemd --foreground (root,23220,9312,00:00:00/13-14:00:16,584) /usr/sbin/wickedd-nanny --systemd --foreground (root,547848,25992,00:00:12/13-14:00:08,1143) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26780,00:00:00/13-14:00:07,1153) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4536,00:00:17/13-14:00:07,1166) /usr/sbin/xinetd -stayalive -dontfork (root,375116,12604,00:00:38/13-14:00:07,1168) /usr/sbin/rsyslogd -n -iNONE (root,2984,1800,00:00:00/13-14:00:07,1169) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,2516,684,00:00:00/13-14:00:07,1173) bpfilter_umh (ntp,19768,5896,00:01:14/13-14:00:07,1181) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (root,26204,8196,00:00:06/13-14:00:07,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,21768,4088,00:00:00/13-14:00:07,1187) ntpd: asynchronous dns resolver (spot,229236,116444,08:07:03/13-14:00:07,1193) /usr/bin/python3.11 /usr/bin/spot (root,23432,4664,00:00:04/13-14:00:05,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7648,00:00:00/13-14:00:05,1277) qmgr -l -t fifo -u (root,8960,2652,00:00:03/13-14:00:05,1296) /usr/sbin/cron -n (syslogtunnel,40568,10556,00:00:13/13-14:00:02,1307) /usr/lib/systemd/systemd --user (syslogtunnel,48564,3092,00:00:00/13-14:00:02,1308) (sd-pam) (root,689264,71284,00:18:29/13-13:59:59,1325) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,204060,40624,00:03:54/13-13:59:49,1330) /usr/bin/python3.11 /usr/bin/spot (cm-ssh,40564,10632,00:00:13/13-13:59:13,1387) /usr/lib/systemd/systemd --user (cm-ssh,48564,3112,00:00:00/13-13:59:13,1388) (sd-pam) (root,0,0,00:00:00/02:31:50,7808) [kworker/u8:0-writeback] (postfix,23460,7608,00:00:00/51:28,8875) pickup -l -t fifo -u (root,35056,9992,00:00:00/11-15:53:06,9393) sshd: cm-ssh [priv] (cm-ssh,35056,4700,00:00:38/11-15:53:06,9395) sshd: cm-ssh (root,35064,10032,00:00:00/11-15:52:57,9396) sshd: syslogtunnel [priv] (syslogtunnel,35064,4704,00:00:46/11-15:52:57,9398) sshd: syslogtunnel (root,0,0,00:00:00/49:41,10571) [kworker/1:0-events] (root,0,0,00:00:00/18:58,10645) [kworker/u8:1-ext4-rsv-conversion] (root,0,0,00:00:00/18:58,10647) [kworker/0:0-events] (root,0,0,00:00:00/01:15:20,16455) [kworker/0:2-events] (postfix,43844,8768,00:00:00/7-20:47:10,17547) tlsmgr -l -t unix -u (root,0,0,00:00:00/12:04,17882) [kworker/2:2-events] (root,0,0,00:00:00/08:20,20892) [kworker/3:1-events] (root,0,0,00:00:00/06:53,21661) [kworker/2:1-ata_sff] (root,0,0,00:00:00/01:46,27232) [kworker/u8:2] (root,0,0,00:00:00/01:41,27233) [kworker/2:0-ata_sff] (root,0,0,00:00:00/02:11:31,28307) [kworker/3:0-cgroup_destroy] (root,6656,3472,00:00:00/00:00,28553) /bin/bash /usr/bin/check_mk_agent (root,13744,3500,00:00:00/00:00,28571) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,964,00:00:00/00:00,28572) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,0,0,00:00:00/34:25,28818) [kworker/1:2-cgroup_destroy] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-11-26 00:23 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe568363c466ce8aFound public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12664,00:01:56/11-11:47:17,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:00/11-11:47:17,2) [kthreadd] (root,0,0,00:00:00/11-11:47:17,3) [rcu_gp] (root,0,0,00:00:00/11-11:47:17,4) [rcu_par_gp] (root,0,0,00:00:00/11-11:47:17,5) [slub_flushwq] (root,0,0,00:00:00/11-11:47:17,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/11-11:47:17,9) [mm_percpu_wq] (root,0,0,00:00:00/11-11:47:17,10) [rcu_tasks_kthre] (root,0,0,00:00:00/11-11:47:17,11) [rcu_tasks_rude_] (root,0,0,00:00:00/11-11:47:17,12) [rcu_tasks_trace] (root,0,0,00:00:07/11-11:47:17,13) [ksoftirqd/0] (root,0,0,00:30:13/11-11:47:17,14) [rcu_preempt] (root,0,0,00:00:03/11-11:47:17,15) [migration/0] (root,0,0,00:00:00/11-11:47:17,16) [idle_inject/0] (root,0,0,00:00:00/11-11:47:17,18) [cpuhp/0] (root,0,0,00:00:00/11-11:47:17,19) [cpuhp/1] (root,0,0,00:00:00/11-11:47:17,20) [idle_inject/1] (root,0,0,00:00:03/11-11:47:17,21) [migration/1] (root,0,0,00:00:05/11-11:47:17,22) [ksoftirqd/1] (root,0,0,00:00:00/11-11:47:17,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/11-11:47:17,25) [cpuhp/2] (root,0,0,00:00:00/11-11:47:17,26) [idle_inject/2] (root,0,0,00:00:03/11-11:47:17,27) [migration/2] (root,0,0,00:03:35/11-11:47:17,28) [ksoftirqd/2] (root,0,0,00:00:00/11-11:47:17,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/11-11:47:17,31) [cpuhp/3] (root,0,0,00:00:00/11-11:47:17,32) [idle_inject/3] (root,0,0,00:00:03/11-11:47:17,33) [migration/3] (root,0,0,00:00:25/11-11:47:17,34) [ksoftirqd/3] (root,0,0,00:00:00/11-11:47:17,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/11-11:47:17,41) [kdevtmpfs] (root,0,0,00:00:00/11-11:47:17,42) [netns] (root,0,0,00:00:00/11-11:47:17,43) [inet_frag_wq] (root,0,0,00:00:04/11-11:47:17,44) [kauditd] (root,0,0,00:00:00/11-11:47:17,47) [khungtaskd] (root,0,0,00:00:00/11-11:47:17,48) [oom_reaper] (root,0,0,00:00:00/11-11:47:17,49) [writeback] (root,0,0,00:00:31/11-11:47:17,50) [kcompactd0] (root,0,0,00:00:00/11-11:47:17,51) [ksmd] (root,0,0,00:00:30/11-11:47:17,52) [khugepaged] (root,0,0,00:00:00/11-11:47:17,77) [kintegrityd] (root,0,0,00:00:00/11-11:47:17,78) [kblockd] (root,0,0,00:00:00/11-11:47:17,79) [blkcg_punt_bio] (root,0,0,00:00:00/11-11:47:17,80) [tpm_dev_wq] (root,0,0,00:00:00/11-11:47:17,81) [edac-poller] (root,0,0,00:00:00/11-11:47:17,82) [devfreq_wq] (root,0,0,00:00:00/11-11:47:17,111) [watchdogd] (root,0,0,00:00:04/11-11:47:17,112) [kworker/2:1H-kblockd] (root,0,0,00:00:00/11-11:47:17,113) [kswapd0] (root,0,0,00:00:00/11-11:47:16,115) [kthrotld] (root,0,0,00:00:00/11-11:47:16,116) [mld] (root,0,0,00:00:00/11-11:47:16,117) [ipv6_addrconf] (root,0,0,00:00:02/11-11:47:16,118) [kworker/1:1H-kblockd] (root,0,0,00:00:00/11-11:47:16,123) [kstrp] (root,0,0,00:00:00/11-11:47:16,125) [zswap-shrink] (root,0,0,00:00:00/11-11:47:16,126) [kworker/u9:0] (root,0,0,00:00:00/11-11:47:16,131) [charger_manager] (root,0,0,00:00:01/11-11:47:16,173) [kworker/3:1H-kblockd] (root,0,0,00:00:02/11-11:47:16,176) [kworker/0:1H-kblockd] (root,0,0,00:00:00/11-11:47:15,329) [ata_sff] (root,0,0,00:00:00/11-11:47:15,330) [scsi_eh_0] (root,0,0,00:00:00/11-11:47:15,331) [scsi_tmf_0] (root,0,0,00:00:00/11-11:47:15,332) [scsi_eh_1] (root,0,0,00:00:00/11-11:47:15,333) [scsi_tmf_1] (root,0,0,00:00:13/11-11:47:13,351) [jbd2/vda1-8] (root,0,0,00:00:00/11-11:47:13,352) [ext4-rsv-conver] (root,38604,8248,00:00:35/11-11:46:59,425) /usr/lib/systemd/systemd-journald (root,53172,9768,00:00:01/11-11:46:58,444) /usr/lib/systemd/systemd-udevd (root,8624,5224,00:00:18/11-11:46:56,469) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1604,00:00:09/11-11:46:02,486) /sbin/auditd (messagebus,22532,5400,00:01:21/11-11:46:02,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38916,8600,00:00:38/11-11:46:02,505) /usr/lib/systemd/systemd-logind (root,20556,6060,00:00:00/11-11:46:02,517) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9040,00:00:00/11-11:46:00,583) /usr/sbin/wickedd --systemd --foreground (root,23220,9312,00:00:00/11-11:46:00,584) /usr/sbin/wickedd-nanny --systemd --foreground (root,547848,24956,00:00:10/11-11:45:52,1143) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26780,00:00:00/11-11:45:51,1153) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4536,00:00:14/11-11:45:51,1166) /usr/sbin/xinetd -stayalive -dontfork (root,375116,12604,00:00:33/11-11:45:51,1168) /usr/sbin/rsyslogd -n -iNONE (root,2984,1800,00:00:00/11-11:45:51,1169) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,2516,684,00:00:00/11-11:45:51,1173) bpfilter_umh (ntp,19768,5896,00:01:02/11-11:45:51,1181) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (root,26204,8196,00:00:05/11-11:45:51,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,21768,4088,00:00:00/11-11:45:51,1187) ntpd: asynchronous dns resolver (spot,228404,116236,06:11:48/11-11:45:51,1193) /usr/bin/python3.11 /usr/bin/spot (root,23432,4664,00:00:03/11-11:45:49,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7648,00:00:00/11-11:45:49,1277) qmgr -l -t fifo -u (root,8960,2652,00:00:02/11-11:45:49,1296) /usr/sbin/cron -n (syslogtunnel,40568,10556,00:00:11/11-11:45:46,1307) /usr/lib/systemd/systemd --user (syslogtunnel,48564,3092,00:00:00/11-11:45:46,1308) (sd-pam) (root,689264,70968,00:15:36/11-11:45:43,1325) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,203036,39084,00:03:15/11-11:45:33,1330) /usr/bin/python3.11 /usr/bin/spot (cm-ssh,40564,10632,00:00:11/11-11:44:57,1387) /usr/lib/systemd/systemd --user (cm-ssh,48564,3112,00:00:00/11-11:44:57,1388) (sd-pam) (postfix,23460,7556,00:00:00/37:20,1489) pickup -l -t fifo -u (root,6656,3488,00:00:00/00:00,3323) /bin/bash /usr/bin/check_mk_agent (root,13744,3508,00:00:00/00:00,3341) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,968,00:00:00/00:00,3342) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,0,0,00:00:00/30:59,7832) [kworker/u8:1] (root,0,0,00:00:00/01:16:16,7929) [kworker/3:2-cgroup_destroy] (root,35056,9992,00:00:00/9-13:38:50,9393) sshd: cm-ssh [priv] (cm-ssh,35056,4700,00:00:31/9-13:38:50,9395) sshd: cm-ssh (root,35064,10032,00:00:00/9-13:38:41,9396) sshd: syslogtunnel [priv] (syslogtunnel,35064,4704,00:00:38/9-13:38:41,9398) sshd: syslogtunnel (root,0,0,00:00:00/18:51,14215) [kworker/u8:0-flush-254:0] (root,0,0,00:00:00/14:46,16660) [kworker/1:2-events] (postfix,43844,8768,00:00:00/5-18:32:54,17547) tlsmgr -l -t unix -u (root,0,0,00:00:00/51:29,21147) [kworker/1:1-events] (root,0,0,00:00:00/09:43,22122) [kworker/2:0-ata_sff] (root,0,0,00:00:00/06:47,25995) [kworker/3:0-events] (root,0,0,00:00:00/43:09,27039) [kworker/0:0-events] (root,0,0,00:00:01/01:32:44,29885) [kworker/2:2-events] (root,0,0,00:00:00/04:32,30049) [kworker/2:1-ata_sff] (root,0,0,00:00:00/01:32:37,30402) [kworker/0:2-events] (root,0,0,00:00:00/02:35,32620) [kworker/u8:2-events_unbound] (root,0,0,00:00:00/02:35,32622) [kworker/1:0-cgroup_destroy] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-11-23 22:09 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe568363e20f5ffdFound public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12652,00:01:39/9-11:31:46,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:00/9-11:31:46,2) [kthreadd] (root,0,0,00:00:00/9-11:31:46,3) [rcu_gp] (root,0,0,00:00:00/9-11:31:46,4) [rcu_par_gp] (root,0,0,00:00:00/9-11:31:46,5) [slub_flushwq] (root,0,0,00:00:00/9-11:31:46,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/9-11:31:46,9) [mm_percpu_wq] (root,0,0,00:00:00/9-11:31:46,10) [rcu_tasks_kthre] (root,0,0,00:00:00/9-11:31:46,11) [rcu_tasks_rude_] (root,0,0,00:00:00/9-11:31:46,12) [rcu_tasks_trace] (root,0,0,00:00:06/9-11:31:46,13) [ksoftirqd/0] (root,0,0,00:24:55/9-11:31:46,14) [rcu_preempt] (root,0,0,00:00:03/9-11:31:46,15) [migration/0] (root,0,0,00:00:00/9-11:31:46,16) [idle_inject/0] (root,0,0,00:00:00/9-11:31:46,18) [cpuhp/0] (root,0,0,00:00:00/9-11:31:46,19) [cpuhp/1] (root,0,0,00:00:00/9-11:31:46,20) [idle_inject/1] (root,0,0,00:00:03/9-11:31:46,21) [migration/1] (root,0,0,00:00:04/9-11:31:46,22) [ksoftirqd/1] (root,0,0,00:00:00/9-11:31:46,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/9-11:31:46,25) [cpuhp/2] (root,0,0,00:00:00/9-11:31:46,26) [idle_inject/2] (root,0,0,00:00:03/9-11:31:46,27) [migration/2] (root,0,0,00:03:04/9-11:31:46,28) [ksoftirqd/2] (root,0,0,00:00:00/9-11:31:46,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/9-11:31:46,31) [cpuhp/3] (root,0,0,00:00:00/9-11:31:46,32) [idle_inject/3] (root,0,0,00:00:03/9-11:31:46,33) [migration/3] (root,0,0,00:00:21/9-11:31:46,34) [ksoftirqd/3] (root,0,0,00:00:00/9-11:31:46,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/9-11:31:46,41) [kdevtmpfs] (root,0,0,00:00:00/9-11:31:46,42) [netns] (root,0,0,00:00:00/9-11:31:46,43) [inet_frag_wq] (root,0,0,00:00:03/9-11:31:46,44) [kauditd] (root,0,0,00:00:00/9-11:31:46,47) [khungtaskd] (root,0,0,00:00:00/9-11:31:46,48) [oom_reaper] (root,0,0,00:00:00/9-11:31:46,49) [writeback] (root,0,0,00:00:26/9-11:31:46,50) [kcompactd0] (root,0,0,00:00:00/9-11:31:46,51) [ksmd] (root,0,0,00:00:24/9-11:31:46,52) [khugepaged] (root,0,0,00:00:00/9-11:31:46,77) [kintegrityd] (root,0,0,00:00:00/9-11:31:46,78) [kblockd] (root,0,0,00:00:00/9-11:31:46,79) [blkcg_punt_bio] (root,0,0,00:00:00/9-11:31:46,80) [tpm_dev_wq] (root,0,0,00:00:00/9-11:31:46,81) [edac-poller] (root,0,0,00:00:00/9-11:31:46,82) [devfreq_wq] (root,0,0,00:00:00/9-11:31:46,111) [watchdogd] (root,0,0,00:00:03/9-11:31:46,112) [kworker/2:1H-kblockd] (root,0,0,00:00:00/9-11:31:46,113) [kswapd0] (root,0,0,00:00:00/9-11:31:45,115) [kthrotld] (root,0,0,00:00:00/9-11:31:45,116) [mld] (root,0,0,00:00:00/9-11:31:45,117) [ipv6_addrconf] (root,0,0,00:00:01/9-11:31:45,118) [kworker/1:1H-kblockd] (root,0,0,00:00:00/9-11:31:45,123) [kstrp] (root,0,0,00:00:00/9-11:31:45,125) [zswap-shrink] (root,0,0,00:00:00/9-11:31:45,126) [kworker/u9:0] (root,0,0,00:00:00/9-11:31:45,131) [charger_manager] (root,0,0,00:00:01/9-11:31:45,173) [kworker/3:1H-kblockd] (root,0,0,00:00:01/9-11:31:45,176) [kworker/0:1H-kblockd] (root,0,0,00:00:00/9-11:31:44,329) [ata_sff] (root,0,0,00:00:00/9-11:31:44,330) [scsi_eh_0] (root,0,0,00:00:00/9-11:31:44,331) [scsi_tmf_0] (root,0,0,00:00:00/9-11:31:44,332) [scsi_eh_1] (root,0,0,00:00:00/9-11:31:44,333) [scsi_tmf_1] (root,0,0,00:00:11/9-11:31:42,351) [jbd2/vda1-8] (root,0,0,00:00:00/9-11:31:42,352) [ext4-rsv-conver] (root,38604,8248,00:00:30/9-11:31:28,425) /usr/lib/systemd/systemd-journald (root,53172,9768,00:00:01/9-11:31:27,444) /usr/lib/systemd/systemd-udevd (root,8624,5224,00:00:14/9-11:31:25,469) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1604,00:00:07/9-11:30:31,486) /sbin/auditd (messagebus,22532,5400,00:01:09/9-11:30:31,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38916,8596,00:00:32/9-11:30:31,505) /usr/lib/systemd/systemd-logind (root,20556,6060,00:00:00/9-11:30:31,517) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9040,00:00:00/9-11:30:29,583) /usr/sbin/wickedd --systemd --foreground (root,23220,9312,00:00:00/9-11:30:29,584) /usr/sbin/wickedd-nanny --systemd --foreground (root,547848,24696,00:00:08/9-11:30:21,1143) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26780,00:00:00/9-11:30:20,1153) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4536,00:00:12/9-11:30:20,1166) /usr/sbin/xinetd -stayalive -dontfork (root,375116,12660,00:00:28/9-11:30:20,1168) /usr/sbin/rsyslogd -n -iNONE (root,2984,1800,00:00:00/9-11:30:20,1169) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,2516,684,00:00:00/9-11:30:20,1173) bpfilter_umh (ntp,19768,5896,00:00:51/9-11:30:20,1181) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (root,26204,8196,00:00:04/9-11:30:20,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,21768,4088,00:00:00/9-11:30:20,1187) ntpd: asynchronous dns resolver (spot,226612,114660,04:58:49/9-11:30:20,1193) /usr/bin/python3.11 /usr/bin/spot (root,23432,4664,00:00:03/9-11:30:18,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7648,00:00:00/9-11:30:18,1277) qmgr -l -t fifo -u (root,8960,2652,00:00:02/9-11:30:18,1296) /usr/sbin/cron -n (syslogtunnel,40568,10556,00:00:09/9-11:30:15,1307) /usr/lib/systemd/systemd --user (syslogtunnel,48564,3092,00:00:00/9-11:30:15,1308) (sd-pam) (root,689008,70884,00:12:55/9-11:30:12,1325) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,202012,37812,00:02:40/9-11:30:02,1330) /usr/bin/python3.11 /usr/bin/spot (cm-ssh,40564,10632,00:00:09/9-11:29:26,1387) /usr/lib/systemd/systemd --user (cm-ssh,48564,3112,00:00:00/9-11:29:26,1388) (sd-pam) (root,0,0,00:00:00/29:22,4663) [kworker/3:1-cgroup_destroy] (root,0,0,00:00:00/23:45,6933) [kworker/u8:1-events_unbound] (root,35056,9992,00:00:00/7-13:23:19,9393) sshd: cm-ssh [priv] (cm-ssh,35056,4700,00:00:25/7-13:23:19,9395) sshd: cm-ssh (root,35064,10032,00:00:00/7-13:23:10,9396) sshd: syslogtunnel [priv] (syslogtunnel,35064,4704,00:00:30/7-13:23:10,9398) sshd: syslogtunnel (root,0,0,00:00:00/19:24,10250) [kworker/3:2-events] (root,0,0,00:00:00/14:43,15257) [kworker/0:1-events] (root,0,0,00:00:00/09:49,16415) [kworker/2:2-ata_sff] (root,0,0,00:00:00/09:32,16608) [kworker/1:2-events] (root,0,0,00:00:00/08:37,16645) [kworker/u8:0-flush-254:0] (postfix,43844,8768,00:00:00/3-18:17:23,17547) tlsmgr -l -t unix -u (root,0,0,00:00:00/04:36,18626) [kworker/2:1-ata_sff] (root,0,0,00:00:00/01:03:40,24157) [kworker/0:2-events] (root,6656,3480,00:00:00/00:00,25978) /bin/bash /usr/bin/check_mk_agent (root,13744,3508,00:00:00/00:00,25996) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,964,00:00:00/00:00,25997) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (postfix,23460,7612,00:00:00/43:54,27133) pickup -l -t fifo -u (root,0,0,00:00:00/39:05,28762) [kworker/1:0-events] (root,0,0,00:00:00/35:45,31048) [kworker/2:0-events] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-11-21 21:54 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe568363eede8f14Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12648,00:01:21/7-15:22:40,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:00/7-15:22:40,2) [kthreadd] (root,0,0,00:00:00/7-15:22:40,3) [rcu_gp] (root,0,0,00:00:00/7-15:22:40,4) [rcu_par_gp] (root,0,0,00:00:00/7-15:22:40,5) [slub_flushwq] (root,0,0,00:00:00/7-15:22:40,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/7-15:22:40,9) [mm_percpu_wq] (root,0,0,00:00:00/7-15:22:40,10) [rcu_tasks_kthre] (root,0,0,00:00:00/7-15:22:40,11) [rcu_tasks_rude_] (root,0,0,00:00:00/7-15:22:40,12) [rcu_tasks_trace] (root,0,0,00:00:05/7-15:22:40,13) [ksoftirqd/0] (root,0,0,00:20:05/7-15:22:40,14) [rcu_preempt] (root,0,0,00:00:02/7-15:22:40,15) [migration/0] (root,0,0,00:00:00/7-15:22:40,16) [idle_inject/0] (root,0,0,00:00:00/7-15:22:40,18) [cpuhp/0] (root,0,0,00:00:00/7-15:22:40,19) [cpuhp/1] (root,0,0,00:00:00/7-15:22:40,20) [idle_inject/1] (root,0,0,00:00:02/7-15:22:40,21) [migration/1] (root,0,0,00:00:03/7-15:22:40,22) [ksoftirqd/1] (root,0,0,00:00:00/7-15:22:40,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/7-15:22:40,25) [cpuhp/2] (root,0,0,00:00:00/7-15:22:40,26) [idle_inject/2] (root,0,0,00:00:02/7-15:22:40,27) [migration/2] (root,0,0,00:02:31/7-15:22:40,28) [ksoftirqd/2] (root,0,0,00:00:00/7-15:22:40,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/7-15:22:40,31) [cpuhp/3] (root,0,0,00:00:00/7-15:22:40,32) [idle_inject/3] (root,0,0,00:00:02/7-15:22:40,33) [migration/3] (root,0,0,00:00:17/7-15:22:40,34) [ksoftirqd/3] (root,0,0,00:00:00/7-15:22:40,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/7-15:22:40,41) [kdevtmpfs] (root,0,0,00:00:00/7-15:22:40,42) [netns] (root,0,0,00:00:00/7-15:22:40,43) [inet_frag_wq] (root,0,0,00:00:03/7-15:22:40,44) [kauditd] (root,0,0,00:00:00/7-15:22:40,47) [khungtaskd] (root,0,0,00:00:00/7-15:22:40,48) [oom_reaper] (root,0,0,00:00:00/7-15:22:40,49) [writeback] (root,0,0,00:00:21/7-15:22:40,50) [kcompactd0] (root,0,0,00:00:00/7-15:22:40,51) [ksmd] (root,0,0,00:00:20/7-15:22:40,52) [khugepaged] (root,0,0,00:00:00/7-15:22:40,77) [kintegrityd] (root,0,0,00:00:00/7-15:22:40,78) [kblockd] (root,0,0,00:00:00/7-15:22:40,79) [blkcg_punt_bio] (root,0,0,00:00:00/7-15:22:40,80) [tpm_dev_wq] (root,0,0,00:00:00/7-15:22:40,81) [edac-poller] (root,0,0,00:00:00/7-15:22:40,82) [devfreq_wq] (root,0,0,00:00:00/7-15:22:40,111) [watchdogd] (root,0,0,00:00:02/7-15:22:40,112) [kworker/2:1H-kblockd] (root,0,0,00:00:00/7-15:22:40,113) [kswapd0] (root,0,0,00:00:00/7-15:22:39,115) [kthrotld] (root,0,0,00:00:00/7-15:22:39,116) [mld] (root,0,0,00:00:00/7-15:22:39,117) [ipv6_addrconf] (root,0,0,00:00:01/7-15:22:39,118) [kworker/1:1H-kblockd] (root,0,0,00:00:00/7-15:22:39,123) [kstrp] (root,0,0,00:00:00/7-15:22:39,125) [zswap-shrink] (root,0,0,00:00:00/7-15:22:39,126) [kworker/u9:0] (root,0,0,00:00:00/7-15:22:39,131) [charger_manager] (root,0,0,00:00:01/7-15:22:39,173) [kworker/3:1H-kblockd] (root,0,0,00:00:01/7-15:22:39,176) [kworker/0:1H-kblockd] (root,0,0,00:00:00/7-15:22:38,329) [ata_sff] (root,0,0,00:00:00/7-15:22:38,330) [scsi_eh_0] (root,0,0,00:00:00/7-15:22:38,331) [scsi_tmf_0] (root,0,0,00:00:00/7-15:22:38,332) [scsi_eh_1] (root,0,0,00:00:00/7-15:22:38,333) [scsi_tmf_1] (root,0,0,00:00:08/7-15:22:36,351) [jbd2/vda1-8] (root,0,0,00:00:00/7-15:22:36,352) [ext4-rsv-conver] (root,38604,8248,00:00:24/7-15:22:22,425) /usr/lib/systemd/systemd-journald (root,53172,9768,00:00:01/7-15:22:21,444) /usr/lib/systemd/systemd-udevd (root,0,0,00:00:00/02:01:57,459) [kworker/3:1-events] (root,8624,5224,00:00:12/7-15:22:19,469) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1604,00:00:06/7-15:21:25,486) /sbin/auditd (messagebus,22532,5400,00:00:56/7-15:21:25,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38908,8600,00:00:26/7-15:21:25,505) /usr/lib/systemd/systemd-logind (root,20556,6060,00:00:00/7-15:21:25,517) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9040,00:00:00/7-15:21:23,583) /usr/sbin/wickedd --systemd --foreground (root,23220,9312,00:00:00/7-15:21:23,584) /usr/sbin/wickedd-nanny --systemd --foreground (root,547592,23740,00:00:07/7-15:21:15,1143) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26780,00:00:00/7-15:21:14,1153) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4536,00:00:10/7-15:21:14,1166) /usr/sbin/xinetd -stayalive -dontfork (root,375116,12660,00:00:23/7-15:21:14,1168) /usr/sbin/rsyslogd -n -iNONE (root,2984,1800,00:00:00/7-15:21:14,1169) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,2516,684,00:00:00/7-15:21:14,1173) bpfilter_umh (ntp,19768,5896,00:00:41/7-15:21:14,1181) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (root,26204,8196,00:00:04/7-15:21:14,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,21768,4088,00:00:00/7-15:21:14,1187) ntpd: asynchronous dns resolver (spot,225268,113124,03:52:13/7-15:21:14,1193) /usr/bin/python3.11 /usr/bin/spot (root,23432,4664,00:00:02/7-15:21:12,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7648,00:00:00/7-15:21:12,1277) qmgr -l -t fifo -u (root,8960,2652,00:00:01/7-15:21:12,1296) /usr/sbin/cron -n (syslogtunnel,40568,10556,00:00:07/7-15:21:09,1307) /usr/lib/systemd/systemd --user (syslogtunnel,48564,3092,00:00:00/7-15:21:09,1308) (sd-pam) (root,689008,68708,00:10:26/7-15:21:06,1325) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,200988,36596,00:02:07/7-15:20:56,1330) /usr/bin/python3.11 /usr/bin/spot (cm-ssh,40564,10632,00:00:07/7-15:20:20,1387) /usr/lib/systemd/systemd --user (cm-ssh,48564,3112,00:00:00/7-15:20:20,1388) (sd-pam) (root,35056,9992,00:00:00/5-17:14:13,9393) sshd: cm-ssh [priv] (cm-ssh,35056,4700,00:00:19/5-17:14:13,9395) sshd: cm-ssh (root,35064,10032,00:00:00/5-17:14:04,9396) sshd: syslogtunnel [priv] (syslogtunnel,35064,4704,00:00:22/5-17:14:04,9398) sshd: syslogtunnel (root,0,0,00:00:00/13:59,11745) [kworker/1:1-cgroup_destroy] (root,0,0,00:00:00/01:17:59,13359) [kworker/u8:1-events_unbound] (root,0,0,00:00:00/41:06,13731) [kworker/0:2-cgroup_destroy] (root,0,0,00:00:00/01:43:41,17263) [kworker/0:0-events] (postfix,43844,8768,00:00:00/1-22:08:17,17547) tlsmgr -l -t unix -u (root,0,0,00:00:00/09:01,19284) [kworker/3:2-mm_percpu_wq] (root,0,0,00:00:00/08:51,19286) [kworker/1:0-cgroup_destroy] (root,0,0,00:00:00/08:38,19287) [kworker/2:2-ata_sff] (root,0,0,00:00:00/04:47,24296) [kworker/0:1] (postfix,23460,7572,00:00:00/01:36:47,25991) pickup -l -t fifo -u (root,0,0,00:00:00/03:27,26255) [kworker/2:1-ata_sff] (root,0,0,00:00:01/01:00:31,27218) [kworker/2:0-events_power_efficient] (root,0,0,00:00:00/00:41,29585) [kworker/1:2-events] (root,0,0,00:00:00/00:00,30538) [python] <defunct> (root,6656,3488,00:00:00/00:00,30636) /bin/bash /usr/bin/check_mk_agent (root,13744,3416,00:00:00/00:00,30654) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,964,00:00:00/00:00,30655) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,0,0,00:00:00/25:32,30670) [kworker/u8:0-flush-254:0] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-11-20 01:45 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe568363dddf75eeFound public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12648,00:01:18/7-08:37:53,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:00/7-08:37:53,2) [kthreadd] (root,0,0,00:00:00/7-08:37:53,3) [rcu_gp] (root,0,0,00:00:00/7-08:37:53,4) [rcu_par_gp] (root,0,0,00:00:00/7-08:37:53,5) [slub_flushwq] (root,0,0,00:00:00/7-08:37:53,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/7-08:37:53,9) [mm_percpu_wq] (root,0,0,00:00:00/7-08:37:53,10) [rcu_tasks_kthre] (root,0,0,00:00:00/7-08:37:53,11) [rcu_tasks_rude_] (root,0,0,00:00:00/7-08:37:53,12) [rcu_tasks_trace] (root,0,0,00:00:04/7-08:37:53,13) [ksoftirqd/0] (root,0,0,00:19:18/7-08:37:53,14) [rcu_preempt] (root,0,0,00:00:02/7-08:37:53,15) [migration/0] (root,0,0,00:00:00/7-08:37:53,16) [idle_inject/0] (root,0,0,00:00:00/7-08:37:53,18) [cpuhp/0] (root,0,0,00:00:00/7-08:37:53,19) [cpuhp/1] (root,0,0,00:00:00/7-08:37:53,20) [idle_inject/1] (root,0,0,00:00:02/7-08:37:53,21) [migration/1] (root,0,0,00:00:03/7-08:37:53,22) [ksoftirqd/1] (root,0,0,00:00:00/7-08:37:53,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/7-08:37:53,25) [cpuhp/2] (root,0,0,00:00:00/7-08:37:53,26) [idle_inject/2] (root,0,0,00:00:02/7-08:37:53,27) [migration/2] (root,0,0,00:02:24/7-08:37:53,28) [ksoftirqd/2] (root,0,0,00:00:00/7-08:37:53,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/7-08:37:53,31) [cpuhp/3] (root,0,0,00:00:00/7-08:37:53,32) [idle_inject/3] (root,0,0,00:00:02/7-08:37:53,33) [migration/3] (root,0,0,00:00:16/7-08:37:53,34) [ksoftirqd/3] (root,0,0,00:00:00/7-08:37:53,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/7-08:37:53,41) [kdevtmpfs] (root,0,0,00:00:00/7-08:37:53,42) [netns] (root,0,0,00:00:00/7-08:37:53,43) [inet_frag_wq] (root,0,0,00:00:03/7-08:37:53,44) [kauditd] (root,0,0,00:00:00/7-08:37:53,47) [khungtaskd] (root,0,0,00:00:00/7-08:37:53,48) [oom_reaper] (root,0,0,00:00:00/7-08:37:53,49) [writeback] (root,0,0,00:00:20/7-08:37:53,50) [kcompactd0] (root,0,0,00:00:00/7-08:37:53,51) [ksmd] (root,0,0,00:00:19/7-08:37:53,52) [khugepaged] (root,0,0,00:00:00/7-08:37:53,77) [kintegrityd] (root,0,0,00:00:00/7-08:37:53,78) [kblockd] (root,0,0,00:00:00/7-08:37:53,79) [blkcg_punt_bio] (root,0,0,00:00:00/7-08:37:53,80) [tpm_dev_wq] (root,0,0,00:00:00/7-08:37:53,81) [edac-poller] (root,0,0,00:00:00/7-08:37:53,82) [devfreq_wq] (root,0,0,00:00:00/7-08:37:53,111) [watchdogd] (root,0,0,00:00:02/7-08:37:53,112) [kworker/2:1H-kblockd] (root,0,0,00:00:00/7-08:37:53,113) [kswapd0] (root,0,0,00:00:00/7-08:37:52,115) [kthrotld] (root,0,0,00:00:00/7-08:37:52,116) [mld] (root,0,0,00:00:00/7-08:37:52,117) [ipv6_addrconf] (root,0,0,00:00:01/7-08:37:52,118) [kworker/1:1H-kblockd] (root,0,0,00:00:00/7-08:37:52,123) [kstrp] (root,0,0,00:00:00/7-08:37:52,125) [zswap-shrink] (root,0,0,00:00:00/7-08:37:52,126) [kworker/u9:0] (root,0,0,00:00:00/7-08:37:52,131) [charger_manager] (root,0,0,00:00:01/7-08:37:52,173) [kworker/3:1H-kblockd] (root,0,0,00:00:01/7-08:37:52,176) [kworker/0:1H-kblockd] (root,0,0,00:00:00/7-08:37:51,329) [ata_sff] (root,0,0,00:00:00/7-08:37:51,330) [scsi_eh_0] (root,0,0,00:00:00/7-08:37:51,331) [scsi_tmf_0] (root,0,0,00:00:00/7-08:37:51,332) [scsi_eh_1] (root,0,0,00:00:00/7-08:37:51,333) [scsi_tmf_1] (root,0,0,00:00:08/7-08:37:49,351) [jbd2/vda1-8] (root,0,0,00:00:00/7-08:37:49,352) [ext4-rsv-conver] (root,38604,8248,00:00:24/7-08:37:35,425) /usr/lib/systemd/systemd-journald (root,53172,9768,00:00:01/7-08:37:34,444) /usr/lib/systemd/systemd-udevd (root,8624,5224,00:00:11/7-08:37:32,469) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1604,00:00:06/7-08:36:38,486) /sbin/auditd (messagebus,22532,5400,00:00:54/7-08:36:38,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38908,8592,00:00:25/7-08:36:38,505) /usr/lib/systemd/systemd-logind (root,20556,6060,00:00:00/7-08:36:38,517) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9040,00:00:00/7-08:36:36,583) /usr/sbin/wickedd --systemd --foreground (root,23220,9312,00:00:00/7-08:36:36,584) /usr/sbin/wickedd-nanny --systemd --foreground (root,547592,23740,00:00:06/7-08:36:28,1143) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26780,00:00:00/7-08:36:27,1153) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4536,00:00:09/7-08:36:27,1166) /usr/sbin/xinetd -stayalive -dontfork (root,375116,12660,00:00:22/7-08:36:27,1168) /usr/sbin/rsyslogd -n -iNONE (root,2984,1800,00:00:00/7-08:36:27,1169) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,2516,684,00:00:00/7-08:36:27,1173) bpfilter_umh (ntp,19768,5896,00:00:40/7-08:36:27,1181) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (root,26204,8196,00:00:03/7-08:36:27,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,21768,4088,00:00:00/7-08:36:27,1187) ntpd: asynchronous dns resolver (spot,224196,112856,03:40:55/7-08:36:27,1193) /usr/bin/python3.11 /usr/bin/spot (root,23432,4664,00:00:02/7-08:36:25,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7648,00:00:00/7-08:36:25,1277) qmgr -l -t fifo -u (root,8960,2652,00:00:01/7-08:36:25,1296) /usr/sbin/cron -n (syslogtunnel,40568,10556,00:00:07/7-08:36:22,1307) /usr/lib/systemd/systemd --user (syslogtunnel,48564,3092,00:00:00/7-08:36:22,1308) (sd-pam) (root,689008,68676,00:10:03/7-08:36:19,1325) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,200988,36304,00:02:03/7-08:36:09,1330) /usr/bin/python3.11 /usr/bin/spot (cm-ssh,40564,10632,00:00:07/7-08:35:33,1387) /usr/lib/systemd/systemd --user (cm-ssh,48564,3112,00:00:00/7-08:35:33,1388) (sd-pam) (root,35056,9992,00:00:00/5-10:29:26,9393) sshd: cm-ssh [priv] (cm-ssh,35056,4700,00:00:18/5-10:29:26,9395) sshd: cm-ssh (root,35064,10032,00:00:00/5-10:29:17,9396) sshd: syslogtunnel [priv] (syslogtunnel,35064,4704,00:00:21/5-10:29:17,9398) sshd: syslogtunnel (root,0,0,00:00:00/01:52:49,10830) [kworker/3:1-cgroup_destroy] (postfix,23460,7600,00:00:00/01:32:12,13439) pickup -l -t fifo -u (root,0,0,00:00:00/01:27:05,13954) [kworker/1:1-events] (root,0,0,00:00:00/01:01:17,16548) [kworker/u8:2-writeback] (root,0,0,00:00:00/50:04,17519) [kworker/u8:0-ext4-rsv-conversion] (postfix,43844,8768,00:00:00/1-15:23:30,17547) tlsmgr -l -t unix -u (root,0,0,00:00:00/24:50,20600) [kworker/0:2-events] (root,0,0,00:00:00/21:11,20842) [kworker/1:0-mm_percpu_wq] (root,0,0,00:00:00/17:35,21754) [kworker/3:0-events] (root,0,0,00:00:00/13:49,21985) [kworker/0:1] (root,0,0,00:00:00/08:32,22198) [kworker/2:2-ata_sff] (root,0,0,00:00:00/03:21,22813) [kworker/2:0-ata_sff] (root,0,0,00:00:00/03:09,23213) [kworker/3:2-events] (root,6764,3608,00:00:00/00:00,23447) /bin/bash /usr/bin/check_mk_agent (root,6656,3480,00:00:00/00:00,23570) /bin/bash /usr/bin/check_mk_agent (root,9672,7332,00:00:00/00:00,23583) python ././remotecheck (root,13744,3516,00:00:00/00:00,23592) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,964,00:00:00/00:00,23593) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,0,0,00:00:04/03:36:05,28710) [kworker/2:1-events] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-11-19 19:00 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe568363e0069bbaFound public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12632,00:01:00/5-13:13:12,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:00/5-13:13:12,2) [kthreadd] (root,0,0,00:00:00/5-13:13:12,3) [rcu_gp] (root,0,0,00:00:00/5-13:13:12,4) [rcu_par_gp] (root,0,0,00:00:00/5-13:13:12,5) [slub_flushwq] (root,0,0,00:00:00/5-13:13:12,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/5-13:13:12,9) [mm_percpu_wq] (root,0,0,00:00:00/5-13:13:12,10) [rcu_tasks_kthre] (root,0,0,00:00:00/5-13:13:12,11) [rcu_tasks_rude_] (root,0,0,00:00:00/5-13:13:12,12) [rcu_tasks_trace] (root,0,0,00:00:03/5-13:13:12,13) [ksoftirqd/0] (root,0,0,00:14:31/5-13:13:12,14) [rcu_preempt] (root,0,0,00:00:01/5-13:13:12,15) [migration/0] (root,0,0,00:00:00/5-13:13:12,16) [idle_inject/0] (root,0,0,00:00:00/5-13:13:12,18) [cpuhp/0] (root,0,0,00:00:00/5-13:13:12,19) [cpuhp/1] (root,0,0,00:00:00/5-13:13:12,20) [idle_inject/1] (root,0,0,00:00:02/5-13:13:12,21) [migration/1] (root,0,0,00:00:02/5-13:13:12,22) [ksoftirqd/1] (root,0,0,00:00:00/5-13:13:12,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/5-13:13:12,25) [cpuhp/2] (root,0,0,00:00:00/5-13:13:12,26) [idle_inject/2] (root,0,0,00:00:02/5-13:13:12,27) [migration/2] (root,0,0,00:01:53/5-13:13:12,28) [ksoftirqd/2] (root,0,0,00:00:00/5-13:13:12,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/5-13:13:12,31) [cpuhp/3] (root,0,0,00:00:00/5-13:13:12,32) [idle_inject/3] (root,0,0,00:00:02/5-13:13:12,33) [migration/3] (root,0,0,00:00:12/5-13:13:12,34) [ksoftirqd/3] (root,0,0,00:00:00/5-13:13:12,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/5-13:13:12,41) [kdevtmpfs] (root,0,0,00:00:00/5-13:13:12,42) [netns] (root,0,0,00:00:00/5-13:13:12,43) [inet_frag_wq] (root,0,0,00:00:02/5-13:13:12,44) [kauditd] (root,0,0,00:00:00/5-13:13:12,47) [khungtaskd] (root,0,0,00:00:00/5-13:13:12,48) [oom_reaper] (root,0,0,00:00:00/5-13:13:12,49) [writeback] (root,0,0,00:00:15/5-13:13:12,50) [kcompactd0] (root,0,0,00:00:00/5-13:13:12,51) [ksmd] (root,0,0,00:00:14/5-13:13:12,52) [khugepaged] (root,0,0,00:00:00/5-13:13:12,77) [kintegrityd] (root,0,0,00:00:00/5-13:13:12,78) [kblockd] (root,0,0,00:00:00/5-13:13:12,79) [blkcg_punt_bio] (root,0,0,00:00:00/5-13:13:12,80) [tpm_dev_wq] (root,0,0,00:00:00/5-13:13:12,81) [edac-poller] (root,0,0,00:00:00/5-13:13:12,82) [devfreq_wq] (root,0,0,00:00:00/5-13:13:12,111) [watchdogd] (root,0,0,00:00:01/5-13:13:12,112) [kworker/2:1H-kblockd] (root,0,0,00:00:00/5-13:13:12,113) [kswapd0] (root,0,0,00:00:00/5-13:13:11,115) [kthrotld] (root,0,0,00:00:00/5-13:13:11,116) [mld] (root,0,0,00:00:00/5-13:13:11,117) [ipv6_addrconf] (root,0,0,00:00:01/5-13:13:11,118) [kworker/1:1H-kblockd] (root,0,0,00:00:00/5-13:13:11,123) [kstrp] (root,0,0,00:00:00/5-13:13:11,125) [zswap-shrink] (root,0,0,00:00:00/5-13:13:11,126) [kworker/u9:0] (root,0,0,00:00:00/5-13:13:11,131) [charger_manager] (root,0,0,00:00:00/5-13:13:11,173) [kworker/3:1H-kblockd] (root,0,0,00:00:00/5-13:13:11,176) [kworker/0:1H-kblockd] (root,0,0,00:00:00/5-13:13:10,329) [ata_sff] (root,0,0,00:00:00/5-13:13:10,330) [scsi_eh_0] (root,0,0,00:00:00/5-13:13:10,331) [scsi_tmf_0] (root,0,0,00:00:00/5-13:13:10,332) [scsi_eh_1] (root,0,0,00:00:00/5-13:13:10,333) [scsi_tmf_1] (root,0,0,00:00:06/5-13:13:08,351) [jbd2/vda1-8] (root,0,0,00:00:00/5-13:13:08,352) [ext4-rsv-conver] (root,38604,8248,00:00:18/5-13:12:54,425) /usr/lib/systemd/systemd-journald (root,53172,9768,00:00:01/5-13:12:53,444) /usr/lib/systemd/systemd-udevd (root,8624,5224,00:00:08/5-13:12:51,469) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1604,00:00:04/5-13:11:57,486) /sbin/auditd (messagebus,22532,5400,00:00:41/5-13:11:57,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38908,8592,00:00:19/5-13:11:57,505) /usr/lib/systemd/systemd-logind (root,20556,6060,00:00:00/5-13:11:57,517) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9040,00:00:00/5-13:11:55,583) /usr/sbin/wickedd --systemd --foreground (root,23220,9312,00:00:00/5-13:11:55,584) /usr/sbin/wickedd-nanny --systemd --foreground (root,547592,22960,00:00:05/5-13:11:47,1143) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26780,00:00:00/5-13:11:46,1153) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4536,00:00:07/5-13:11:46,1166) /usr/sbin/xinetd -stayalive -dontfork (root,375052,12316,00:00:17/5-13:11:46,1168) /usr/sbin/rsyslogd -n -iNONE (root,2984,1800,00:00:00/5-13:11:46,1169) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,2516,684,00:00:00/5-13:11:46,1173) bpfilter_umh (ntp,19768,5896,00:00:30/5-13:11:46,1181) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (root,26204,8196,00:00:02/5-13:11:46,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,21768,4088,00:00:00/5-13:11:46,1187) ntpd: asynchronous dns resolver (spot,225300,113892,02:46:43/5-13:11:46,1193) /usr/bin/python3.11 /usr/bin/spot (root,23432,4664,00:00:01/5-13:11:44,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7648,00:00:00/5-13:11:44,1277) qmgr -l -t fifo -u (root,8960,2652,00:00:01/5-13:11:44,1296) /usr/sbin/cron -n (syslogtunnel,40568,10556,00:00:05/5-13:11:41,1307) /usr/lib/systemd/systemd --user (syslogtunnel,48564,3092,00:00:00/5-13:11:41,1308) (sd-pam) (root,688108,67680,00:07:30/5-13:11:38,1325) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,199964,35156,00:01:32/5-13:11:28,1330) /usr/bin/python3.11 /usr/bin/spot (cm-ssh,40564,10632,00:00:05/5-13:10:52,1387) /usr/lib/systemd/systemd --user (cm-ssh,48564,3112,00:00:00/5-13:10:52,1388) (sd-pam) (root,0,0,00:00:01/01:19:38,4524) [kworker/2:1-events] (root,0,0,00:00:00/01:49,4649) [kworker/2:2-ata_sff] (root,0,0,00:00:00/00:49,5753) [kworker/0:1] (root,6656,3484,00:00:00/00:00,6367) /bin/bash /usr/bin/check_mk_agent (root,13744,3332,00:00:00/00:00,6385) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,964,00:00:00/00:00,6386) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,0,0,00:00:00/30:50,9251) [kworker/0:2-cgroup_destroy] (root,35056,9992,00:00:00/3-15:04:45,9393) sshd: cm-ssh [priv] (cm-ssh,35056,4700,00:00:12/3-15:04:45,9395) sshd: cm-ssh (root,35064,10032,00:00:00/3-15:04:36,9396) sshd: syslogtunnel [priv] (syslogtunnel,35064,4704,00:00:14/3-15:04:36,9398) sshd: syslogtunnel (root,0,0,00:00:00/26:33,12644) [kworker/3:1-cgroup_destroy] (root,0,0,00:00:00/17:55,19971) [kworker/1:1-cgroup_destroy] (root,0,0,00:00:00/01:05:00,21161) [kworker/1:2-events] (postfix,23460,7476,00:00:00/01:27:21,26382) pickup -l -t fifo -u (root,0,0,00:00:00/56:22,26593) [kworker/u8:1-writeback] (root,0,0,00:00:00/10:01,27306) [kworker/u8:0-writeback] (root,0,0,00:00:00/09:28,28320) [kworker/0:0-events] (root,0,0,00:00:00/06:59,30794) [kworker/2:0-ata_sff] (root,0,0,00:00:00/43:35,31892) [kworker/3:2-events] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-11-17 23:35 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe568363831ea961Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12632,00:00:43/3-14:11:15,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:00/3-14:11:15,2) [kthreadd] (root,0,0,00:00:00/3-14:11:15,3) [rcu_gp] (root,0,0,00:00:00/3-14:11:15,4) [rcu_par_gp] (root,0,0,00:00:00/3-14:11:15,5) [slub_flushwq] (root,0,0,00:00:00/3-14:11:15,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/3-14:11:15,9) [mm_percpu_wq] (root,0,0,00:00:00/3-14:11:15,10) [rcu_tasks_kthre] (root,0,0,00:00:00/3-14:11:15,11) [rcu_tasks_rude_] (root,0,0,00:00:00/3-14:11:15,12) [rcu_tasks_trace] (root,0,0,00:00:02/3-14:11:15,13) [ksoftirqd/0] (root,0,0,00:09:20/3-14:11:15,14) [rcu_preempt] (root,0,0,00:00:01/3-14:11:15,15) [migration/0] (root,0,0,00:00:00/3-14:11:15,16) [idle_inject/0] (root,0,0,00:00:00/3-14:11:15,18) [cpuhp/0] (root,0,0,00:00:00/3-14:11:15,19) [cpuhp/1] (root,0,0,00:00:00/3-14:11:15,20) [idle_inject/1] (root,0,0,00:00:01/3-14:11:15,21) [migration/1] (root,0,0,00:00:01/3-14:11:15,22) [ksoftirqd/1] (root,0,0,00:00:00/3-14:11:15,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/3-14:11:15,25) [cpuhp/2] (root,0,0,00:00:00/3-14:11:15,26) [idle_inject/2] (root,0,0,00:00:01/3-14:11:15,27) [migration/2] (root,0,0,00:01:12/3-14:11:15,28) [ksoftirqd/2] (root,0,0,00:00:00/3-14:11:15,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/3-14:11:15,31) [cpuhp/3] (root,0,0,00:00:00/3-14:11:15,32) [idle_inject/3] (root,0,0,00:00:01/3-14:11:15,33) [migration/3] (root,0,0,00:00:08/3-14:11:15,34) [ksoftirqd/3] (root,0,0,00:00:00/3-14:11:15,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/3-14:11:15,41) [kdevtmpfs] (root,0,0,00:00:00/3-14:11:15,42) [netns] (root,0,0,00:00:00/3-14:11:15,43) [inet_frag_wq] (root,0,0,00:00:01/3-14:11:15,44) [kauditd] (root,0,0,00:00:00/3-14:11:15,47) [khungtaskd] (root,0,0,00:00:00/3-14:11:15,48) [oom_reaper] (root,0,0,00:00:00/3-14:11:15,49) [writeback] (root,0,0,00:00:09/3-14:11:15,50) [kcompactd0] (root,0,0,00:00:00/3-14:11:15,51) [ksmd] (root,0,0,00:00:09/3-14:11:15,52) [khugepaged] (root,0,0,00:00:00/3-14:11:15,77) [kintegrityd] (root,0,0,00:00:00/3-14:11:15,78) [kblockd] (root,0,0,00:00:00/3-14:11:15,79) [blkcg_punt_bio] (root,0,0,00:00:00/3-14:11:15,80) [tpm_dev_wq] (root,0,0,00:00:00/3-14:11:15,81) [edac-poller] (root,0,0,00:00:00/3-14:11:15,82) [devfreq_wq] (root,0,0,00:00:00/3-14:11:15,111) [watchdogd] (root,0,0,00:00:01/3-14:11:15,112) [kworker/2:1H-kblockd] (root,0,0,00:00:00/3-14:11:15,113) [kswapd0] (root,0,0,00:00:00/3-14:11:14,115) [kthrotld] (root,0,0,00:00:00/3-14:11:14,116) [mld] (root,0,0,00:00:00/3-14:11:14,117) [ipv6_addrconf] (root,0,0,00:00:00/3-14:11:14,118) [kworker/1:1H-kblockd] (root,0,0,00:00:00/3-14:11:14,123) [kstrp] (root,0,0,00:00:00/3-14:11:14,125) [zswap-shrink] (root,0,0,00:00:00/3-14:11:14,126) [kworker/u9:0] (root,0,0,00:00:00/3-14:11:14,131) [charger_manager] (root,0,0,00:00:00/3-14:11:14,173) [kworker/3:1H-kblockd] (root,0,0,00:00:00/3-14:11:14,176) [kworker/0:1H-kblockd] (root,0,0,00:00:00/3-14:11:13,329) [ata_sff] (root,0,0,00:00:00/3-14:11:13,330) [scsi_eh_0] (root,0,0,00:00:00/3-14:11:13,331) [scsi_tmf_0] (root,0,0,00:00:00/3-14:11:13,332) [scsi_eh_1] (root,0,0,00:00:00/3-14:11:13,333) [scsi_tmf_1] (root,0,0,00:00:04/3-14:11:11,351) [jbd2/vda1-8] (root,0,0,00:00:00/3-14:11:11,352) [ext4-rsv-conver] (root,38604,8248,00:00:13/3-14:10:57,425) /usr/lib/systemd/systemd-journald (root,53172,9768,00:00:00/3-14:10:56,444) /usr/lib/systemd/systemd-udevd (root,8624,5224,00:00:05/3-14:10:54,469) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1604,00:00:03/3-14:10:00,486) /sbin/auditd (messagebus,22532,5400,00:00:29/3-14:10:00,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38896,8580,00:00:14/3-14:10:00,505) /usr/lib/systemd/systemd-logind (root,20556,6060,00:00:00/3-14:10:00,517) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9040,00:00:00/3-14:09:58,583) /usr/sbin/wickedd --systemd --foreground (root,23220,9312,00:00:00/3-14:09:58,584) /usr/sbin/wickedd-nanny --systemd --foreground (root,547592,22696,00:00:03/3-14:09:50,1143) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26780,00:00:00/3-14:09:49,1153) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4536,00:00:04/3-14:09:49,1166) /usr/sbin/xinetd -stayalive -dontfork (root,375052,12664,00:00:12/3-14:09:49,1168) /usr/sbin/rsyslogd -n -iNONE (root,2984,1800,00:00:00/3-14:09:49,1169) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,2516,684,00:00:00/3-14:09:49,1173) bpfilter_umh (ntp,19768,5896,00:00:19/3-14:09:49,1181) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (root,26204,8196,00:00:02/3-14:09:49,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,21768,4088,00:00:00/3-14:09:49,1187) ntpd: asynchronous dns resolver (spot,217868,106560,01:52:45/3-14:09:49,1193) /usr/bin/python3.11 /usr/bin/spot (root,23432,4664,00:00:01/3-14:09:47,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7648,00:00:00/3-14:09:47,1277) qmgr -l -t fifo -u (root,8960,2652,00:00:00/3-14:09:47,1296) /usr/sbin/cron -n (syslogtunnel,40568,10556,00:00:04/3-14:09:44,1307) /usr/lib/systemd/systemd --user (syslogtunnel,48564,3092,00:00:00/3-14:09:44,1308) (sd-pam) (root,686828,68240,00:04:52/3-14:09:41,1325) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,198940,34032,00:01:00/3-14:09:31,1330) /usr/bin/python3.11 /usr/bin/spot (cm-ssh,40564,10632,00:00:04/3-14:08:55,1387) /usr/lib/systemd/systemd --user (cm-ssh,48564,3112,00:00:00/3-14:08:55,1388) (sd-pam) (root,0,0,00:00:00/03:21,3322) [kworker/2:2-ata_sff] (root,0,0,00:00:00/03:05,4057) [kworker/1:0] (root,0,0,00:00:00/03:03,4200) [kworker/u8:2-flush-254:0] (root,0,0,00:00:00/24:30,4959) [kworker/u8:0-ext4-rsv-conversion] (root,0,0,00:00:00/24:30,5007) [kworker/1:2-cgroup_destroy] (root,0,0,00:00:00/20:06,8873) [kworker/3:2-events] (root,35056,9992,00:00:00/1-16:02:48,9393) sshd: cm-ssh [priv] (cm-ssh,35056,4700,00:00:05/1-16:02:48,9395) sshd: cm-ssh (root,35064,10032,00:00:00/1-16:02:39,9396) sshd: syslogtunnel [priv] (syslogtunnel,35064,4704,00:00:06/1-16:02:39,9398) sshd: syslogtunnel (root,0,0,00:00:00/16:01,13230) [kworker/0:0-events] (root,6656,3492,00:00:00/00:00,13753) /bin/bash /usr/bin/check_mk_agent (root,13744,3408,00:00:00/00:00,13771) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,968,00:00:00/00:00,13772) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,0,0,00:00:00/01:12:04,22860) [kworker/1:1-events] (root,0,0,00:00:00/37:28,23400) [kworker/0:2-cgroup_destroy] (postfix,23460,7600,00:00:00/01:07:15,26013) pickup -l -t fifo -u (root,0,0,00:00:00/08:34,26120) [kworker/2:0-ata_sff] (root,0,0,00:00:00/01:33:03,27447) [kworker/u8:1-ext4-rsv-conversion] (root,0,0,00:00:00/07:31,27471) [kworker/3:0-events] (root,0,0,00:00:01/01:05:37,27809) [kworker/2:1-events] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-11-16 00:33 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe568363884d4ed9Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12632,00:00:21/1-12:55:11,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:00/1-12:55:11,2) [kthreadd] (root,0,0,00:00:00/1-12:55:11,3) [rcu_gp] (root,0,0,00:00:00/1-12:55:11,4) [rcu_par_gp] (root,0,0,00:00:00/1-12:55:11,5) [slub_flushwq] (root,0,0,00:00:00/1-12:55:11,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/1-12:55:11,9) [mm_percpu_wq] (root,0,0,00:00:00/1-12:55:11,10) [rcu_tasks_kthre] (root,0,0,00:00:00/1-12:55:11,11) [rcu_tasks_rude_] (root,0,0,00:00:00/1-12:55:11,12) [rcu_tasks_trace] (root,0,0,00:00:00/1-12:55:11,13) [ksoftirqd/0] (root,0,0,00:03:57/1-12:55:11,14) [rcu_preempt] (root,0,0,00:00:00/1-12:55:11,15) [migration/0] (root,0,0,00:00:00/1-12:55:11,16) [idle_inject/0] (root,0,0,00:00:00/1-12:55:11,18) [cpuhp/0] (root,0,0,00:00:00/1-12:55:11,19) [cpuhp/1] (root,0,0,00:00:00/1-12:55:11,20) [idle_inject/1] (root,0,0,00:00:00/1-12:55:11,21) [migration/1] (root,0,0,00:00:00/1-12:55:11,22) [ksoftirqd/1] (root,0,0,00:00:00/1-12:55:11,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/1-12:55:11,25) [cpuhp/2] (root,0,0,00:00:00/1-12:55:11,26) [idle_inject/2] (root,0,0,00:00:00/1-12:55:11,27) [migration/2] (root,0,0,00:00:28/1-12:55:11,28) [ksoftirqd/2] (root,0,0,00:00:00/1-12:55:11,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/1-12:55:11,31) [cpuhp/3] (root,0,0,00:00:00/1-12:55:11,32) [idle_inject/3] (root,0,0,00:00:00/1-12:55:11,33) [migration/3] (root,0,0,00:00:03/1-12:55:11,34) [ksoftirqd/3] (root,0,0,00:00:00/1-12:55:11,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/1-12:55:11,41) [kdevtmpfs] (root,0,0,00:00:00/1-12:55:11,42) [netns] (root,0,0,00:00:00/1-12:55:11,43) [inet_frag_wq] (root,0,0,00:00:00/1-12:55:11,44) [kauditd] (root,0,0,00:00:00/1-12:55:11,47) [khungtaskd] (root,0,0,00:00:00/1-12:55:11,48) [oom_reaper] (root,0,0,00:00:00/1-12:55:11,49) [writeback] (root,0,0,00:00:04/1-12:55:11,50) [kcompactd0] (root,0,0,00:00:00/1-12:55:11,51) [ksmd] (root,0,0,00:00:03/1-12:55:11,52) [khugepaged] (root,0,0,00:00:00/1-12:55:11,77) [kintegrityd] (root,0,0,00:00:00/1-12:55:11,78) [kblockd] (root,0,0,00:00:00/1-12:55:11,79) [blkcg_punt_bio] (root,0,0,00:00:00/1-12:55:11,80) [tpm_dev_wq] (root,0,0,00:00:00/1-12:55:11,81) [edac-poller] (root,0,0,00:00:00/1-12:55:11,82) [devfreq_wq] (root,0,0,00:00:00/1-12:55:11,111) [watchdogd] (root,0,0,00:00:00/1-12:55:11,112) [kworker/2:1H-kblockd] (root,0,0,00:00:00/1-12:55:11,113) [kswapd0] (root,0,0,00:00:00/1-12:55:10,115) [kthrotld] (root,0,0,00:00:00/1-12:55:10,116) [mld] (root,0,0,00:00:00/1-12:55:10,117) [ipv6_addrconf] (root,0,0,00:00:00/1-12:55:10,118) [kworker/1:1H-kblockd] (root,0,0,00:00:00/1-12:55:10,123) [kstrp] (root,0,0,00:00:00/1-12:55:10,125) [zswap-shrink] (root,0,0,00:00:00/1-12:55:10,126) [kworker/u9:0] (root,0,0,00:00:00/1-12:55:10,131) [charger_manager] (root,0,0,00:00:00/1-12:55:10,173) [kworker/3:1H-kblockd] (root,0,0,00:00:00/1-12:55:10,176) [kworker/0:1H-kblockd] (root,0,0,00:00:00/1-12:55:09,329) [ata_sff] (root,0,0,00:00:00/1-12:55:09,330) [scsi_eh_0] (root,0,0,00:00:00/1-12:55:09,331) [scsi_tmf_0] (root,0,0,00:00:00/1-12:55:09,332) [scsi_eh_1] (root,0,0,00:00:00/1-12:55:09,333) [scsi_tmf_1] (root,0,0,00:00:01/1-12:55:07,351) [jbd2/vda1-8] (root,0,0,00:00:00/1-12:55:07,352) [ext4-rsv-conver] (root,38604,7928,00:00:06/1-12:54:53,425) /usr/lib/systemd/systemd-journald (root,53172,9768,00:00:00/1-12:54:52,444) /usr/lib/systemd/systemd-udevd (root,8624,5224,00:00:02/1-12:54:50,469) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1604,00:00:01/1-12:53:56,486) /sbin/auditd (messagebus,22532,5400,00:00:13/1-12:53:56,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38728,8552,00:00:06/1-12:53:56,505) /usr/lib/systemd/systemd-logind (root,20556,6060,00:00:00/1-12:53:56,517) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9040,00:00:00/1-12:53:54,583) /usr/sbin/wickedd --systemd --foreground (root,23220,9312,00:00:00/1-12:53:54,584) /usr/sbin/wickedd-nanny --systemd --foreground (root,547336,21936,00:00:01/1-12:53:46,1143) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26780,00:00:00/1-12:53:45,1153) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4536,00:00:01/1-12:53:45,1166) /usr/sbin/xinetd -stayalive -dontfork (root,375052,12120,00:00:05/1-12:53:45,1168) /usr/sbin/rsyslogd -n -iNONE (root,2984,1800,00:00:00/1-12:53:45,1169) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,2516,684,00:00:00/1-12:53:45,1173) bpfilter_umh (ntp,19768,5896,00:00:08/1-12:53:45,1181) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (root,26204,8196,00:00:00/1-12:53:45,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,21768,4088,00:00:00/1-12:53:45,1187) ntpd: asynchronous dns resolver (spot,213788,102464,00:46:25/1-12:53:45,1193) /usr/bin/python3.11 /usr/bin/spot (root,23432,4664,00:00:00/1-12:53:43,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7648,00:00:00/1-12:53:43,1277) qmgr -l -t fifo -u (root,8960,2652,00:00:00/1-12:53:43,1296) /usr/sbin/cron -n (root,35064,9864,00:00:00/1-12:53:41,1302) sshd: syslogtunnel [priv] (syslogtunnel,40568,10556,00:00:01/1-12:53:40,1307) /usr/lib/systemd/systemd --user (syslogtunnel,48564,3092,00:00:00/1-12:53:40,1308) (sd-pam) (syslogtunnel,35064,4492,00:00:06/1-12:53:39,1320) sshd: syslogtunnel (root,612840,67744,00:02:05/1-12:53:37,1325) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,198940,33196,00:00:26/1-12:53:27,1330) /usr/bin/python3.11 /usr/bin/spot (root,35056,9872,00:00:00/1-12:52:52,1384) sshd: cm-ssh [priv] (cm-ssh,40564,10632,00:00:02/1-12:52:51,1387) /usr/lib/systemd/systemd --user (cm-ssh,48564,3112,00:00:00/1-12:52:51,1388) (sd-pam) (cm-ssh,35056,4384,00:00:05/1-12:52:51,1394) sshd: cm-ssh (postfix,23460,7612,00:00:00/13:11,3925) pickup -l -t fifo -u (root,0,0,00:00:00/11:02,6733) [kworker/1:0-events] (root,0,0,00:00:00/52:59,10887) [kworker/u8:0-ext4-rsv-conversion] (root,0,0,00:00:00/07:04,10987) [kworker/2:1-ata_sff] (root,0,0,00:00:00/07:03,10989) [kworker/3:1-events] (root,0,0,00:00:00/06:36,12084) [kworker/u8:1-writeback] (root,0,0,00:00:00/01:55:22,16255) [kworker/0:0-cgroup_destroy] (root,0,0,00:00:00/01:53,18406) [kworker/2:2-ata_sff] (root,0,0,00:00:00/00:22,20447) [kworker/0:2-events] (root,6656,3484,00:00:00/00:00,20914) /bin/bash /usr/bin/check_mk_agent (root,13744,3504,00:00:00/00:00,20932) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,964,00:00:00/00:00,20933) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,0,0,00:00:00/25:09,22653) [kworker/1:2-events] (root,0,0,00:00:00/21:42,27094) [kworker/0:1-cgroup_destroy] (root,0,0,00:00:02/01:40:28,28735) [kworker/2:0-events] (root,0,0,00:00:00/18:05,31477) [kworker/3:2-cgroup_destroy] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-11-13 23:17 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe56836343618a9eFound public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12648,00:09:39/60-12:14:32,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:02/60-12:14:32,2) [kthreadd] (root,0,0,00:00:00/60-12:14:32,3) [rcu_gp] (root,0,0,00:00:00/60-12:14:32,4) [rcu_par_gp] (root,0,0,00:00:00/60-12:14:32,5) [slub_flushwq] (root,0,0,00:00:00/60-12:14:32,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/60-12:14:32,9) [mm_percpu_wq] (root,0,0,00:00:00/60-12:14:32,10) [rcu_tasks_kthre] (root,0,0,00:00:00/60-12:14:32,11) [rcu_tasks_rude_] (root,0,0,00:00:00/60-12:14:32,12) [rcu_tasks_trace] (root,0,0,00:00:34/60-12:14:32,13) [ksoftirqd/0] (root,0,0,02:35:47/60-12:14:32,14) [rcu_preempt] (root,0,0,00:00:23/60-12:14:32,15) [migration/0] (root,0,0,00:00:00/60-12:14:32,16) [idle_inject/0] (root,0,0,00:00:00/60-12:14:32,18) [cpuhp/0] (root,0,0,00:00:00/60-12:14:32,19) [cpuhp/1] (root,0,0,00:00:00/60-12:14:32,20) [idle_inject/1] (root,0,0,00:00:22/60-12:14:32,21) [migration/1] (root,0,0,00:00:29/60-12:14:32,22) [ksoftirqd/1] (root,0,0,00:00:00/60-12:14:32,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/60-12:14:32,25) [cpuhp/2] (root,0,0,00:00:00/60-12:14:32,26) [idle_inject/2] (root,0,0,00:00:17/60-12:14:32,27) [migration/2] (root,0,0,00:15:29/60-12:14:32,28) [ksoftirqd/2] (root,0,0,00:00:00/60-12:14:32,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/60-12:14:32,31) [cpuhp/3] (root,0,0,00:00:00/60-12:14:32,32) [idle_inject/3] (root,0,0,00:00:18/60-12:14:32,33) [migration/3] (root,0,0,00:02:17/60-12:14:32,34) [ksoftirqd/3] (root,0,0,00:00:00/60-12:14:32,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/60-12:14:32,41) [kdevtmpfs] (root,0,0,00:00:00/60-12:14:32,42) [netns] (root,0,0,00:00:00/60-12:14:32,43) [inet_frag_wq] (root,0,0,00:00:23/60-12:14:32,44) [kauditd] (root,0,0,00:00:00/60-12:14:32,46) [khungtaskd] (root,0,0,00:00:00/60-12:14:32,47) [oom_reaper] (root,0,0,00:00:00/60-12:14:32,48) [writeback] (root,0,0,00:02:53/60-12:14:32,49) [kcompactd0] (root,0,0,00:00:00/60-12:14:32,50) [ksmd] (root,0,0,00:03:03/60-12:14:32,52) [khugepaged] (root,0,0,00:00:00/60-12:14:32,77) [kintegrityd] (root,0,0,00:00:00/60-12:14:32,78) [kblockd] (root,0,0,00:00:00/60-12:14:32,79) [blkcg_punt_bio] (root,0,0,00:00:00/60-12:14:32,80) [tpm_dev_wq] (root,0,0,00:00:00/60-12:14:32,81) [edac-poller] (root,0,0,00:00:00/60-12:14:32,82) [devfreq_wq] (root,0,0,00:00:00/60-12:14:32,111) [watchdogd] (root,0,0,00:00:26/60-12:14:32,112) [kworker/1:1H-kblockd] (root,0,0,00:00:00/60-12:14:32,113) [kswapd0] (root,0,0,00:00:00/60-12:14:31,115) [kthrotld] (root,0,0,00:00:00/60-12:14:30,118) [mld] (root,0,0,00:00:00/60-12:14:30,119) [ipv6_addrconf] (root,0,0,00:00:14/60-12:14:30,120) [kworker/0:1H-kblockd] (root,0,0,00:00:00/60-12:14:30,125) [kstrp] (root,0,0,00:00:00/60-12:14:30,126) [zswap-shrink] (root,0,0,00:00:00/60-12:14:30,127) [kworker/u9:0] (root,0,0,00:00:00/60-12:14:30,132) [charger_manager] (root,0,0,00:00:13/60-12:14:30,139) [kworker/2:1H-kblockd] (root,0,0,00:00:11/60-12:14:30,175) [kworker/3:1H-kblockd] (root,0,0,00:00:00/60-12:14:29,328) [ata_sff] (root,0,0,00:00:00/60-12:14:29,329) [scsi_eh_0] (root,0,0,00:00:00/60-12:14:29,330) [scsi_tmf_0] (root,0,0,00:00:00/60-12:14:29,331) [scsi_eh_1] (root,0,0,00:00:00/60-12:14:29,332) [scsi_tmf_1] (root,0,0,00:01:23/60-12:14:26,350) [jbd2/vda1-8] (root,0,0,00:00:00/60-12:14:26,351) [ext4-rsv-conver] (root,38736,8056,00:03:06/60-12:14:14,423) /usr/lib/systemd/systemd-journald (root,53096,9768,00:00:06/60-12:14:13,442) /usr/lib/systemd/systemd-udevd (root,8624,6248,00:01:31/60-12:14:11,467) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1640,00:00:44/60-12:13:21,486) /sbin/auditd (messagebus,22540,5464,00:06:40/60-12:13:20,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38924,8504,00:03:12/60-12:13:20,507) /usr/lib/systemd/systemd-logind (root,35064,9892,00:00:00/22-12:41:32,513) sshd: syslogtunnel [priv] (syslogtunnel,40564,10588,00:00:21/22-12:41:31,516) /usr/lib/systemd/systemd --user (syslogtunnel,196228,3404,00:00:00/22-12:41:31,517) (sd-pam) (syslogtunnel,35064,4524,00:01:32/22-12:41:31,523) sshd: syslogtunnel (root,20556,6080,00:00:00/60-12:13:20,563) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9080,00:00:00/60-12:13:18,595) /usr/sbin/wickedd --systemd --foreground (root,23220,9412,00:00:00/60-12:13:18,596) /usr/sbin/wickedd-nanny --systemd --foreground (root,549896,35064,00:00:53/60-12:13:10,1144) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26784,00:00:00/60-12:13:10,1157) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4572,00:01:21/60-12:13:10,1162) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1776,00:00:00/60-12:13:10,1167) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,375136,9720,00:03:03/60-12:13:10,1169) /usr/sbin/rsyslogd -n -iNONE (root,2516,620,00:00:00/60-12:13:09,1177) bpfilter_umh (root,26204,8380,00:00:29/60-12:13:09,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,19768,5772,00:05:36/60-12:13:09,1183) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (spot,287188,132444,1-10:11:20/60-12:13:09,1191) /usr/bin/python3.11 /usr/bin/spot (ntp,21768,4104,00:00:00/60-12:13:09,1195) ntpd: asynchronous dns resolver (root,23432,4668,00:00:19/60-12:13:07,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7656,00:00:04/60-12:13:07,1277) qmgr -l -t fifo -u (root,8960,2660,00:00:13/60-12:13:07,1300) /usr/sbin/cron -n (root,696284,83324,01:18:26/60-12:13:02,1329) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,227612,73612,00:22:07/60-12:12:47,1334) /usr/bin/python3.11 /usr/bin/spot (root,35056,9824,00:00:00/60-12:12:44,1336) sshd: cm-ssh [priv] (cm-ssh,40560,10504,00:00:56/60-12:12:43,1344) /usr/lib/systemd/systemd --user (cm-ssh,48568,3112,00:00:00/60-12:12:43,1345) (sd-pam) (cm-ssh,35056,4596,00:03:11/60-12:12:43,1365) sshd: cm-ssh (root,0,0,00:00:00/32:15,1558) [kworker/u8:0-flush-254:0] (root,0,0,00:00:00/08:54,3630) [kworker/3:0-events] (root,0,0,00:00:00/07:52,4917) [kworker/1:1-ata_sff] (root,0,0,00:00:00/01:30:54,9226) [kworker/1:2-events] (postfix,23460,7584,00:00:00/01:28:27,11172) pickup -l -t fifo -u (root,0,0,00:00:00/49:22,12216) [kworker/3:1-events] (root,0,0,00:00:00/03:08,12265) [kworker/3:2] (postfix,43844,8720,00:00:01/54-19:37:35,12335) tlsmgr -l -t unix -u (root,0,0,00:00:00/02:42,12692) [kworker/1:0-ata_sff] (root,0,0,00:00:00/01:48,14673) [kworker/0:2] (root,0,0,00:00:00/01:24:46,15547) [kworker/0:0-cgroup_destroy] (root,6656,3484,00:00:00/00:00,16785) /bin/bash /usr/bin/check_mk_agent (root,13744,3372,00:00:00/00:00,16803) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,968,00:00:00/00:00,16804) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,0,0,00:00:00/20:40,22221) [kworker/2:0-events] (root,0,0,00:00:00/42:04,22815) [kworker/0:1-events] (root,0,0,00:00:00/01:15:20,22985) [kworker/u8:1-ext4-rsv-conversion] (root,0,0,00:00:00/13:37,29294) [kworker/2:1] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-11-09 23:03 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe56836333b5023eFound public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12648,00:09:09/58-12:08:51,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:02/58-12:08:51,2) [kthreadd] (root,0,0,00:00:00/58-12:08:51,3) [rcu_gp] (root,0,0,00:00:00/58-12:08:51,4) [rcu_par_gp] (root,0,0,00:00:00/58-12:08:51,5) [slub_flushwq] (root,0,0,00:00:00/58-12:08:51,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/58-12:08:51,9) [mm_percpu_wq] (root,0,0,00:00:00/58-12:08:51,10) [rcu_tasks_kthre] (root,0,0,00:00:00/58-12:08:51,11) [rcu_tasks_rude_] (root,0,0,00:00:00/58-12:08:51,12) [rcu_tasks_trace] (root,0,0,00:00:32/58-12:08:51,13) [ksoftirqd/0] (root,0,0,02:30:55/58-12:08:51,14) [rcu_preempt] (root,0,0,00:00:22/58-12:08:51,15) [migration/0] (root,0,0,00:00:00/58-12:08:51,16) [idle_inject/0] (root,0,0,00:00:00/58-12:08:51,18) [cpuhp/0] (root,0,0,00:00:00/58-12:08:51,19) [cpuhp/1] (root,0,0,00:00:00/58-12:08:51,20) [idle_inject/1] (root,0,0,00:00:21/58-12:08:51,21) [migration/1] (root,0,0,00:00:28/58-12:08:51,22) [ksoftirqd/1] (root,0,0,00:00:00/58-12:08:51,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/58-12:08:51,25) [cpuhp/2] (root,0,0,00:00:00/58-12:08:51,26) [idle_inject/2] (root,0,0,00:00:16/58-12:08:51,27) [migration/2] (root,0,0,00:14:46/58-12:08:51,28) [ksoftirqd/2] (root,0,0,00:00:00/58-12:08:51,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/58-12:08:51,31) [cpuhp/3] (root,0,0,00:00:00/58-12:08:51,32) [idle_inject/3] (root,0,0,00:00:17/58-12:08:51,33) [migration/3] (root,0,0,00:02:12/58-12:08:51,34) [ksoftirqd/3] (root,0,0,00:00:00/58-12:08:51,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/58-12:08:51,41) [kdevtmpfs] (root,0,0,00:00:00/58-12:08:51,42) [netns] (root,0,0,00:00:00/58-12:08:51,43) [inet_frag_wq] (root,0,0,00:00:22/58-12:08:51,44) [kauditd] (root,0,0,00:00:00/58-12:08:51,46) [khungtaskd] (root,0,0,00:00:00/58-12:08:51,47) [oom_reaper] (root,0,0,00:00:00/58-12:08:51,48) [writeback] (root,0,0,00:02:48/58-12:08:51,49) [kcompactd0] (root,0,0,00:00:00/58-12:08:51,50) [ksmd] (root,0,0,00:02:57/58-12:08:51,52) [khugepaged] (root,0,0,00:00:00/58-12:08:51,77) [kintegrityd] (root,0,0,00:00:00/58-12:08:51,78) [kblockd] (root,0,0,00:00:00/58-12:08:51,79) [blkcg_punt_bio] (root,0,0,00:00:00/58-12:08:51,80) [tpm_dev_wq] (root,0,0,00:00:00/58-12:08:51,81) [edac-poller] (root,0,0,00:00:00/58-12:08:51,82) [devfreq_wq] (root,0,0,00:00:00/58-12:08:51,111) [watchdogd] (root,0,0,00:00:25/58-12:08:51,112) [kworker/1:1H-kblockd] (root,0,0,00:00:00/58-12:08:51,113) [kswapd0] (root,0,0,00:00:00/58-12:08:50,115) [kthrotld] (root,0,0,00:00:00/58-12:08:49,118) [mld] (root,0,0,00:00:00/58-12:08:49,119) [ipv6_addrconf] (root,0,0,00:00:13/58-12:08:49,120) [kworker/0:1H-kblockd] (root,0,0,00:00:00/58-12:08:49,125) [kstrp] (root,0,0,00:00:00/58-12:08:49,126) [zswap-shrink] (root,0,0,00:00:00/58-12:08:49,127) [kworker/u9:0] (root,0,0,00:00:00/58-12:08:49,132) [charger_manager] (root,0,0,00:00:12/58-12:08:49,139) [kworker/2:1H-kblockd] (root,0,0,00:00:11/58-12:08:49,175) [kworker/3:1H-kblockd] (root,0,0,00:00:00/58-12:08:48,328) [ata_sff] (root,0,0,00:00:00/58-12:08:48,329) [scsi_eh_0] (root,0,0,00:00:00/58-12:08:48,330) [scsi_tmf_0] (root,0,0,00:00:00/58-12:08:48,331) [scsi_eh_1] (root,0,0,00:00:00/58-12:08:48,332) [scsi_tmf_1] (root,0,0,00:01:21/58-12:08:45,350) [jbd2/vda1-8] (root,0,0,00:00:00/58-12:08:45,351) [ext4-rsv-conver] (root,38736,8056,00:02:56/58-12:08:33,423) /usr/lib/systemd/systemd-journald (root,53096,9768,00:00:06/58-12:08:32,442) /usr/lib/systemd/systemd-udevd (root,8624,6248,00:01:28/58-12:08:30,467) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1640,00:00:42/58-12:07:40,486) /sbin/auditd (messagebus,22540,5464,00:06:18/58-12:07:39,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38924,8488,00:03:02/58-12:07:39,507) /usr/lib/systemd/systemd-logind (root,35064,9892,00:00:00/20-12:35:51,513) sshd: syslogtunnel [priv] (syslogtunnel,40564,10588,00:00:18/20-12:35:50,516) /usr/lib/systemd/systemd --user (syslogtunnel,196228,3404,00:00:00/20-12:35:50,517) (sd-pam) (syslogtunnel,35064,4524,00:01:23/20-12:35:50,523) sshd: syslogtunnel (root,20556,6080,00:00:00/58-12:07:39,563) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9080,00:00:00/58-12:07:37,595) /usr/sbin/wickedd --systemd --foreground (root,23220,9412,00:00:00/58-12:07:37,596) /usr/sbin/wickedd-nanny --systemd --foreground (root,549640,34776,00:00:51/58-12:07:29,1144) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26784,00:00:00/58-12:07:29,1157) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4572,00:01:19/58-12:07:29,1162) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1776,00:00:00/58-12:07:29,1167) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,375136,9720,00:02:55/58-12:07:29,1169) /usr/sbin/rsyslogd -n -iNONE (root,2516,620,00:00:00/58-12:07:28,1177) bpfilter_umh (root,26204,8380,00:00:27/58-12:07:28,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,19768,5772,00:05:25/58-12:07:28,1183) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (spot,287332,132476,1-08:51:59/58-12:07:28,1191) /usr/bin/python3.11 /usr/bin/spot (ntp,21768,4104,00:00:00/58-12:07:28,1195) ntpd: asynchronous dns resolver (root,23432,4668,00:00:19/58-12:07:26,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7656,00:00:03/58-12:07:26,1277) qmgr -l -t fifo -u (root,8960,2660,00:00:12/58-12:07:26,1300) /usr/sbin/cron -n (root,696284,80072,01:15:55/58-12:07:21,1329) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,226588,71788,00:21:26/58-12:07:06,1334) /usr/bin/python3.11 /usr/bin/spot (root,35056,9824,00:00:00/58-12:07:03,1336) sshd: cm-ssh [priv] (cm-ssh,40560,10504,00:00:53/58-12:07:02,1344) /usr/lib/systemd/systemd --user (cm-ssh,48568,3112,00:00:00/58-12:07:02,1345) (sd-pam) (cm-ssh,35056,4596,00:03:05/58-12:07:02,1365) sshd: cm-ssh (root,0,0,00:00:00/03:02,1754) [kworker/1:1-ata_sff] (root,0,0,00:00:00/02:10,2994) [kworker/0:2] (root,0,0,00:00:00/27:30,4949) [kworker/2:0-events] (checkmk,40564,10592,00:00:00/00:03,5390) /usr/lib/systemd/systemd --user (checkmk,196228,3404,00:00:00/00:02,5391) (sd-pam) (root,6656,3488,00:00:00/00:00,5978) /bin/bash /usr/bin/check_mk_agent (root,13744,3508,00:00:00/00:00,5996) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,964,00:00:00/00:00,5997) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,0,0,00:00:00/23:04,10246) [kworker/u8:1-writeback] (root,0,0,00:00:00/22:53,10616) [kworker/3:0-events] (postfix,43844,8720,00:00:01/52-19:31:54,12335) tlsmgr -l -t unix -u (root,0,0,00:00:00/15:59,18751) [kworker/u8:0-events_unbound] (root,0,0,00:00:00/11:22,24806) [kworker/0:1-events] (root,0,0,00:00:00/41:17,25900) [kworker/1:2-events] (root,0,0,00:00:00/09:13,27978) [kworker/3:1-cgroup_destroy] (root,0,0,00:00:00/08:15,28783) [kworker/1:0-ata_sff] (root,0,0,00:00:00/06:54,30046) [kworker/2:1-cgroup_destroy] (root,0,0,00:00:00/34:38,31883) [kworker/0:0-cgroup_destroy] (postfix,23460,7540,00:00:00/04:45,32647) pickup -l -t fifo -u Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-11-07 22:57 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe5683632b382f67Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,14672,00:08:36/56-11:28:55,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:02/56-11:28:55,2) [kthreadd] (root,0,0,00:00:00/56-11:28:55,3) [rcu_gp] (root,0,0,00:00:00/56-11:28:55,4) [rcu_par_gp] (root,0,0,00:00:00/56-11:28:55,5) [slub_flushwq] (root,0,0,00:00:00/56-11:28:55,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/56-11:28:55,9) [mm_percpu_wq] (root,0,0,00:00:00/56-11:28:55,10) [rcu_tasks_kthre] (root,0,0,00:00:00/56-11:28:55,11) [rcu_tasks_rude_] (root,0,0,00:00:00/56-11:28:55,12) [rcu_tasks_trace] (root,0,0,00:00:31/56-11:28:55,13) [ksoftirqd/0] (root,0,0,02:25:54/56-11:28:55,14) [rcu_preempt] (root,0,0,00:00:21/56-11:28:55,15) [migration/0] (root,0,0,00:00:00/56-11:28:55,16) [idle_inject/0] (root,0,0,00:00:00/56-11:28:55,18) [cpuhp/0] (root,0,0,00:00:00/56-11:28:55,19) [cpuhp/1] (root,0,0,00:00:00/56-11:28:55,20) [idle_inject/1] (root,0,0,00:00:20/56-11:28:55,21) [migration/1] (root,0,0,00:00:27/56-11:28:55,22) [ksoftirqd/1] (root,0,0,00:00:00/56-11:28:55,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/56-11:28:55,25) [cpuhp/2] (root,0,0,00:00:00/56-11:28:55,26) [idle_inject/2] (root,0,0,00:00:16/56-11:28:55,27) [migration/2] (root,0,0,00:14:08/56-11:28:55,28) [ksoftirqd/2] (root,0,0,00:00:00/56-11:28:55,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/56-11:28:55,31) [cpuhp/3] (root,0,0,00:00:00/56-11:28:55,32) [idle_inject/3] (root,0,0,00:00:17/56-11:28:55,33) [migration/3] (root,0,0,00:02:08/56-11:28:55,34) [ksoftirqd/3] (root,0,0,00:00:00/56-11:28:55,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/56-11:28:55,41) [kdevtmpfs] (root,0,0,00:00:00/56-11:28:55,42) [netns] (root,0,0,00:00:00/56-11:28:55,43) [inet_frag_wq] (root,0,0,00:00:21/56-11:28:55,44) [kauditd] (root,0,0,00:00:00/56-11:28:55,46) [khungtaskd] (root,0,0,00:00:00/56-11:28:55,47) [oom_reaper] (root,0,0,00:00:00/56-11:28:55,48) [writeback] (root,0,0,00:02:42/56-11:28:55,49) [kcompactd0] (root,0,0,00:00:00/56-11:28:55,50) [ksmd] (root,0,0,00:02:50/56-11:28:55,52) [khugepaged] (root,0,0,00:00:00/56-11:28:55,77) [kintegrityd] (root,0,0,00:00:00/56-11:28:55,78) [kblockd] (root,0,0,00:00:00/56-11:28:55,79) [blkcg_punt_bio] (root,0,0,00:00:00/56-11:28:55,80) [tpm_dev_wq] (root,0,0,00:00:00/56-11:28:55,81) [edac-poller] (root,0,0,00:00:00/56-11:28:55,82) [devfreq_wq] (root,0,0,00:00:00/56-11:28:55,111) [watchdogd] (root,0,0,00:00:24/56-11:28:55,112) [kworker/1:1H-kblockd] (root,0,0,00:00:00/56-11:28:55,113) [kswapd0] (root,0,0,00:00:00/56-11:28:54,115) [kthrotld] (root,0,0,00:00:00/56-11:28:53,118) [mld] (root,0,0,00:00:00/56-11:28:53,119) [ipv6_addrconf] (root,0,0,00:00:13/56-11:28:53,120) [kworker/0:1H-kblockd] (root,0,0,00:00:00/56-11:28:53,125) [kstrp] (root,0,0,00:00:00/56-11:28:53,126) [zswap-shrink] (root,0,0,00:00:00/56-11:28:53,127) [kworker/u9:0] (root,0,0,00:00:00/56-11:28:53,132) [charger_manager] (root,0,0,00:00:12/56-11:28:53,139) [kworker/2:1H-kblockd] (root,0,0,00:00:10/56-11:28:53,175) [kworker/3:1H-kblockd] (root,0,0,00:00:00/56-11:28:52,328) [ata_sff] (root,0,0,00:00:00/56-11:28:52,329) [scsi_eh_0] (root,0,0,00:00:00/56-11:28:52,330) [scsi_tmf_0] (root,0,0,00:00:00/56-11:28:52,331) [scsi_eh_1] (root,0,0,00:00:00/56-11:28:52,332) [scsi_tmf_1] (root,0,0,00:01:18/56-11:28:49,350) [jbd2/vda1-8] (root,0,0,00:00:00/56-11:28:49,351) [ext4-rsv-conver] (root,38736,8056,00:02:46/56-11:28:37,423) /usr/lib/systemd/systemd-journald (root,53096,9768,00:00:06/56-11:28:36,442) /usr/lib/systemd/systemd-udevd (root,8624,6248,00:01:25/56-11:28:34,467) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1640,00:00:39/56-11:27:44,486) /sbin/auditd (messagebus,22540,5464,00:05:55/56-11:27:43,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38920,8488,00:02:51/56-11:27:43,507) /usr/lib/systemd/systemd-logind (root,35064,9892,00:00:00/18-11:55:55,513) sshd: syslogtunnel [priv] (syslogtunnel,40564,10588,00:00:14/18-11:55:54,516) /usr/lib/systemd/systemd --user (syslogtunnel,196228,3404,00:00:00/18-11:55:54,517) (sd-pam) (syslogtunnel,35064,4524,00:01:14/18-11:55:54,523) sshd: syslogtunnel (root,20556,6080,00:00:00/56-11:27:43,563) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9080,00:00:00/56-11:27:41,595) /usr/sbin/wickedd --systemd --foreground (root,23220,9412,00:00:00/56-11:27:41,596) /usr/sbin/wickedd-nanny --systemd --foreground (root,549640,34776,00:00:50/56-11:27:33,1144) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26784,00:00:00/56-11:27:33,1157) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4572,00:01:17/56-11:27:33,1162) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1776,00:00:00/56-11:27:33,1167) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,375136,9780,00:02:45/56-11:27:33,1169) /usr/sbin/rsyslogd -n -iNONE (root,2516,620,00:00:00/56-11:27:32,1177) bpfilter_umh (root,26204,8380,00:00:26/56-11:27:32,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,19768,5772,00:05:14/56-11:27:32,1183) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (spot,287556,132532,1-07:36:06/56-11:27:32,1191) /usr/bin/python3.11 /usr/bin/spot (ntp,21768,4104,00:00:00/56-11:27:32,1195) ntpd: asynchronous dns resolver (root,23432,4668,00:00:18/56-11:27:30,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7656,00:00:03/56-11:27:30,1277) qmgr -l -t fifo -u (root,8960,2660,00:00:12/56-11:27:30,1300) /usr/sbin/cron -n (root,695768,82652,01:13:21/56-11:27:25,1329) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,225564,70608,00:20:46/56-11:27:10,1334) /usr/bin/python3.11 /usr/bin/spot (root,35056,9824,00:00:00/56-11:27:07,1336) sshd: cm-ssh [priv] (cm-ssh,40560,10504,00:00:50/56-11:27:06,1344) /usr/lib/systemd/systemd --user (cm-ssh,48568,3112,00:00:00/56-11:27:06,1345) (sd-pam) (cm-ssh,35056,4596,00:02:59/56-11:27:06,1365) sshd: cm-ssh (postfix,23460,7552,00:00:00/01:26:50,2319) pickup -l -t fifo -u (root,0,0,00:00:00/05:11,2875) [kworker/3:1-events] (root,0,0,00:00:00/05:01,2876) [kworker/u8:2-events_unbound] (root,0,0,00:00:00/37:33,4525) [kworker/2:0-events] (root,0,0,00:00:00/02:57,5713) [kworker/2:1-cgroup_destroy] (root,0,0,00:00:00/01:23,6015) [kworker/1:0-ata_sff] (root,6656,3480,00:00:00/00:00,7717) /bin/bash /usr/bin/check_mk_agent (root,13744,3536,00:00:00/00:00,7735) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,964,00:00:00/00:00,7736) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (postfix,43844,8720,00:00:01/50-18:51:58,12335) tlsmgr -l -t unix -u (root,0,0,00:00:00/25:19,13083) [kworker/u8:0-writeback] (root,0,0,00:00:00/25:18,13084) [kworker/3:0-events] (root,0,0,00:00:01/04:39:22,14343) [kworker/1:1-events] (root,0,0,00:00:00/15:02,25666) [kworker/0:2-events] (root,0,0,00:00:00/11:01,29463) [kworker/u8:1] (root,0,0,00:00:00/11:01,29465) [kworker/2:2-events] (root,0,0,00:00:00/07:00,31533) [kworker/0:1-events] (root,0,0,00:00:00/06:34,32298) [kworker/1:2-ata_sff] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-11-05 22:17 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe568363e88bbaf9Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12648,00:08:19/54-14:20:38,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:02/54-14:20:38,2) [kthreadd] (root,0,0,00:00:00/54-14:20:38,3) [rcu_gp] (root,0,0,00:00:00/54-14:20:38,4) [rcu_par_gp] (root,0,0,00:00:00/54-14:20:38,5) [slub_flushwq] (root,0,0,00:00:00/54-14:20:38,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/54-14:20:38,9) [mm_percpu_wq] (root,0,0,00:00:00/54-14:20:38,10) [rcu_tasks_kthre] (root,0,0,00:00:00/54-14:20:38,11) [rcu_tasks_rude_] (root,0,0,00:00:00/54-14:20:38,12) [rcu_tasks_trace] (root,0,0,00:00:30/54-14:20:38,13) [ksoftirqd/0] (root,0,0,02:21:21/54-14:20:38,14) [rcu_preempt] (root,0,0,00:00:21/54-14:20:38,15) [migration/0] (root,0,0,00:00:00/54-14:20:38,16) [idle_inject/0] (root,0,0,00:00:00/54-14:20:38,18) [cpuhp/0] (root,0,0,00:00:00/54-14:20:38,19) [cpuhp/1] (root,0,0,00:00:00/54-14:20:38,20) [idle_inject/1] (root,0,0,00:00:20/54-14:20:38,21) [migration/1] (root,0,0,00:00:26/54-14:20:38,22) [ksoftirqd/1] (root,0,0,00:00:00/54-14:20:38,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/54-14:20:38,25) [cpuhp/2] (root,0,0,00:00:00/54-14:20:38,26) [idle_inject/2] (root,0,0,00:00:15/54-14:20:38,27) [migration/2] (root,0,0,00:13:42/54-14:20:38,28) [ksoftirqd/2] (root,0,0,00:00:00/54-14:20:38,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/54-14:20:38,31) [cpuhp/3] (root,0,0,00:00:00/54-14:20:38,32) [idle_inject/3] (root,0,0,00:00:16/54-14:20:38,33) [migration/3] (root,0,0,00:02:04/54-14:20:38,34) [ksoftirqd/3] (root,0,0,00:00:00/54-14:20:38,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/54-14:20:38,41) [kdevtmpfs] (root,0,0,00:00:00/54-14:20:38,42) [netns] (root,0,0,00:00:00/54-14:20:38,43) [inet_frag_wq] (root,0,0,00:00:20/54-14:20:38,44) [kauditd] (root,0,0,00:00:00/54-14:20:38,46) [khungtaskd] (root,0,0,00:00:00/54-14:20:38,47) [oom_reaper] (root,0,0,00:00:00/54-14:20:38,48) [writeback] (root,0,0,00:02:37/54-14:20:38,49) [kcompactd0] (root,0,0,00:00:00/54-14:20:38,50) [ksmd] (root,0,0,00:02:44/54-14:20:38,52) [khugepaged] (root,0,0,00:00:00/54-14:20:38,77) [kintegrityd] (root,0,0,00:00:00/54-14:20:38,78) [kblockd] (root,0,0,00:00:00/54-14:20:38,79) [blkcg_punt_bio] (root,0,0,00:00:00/54-14:20:38,80) [tpm_dev_wq] (root,0,0,00:00:00/54-14:20:38,81) [edac-poller] (root,0,0,00:00:00/54-14:20:38,82) [devfreq_wq] (root,0,0,00:00:00/54-14:20:38,111) [watchdogd] (root,0,0,00:00:23/54-14:20:38,112) [kworker/1:1H-kblockd] (root,0,0,00:00:00/54-14:20:38,113) [kswapd0] (root,0,0,00:00:00/54-14:20:37,115) [kthrotld] (root,0,0,00:00:00/54-14:20:36,118) [mld] (root,0,0,00:00:00/54-14:20:36,119) [ipv6_addrconf] (root,0,0,00:00:12/54-14:20:36,120) [kworker/0:1H-kblockd] (root,0,0,00:00:00/54-14:20:36,125) [kstrp] (root,0,0,00:00:00/54-14:20:36,126) [zswap-shrink] (root,0,0,00:00:00/54-14:20:36,127) [kworker/u9:0] (root,0,0,00:00:00/54-14:20:36,132) [charger_manager] (root,0,0,00:00:11/54-14:20:36,139) [kworker/2:1H-kblockd] (root,0,0,00:00:10/54-14:20:36,175) [kworker/3:1H-kblockd] (root,0,0,00:00:00/54-14:20:35,328) [ata_sff] (root,0,0,00:00:00/54-14:20:35,329) [scsi_eh_0] (root,0,0,00:00:00/54-14:20:35,330) [scsi_tmf_0] (root,0,0,00:00:00/54-14:20:35,331) [scsi_eh_1] (root,0,0,00:00:00/54-14:20:35,332) [scsi_tmf_1] (root,0,0,00:01:16/54-14:20:32,350) [jbd2/vda1-8] (root,0,0,00:00:00/54-14:20:32,351) [ext4-rsv-conver] (root,38736,8056,00:02:41/54-14:20:20,423) /usr/lib/systemd/systemd-journald (root,53096,9768,00:00:06/54-14:20:19,442) /usr/lib/systemd/systemd-udevd (root,8624,6248,00:01:22/54-14:20:17,467) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1640,00:00:38/54-14:19:27,486) /sbin/auditd (messagebus,22540,5464,00:05:43/54-14:19:26,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38924,8488,00:02:45/54-14:19:26,507) /usr/lib/systemd/systemd-logind (root,35064,9892,00:00:00/16-14:47:38,513) sshd: syslogtunnel [priv] (syslogtunnel,40564,10588,00:00:13/16-14:47:37,516) /usr/lib/systemd/systemd --user (syslogtunnel,196228,3404,00:00:00/16-14:47:37,517) (sd-pam) (syslogtunnel,35064,4524,00:01:06/16-14:47:37,523) sshd: syslogtunnel (root,20556,6080,00:00:00/54-14:19:26,563) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9080,00:00:00/54-14:19:24,595) /usr/sbin/wickedd --systemd --foreground (root,23220,9412,00:00:00/54-14:19:24,596) /usr/sbin/wickedd-nanny --systemd --foreground (root,549640,34776,00:00:48/54-14:19:16,1144) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26784,00:00:00/54-14:19:16,1157) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4572,00:01:14/54-14:19:16,1162) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1776,00:00:00/54-14:19:16,1167) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,375136,9780,00:02:41/54-14:19:16,1169) /usr/sbin/rsyslogd -n -iNONE (root,2516,620,00:00:00/54-14:19:15,1177) bpfilter_umh (root,26204,8380,00:00:25/54-14:19:15,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,19768,5772,00:05:04/54-14:19:15,1183) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (spot,287540,132528,1-06:29:26/54-14:19:15,1191) /usr/bin/python3.11 /usr/bin/spot (ntp,21768,4104,00:00:00/54-14:19:15,1195) ntpd: asynchronous dns resolver (root,23432,4668,00:00:18/54-14:19:13,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7656,00:00:03/54-14:19:13,1277) qmgr -l -t fifo -u (root,8960,2660,00:00:12/54-14:19:13,1300) /usr/sbin/cron -n (root,695512,82452,01:10:57/54-14:19:08,1329) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,224540,69276,00:20:08/54-14:18:53,1334) /usr/bin/python3.11 /usr/bin/spot (root,35056,9824,00:00:00/54-14:18:50,1336) sshd: cm-ssh [priv] (cm-ssh,40560,10504,00:00:48/54-14:18:49,1344) /usr/lib/systemd/systemd --user (cm-ssh,48568,3112,00:00:00/54-14:18:49,1345) (sd-pam) (cm-ssh,35056,4596,00:02:53/54-14:18:49,1365) sshd: cm-ssh (root,0,0,00:00:01/02:28:00,9578) [kworker/1:1-events] (root,0,0,00:00:00/20:24,9947) [kworker/3:2-cgroup_destroy] (root,0,0,00:00:00/20:06,9994) [kworker/u8:2-writeback] (root,0,0,00:00:00/01:34:24,11515) [kworker/2:2-events] (root,0,0,00:00:00/01:02:40,11818) [kworker/0:0-cgroup_destroy] (postfix,43844,8720,00:00:01/48-21:43:41,12335) tlsmgr -l -t unix -u (root,0,0,00:00:00/09:51,14840) [kworker/3:1-events] (root,0,0,00:00:00/57:20,14958) [kworker/0:1-events] (root,0,0,00:00:00/07:56,15725) [kworker/1:0-ata_sff] (root,0,0,00:00:00/04:41,18372) [kworker/2:0-events] (root,0,0,00:00:00/04:31,18374) [kworker/0:2-events] (root,0,0,00:00:00/02:43,20537) [kworker/1:2-ata_sff] (root,0,0,00:00:00/02:54:29,21159) [kworker/u8:0-ext4-rsv-conversion] (root,6656,3488,00:00:00/00:00,22499) /bin/bash /usr/bin/check_mk_agent (root,13744,3412,00:00:00/00:00,22517) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,952,00:00:00/00:00,22518) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (postfix,23460,7588,00:00:00/01:18:26,29292) pickup -l -t fifo -u (root,0,0,00:00:00/36:26,30707) [kworker/2:1-cgroup_destroy] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-11-04 01:09 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe568363d637c1c2Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12648,00:08:06/52-15:00:49,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:02/52-15:00:49,2) [kthreadd] (root,0,0,00:00:00/52-15:00:49,3) [rcu_gp] (root,0,0,00:00:00/52-15:00:49,4) [rcu_par_gp] (root,0,0,00:00:00/52-15:00:49,5) [slub_flushwq] (root,0,0,00:00:00/52-15:00:49,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/52-15:00:49,9) [mm_percpu_wq] (root,0,0,00:00:00/52-15:00:49,10) [rcu_tasks_kthre] (root,0,0,00:00:00/52-15:00:49,11) [rcu_tasks_rude_] (root,0,0,00:00:00/52-15:00:49,12) [rcu_tasks_trace] (root,0,0,00:00:29/52-15:00:49,13) [ksoftirqd/0] (root,0,0,02:16:35/52-15:00:49,14) [rcu_preempt] (root,0,0,00:00:20/52-15:00:49,15) [migration/0] (root,0,0,00:00:00/52-15:00:49,16) [idle_inject/0] (root,0,0,00:00:00/52-15:00:49,18) [cpuhp/0] (root,0,0,00:00:00/52-15:00:49,19) [cpuhp/1] (root,0,0,00:00:00/52-15:00:49,20) [idle_inject/1] (root,0,0,00:00:19/52-15:00:49,21) [migration/1] (root,0,0,00:00:25/52-15:00:49,22) [ksoftirqd/1] (root,0,0,00:00:00/52-15:00:49,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/52-15:00:49,25) [cpuhp/2] (root,0,0,00:00:00/52-15:00:49,26) [idle_inject/2] (root,0,0,00:00:15/52-15:00:49,27) [migration/2] (root,0,0,00:13:18/52-15:00:49,28) [ksoftirqd/2] (root,0,0,00:00:00/52-15:00:49,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/52-15:00:49,31) [cpuhp/3] (root,0,0,00:00:00/52-15:00:49,32) [idle_inject/3] (root,0,0,00:00:15/52-15:00:49,33) [migration/3] (root,0,0,00:02:00/52-15:00:49,34) [ksoftirqd/3] (root,0,0,00:00:00/52-15:00:49,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/52-15:00:49,41) [kdevtmpfs] (root,0,0,00:00:00/52-15:00:49,42) [netns] (root,0,0,00:00:00/52-15:00:49,43) [inet_frag_wq] (root,0,0,00:00:20/52-15:00:49,44) [kauditd] (root,0,0,00:00:00/52-15:00:49,46) [khungtaskd] (root,0,0,00:00:00/52-15:00:49,47) [oom_reaper] (root,0,0,00:00:00/52-15:00:49,48) [writeback] (root,0,0,00:02:32/52-15:00:49,49) [kcompactd0] (root,0,0,00:00:00/52-15:00:49,50) [ksmd] (root,0,0,00:02:37/52-15:00:49,52) [khugepaged] (root,0,0,00:00:00/52-15:00:49,77) [kintegrityd] (root,0,0,00:00:00/52-15:00:49,78) [kblockd] (root,0,0,00:00:00/52-15:00:49,79) [blkcg_punt_bio] (root,0,0,00:00:00/52-15:00:49,80) [tpm_dev_wq] (root,0,0,00:00:00/52-15:00:49,81) [edac-poller] (root,0,0,00:00:00/52-15:00:49,82) [devfreq_wq] (root,0,0,00:00:00/52-15:00:49,111) [watchdogd] (root,0,0,00:00:23/52-15:00:49,112) [kworker/1:1H-kblockd] (root,0,0,00:00:00/52-15:00:49,113) [kswapd0] (root,0,0,00:00:00/52-15:00:48,115) [kthrotld] (root,0,0,00:00:00/52-15:00:47,118) [mld] (root,0,0,00:00:00/52-15:00:47,119) [ipv6_addrconf] (root,0,0,00:00:12/52-15:00:47,120) [kworker/0:1H-kblockd] (root,0,0,00:00:00/52-15:00:47,125) [kstrp] (root,0,0,00:00:00/52-15:00:47,126) [zswap-shrink] (root,0,0,00:00:00/52-15:00:47,127) [kworker/u9:0] (root,0,0,00:00:00/52-15:00:47,132) [charger_manager] (root,0,0,00:00:11/52-15:00:47,139) [kworker/2:1H-kblockd] (root,0,0,00:00:10/52-15:00:47,175) [kworker/3:1H-kblockd] (root,0,0,00:00:00/52-15:00:46,328) [ata_sff] (root,0,0,00:00:00/52-15:00:46,329) [scsi_eh_0] (root,0,0,00:00:00/52-15:00:46,330) [scsi_tmf_0] (root,0,0,00:00:00/52-15:00:46,331) [scsi_eh_1] (root,0,0,00:00:00/52-15:00:46,332) [scsi_tmf_1] (root,0,0,00:01:14/52-15:00:43,350) [jbd2/vda1-8] (root,0,0,00:00:00/52-15:00:43,351) [ext4-rsv-conver] (root,38736,8056,00:02:37/52-15:00:31,423) /usr/lib/systemd/systemd-journald (root,53096,9768,00:00:05/52-15:00:30,442) /usr/lib/systemd/systemd-udevd (root,8624,6248,00:01:19/52-15:00:28,467) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1640,00:00:37/52-14:59:38,486) /sbin/auditd (messagebus,22540,5464,00:05:34/52-14:59:37,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38920,8488,00:02:41/52-14:59:37,507) /usr/lib/systemd/systemd-logind (root,35064,9892,00:00:00/14-15:27:49,513) sshd: syslogtunnel [priv] (syslogtunnel,40564,10588,00:00:11/14-15:27:48,516) /usr/lib/systemd/systemd --user (syslogtunnel,196228,3404,00:00:00/14-15:27:48,517) (sd-pam) (syslogtunnel,35064,4524,00:00:59/14-15:27:48,523) sshd: syslogtunnel (root,20556,6080,00:00:00/52-14:59:37,563) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9080,00:00:00/52-14:59:35,595) /usr/sbin/wickedd --systemd --foreground (root,23220,9412,00:00:00/52-14:59:35,596) /usr/sbin/wickedd-nanny --systemd --foreground (root,549384,34476,00:00:47/52-14:59:27,1144) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26784,00:00:00/52-14:59:27,1157) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4572,00:01:12/52-14:59:27,1162) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1776,00:00:00/52-14:59:27,1167) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,375136,9780,00:02:37/52-14:59:27,1169) /usr/sbin/rsyslogd -n -iNONE (root,2516,620,00:00:00/52-14:59:26,1177) bpfilter_umh (root,26204,8380,00:00:24/52-14:59:26,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,19768,5772,00:04:53/52-14:59:26,1183) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (spot,287316,132468,1-05:29:52/52-14:59:26,1191) /usr/bin/python3.11 /usr/bin/spot (ntp,21768,4104,00:00:00/52-14:59:26,1195) ntpd: asynchronous dns resolver (root,23432,4668,00:00:17/52-14:59:24,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7656,00:00:03/52-14:59:24,1277) qmgr -l -t fifo -u (root,8960,2660,00:00:11/52-14:59:24,1300) /usr/sbin/cron -n (root,695512,82448,01:08:26/52-14:59:19,1329) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,223516,68064,00:19:29/52-14:59:04,1334) /usr/bin/python3.11 /usr/bin/spot (root,35056,9824,00:00:00/52-14:59:01,1336) sshd: cm-ssh [priv] (cm-ssh,40560,10504,00:00:47/52-14:59:00,1344) /usr/lib/systemd/systemd --user (cm-ssh,48568,3112,00:00:00/52-14:59:00,1345) (sd-pam) (cm-ssh,35056,4596,00:02:47/52-14:59:00,1365) sshd: cm-ssh (root,0,0,00:00:00/01:43,3490) [kworker/1:0-ata_sff] (root,0,0,00:00:00/01:14,5300) [kworker/0:2-events] (root,0,0,00:00:00/01:04,5302) [kworker/3:0-events] (root,0,0,00:00:00/02:19:18,5769) [kworker/u8:1-events_unbound] (root,6656,3484,00:00:00/00:00,6158) /bin/bash /usr/bin/check_mk_agent (root,13744,3392,00:00:00/00:00,6176) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,968,00:00:00/00:00,6177) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,0,0,00:00:00/54:29,6900) [kworker/3:1-events] (root,0,0,00:00:06/16:52:36,9388) [kworker/1:1-events] (root,0,0,00:00:00/49:11,11166) [kworker/0:1-cgroup_destroy] (postfix,43844,8720,00:00:01/46-22:23:52,12335) tlsmgr -l -t unix -u (postfix,23460,7532,00:00:00/40:49,17230) pickup -l -t fifo -u (root,0,0,00:00:00/11:59,21951) [kworker/3:2-cgroup_destroy] (root,0,0,00:00:00/32:42,23025) [kworker/2:1-events] (root,0,0,00:00:00/32:31,23027) [kworker/0:0-events] (root,0,0,00:00:00/06:55,27416) [kworker/1:2-events] (root,0,0,00:00:00/06:28,28772) [kworker/u8:2-flush-254:0] (root,0,0,00:00:00/06:28,28774) [kworker/2:0] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-11-02 01:49 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe5683632b50aac0Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,14672,00:07:43/49-11:38:31,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:01/49-11:38:31,2) [kthreadd] (root,0,0,00:00:00/49-11:38:31,3) [rcu_gp] (root,0,0,00:00:00/49-11:38:31,4) [rcu_par_gp] (root,0,0,00:00:00/49-11:38:31,5) [slub_flushwq] (root,0,0,00:00:00/49-11:38:31,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/49-11:38:31,9) [mm_percpu_wq] (root,0,0,00:00:00/49-11:38:31,10) [rcu_tasks_kthre] (root,0,0,00:00:00/49-11:38:31,11) [rcu_tasks_rude_] (root,0,0,00:00:00/49-11:38:31,12) [rcu_tasks_trace] (root,0,0,00:00:28/49-11:38:31,13) [ksoftirqd/0] (root,0,0,02:09:07/49-11:38:31,14) [rcu_preempt] (root,0,0,00:00:19/49-11:38:31,15) [migration/0] (root,0,0,00:00:00/49-11:38:31,16) [idle_inject/0] (root,0,0,00:00:00/49-11:38:31,18) [cpuhp/0] (root,0,0,00:00:00/49-11:38:31,19) [cpuhp/1] (root,0,0,00:00:00/49-11:38:31,20) [idle_inject/1] (root,0,0,00:00:18/49-11:38:31,21) [migration/1] (root,0,0,00:00:24/49-11:38:31,22) [ksoftirqd/1] (root,0,0,00:00:00/49-11:38:31,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/49-11:38:31,25) [cpuhp/2] (root,0,0,00:00:00/49-11:38:31,26) [idle_inject/2] (root,0,0,00:00:14/49-11:38:31,27) [migration/2] (root,0,0,00:12:47/49-11:38:31,28) [ksoftirqd/2] (root,0,0,00:00:00/49-11:38:31,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/49-11:38:31,31) [cpuhp/3] (root,0,0,00:00:00/49-11:38:31,32) [idle_inject/3] (root,0,0,00:00:15/49-11:38:31,33) [migration/3] (root,0,0,00:01:55/49-11:38:31,34) [ksoftirqd/3] (root,0,0,00:00:00/49-11:38:31,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/49-11:38:31,41) [kdevtmpfs] (root,0,0,00:00:00/49-11:38:31,42) [netns] (root,0,0,00:00:00/49-11:38:31,43) [inet_frag_wq] (root,0,0,00:00:19/49-11:38:31,44) [kauditd] (root,0,0,00:00:00/49-11:38:31,46) [khungtaskd] (root,0,0,00:00:00/49-11:38:31,47) [oom_reaper] (root,0,0,00:00:00/49-11:38:31,48) [writeback] (root,0,0,00:02:23/49-11:38:31,49) [kcompactd0] (root,0,0,00:00:00/49-11:38:31,50) [ksmd] (root,0,0,00:02:27/49-11:38:31,52) [khugepaged] (root,0,0,00:00:00/49-11:38:31,77) [kintegrityd] (root,0,0,00:00:00/49-11:38:31,78) [kblockd] (root,0,0,00:00:00/49-11:38:31,79) [blkcg_punt_bio] (root,0,0,00:00:00/49-11:38:31,80) [tpm_dev_wq] (root,0,0,00:00:00/49-11:38:31,81) [edac-poller] (root,0,0,00:00:00/49-11:38:31,82) [devfreq_wq] (root,0,0,00:00:00/49-11:38:31,111) [watchdogd] (root,0,0,00:00:21/49-11:38:31,112) [kworker/1:1H-kblockd] (root,0,0,00:00:00/49-11:38:31,113) [kswapd0] (root,0,0,00:00:00/49-11:38:30,115) [kthrotld] (root,0,0,00:00:00/49-11:38:29,118) [mld] (root,0,0,00:00:00/49-11:38:29,119) [ipv6_addrconf] (root,0,0,00:00:11/49-11:38:29,120) [kworker/0:1H-kblockd] (root,0,0,00:00:00/49-11:38:29,125) [kstrp] (root,0,0,00:00:00/49-11:38:29,126) [zswap-shrink] (root,0,0,00:00:00/49-11:38:29,127) [kworker/u9:0] (root,0,0,00:00:00/49-11:38:29,132) [charger_manager] (root,0,0,00:00:10/49-11:38:29,139) [kworker/2:1H-kblockd] (root,0,0,00:00:09/49-11:38:29,175) [kworker/3:1H-kblockd] (root,0,0,00:00:00/49-11:38:28,328) [ata_sff] (root,0,0,00:00:00/49-11:38:28,329) [scsi_eh_0] (root,0,0,00:00:00/49-11:38:28,330) [scsi_tmf_0] (root,0,0,00:00:00/49-11:38:28,331) [scsi_eh_1] (root,0,0,00:00:00/49-11:38:28,332) [scsi_tmf_1] (root,0,0,00:01:10/49-11:38:25,350) [jbd2/vda1-8] (root,0,0,00:00:00/49-11:38:25,351) [ext4-rsv-conver] (root,38736,8056,00:02:30/49-11:38:13,423) /usr/lib/systemd/systemd-journald (root,53096,9768,00:00:05/49-11:38:12,442) /usr/lib/systemd/systemd-udevd (root,8624,6248,00:01:14/49-11:38:10,467) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1640,00:00:35/49-11:37:20,486) /sbin/auditd (messagebus,22540,5464,00:05:18/49-11:37:19,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38924,8480,00:02:33/49-11:37:19,507) /usr/lib/systemd/systemd-logind (root,35064,9892,00:00:00/11-12:05:31,513) sshd: syslogtunnel [priv] (syslogtunnel,40564,10588,00:00:09/11-12:05:30,516) /usr/lib/systemd/systemd --user (syslogtunnel,196228,3404,00:00:00/11-12:05:30,517) (sd-pam) (syslogtunnel,35064,4524,00:00:47/11-12:05:30,523) sshd: syslogtunnel (root,20556,6080,00:00:00/49-11:37:19,563) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9080,00:00:00/49-11:37:17,595) /usr/sbin/wickedd --systemd --foreground (root,23220,9412,00:00:00/49-11:37:17,596) /usr/sbin/wickedd-nanny --systemd --foreground (root,0,0,00:00:00/01:13,780) [kworker/2:0-events] (root,0,0,00:00:00/01:03,974) [kworker/0:0] (root,549384,34476,00:00:44/49-11:37:09,1144) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26784,00:00:00/49-11:37:09,1157) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4572,00:01:08/49-11:37:09,1162) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1776,00:00:00/49-11:37:09,1167) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,375136,9848,00:02:30/49-11:37:09,1169) /usr/sbin/rsyslogd -n -iNONE (root,2516,620,00:00:00/49-11:37:08,1177) bpfilter_umh (root,26204,8380,00:00:23/49-11:37:08,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,19768,5772,00:04:36/49-11:37:08,1183) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (spot,287108,132416,1-04:04:48/49-11:37:08,1191) /usr/bin/python3.11 /usr/bin/spot (ntp,21768,4104,00:00:00/49-11:37:08,1195) ntpd: asynchronous dns resolver (root,23432,4668,00:00:16/49-11:37:06,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7656,00:00:03/49-11:37:06,1277) qmgr -l -t fifo -u (root,8960,2660,00:00:10/49-11:37:06,1300) /usr/sbin/cron -n (root,692952,79508,01:04:27/49-11:37:01,1329) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,222492,65576,00:18:21/49-11:36:46,1334) /usr/bin/python3.11 /usr/bin/spot (root,35056,9824,00:00:00/49-11:36:43,1336) sshd: cm-ssh [priv] (cm-ssh,40560,10504,00:00:45/49-11:36:42,1344) /usr/lib/systemd/systemd --user (cm-ssh,48568,3112,00:00:00/49-11:36:42,1345) (sd-pam) (cm-ssh,35056,4596,00:02:38/49-11:36:42,1365) sshd: cm-ssh (root,6656,3484,00:00:00/00:00,2224) /bin/bash /usr/bin/check_mk_agent (root,13744,3424,00:00:00/00:00,2242) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,960,00:00:00/00:00,2243) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,0,0,00:00:00/02:18:28,5248) [kworker/u8:2-writeback] (root,0,0,00:00:00/56:59,7491) [kworker/0:2-events] (root,0,0,00:00:00/01:47:53,11143) [kworker/1:2-events] (postfix,43844,8720,00:00:01/43-19:01:34,12335) tlsmgr -l -t unix -u (root,0,0,00:00:00/46:46,13322) [kworker/2:1-events] (root,0,0,00:00:00/36:39,15715) [kworker/3:1-events] (root,0,0,00:00:00/31:08,17153) [kworker/u8:0-flush-254:0] (root,0,0,00:00:00/26:38,18651) [kworker/3:2-events] (postfix,23460,7572,00:00:00/21:44,19796) pickup -l -t fifo -u (root,0,0,00:00:00/16:18,24544) [kworker/0:1-events] (root,0,0,00:00:00/11:20,26374) [kworker/2:2-cgroup_destroy] (root,0,0,00:00:00/09:18,27843) [kworker/1:0-ata_sff] (root,0,0,00:00:00/04:08,30051) [kworker/1:1-ata_sff] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-10-29 22:27 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe5683638f444007Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12648,00:07:28/47-12:30:38,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:01/47-12:30:38,2) [kthreadd] (root,0,0,00:00:00/47-12:30:38,3) [rcu_gp] (root,0,0,00:00:00/47-12:30:38,4) [rcu_par_gp] (root,0,0,00:00:00/47-12:30:38,5) [slub_flushwq] (root,0,0,00:00:00/47-12:30:38,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/47-12:30:38,9) [mm_percpu_wq] (root,0,0,00:00:00/47-12:30:38,10) [rcu_tasks_kthre] (root,0,0,00:00:00/47-12:30:38,11) [rcu_tasks_rude_] (root,0,0,00:00:00/47-12:30:38,12) [rcu_tasks_trace] (root,0,0,00:00:27/47-12:30:38,13) [ksoftirqd/0] (root,0,0,02:04:11/47-12:30:38,14) [rcu_preempt] (root,0,0,00:00:18/47-12:30:38,15) [migration/0] (root,0,0,00:00:00/47-12:30:38,16) [idle_inject/0] (root,0,0,00:00:00/47-12:30:38,18) [cpuhp/0] (root,0,0,00:00:00/47-12:30:38,19) [cpuhp/1] (root,0,0,00:00:00/47-12:30:38,20) [idle_inject/1] (root,0,0,00:00:17/47-12:30:38,21) [migration/1] (root,0,0,00:00:23/47-12:30:38,22) [ksoftirqd/1] (root,0,0,00:00:00/47-12:30:38,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/47-12:30:38,25) [cpuhp/2] (root,0,0,00:00:00/47-12:30:38,26) [idle_inject/2] (root,0,0,00:00:13/47-12:30:38,27) [migration/2] (root,0,0,00:12:26/47-12:30:38,28) [ksoftirqd/2] (root,0,0,00:00:00/47-12:30:38,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/47-12:30:38,31) [cpuhp/3] (root,0,0,00:00:00/47-12:30:38,32) [idle_inject/3] (root,0,0,00:00:14/47-12:30:38,33) [migration/3] (root,0,0,00:01:52/47-12:30:38,34) [ksoftirqd/3] (root,0,0,00:00:00/47-12:30:38,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/47-12:30:38,41) [kdevtmpfs] (root,0,0,00:00:00/47-12:30:38,42) [netns] (root,0,0,00:00:00/47-12:30:38,43) [inet_frag_wq] (root,0,0,00:00:18/47-12:30:38,44) [kauditd] (root,0,0,00:00:00/47-12:30:38,46) [khungtaskd] (root,0,0,00:00:00/47-12:30:38,47) [oom_reaper] (root,0,0,00:00:00/47-12:30:38,48) [writeback] (root,0,0,00:02:18/47-12:30:38,49) [kcompactd0] (root,0,0,00:00:00/47-12:30:38,50) [ksmd] (root,0,0,00:02:21/47-12:30:38,52) [khugepaged] (root,0,0,00:00:00/47-12:30:38,77) [kintegrityd] (root,0,0,00:00:00/47-12:30:38,78) [kblockd] (root,0,0,00:00:00/47-12:30:38,79) [blkcg_punt_bio] (root,0,0,00:00:00/47-12:30:38,80) [tpm_dev_wq] (root,0,0,00:00:00/47-12:30:38,81) [edac-poller] (root,0,0,00:00:00/47-12:30:38,82) [devfreq_wq] (root,0,0,00:00:00/47-12:30:38,111) [watchdogd] (root,0,0,00:00:21/47-12:30:38,112) [kworker/1:1H-kblockd] (root,0,0,00:00:00/47-12:30:38,113) [kswapd0] (root,0,0,00:00:00/47-12:30:37,115) [kthrotld] (root,0,0,00:00:00/47-12:30:36,118) [mld] (root,0,0,00:00:00/47-12:30:36,119) [ipv6_addrconf] (root,0,0,00:00:11/47-12:30:36,120) [kworker/0:1H-kblockd] (root,0,0,00:00:00/47-12:30:36,125) [kstrp] (root,0,0,00:00:00/47-12:30:36,126) [zswap-shrink] (root,0,0,00:00:00/47-12:30:36,127) [kworker/u9:0] (root,0,0,00:00:00/47-12:30:36,132) [charger_manager] (root,0,0,00:00:10/47-12:30:36,139) [kworker/2:1H-kblockd] (root,0,0,00:00:09/47-12:30:36,175) [kworker/3:1H-kblockd] (root,0,0,00:00:00/47-12:30:35,328) [ata_sff] (root,0,0,00:00:00/47-12:30:35,329) [scsi_eh_0] (root,0,0,00:00:00/47-12:30:35,330) [scsi_tmf_0] (root,0,0,00:00:00/47-12:30:35,331) [scsi_eh_1] (root,0,0,00:00:00/47-12:30:35,332) [scsi_tmf_1] (root,0,0,00:01:07/47-12:30:32,350) [jbd2/vda1-8] (root,0,0,00:00:00/47-12:30:32,351) [ext4-rsv-conver] (root,38736,8056,00:02:25/47-12:30:20,423) /usr/lib/systemd/systemd-journald (root,53096,9768,00:00:05/47-12:30:19,442) /usr/lib/systemd/systemd-udevd (root,8624,6248,00:01:11/47-12:30:17,467) /usr/sbin/haveged -w 1024 -v 0 -F (root,0,0,00:00:00/46:55,474) [kworker/2:2-cgroup_destroy] (root,13476,1640,00:00:34/47-12:29:27,486) /sbin/auditd (messagebus,22540,5464,00:05:08/47-12:29:26,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38924,8488,00:02:28/47-12:29:26,507) /usr/lib/systemd/systemd-logind (root,35064,9892,00:00:00/9-12:57:38,513) sshd: syslogtunnel [priv] (syslogtunnel,40564,10588,00:00:07/9-12:57:37,516) /usr/lib/systemd/systemd --user (syslogtunnel,196228,3404,00:00:00/9-12:57:37,517) (sd-pam) (syslogtunnel,35064,4524,00:00:40/9-12:57:37,523) sshd: syslogtunnel (root,20556,6080,00:00:00/47-12:29:26,563) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9080,00:00:00/47-12:29:24,595) /usr/sbin/wickedd --systemd --foreground (root,23220,9412,00:00:00/47-12:29:24,596) /usr/sbin/wickedd-nanny --systemd --foreground (root,549384,34476,00:00:42/47-12:29:16,1144) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26784,00:00:00/47-12:29:16,1157) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4572,00:01:05/47-12:29:16,1162) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1776,00:00:00/47-12:29:16,1167) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,375136,9848,00:02:26/47-12:29:16,1169) /usr/sbin/rsyslogd -n -iNONE (root,2516,620,00:00:00/47-12:29:15,1177) bpfilter_umh (root,26204,8380,00:00:22/47-12:29:15,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,19768,5772,00:04:26/47-12:29:15,1183) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (spot,287252,132452,1-03:15:08/47-12:29:15,1191) /usr/bin/python3.11 /usr/bin/spot (ntp,21768,4104,00:00:00/47-12:29:15,1195) ntpd: asynchronous dns resolver (root,23432,4668,00:00:15/47-12:29:13,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7656,00:00:03/47-12:29:13,1277) qmgr -l -t fifo -u (root,8960,2660,00:00:10/47-12:29:13,1300) /usr/sbin/cron -n (root,692696,79212,01:01:54/47-12:29:08,1329) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,221468,64684,00:17:40/47-12:28:53,1334) /usr/bin/python3.11 /usr/bin/spot (root,35056,9824,00:00:00/47-12:28:50,1336) sshd: cm-ssh [priv] (cm-ssh,40560,10504,00:00:44/47-12:28:49,1344) /usr/lib/systemd/systemd --user (cm-ssh,48568,3112,00:00:00/47-12:28:49,1345) (sd-pam) (cm-ssh,35056,4596,00:02:32/47-12:28:49,1365) sshd: cm-ssh (root,0,0,00:00:00/07:40,4135) [kworker/1:2-ata_sff] (root,0,0,00:00:00/06:20,5634) [kworker/3:2] (root,0,0,00:00:00/02:30,9258) [kworker/1:1-ata_sff] (root,0,0,00:00:00/01:27,10076) [kworker/u8:1] (root,6764,3512,00:00:00/00:00,12025) /bin/bash /usr/bin/check_mk_agent (root,6656,3500,00:00:00/00:00,12063) /bin/bash /usr/bin/check_mk_agent (root,6656,3484,00:00:00/00:00,12197) /bin/bash /usr/bin/check_mk_agent (root,6656,1840,00:00:00/00:00,12222) /bin/bash /usr/bin/check_mk_agent (root,5280,804,00:00:00/00:00,12229) grep ^multi_instance_directories (root,11644,964,00:00:00/00:00,12230) sed s/.*=[[:space:]]*//g (root,13744,3520,00:00:00/00:00,12235) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,968,00:00:00/00:00,12236) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (postfix,43844,8720,00:00:01/41-19:53:41,12335) tlsmgr -l -t unix -u (root,0,0,00:00:00/32:10,14735) [kworker/3:1-events] (root,0,0,00:00:00/54:23,21324) [kworker/1:0-events] (root,0,0,00:00:00/27:12,21949) [kworker/u8:0-flush-254:0] (root,0,0,00:00:00/27:12,21951) [kworker/0:0-cgroup_destroy] (root,0,0,00:00:00/16:41,25353) [kworker/2:1-events] (postfix,23460,7540,00:00:00/01:33:38,26245) pickup -l -t fifo -u (root,0,0,00:00:00/11:29,32551) [kworker/0:1-events] (root,0,0,00:00:00/11:19,32552) [kworker/u8:2-events_unbound] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-10-27 23:19 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe56836310fac964Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12648,00:07:12/45-10:23:14,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:01/45-10:23:14,2) [kthreadd] (root,0,0,00:00:00/45-10:23:14,3) [rcu_gp] (root,0,0,00:00:00/45-10:23:14,4) [rcu_par_gp] (root,0,0,00:00:00/45-10:23:14,5) [slub_flushwq] (root,0,0,00:00:00/45-10:23:14,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/45-10:23:14,9) [mm_percpu_wq] (root,0,0,00:00:00/45-10:23:14,10) [rcu_tasks_kthre] (root,0,0,00:00:00/45-10:23:14,11) [rcu_tasks_rude_] (root,0,0,00:00:00/45-10:23:14,12) [rcu_tasks_trace] (root,0,0,00:00:25/45-10:23:14,13) [ksoftirqd/0] (root,0,0,01:59:05/45-10:23:14,14) [rcu_preempt] (root,0,0,00:00:17/45-10:23:14,15) [migration/0] (root,0,0,00:00:00/45-10:23:14,16) [idle_inject/0] (root,0,0,00:00:00/45-10:23:14,18) [cpuhp/0] (root,0,0,00:00:00/45-10:23:14,19) [cpuhp/1] (root,0,0,00:00:00/45-10:23:14,20) [idle_inject/1] (root,0,0,00:00:16/45-10:23:14,21) [migration/1] (root,0,0,00:00:22/45-10:23:14,22) [ksoftirqd/1] (root,0,0,00:00:00/45-10:23:14,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/45-10:23:14,25) [cpuhp/2] (root,0,0,00:00:00/45-10:23:14,26) [idle_inject/2] (root,0,0,00:00:13/45-10:23:14,27) [migration/2] (root,0,0,00:12:04/45-10:23:14,28) [ksoftirqd/2] (root,0,0,00:00:00/45-10:23:14,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/45-10:23:14,31) [cpuhp/3] (root,0,0,00:00:00/45-10:23:14,32) [idle_inject/3] (root,0,0,00:00:13/45-10:23:14,33) [migration/3] (root,0,0,00:01:48/45-10:23:14,34) [ksoftirqd/3] (root,0,0,00:00:00/45-10:23:14,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/45-10:23:14,41) [kdevtmpfs] (root,0,0,00:00:00/45-10:23:14,42) [netns] (root,0,0,00:00:00/45-10:23:14,43) [inet_frag_wq] (root,0,0,00:00:18/45-10:23:14,44) [kauditd] (root,0,0,00:00:00/45-10:23:14,46) [khungtaskd] (root,0,0,00:00:00/45-10:23:14,47) [oom_reaper] (root,0,0,00:00:00/45-10:23:14,48) [writeback] (root,0,0,00:02:12/45-10:23:14,49) [kcompactd0] (root,0,0,00:00:00/45-10:23:14,50) [ksmd] (root,0,0,00:02:14/45-10:23:14,52) [khugepaged] (root,0,0,00:00:00/45-10:23:14,77) [kintegrityd] (root,0,0,00:00:00/45-10:23:14,78) [kblockd] (root,0,0,00:00:00/45-10:23:14,79) [blkcg_punt_bio] (root,0,0,00:00:00/45-10:23:14,80) [tpm_dev_wq] (root,0,0,00:00:00/45-10:23:14,81) [edac-poller] (root,0,0,00:00:00/45-10:23:14,82) [devfreq_wq] (root,0,0,00:00:00/45-10:23:14,111) [watchdogd] (root,0,0,00:00:20/45-10:23:14,112) [kworker/1:1H-kblockd] (root,0,0,00:00:00/45-10:23:14,113) [kswapd0] (root,0,0,00:00:00/45-10:23:13,115) [kthrotld] (root,0,0,00:00:00/45-10:23:12,118) [mld] (root,0,0,00:00:00/45-10:23:12,119) [ipv6_addrconf] (root,0,0,00:00:11/45-10:23:12,120) [kworker/0:1H-kblockd] (root,0,0,00:00:00/45-10:23:12,125) [kstrp] (root,0,0,00:00:00/45-10:23:12,126) [zswap-shrink] (root,0,0,00:00:00/45-10:23:12,127) [kworker/u9:0] (root,0,0,00:00:00/45-10:23:12,132) [charger_manager] (root,0,0,00:00:10/45-10:23:12,139) [kworker/2:1H-kblockd] (root,0,0,00:00:08/45-10:23:12,175) [kworker/3:1H-kblockd] (root,0,0,00:00:00/45-10:23:11,328) [ata_sff] (root,0,0,00:00:00/45-10:23:11,329) [scsi_eh_0] (root,0,0,00:00:00/45-10:23:11,330) [scsi_tmf_0] (root,0,0,00:00:00/45-10:23:11,331) [scsi_eh_1] (root,0,0,00:00:00/45-10:23:11,332) [scsi_tmf_1] (root,0,0,00:01:05/45-10:23:08,350) [jbd2/vda1-8] (root,0,0,00:00:00/45-10:23:08,351) [ext4-rsv-conver] (root,38736,8056,00:02:20/45-10:22:56,423) /usr/lib/systemd/systemd-journald (root,53096,9768,00:00:05/45-10:22:55,442) /usr/lib/systemd/systemd-udevd (root,8624,6248,00:01:08/45-10:22:53,467) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1640,00:00:33/45-10:22:03,486) /sbin/auditd (messagebus,22540,5464,00:04:57/45-10:22:02,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38924,8488,00:02:23/45-10:22:02,507) /usr/lib/systemd/systemd-logind (root,35064,9892,00:00:00/7-10:50:14,513) sshd: syslogtunnel [priv] (syslogtunnel,40564,10588,00:00:06/7-10:50:13,516) /usr/lib/systemd/systemd --user (syslogtunnel,196228,3404,00:00:00/7-10:50:13,517) (sd-pam) (syslogtunnel,35064,4524,00:00:32/7-10:50:13,523) sshd: syslogtunnel (root,20556,6080,00:00:00/45-10:22:02,563) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9080,00:00:00/45-10:22:00,595) /usr/sbin/wickedd --systemd --foreground (root,23220,9412,00:00:00/45-10:22:00,596) /usr/sbin/wickedd-nanny --systemd --foreground (root,549128,33788,00:00:40/45-10:21:52,1144) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26784,00:00:00/45-10:21:52,1157) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4572,00:01:02/45-10:21:52,1162) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1776,00:00:00/45-10:21:52,1167) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,375136,9848,00:02:21/45-10:21:52,1169) /usr/sbin/rsyslogd -n -iNONE (root,2516,620,00:00:00/45-10:21:51,1177) bpfilter_umh (root,26204,8380,00:00:21/45-10:21:51,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,19768,5772,00:04:14/45-10:21:51,1183) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (spot,287556,132512,1-02:22:34/45-10:21:51,1191) /usr/bin/python3.11 /usr/bin/spot (ntp,21768,4104,00:00:00/45-10:21:51,1195) ntpd: asynchronous dns resolver (root,23432,4668,00:00:15/45-10:21:49,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7656,00:00:03/45-10:21:49,1277) qmgr -l -t fifo -u (root,8960,2660,00:00:09/45-10:21:49,1300) /usr/sbin/cron -n (root,692440,75688,00:59:11/45-10:21:44,1329) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,220444,62772,00:16:56/45-10:21:29,1334) /usr/bin/python3.11 /usr/bin/spot (root,35056,9824,00:00:00/45-10:21:26,1336) sshd: cm-ssh [priv] (cm-ssh,40560,10504,00:00:42/45-10:21:25,1344) /usr/lib/systemd/systemd --user (cm-ssh,48568,3112,00:00:00/45-10:21:25,1345) (sd-pam) (cm-ssh,35056,4596,00:02:25/45-10:21:25,1365) sshd: cm-ssh (root,0,0,00:00:00/14:14,5481) [kworker/0:1-events] (root,0,0,00:00:00/10:02,7510) [kworker/1:0-ata_sff] (root,0,0,00:00:00/09:08,8271) [kworker/2:0-events] (root,0,0,00:00:00/04:49,11728) [kworker/1:2-ata_sff] (postfix,43844,8720,00:00:01/39-17:46:17,12335) tlsmgr -l -t unix -u (root,0,0,00:00:00/04:02,13068) [kworker/3:1-events] (root,6656,3480,00:00:00/00:00,17154) /bin/bash /usr/bin/check_mk_agent (root,13744,3508,00:00:00/00:00,17172) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,964,00:00:00/00:00,17173) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,0,0,00:00:00/39:06,20367) [kworker/u8:2-ext4-rsv-conversion] (root,0,0,00:00:00/02:09:30,21168) [kworker/2:2-events] (root,0,0,00:00:00/02:04:30,21432) [kworker/0:2-events] (postfix,23460,7576,00:00:00/01:28:10,23171) pickup -l -t fifo -u (root,0,0,00:00:00/01:09:09,27889) [kworker/u8:0-writeback] (root,0,0,00:00:00/29:11,28497) [kworker/3:0-cgroup_destroy] (root,0,0,00:00:00/25:35,29836) [kworker/1:1-events] (root,0,0,00:00:00/19:18,32354) [kworker/3:2-events] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-10-25 21:12 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe568363c4a4407fFound public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12648,00:06:56/43-11:08:28,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:01/43-11:08:28,2) [kthreadd] (root,0,0,00:00:00/43-11:08:28,3) [rcu_gp] (root,0,0,00:00:00/43-11:08:28,4) [rcu_par_gp] (root,0,0,00:00:00/43-11:08:28,5) [slub_flushwq] (root,0,0,00:00:00/43-11:08:28,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/43-11:08:28,9) [mm_percpu_wq] (root,0,0,00:00:00/43-11:08:28,10) [rcu_tasks_kthre] (root,0,0,00:00:00/43-11:08:28,11) [rcu_tasks_rude_] (root,0,0,00:00:00/43-11:08:28,12) [rcu_tasks_trace] (root,0,0,00:00:24/43-11:08:28,13) [ksoftirqd/0] (root,0,0,01:53:53/43-11:08:28,14) [rcu_preempt] (root,0,0,00:00:17/43-11:08:28,15) [migration/0] (root,0,0,00:00:00/43-11:08:28,16) [idle_inject/0] (root,0,0,00:00:00/43-11:08:28,18) [cpuhp/0] (root,0,0,00:00:00/43-11:08:28,19) [cpuhp/1] (root,0,0,00:00:00/43-11:08:28,20) [idle_inject/1] (root,0,0,00:00:16/43-11:08:28,21) [migration/1] (root,0,0,00:00:21/43-11:08:28,22) [ksoftirqd/1] (root,0,0,00:00:00/43-11:08:28,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/43-11:08:28,25) [cpuhp/2] (root,0,0,00:00:00/43-11:08:28,26) [idle_inject/2] (root,0,0,00:00:12/43-11:08:28,27) [migration/2] (root,0,0,00:11:40/43-11:08:28,28) [ksoftirqd/2] (root,0,0,00:00:00/43-11:08:28,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/43-11:08:28,31) [cpuhp/3] (root,0,0,00:00:00/43-11:08:28,32) [idle_inject/3] (root,0,0,00:00:13/43-11:08:28,33) [migration/3] (root,0,0,00:01:44/43-11:08:28,34) [ksoftirqd/3] (root,0,0,00:00:00/43-11:08:28,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/43-11:08:28,41) [kdevtmpfs] (root,0,0,00:00:00/43-11:08:28,42) [netns] (root,0,0,00:00:00/43-11:08:28,43) [inet_frag_wq] (root,0,0,00:00:17/43-11:08:28,44) [kauditd] (root,0,0,00:00:00/43-11:08:28,46) [khungtaskd] (root,0,0,00:00:00/43-11:08:28,47) [oom_reaper] (root,0,0,00:00:00/43-11:08:28,48) [writeback] (root,0,0,00:02:06/43-11:08:28,49) [kcompactd0] (root,0,0,00:00:00/43-11:08:28,50) [ksmd] (root,0,0,00:02:07/43-11:08:28,52) [khugepaged] (root,0,0,00:00:00/43-11:08:28,77) [kintegrityd] (root,0,0,00:00:00/43-11:08:28,78) [kblockd] (root,0,0,00:00:00/43-11:08:28,79) [blkcg_punt_bio] (root,0,0,00:00:00/43-11:08:28,80) [tpm_dev_wq] (root,0,0,00:00:00/43-11:08:28,81) [edac-poller] (root,0,0,00:00:00/43-11:08:28,82) [devfreq_wq] (root,0,0,00:00:00/43-11:08:28,111) [watchdogd] (root,0,0,00:00:19/43-11:08:28,112) [kworker/1:1H-kblockd] (root,0,0,00:00:00/43-11:08:28,113) [kswapd0] (root,0,0,00:00:00/43-11:08:27,115) [kthrotld] (root,0,0,00:00:00/43-11:08:26,118) [mld] (root,0,0,00:00:00/43-11:08:26,119) [ipv6_addrconf] (root,0,0,00:00:10/43-11:08:26,120) [kworker/0:1H-kblockd] (root,0,0,00:00:00/43-11:08:26,125) [kstrp] (root,0,0,00:00:00/43-11:08:26,126) [zswap-shrink] (root,0,0,00:00:00/43-11:08:26,127) [kworker/u9:0] (root,0,0,00:00:00/43-11:08:26,132) [charger_manager] (root,0,0,00:00:09/43-11:08:26,139) [kworker/2:1H-kblockd] (root,0,0,00:00:08/43-11:08:26,175) [kworker/3:1H-kblockd] (root,0,0,00:00:00/43-11:08:25,328) [ata_sff] (root,0,0,00:00:00/43-11:08:25,329) [scsi_eh_0] (root,0,0,00:00:00/43-11:08:25,330) [scsi_tmf_0] (root,0,0,00:00:00/43-11:08:25,331) [scsi_eh_1] (root,0,0,00:00:00/43-11:08:25,332) [scsi_tmf_1] (root,0,0,00:00:00/09:58,336) [kworker/u8:1-flush-254:0] (root,0,0,00:01:02/43-11:08:22,350) [jbd2/vda1-8] (root,0,0,00:00:00/43-11:08:22,351) [ext4-rsv-conver] (root,0,0,00:00:00/09:48,388) [kworker/2:1-events] (root,0,0,00:00:00/09:42,389) [kworker/1:2-events] (root,38736,8056,00:02:15/43-11:08:10,423) /usr/lib/systemd/systemd-journald (root,53096,9768,00:00:04/43-11:08:09,442) /usr/lib/systemd/systemd-udevd (root,8624,6248,00:01:05/43-11:08:07,467) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1640,00:00:31/43-11:07:17,486) /sbin/auditd (messagebus,22540,5464,00:04:46/43-11:07:16,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38924,8488,00:02:18/43-11:07:16,507) /usr/lib/systemd/systemd-logind (root,35064,9892,00:00:00/5-11:35:28,513) sshd: syslogtunnel [priv] (syslogtunnel,40564,10588,00:00:04/5-11:35:27,516) /usr/lib/systemd/systemd --user (syslogtunnel,196228,3404,00:00:00/5-11:35:27,517) (sd-pam) (syslogtunnel,35064,4524,00:00:24/5-11:35:27,523) sshd: syslogtunnel (root,20556,6080,00:00:00/43-11:07:16,563) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9080,00:00:00/43-11:07:14,595) /usr/sbin/wickedd --systemd --foreground (root,23220,9412,00:00:00/43-11:07:14,596) /usr/sbin/wickedd-nanny --systemd --foreground (root,549128,33788,00:00:39/43-11:07:06,1144) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26784,00:00:00/43-11:07:06,1157) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4572,00:01:00/43-11:07:06,1162) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1776,00:00:00/43-11:07:06,1167) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,375136,9896,00:02:17/43-11:07:06,1169) /usr/sbin/rsyslogd -n -iNONE (root,2516,620,00:00:00/43-11:07:05,1177) bpfilter_umh (root,26204,8380,00:00:20/43-11:07:05,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,19768,5772,00:04:03/43-11:07:05,1183) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (spot,287252,128952,1-01:24:53/43-11:07:05,1191) /usr/bin/python3.11 /usr/bin/spot (ntp,21768,4104,00:00:00/43-11:07:05,1195) ntpd: asynchronous dns resolver (root,23432,4668,00:00:14/43-11:07:03,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7656,00:00:02/43-11:07:03,1277) qmgr -l -t fifo -u (root,8960,2660,00:00:09/43-11:07:03,1300) /usr/sbin/cron -n (root,692184,75324,00:56:35/43-11:06:58,1329) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,219420,62136,00:16:13/43-11:06:43,1334) /usr/bin/python3.11 /usr/bin/spot (root,35056,9824,00:00:00/43-11:06:40,1336) sshd: cm-ssh [priv] (cm-ssh,40560,10504,00:00:40/43-11:06:39,1344) /usr/lib/systemd/systemd --user (cm-ssh,48568,3112,00:00:00/43-11:06:39,1345) (sd-pam) (cm-ssh,35056,4596,00:02:19/43-11:06:39,1365) sshd: cm-ssh (root,0,0,00:00:00/05:03,6280) [kworker/3:0-events] (root,0,0,00:00:00/04:29,6763) [kworker/1:1-ata_sff] (root,0,0,00:00:00/34:21,7526) [kworker/3:2-cgroup_destroy] (checkmk,40568,10484,00:00:00/00:10,11203) /usr/lib/systemd/systemd --user (checkmk,196228,3404,00:00:00/00:10,11204) (sd-pam) (root,0,0,00:00:00/00:09,11384) [kworker/0:0] (postfix,43844,8720,00:00:01/37-18:31:31,12335) tlsmgr -l -t unix -u (root,6656,3488,00:00:00/00:00,12464) /bin/bash /usr/bin/check_mk_agent (root,13744,3448,00:00:00/00:00,12482) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,964,00:00:00/00:00,12483) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,0,0,00:00:02/06:54:23,15255) [kworker/1:0-events] (root,0,0,00:00:00/27:10,16497) [kworker/u8:2-ext4-rsv-conversion] (root,0,0,00:00:00/24:36,18221) [kworker/0:1-events] (root,0,0,00:00:00/01:32:47,22736) [kworker/2:0-cgroup_destroy] (root,0,0,00:00:00/02:16:41,22989) [kworker/0:2-cgroup_destroy] (postfix,23460,7556,00:00:00/55:19,24760) pickup -l -t fifo -u (root,0,0,00:00:00/43:55,31881) [kworker/3:1-events] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-10-23 21:57 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe5683635d0daab4Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12648,00:06:39/41-10:32:43,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:01/41-10:32:43,2) [kthreadd] (root,0,0,00:00:00/41-10:32:43,3) [rcu_gp] (root,0,0,00:00:00/41-10:32:43,4) [rcu_par_gp] (root,0,0,00:00:00/41-10:32:43,5) [slub_flushwq] (root,0,0,00:00:00/41-10:32:43,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/41-10:32:43,9) [mm_percpu_wq] (root,0,0,00:00:00/41-10:32:43,10) [rcu_tasks_kthre] (root,0,0,00:00:00/41-10:32:43,11) [rcu_tasks_rude_] (root,0,0,00:00:00/41-10:32:43,12) [rcu_tasks_trace] (root,0,0,00:00:23/41-10:32:43,13) [ksoftirqd/0] (root,0,0,01:48:23/41-10:32:43,14) [rcu_preempt] (root,0,0,00:00:16/41-10:32:43,15) [migration/0] (root,0,0,00:00:00/41-10:32:43,16) [idle_inject/0] (root,0,0,00:00:00/41-10:32:43,18) [cpuhp/0] (root,0,0,00:00:00/41-10:32:43,19) [cpuhp/1] (root,0,0,00:00:00/41-10:32:43,20) [idle_inject/1] (root,0,0,00:00:15/41-10:32:43,21) [migration/1] (root,0,0,00:00:20/41-10:32:43,22) [ksoftirqd/1] (root,0,0,00:00:00/41-10:32:43,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/41-10:32:43,25) [cpuhp/2] (root,0,0,00:00:00/41-10:32:43,26) [idle_inject/2] (root,0,0,00:00:12/41-10:32:43,27) [migration/2] (root,0,0,00:11:03/41-10:32:43,28) [ksoftirqd/2] (root,0,0,00:00:00/41-10:32:43,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/41-10:32:43,31) [cpuhp/3] (root,0,0,00:00:00/41-10:32:43,32) [idle_inject/3] (root,0,0,00:00:12/41-10:32:43,33) [migration/3] (root,0,0,00:01:39/41-10:32:43,34) [ksoftirqd/3] (root,0,0,00:00:00/41-10:32:43,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/41-10:32:43,41) [kdevtmpfs] (root,0,0,00:00:00/41-10:32:43,42) [netns] (root,0,0,00:00:00/41-10:32:43,43) [inet_frag_wq] (root,0,0,00:00:16/41-10:32:43,44) [kauditd] (root,0,0,00:00:00/41-10:32:43,46) [khungtaskd] (root,0,0,00:00:00/41-10:32:43,47) [oom_reaper] (root,0,0,00:00:00/41-10:32:43,48) [writeback] (root,0,0,00:02:00/41-10:32:43,49) [kcompactd0] (root,0,0,00:00:00/41-10:32:43,50) [ksmd] (root,0,0,00:02:00/41-10:32:43,52) [khugepaged] (root,0,0,00:00:00/41-10:32:43,77) [kintegrityd] (root,0,0,00:00:00/41-10:32:43,78) [kblockd] (root,0,0,00:00:00/41-10:32:43,79) [blkcg_punt_bio] (root,0,0,00:00:00/41-10:32:43,80) [tpm_dev_wq] (root,0,0,00:00:00/41-10:32:43,81) [edac-poller] (root,0,0,00:00:00/41-10:32:43,82) [devfreq_wq] (root,0,0,00:00:00/41-10:32:43,111) [watchdogd] (root,0,0,00:00:18/41-10:32:43,112) [kworker/1:1H-kblockd] (root,0,0,00:00:00/41-10:32:43,113) [kswapd0] (root,0,0,00:00:00/41-10:32:42,115) [kthrotld] (root,0,0,00:00:00/41-10:32:41,118) [mld] (root,0,0,00:00:00/41-10:32:41,119) [ipv6_addrconf] (root,0,0,00:00:10/41-10:32:41,120) [kworker/0:1H-kblockd] (root,0,0,00:00:00/41-10:32:41,125) [kstrp] (root,0,0,00:00:00/41-10:32:41,126) [zswap-shrink] (root,0,0,00:00:00/41-10:32:41,127) [kworker/u9:0] (root,0,0,00:00:00/41-10:32:41,132) [charger_manager] (root,0,0,00:00:09/41-10:32:41,139) [kworker/2:1H-kblockd] (root,0,0,00:00:08/41-10:32:41,175) [kworker/3:1H-kblockd] (root,0,0,00:00:00/41-10:32:40,328) [ata_sff] (root,0,0,00:00:00/41-10:32:40,329) [scsi_eh_0] (root,0,0,00:00:00/41-10:32:40,330) [scsi_tmf_0] (root,0,0,00:00:00/41-10:32:40,331) [scsi_eh_1] (root,0,0,00:00:00/41-10:32:40,332) [scsi_tmf_1] (root,0,0,00:00:59/41-10:32:37,350) [jbd2/vda1-8] (root,0,0,00:00:00/41-10:32:37,351) [ext4-rsv-conver] (root,38736,8056,00:02:09/41-10:32:25,423) /usr/lib/systemd/systemd-journald (root,53096,9768,00:00:04/41-10:32:24,442) /usr/lib/systemd/systemd-udevd (root,8624,6248,00:01:02/41-10:32:22,467) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1640,00:00:30/41-10:31:32,486) /sbin/auditd (messagebus,22540,5464,00:04:34/41-10:31:31,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38920,8484,00:02:12/41-10:31:31,507) /usr/lib/systemd/systemd-logind (root,35064,9892,00:00:00/3-10:59:43,513) sshd: syslogtunnel [priv] (syslogtunnel,40564,10588,00:00:03/3-10:59:42,516) /usr/lib/systemd/systemd --user (syslogtunnel,196228,3404,00:00:00/3-10:59:42,517) (sd-pam) (syslogtunnel,35064,4524,00:00:16/3-10:59:42,523) sshd: syslogtunnel (root,20556,6080,00:00:00/41-10:31:31,563) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9080,00:00:00/41-10:31:29,595) /usr/sbin/wickedd --systemd --foreground (root,23220,9412,00:00:00/41-10:31:29,596) /usr/sbin/wickedd-nanny --systemd --foreground (root,549128,33788,00:00:37/41-10:31:21,1144) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26784,00:00:00/41-10:31:21,1157) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4572,00:00:57/41-10:31:21,1162) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1776,00:00:00/41-10:31:21,1167) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,375136,9928,00:02:12/41-10:31:21,1169) /usr/sbin/rsyslogd -n -iNONE (root,2516,620,00:00:00/41-10:31:20,1177) bpfilter_umh (root,26204,8380,00:00:20/41-10:31:20,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,19768,5772,00:03:52/41-10:31:20,1183) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (spot,287524,129020,1-00:16:26/41-10:31:20,1191) /usr/bin/python3.11 /usr/bin/spot (ntp,21768,4104,00:00:00/41-10:31:20,1195) ntpd: asynchronous dns resolver (root,23432,4668,00:00:13/41-10:31:18,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7656,00:00:02/41-10:31:18,1277) qmgr -l -t fifo -u (root,8960,2660,00:00:09/41-10:31:18,1300) /usr/sbin/cron -n (root,691912,74916,00:53:54/41-10:31:13,1329) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,218396,60248,00:15:28/41-10:30:58,1334) /usr/bin/python3.11 /usr/bin/spot (root,35056,9824,00:00:00/41-10:30:55,1336) sshd: cm-ssh [priv] (cm-ssh,40560,10504,00:00:39/41-10:30:54,1344) /usr/lib/systemd/systemd --user (cm-ssh,48568,3112,00:00:00/41-10:30:54,1345) (sd-pam) (cm-ssh,35056,4596,00:02:12/41-10:30:54,1365) sshd: cm-ssh (root,0,0,00:00:00/18:14,2724) [kworker/u8:2] (root,0,0,00:00:00/01:05:35,4281) [kworker/3:2-events] (root,0,0,00:00:00/13:33,8212) [kworker/2:2-events] (root,0,0,00:00:00/55:47,9629) [kworker/u8:0-events_unbound] (postfix,43844,8720,00:00:01/35-17:55:46,12335) tlsmgr -l -t unix -u (root,0,0,00:00:00/01:49:09,13183) [kworker/1:2-mm_percpu_wq] (root,0,0,00:00:00/08:45,13561) [kworker/3:0-events] (root,0,0,00:00:00/01:29:43,14468) [kworker/0:1-cgroup_destroy] (root,0,0,00:00:00/05:23,16251) [kworker/1:0-ata_sff] (root,0,0,00:00:00/03:45,18833) [kworker/u8:1-writeback] (root,0,0,00:00:00/00:11,20268) [kworker/1:1-ata_sff] (root,6656,3484,00:00:00/00:00,20516) /bin/bash /usr/bin/check_mk_agent (root,13744,3416,00:00:00/00:00,20534) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,964,00:00:00/00:00,20535) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (postfix,23460,7540,00:00:00/41:39,22059) pickup -l -t fifo -u (root,0,0,00:00:00/27:48,29336) [kworker/2:1-cgroup_destroy] (root,0,0,00:00:00/23:11,31785) [kworker/0:2-events] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-10-21 21:21 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe568363f7eff7e6Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12648,00:06:20/39-11:33:29,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:01/39-11:33:29,2) [kthreadd] (root,0,0,00:00:00/39-11:33:29,3) [rcu_gp] (root,0,0,00:00:00/39-11:33:29,4) [rcu_par_gp] (root,0,0,00:00:00/39-11:33:29,5) [slub_flushwq] (root,0,0,00:00:00/39-11:33:29,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/39-11:33:29,9) [mm_percpu_wq] (root,0,0,00:00:00/39-11:33:29,10) [rcu_tasks_kthre] (root,0,0,00:00:00/39-11:33:29,11) [rcu_tasks_rude_] (root,0,0,00:00:00/39-11:33:29,12) [rcu_tasks_trace] (root,0,0,00:00:22/39-11:33:29,13) [ksoftirqd/0] (root,0,0,01:43:09/39-11:33:29,14) [rcu_preempt] (root,0,0,00:00:15/39-11:33:29,15) [migration/0] (root,0,0,00:00:00/39-11:33:29,16) [idle_inject/0] (root,0,0,00:00:00/39-11:33:29,18) [cpuhp/0] (root,0,0,00:00:00/39-11:33:29,19) [cpuhp/1] (root,0,0,00:00:00/39-11:33:29,20) [idle_inject/1] (root,0,0,00:00:14/39-11:33:29,21) [migration/1] (root,0,0,00:00:19/39-11:33:29,22) [ksoftirqd/1] (root,0,0,00:00:00/39-11:33:29,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/39-11:33:29,25) [cpuhp/2] (root,0,0,00:00:00/39-11:33:29,26) [idle_inject/2] (root,0,0,00:00:11/39-11:33:29,27) [migration/2] (root,0,0,00:10:29/39-11:33:29,28) [ksoftirqd/2] (root,0,0,00:00:00/39-11:33:29,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/39-11:33:29,31) [cpuhp/3] (root,0,0,00:00:00/39-11:33:29,32) [idle_inject/3] (root,0,0,00:00:12/39-11:33:29,33) [migration/3] (root,0,0,00:01:34/39-11:33:29,34) [ksoftirqd/3] (root,0,0,00:00:00/39-11:33:29,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/39-11:33:29,41) [kdevtmpfs] (root,0,0,00:00:00/39-11:33:29,42) [netns] (root,0,0,00:00:00/39-11:33:29,43) [inet_frag_wq] (root,0,0,00:00:16/39-11:33:29,44) [kauditd] (root,0,0,00:00:00/39-11:33:29,46) [khungtaskd] (root,0,0,00:00:00/39-11:33:29,47) [oom_reaper] (root,0,0,00:00:00/39-11:33:29,48) [writeback] (root,0,0,00:01:55/39-11:33:29,49) [kcompactd0] (root,0,0,00:00:00/39-11:33:29,50) [ksmd] (root,0,0,00:01:54/39-11:33:29,52) [khugepaged] (root,0,0,00:00:00/39-11:33:29,77) [kintegrityd] (root,0,0,00:00:00/39-11:33:29,78) [kblockd] (root,0,0,00:00:00/39-11:33:29,79) [blkcg_punt_bio] (root,0,0,00:00:00/39-11:33:29,80) [tpm_dev_wq] (root,0,0,00:00:00/39-11:33:29,81) [edac-poller] (root,0,0,00:00:00/39-11:33:29,82) [devfreq_wq] (root,0,0,00:00:00/39-11:33:29,111) [watchdogd] (root,0,0,00:00:17/39-11:33:29,112) [kworker/1:1H-kblockd] (root,0,0,00:00:00/39-11:33:29,113) [kswapd0] (root,0,0,00:00:00/39-11:33:28,115) [kthrotld] (root,0,0,00:00:00/39-11:33:27,118) [mld] (root,0,0,00:00:00/39-11:33:27,119) [ipv6_addrconf] (root,0,0,00:00:09/39-11:33:27,120) [kworker/0:1H-kblockd] (root,0,0,00:00:00/39-11:33:27,125) [kstrp] (root,0,0,00:00:00/39-11:33:27,126) [zswap-shrink] (root,0,0,00:00:00/39-11:33:27,127) [kworker/u9:0] (root,0,0,00:00:00/39-11:33:27,132) [charger_manager] (root,0,0,00:00:08/39-11:33:27,139) [kworker/2:1H-kblockd] (root,0,0,00:00:07/39-11:33:27,175) [kworker/3:1H-kblockd] (root,0,0,00:00:00/39-11:33:26,328) [ata_sff] (root,0,0,00:00:00/39-11:33:26,329) [scsi_eh_0] (root,0,0,00:00:00/39-11:33:26,330) [scsi_tmf_0] (root,0,0,00:00:00/39-11:33:26,331) [scsi_eh_1] (root,0,0,00:00:00/39-11:33:26,332) [scsi_tmf_1] (root,0,0,00:00:56/39-11:33:23,350) [jbd2/vda1-8] (root,0,0,00:00:00/39-11:33:23,351) [ext4-rsv-conver] (root,38736,8056,00:02:04/39-11:33:11,423) /usr/lib/systemd/systemd-journald (root,53096,9768,00:00:04/39-11:33:10,442) /usr/lib/systemd/systemd-udevd (root,8624,6248,00:00:59/39-11:33:08,467) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1640,00:00:29/39-11:32:18,486) /sbin/auditd (messagebus,22540,5464,00:04:21/39-11:32:17,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38928,8480,00:02:06/39-11:32:17,507) /usr/lib/systemd/systemd-logind (root,35064,9892,00:00:00/1-12:00:29,513) sshd: syslogtunnel [priv] (syslogtunnel,40564,10588,00:00:01/1-12:00:28,516) /usr/lib/systemd/systemd --user (syslogtunnel,196228,3404,00:00:00/1-12:00:28,517) (sd-pam) (syslogtunnel,35064,4524,00:00:08/1-12:00:28,523) sshd: syslogtunnel (root,20556,6080,00:00:00/39-11:32:17,563) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9080,00:00:00/39-11:32:15,595) /usr/sbin/wickedd --systemd --foreground (root,23220,9412,00:00:00/39-11:32:15,596) /usr/sbin/wickedd-nanny --systemd --foreground (root,548872,33064,00:00:35/39-11:32:07,1144) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26784,00:00:00/39-11:32:07,1157) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4572,00:00:54/39-11:32:07,1162) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1776,00:00:00/39-11:32:07,1167) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,375136,9928,00:02:07/39-11:32:07,1169) /usr/sbin/rsyslogd -n -iNONE (root,2516,620,00:00:00/39-11:32:06,1177) bpfilter_umh (root,26204,8380,00:00:19/39-11:32:06,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,19768,5772,00:03:40/39-11:32:06,1183) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (spot,288196,129944,23:21:22/39-11:32:06,1191) /usr/bin/python3.11 /usr/bin/spot (ntp,21768,4104,00:00:00/39-11:32:06,1195) ntpd: asynchronous dns resolver (root,23432,4668,00:00:13/39-11:32:04,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7656,00:00:02/39-11:32:04,1277) qmgr -l -t fifo -u (root,8960,2660,00:00:08/39-11:32:04,1300) /usr/sbin/cron -n (root,691912,77892,00:51:18/39-11:31:59,1329) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,217372,59348,00:14:42/39-11:31:44,1334) /usr/bin/python3.11 /usr/bin/spot (root,35056,9824,00:00:00/39-11:31:41,1336) sshd: cm-ssh [priv] (cm-ssh,40560,10504,00:00:37/39-11:31:40,1344) /usr/lib/systemd/systemd --user (cm-ssh,48568,3112,00:00:00/39-11:31:40,1345) (sd-pam) (cm-ssh,35056,4596,00:02:06/39-11:31:40,1365) sshd: cm-ssh (root,0,0,00:00:00/07:11,4864) [kworker/1:1-events] (root,0,0,00:00:00/22:05,5436) [kworker/3:0-cgroup_destroy] (root,0,0,00:00:00/06:31,5561) [kworker/0:2] (root,0,0,00:00:00/58:01,5810) [kworker/u8:2-ext4-rsv-conversion] (root,0,0,00:00:00/02:01,9496) [kworker/1:2-ata_sff] (root,0,0,00:00:00/01:44,9734) [kworker/u8:0-flush-254:0] (root,6656,3484,00:00:00/00:00,11215) /bin/bash /usr/bin/check_mk_agent (root,13744,3524,00:00:00/00:00,11233) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,964,00:00:00/00:00,11234) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (postfix,43844,8720,00:00:01/33-18:56:32,12335) tlsmgr -l -t unix -u (root,0,0,00:00:00/48:41,18800) [kworker/1:0-events] (root,0,0,00:00:00/15:44,23175) [kworker/2:2-events] (root,0,0,00:00:00/15:44,23176) [kworker/0:1-events] (root,0,0,00:00:00/25:12,23289) [kworker/u8:1-writeback] (postfix,23460,7540,00:00:00/22:26,26037) pickup -l -t fifo -u (root,0,0,00:00:00/01:07:28,28816) [kworker/3:2-events] (root,0,0,00:00:00/39:14,31942) [kworker/2:1-events] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-10-19 22:22 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe56836362dff4fdFound public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12648,00:06:01/37-10:38:32,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:01/37-10:38:32,2) [kthreadd] (root,0,0,00:00:00/37-10:38:32,3) [rcu_gp] (root,0,0,00:00:00/37-10:38:32,4) [rcu_par_gp] (root,0,0,00:00:00/37-10:38:32,5) [slub_flushwq] (root,0,0,00:00:00/37-10:38:32,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/37-10:38:32,9) [mm_percpu_wq] (root,0,0,00:00:00/37-10:38:32,10) [rcu_tasks_kthre] (root,0,0,00:00:00/37-10:38:32,11) [rcu_tasks_rude_] (root,0,0,00:00:00/37-10:38:32,12) [rcu_tasks_trace] (root,0,0,00:00:21/37-10:38:32,13) [ksoftirqd/0] (root,0,0,01:37:37/37-10:38:32,14) [rcu_preempt] (root,0,0,00:00:14/37-10:38:32,15) [migration/0] (root,0,0,00:00:00/37-10:38:32,16) [idle_inject/0] (root,0,0,00:00:00/37-10:38:32,18) [cpuhp/0] (root,0,0,00:00:00/37-10:38:32,19) [cpuhp/1] (root,0,0,00:00:00/37-10:38:32,20) [idle_inject/1] (root,0,0,00:00:13/37-10:38:32,21) [migration/1] (root,0,0,00:00:18/37-10:38:32,22) [ksoftirqd/1] (root,0,0,00:00:00/37-10:38:32,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/37-10:38:32,25) [cpuhp/2] (root,0,0,00:00:00/37-10:38:32,26) [idle_inject/2] (root,0,0,00:00:10/37-10:38:32,27) [migration/2] (root,0,0,00:09:34/37-10:38:32,28) [ksoftirqd/2] (root,0,0,00:00:00/37-10:38:32,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/37-10:38:32,31) [cpuhp/3] (root,0,0,00:00:00/37-10:38:32,32) [idle_inject/3] (root,0,0,00:00:11/37-10:38:32,33) [migration/3] (root,0,0,00:01:27/37-10:38:32,34) [ksoftirqd/3] (root,0,0,00:00:00/37-10:38:32,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/37-10:38:32,41) [kdevtmpfs] (root,0,0,00:00:00/37-10:38:32,42) [netns] (root,0,0,00:00:00/37-10:38:32,43) [inet_frag_wq] (root,0,0,00:00:15/37-10:38:32,44) [kauditd] (root,0,0,00:00:00/37-10:38:32,46) [khungtaskd] (root,0,0,00:00:00/37-10:38:32,47) [oom_reaper] (root,0,0,00:00:00/37-10:38:32,48) [writeback] (root,0,0,00:01:49/37-10:38:32,49) [kcompactd0] (root,0,0,00:00:00/37-10:38:32,50) [ksmd] (root,0,0,00:01:48/37-10:38:32,52) [khugepaged] (root,0,0,00:00:00/37-10:38:32,77) [kintegrityd] (root,0,0,00:00:00/37-10:38:32,78) [kblockd] (root,0,0,00:00:00/37-10:38:32,79) [blkcg_punt_bio] (root,0,0,00:00:00/37-10:38:32,80) [tpm_dev_wq] (root,0,0,00:00:00/37-10:38:32,81) [edac-poller] (root,0,0,00:00:00/37-10:38:32,82) [devfreq_wq] (root,0,0,00:00:00/37-10:38:32,111) [watchdogd] (root,0,0,00:00:16/37-10:38:32,112) [kworker/1:1H-kblockd] (root,0,0,00:00:00/37-10:38:32,113) [kswapd0] (root,0,0,00:00:00/37-10:38:31,115) [kthrotld] (root,0,0,00:00:00/37-10:38:30,118) [mld] (root,0,0,00:00:00/37-10:38:30,119) [ipv6_addrconf] (root,0,0,00:00:09/37-10:38:30,120) [kworker/0:1H-kblockd] (root,0,0,00:00:00/37-10:38:30,125) [kstrp] (root,0,0,00:00:00/37-10:38:30,126) [zswap-shrink] (root,0,0,00:00:00/37-10:38:30,127) [kworker/u9:0] (root,0,0,00:00:00/37-10:38:30,132) [charger_manager] (root,0,0,00:00:08/37-10:38:30,139) [kworker/2:1H-kblockd] (root,0,0,00:00:07/37-10:38:30,175) [kworker/3:1H-kblockd] (root,0,0,00:00:00/37-10:38:29,328) [ata_sff] (root,0,0,00:00:00/37-10:38:29,329) [scsi_eh_0] (root,0,0,00:00:00/37-10:38:29,330) [scsi_tmf_0] (root,0,0,00:00:00/37-10:38:29,331) [scsi_eh_1] (root,0,0,00:00:00/37-10:38:29,332) [scsi_tmf_1] (root,0,0,00:00:54/37-10:38:26,350) [jbd2/vda1-8] (root,0,0,00:00:00/37-10:38:26,351) [ext4-rsv-conver] (root,38736,8056,00:01:54/37-10:38:14,423) /usr/lib/systemd/systemd-journald (root,53096,9768,00:00:04/37-10:38:13,442) /usr/lib/systemd/systemd-udevd (root,8624,6248,00:00:56/37-10:38:11,467) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1640,00:00:27/37-10:37:21,486) /sbin/auditd (messagebus,22540,5464,00:04:08/37-10:37:20,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38920,8484,00:01:59/37-10:37:20,507) /usr/lib/systemd/systemd-logind (root,20556,6080,00:00:00/37-10:37:20,563) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9080,00:00:00/37-10:37:18,595) /usr/sbin/wickedd --systemd --foreground (root,23220,9412,00:00:00/37-10:37:18,596) /usr/sbin/wickedd-nanny --systemd --foreground (root,0,0,00:00:00/01:06:03,733) [kworker/3:0-cgroup_destroy] (root,548872,33064,00:00:33/37-10:37:10,1144) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26784,00:00:00/37-10:37:10,1157) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4572,00:00:51/37-10:37:10,1162) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1776,00:00:00/37-10:37:10,1167) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,375136,10004,00:01:43/37-10:37:10,1169) /usr/sbin/rsyslogd -n -iNONE (root,2516,620,00:00:00/37-10:37:09,1177) bpfilter_umh (root,26204,8380,00:00:18/37-10:37:09,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,19768,5772,00:03:29/37-10:37:09,1183) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (spot,288228,129952,22:08:04/37-10:37:09,1191) /usr/bin/python3.11 /usr/bin/spot (ntp,21768,4104,00:00:00/37-10:37:09,1195) ntpd: asynchronous dns resolver (root,0,0,00:00:00/02:31,1216) [kworker/2:0-events] (root,23432,4668,00:00:12/37-10:37:07,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7656,00:00:02/37-10:37:07,1277) qmgr -l -t fifo -u (root,8960,2660,00:00:08/37-10:37:07,1300) /usr/sbin/cron -n (root,35064,9940,00:00:00/37-10:37:06,1306) sshd: syslogtunnel [priv] (syslogtunnel,40560,10528,00:00:35/37-10:37:04,1311) /usr/lib/systemd/systemd --user (syslogtunnel,48568,3104,00:00:00/37-10:37:04,1312) (sd-pam) (syslogtunnel,35064,4708,00:02:33/37-10:37:04,1324) sshd: syslogtunnel (root,691472,74632,00:48:36/37-10:37:02,1329) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,216348,57492,00:13:56/37-10:36:47,1334) /usr/bin/python3.11 /usr/bin/spot (root,35056,9824,00:00:00/37-10:36:44,1336) sshd: cm-ssh [priv] (cm-ssh,40560,10504,00:00:35/37-10:36:43,1344) /usr/lib/systemd/systemd --user (cm-ssh,48568,3112,00:00:00/37-10:36:43,1345) (sd-pam) (cm-ssh,35056,4596,00:01:59/37-10:36:43,1365) sshd: cm-ssh (root,0,0,00:00:00/00:53,2392) [kworker/1:1-ata_sff] (root,6656,3488,00:00:00/00:00,4164) /bin/bash /usr/bin/check_mk_agent (root,13744,3448,00:00:00/00:00,4182) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,960,00:00:00/00:00,4183) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,0,0,00:00:00/30:01,6927) [kworker/2:2-cgroup_destroy] (root,0,0,00:00:00/02:10:35,6936) [kworker/1:0-events] (postfix,23460,7548,00:00:00/01:29:30,11710) pickup -l -t fifo -u (postfix,43844,8720,00:00:01/31-18:01:35,12335) tlsmgr -l -t unix -u (root,0,0,00:00:00/20:50,12887) [kworker/0:2-events] (root,0,0,00:00:00/01:22:08,13979) [kworker/u8:2-flush-254:0] (root,0,0,00:00:00/14:35,16545) [kworker/u8:0-ext4-rsv-conversion] (root,0,0,00:00:00/11:35,20367) [kworker/3:2-events] (root,0,0,00:00:00/07:01,26850) [kworker/0:0-events] (root,0,0,00:00:00/06:04,27886) [kworker/1:2-ata_sff] (root,0,0,00:00:00/38:47,29275) [kworker/2:1-cgroup_destroy] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-10-17 21:27 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe568363c32a0ca8Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12644,00:05:44/35-14:05:34,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:01/35-14:05:34,2) [kthreadd] (root,0,0,00:00:00/35-14:05:34,3) [rcu_gp] (root,0,0,00:00:00/35-14:05:34,4) [rcu_par_gp] (root,0,0,00:00:00/35-14:05:34,5) [slub_flushwq] (root,0,0,00:00:00/35-14:05:34,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/35-14:05:34,9) [mm_percpu_wq] (root,0,0,00:00:00/35-14:05:34,10) [rcu_tasks_kthre] (root,0,0,00:00:00/35-14:05:34,11) [rcu_tasks_rude_] (root,0,0,00:00:00/35-14:05:34,12) [rcu_tasks_trace] (root,0,0,00:00:20/35-14:05:34,13) [ksoftirqd/0] (root,0,0,01:32:59/35-14:05:34,14) [rcu_preempt] (root,0,0,00:00:14/35-14:05:34,15) [migration/0] (root,0,0,00:00:00/35-14:05:34,16) [idle_inject/0] (root,0,0,00:00:00/35-14:05:34,18) [cpuhp/0] (root,0,0,00:00:00/35-14:05:34,19) [cpuhp/1] (root,0,0,00:00:00/35-14:05:34,20) [idle_inject/1] (root,0,0,00:00:13/35-14:05:34,21) [migration/1] (root,0,0,00:00:17/35-14:05:34,22) [ksoftirqd/1] (root,0,0,00:00:00/35-14:05:34,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/35-14:05:34,25) [cpuhp/2] (root,0,0,00:00:00/35-14:05:34,26) [idle_inject/2] (root,0,0,00:00:10/35-14:05:34,27) [migration/2] (root,0,0,00:09:11/35-14:05:34,28) [ksoftirqd/2] (root,0,0,00:00:00/35-14:05:34,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/35-14:05:34,31) [cpuhp/3] (root,0,0,00:00:00/35-14:05:34,32) [idle_inject/3] (root,0,0,00:00:10/35-14:05:34,33) [migration/3] (root,0,0,00:01:23/35-14:05:34,34) [ksoftirqd/3] (root,0,0,00:00:00/35-14:05:34,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/35-14:05:34,41) [kdevtmpfs] (root,0,0,00:00:00/35-14:05:34,42) [netns] (root,0,0,00:00:00/35-14:05:34,43) [inet_frag_wq] (root,0,0,00:00:14/35-14:05:34,44) [kauditd] (root,0,0,00:00:00/35-14:05:34,46) [khungtaskd] (root,0,0,00:00:00/35-14:05:34,47) [oom_reaper] (root,0,0,00:00:00/35-14:05:34,48) [writeback] (root,0,0,00:01:43/35-14:05:34,49) [kcompactd0] (root,0,0,00:00:00/35-14:05:34,50) [ksmd] (root,0,0,00:01:42/35-14:05:34,52) [khugepaged] (root,0,0,00:00:00/35-14:05:34,77) [kintegrityd] (root,0,0,00:00:00/35-14:05:34,78) [kblockd] (root,0,0,00:00:00/35-14:05:34,79) [blkcg_punt_bio] (root,0,0,00:00:00/35-14:05:34,80) [tpm_dev_wq] (root,0,0,00:00:00/35-14:05:34,81) [edac-poller] (root,0,0,00:00:00/35-14:05:34,82) [devfreq_wq] (root,0,0,00:00:00/35-14:05:34,111) [watchdogd] (root,0,0,00:00:15/35-14:05:34,112) [kworker/1:1H-kblockd] (root,0,0,00:00:00/35-14:05:34,113) [kswapd0] (root,0,0,00:00:00/35-14:05:33,115) [kthrotld] (root,0,0,00:00:00/35-14:05:32,118) [mld] (root,0,0,00:00:00/35-14:05:32,119) [ipv6_addrconf] (root,0,0,00:00:09/35-14:05:32,120) [kworker/0:1H-kblockd] (root,0,0,00:00:00/35-14:05:32,125) [kstrp] (root,0,0,00:00:00/35-14:05:32,126) [zswap-shrink] (root,0,0,00:00:00/35-14:05:32,127) [kworker/u9:0] (root,0,0,00:00:00/35-14:05:32,132) [charger_manager] (root,0,0,00:00:07/35-14:05:32,139) [kworker/2:1H-kblockd] (root,0,0,00:00:06/35-14:05:32,175) [kworker/3:1H-kblockd] (root,0,0,00:00:00/35-14:05:31,328) [ata_sff] (root,0,0,00:00:00/35-14:05:31,329) [scsi_eh_0] (root,0,0,00:00:00/35-14:05:31,330) [scsi_tmf_0] (root,0,0,00:00:00/35-14:05:31,331) [scsi_eh_1] (root,0,0,00:00:00/35-14:05:31,332) [scsi_tmf_1] (root,0,0,00:00:51/35-14:05:28,350) [jbd2/vda1-8] (root,0,0,00:00:00/35-14:05:28,351) [ext4-rsv-conver] (root,38736,8056,00:01:48/35-14:05:16,423) /usr/lib/systemd/systemd-journald (root,53096,9768,00:00:04/35-14:05:15,442) /usr/lib/systemd/systemd-udevd (root,8624,6248,00:00:53/35-14:05:13,467) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1640,00:00:26/35-14:04:23,486) /sbin/auditd (messagebus,22540,5464,00:03:56/35-14:04:22,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38920,8484,00:01:53/35-14:04:22,507) /usr/lib/systemd/systemd-logind (root,20556,6080,00:00:00/35-14:04:22,563) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9080,00:00:00/35-14:04:20,595) /usr/sbin/wickedd --systemd --foreground (root,23220,9412,00:00:00/35-14:04:20,596) /usr/sbin/wickedd-nanny --systemd --foreground (root,548872,33064,00:00:31/35-14:04:12,1144) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26784,00:00:00/35-14:04:12,1157) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4572,00:00:49/35-14:04:12,1162) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1776,00:00:00/35-14:04:12,1167) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,375136,10004,00:01:37/35-14:04:12,1169) /usr/sbin/rsyslogd -n -iNONE (root,2516,620,00:00:00/35-14:04:11,1177) bpfilter_umh (root,26204,8380,00:00:17/35-14:04:11,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,19768,5772,00:03:18/35-14:04:11,1183) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (spot,284996,121276,21:20:35/35-14:04:11,1191) /usr/bin/python3.11 /usr/bin/spot (ntp,21768,4104,00:00:00/35-14:04:11,1195) ntpd: asynchronous dns resolver (root,23432,4668,00:00:11/35-14:04:09,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7656,00:00:02/35-14:04:09,1277) qmgr -l -t fifo -u (root,8960,2660,00:00:07/35-14:04:09,1300) /usr/sbin/cron -n (root,35064,9940,00:00:00/35-14:04:08,1306) sshd: syslogtunnel [priv] (syslogtunnel,40560,10528,00:00:33/35-14:04:06,1311) /usr/lib/systemd/systemd --user (syslogtunnel,48568,3104,00:00:00/35-14:04:06,1312) (sd-pam) (syslogtunnel,35064,4708,00:02:25/35-14:04:06,1324) sshd: syslogtunnel (root,691216,77436,00:46:10/35-14:04:04,1329) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,215324,56868,00:13:16/35-14:03:49,1334) /usr/bin/python3.11 /usr/bin/spot (root,35056,9824,00:00:00/35-14:03:46,1336) sshd: cm-ssh [priv] (cm-ssh,40560,10504,00:00:34/35-14:03:45,1344) /usr/lib/systemd/systemd --user (cm-ssh,48568,3112,00:00:00/35-14:03:45,1345) (sd-pam) (cm-ssh,35056,4596,00:01:53/35-14:03:45,1365) sshd: cm-ssh (root,0,0,00:00:00/07:15,2887) [kworker/1:1-ata_sff] (root,0,0,00:00:00/02:03,6911) [kworker/1:2-ata_sff] (root,6656,3472,00:00:00/00:00,9382) /bin/bash /usr/bin/check_mk_agent (root,13744,3496,00:00:00/00:00,9400) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,968,00:00:00/00:00,9401) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,0,0,00:00:00/28:11,10627) [kworker/2:0-events] (postfix,43844,8720,00:00:01/29-21:28:37,12335) tlsmgr -l -t unix -u (root,0,0,00:00:00/52:21,17018) [kworker/0:2-cgroup_destroy] (root,0,0,00:00:00/21:48,17235) [kworker/3:2-cgroup_destroy] (postfix,23460,7548,00:00:00/18:16,20233) pickup -l -t fifo -u (root,0,0,00:00:00/47:25,22750) [kworker/3:0-events] (root,0,0,00:00:00/02:12:25,22906) [kworker/u8:3-writeback] (root,0,0,00:00:00/47:15,23149) [kworker/u8:0-ext4-rsv-conversion] (root,0,0,00:00:01/03:43:31,27383) [kworker/1:0-events] (root,0,0,00:00:00/12:24,28359) [kworker/0:0-events] (root,0,0,00:00:00/02:41:37,29401) [kworker/2:1-events] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-10-16 00:54 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe568363bae54f96Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12644,00:05:21/33-12:47:52,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:01/33-12:47:52,2) [kthreadd] (root,0,0,00:00:00/33-12:47:52,3) [rcu_gp] (root,0,0,00:00:00/33-12:47:52,4) [rcu_par_gp] (root,0,0,00:00:00/33-12:47:52,5) [slub_flushwq] (root,0,0,00:00:00/33-12:47:52,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/33-12:47:52,9) [mm_percpu_wq] (root,0,0,00:00:00/33-12:47:52,10) [rcu_tasks_kthre] (root,0,0,00:00:00/33-12:47:52,11) [rcu_tasks_rude_] (root,0,0,00:00:00/33-12:47:52,12) [rcu_tasks_trace] (root,0,0,00:00:19/33-12:47:52,13) [ksoftirqd/0] (root,0,0,01:27:50/33-12:47:52,14) [rcu_preempt] (root,0,0,00:00:13/33-12:47:52,15) [migration/0] (root,0,0,00:00:00/33-12:47:52,16) [idle_inject/0] (root,0,0,00:00:00/33-12:47:52,18) [cpuhp/0] (root,0,0,00:00:00/33-12:47:52,19) [cpuhp/1] (root,0,0,00:00:00/33-12:47:52,20) [idle_inject/1] (root,0,0,00:00:12/33-12:47:52,21) [migration/1] (root,0,0,00:00:16/33-12:47:52,22) [ksoftirqd/1] (root,0,0,00:00:00/33-12:47:52,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/33-12:47:52,25) [cpuhp/2] (root,0,0,00:00:00/33-12:47:52,26) [idle_inject/2] (root,0,0,00:00:09/33-12:47:52,27) [migration/2] (root,0,0,00:08:45/33-12:47:52,28) [ksoftirqd/2] (root,0,0,00:00:00/33-12:47:52,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/33-12:47:52,31) [cpuhp/3] (root,0,0,00:00:00/33-12:47:52,32) [idle_inject/3] (root,0,0,00:00:10/33-12:47:52,33) [migration/3] (root,0,0,00:01:19/33-12:47:52,34) [ksoftirqd/3] (root,0,0,00:00:00/33-12:47:52,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/33-12:47:52,41) [kdevtmpfs] (root,0,0,00:00:00/33-12:47:52,42) [netns] (root,0,0,00:00:00/33-12:47:52,43) [inet_frag_wq] (root,0,0,00:00:13/33-12:47:52,44) [kauditd] (root,0,0,00:00:00/33-12:47:52,46) [khungtaskd] (root,0,0,00:00:00/33-12:47:52,47) [oom_reaper] (root,0,0,00:00:00/33-12:47:52,48) [writeback] (root,0,0,00:01:38/33-12:47:52,49) [kcompactd0] (root,0,0,00:00:00/33-12:47:52,50) [ksmd] (root,0,0,00:01:36/33-12:47:52,52) [khugepaged] (root,0,0,00:00:00/33-12:47:52,77) [kintegrityd] (root,0,0,00:00:00/33-12:47:52,78) [kblockd] (root,0,0,00:00:00/33-12:47:52,79) [blkcg_punt_bio] (root,0,0,00:00:00/33-12:47:52,80) [tpm_dev_wq] (root,0,0,00:00:00/33-12:47:52,81) [edac-poller] (root,0,0,00:00:00/33-12:47:52,82) [devfreq_wq] (root,0,0,00:00:00/33-12:47:52,111) [watchdogd] (root,0,0,00:00:15/33-12:47:52,112) [kworker/1:1H-kblockd] (root,0,0,00:00:00/33-12:47:52,113) [kswapd0] (root,0,0,00:00:00/33-12:47:51,115) [kthrotld] (root,0,0,00:00:00/33-12:47:50,118) [mld] (root,0,0,00:00:00/33-12:47:50,119) [ipv6_addrconf] (root,0,0,00:00:08/33-12:47:50,120) [kworker/0:1H-kblockd] (root,0,0,00:00:00/33-12:47:50,125) [kstrp] (root,0,0,00:00:00/33-12:47:50,126) [zswap-shrink] (root,0,0,00:00:00/33-12:47:50,127) [kworker/u9:0] (root,0,0,00:00:00/33-12:47:50,132) [charger_manager] (root,0,0,00:00:07/33-12:47:50,139) [kworker/2:1H-kblockd] (root,0,0,00:00:06/33-12:47:50,175) [kworker/3:1H-kblockd] (root,0,0,00:00:00/33-12:47:49,328) [ata_sff] (root,0,0,00:00:00/33-12:47:49,329) [scsi_eh_0] (root,0,0,00:00:00/33-12:47:49,330) [scsi_tmf_0] (root,0,0,00:00:00/33-12:47:49,331) [scsi_eh_1] (root,0,0,00:00:00/33-12:47:49,332) [scsi_tmf_1] (root,0,0,00:00:48/33-12:47:46,350) [jbd2/vda1-8] (root,0,0,00:00:00/33-12:47:46,351) [ext4-rsv-conver] (root,38736,8056,00:01:41/33-12:47:34,423) /usr/lib/systemd/systemd-journald (root,53096,9768,00:00:03/33-12:47:33,442) /usr/lib/systemd/systemd-udevd (root,8624,6248,00:00:50/33-12:47:31,467) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1640,00:00:24/33-12:46:41,486) /sbin/auditd (messagebus,22540,5464,00:03:40/33-12:46:40,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38916,8488,00:01:46/33-12:46:40,507) /usr/lib/systemd/systemd-logind (root,20556,6080,00:00:00/33-12:46:40,563) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9080,00:00:00/33-12:46:38,595) /usr/sbin/wickedd --systemd --foreground (root,23220,9412,00:00:00/33-12:46:38,596) /usr/sbin/wickedd-nanny --systemd --foreground (root,548616,32032,00:00:29/33-12:46:30,1144) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26784,00:00:00/33-12:46:30,1157) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4572,00:00:47/33-12:46:30,1162) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1776,00:00:00/33-12:46:30,1167) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,375136,9844,00:01:31/33-12:46:30,1169) /usr/sbin/rsyslogd -n -iNONE (root,2516,620,00:00:00/33-12:46:29,1177) bpfilter_umh (root,26204,8380,00:00:16/33-12:46:29,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,19768,5772,00:03:07/33-12:46:29,1183) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (spot,285252,120828,20:24:35/33-12:46:29,1191) /usr/bin/python3.11 /usr/bin/spot (ntp,21768,4104,00:00:00/33-12:46:29,1195) ntpd: asynchronous dns resolver (root,23432,4668,00:00:11/33-12:46:27,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7656,00:00:02/33-12:46:27,1277) qmgr -l -t fifo -u (root,8960,2660,00:00:07/33-12:46:27,1300) /usr/sbin/cron -n (root,35064,9940,00:00:00/33-12:46:26,1306) sshd: syslogtunnel [priv] (syslogtunnel,40560,10528,00:00:31/33-12:46:24,1311) /usr/lib/systemd/systemd --user (syslogtunnel,48568,3104,00:00:00/33-12:46:24,1312) (sd-pam) (syslogtunnel,35064,4708,00:02:17/33-12:46:24,1324) sshd: syslogtunnel (root,691216,74248,00:43:30/33-12:46:22,1329) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,214300,54684,00:12:31/33-12:46:07,1334) /usr/bin/python3.11 /usr/bin/spot (root,35056,9824,00:00:00/33-12:46:04,1336) sshd: cm-ssh [priv] (cm-ssh,40560,10504,00:00:31/33-12:46:03,1344) /usr/lib/systemd/systemd --user (cm-ssh,48568,3112,00:00:00/33-12:46:03,1345) (sd-pam) (cm-ssh,35056,4596,00:01:47/33-12:46:03,1365) sshd: cm-ssh (root,0,0,00:00:00/06:22,4668) [kworker/2:0-cgroup_destroy] (root,0,0,00:00:00/06:17,4669) [kworker/u8:0-writeback] (root,0,0,00:00:00/05:30,5583) [kworker/1:1-ata_sff] (root,0,0,00:00:00/24:28,6974) [kworker/u8:2-ext4-rsv-conversion] (root,0,0,00:00:00/22:59,9038) [kworker/0:1-events] (postfix,43844,8720,00:00:00/27-20:10:55,12335) tlsmgr -l -t unix -u (root,0,0,00:00:00/21:03,13163) [kworker/1:2-events] (root,0,0,00:00:00/00:17,14260) [kworker/1:0-ata_sff] (root,6656,3484,00:00:00/00:00,15159) /bin/bash /usr/bin/check_mk_agent (root,13744,3412,00:00:00/00:00,15177) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,964,00:00:00/00:00,15178) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,0,0,00:00:00/19:38,15198) [kworker/3:1-mm_percpu_wq] (root,0,0,00:00:00/13:11,24941) [kworker/0:0] (root,0,0,00:00:00/13:01,24944) [kworker/2:1-events] (root,0,0,00:00:00/33:01,25500) [kworker/3:0-events] (postfix,23460,7588,00:00:00/01:00:32,29292) pickup -l -t fifo -u Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-10-13 23:36 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe568363f5b5f6fbFound public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12644,00:04:58/31-12:18:05,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:01/31-12:18:05,2) [kthreadd] (root,0,0,00:00:00/31-12:18:05,3) [rcu_gp] (root,0,0,00:00:00/31-12:18:05,4) [rcu_par_gp] (root,0,0,00:00:00/31-12:18:05,5) [slub_flushwq] (root,0,0,00:00:00/31-12:18:05,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/31-12:18:05,9) [mm_percpu_wq] (root,0,0,00:00:00/31-12:18:05,10) [rcu_tasks_kthre] (root,0,0,00:00:00/31-12:18:05,11) [rcu_tasks_rude_] (root,0,0,00:00:00/31-12:18:05,12) [rcu_tasks_trace] (root,0,0,00:00:18/31-12:18:05,13) [ksoftirqd/0] (root,0,0,01:22:48/31-12:18:05,14) [rcu_preempt] (root,0,0,00:00:12/31-12:18:05,15) [migration/0] (root,0,0,00:00:00/31-12:18:05,16) [idle_inject/0] (root,0,0,00:00:00/31-12:18:05,18) [cpuhp/0] (root,0,0,00:00:00/31-12:18:05,19) [cpuhp/1] (root,0,0,00:00:00/31-12:18:05,20) [idle_inject/1] (root,0,0,00:00:11/31-12:18:05,21) [migration/1] (root,0,0,00:00:15/31-12:18:05,22) [ksoftirqd/1] (root,0,0,00:00:00/31-12:18:05,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/31-12:18:05,25) [cpuhp/2] (root,0,0,00:00:00/31-12:18:05,26) [idle_inject/2] (root,0,0,00:00:09/31-12:18:05,27) [migration/2] (root,0,0,00:08:21/31-12:18:05,28) [ksoftirqd/2] (root,0,0,00:00:00/31-12:18:05,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/31-12:18:05,31) [cpuhp/3] (root,0,0,00:00:00/31-12:18:05,32) [idle_inject/3] (root,0,0,00:00:09/31-12:18:05,33) [migration/3] (root,0,0,00:01:15/31-12:18:05,34) [ksoftirqd/3] (root,0,0,00:00:00/31-12:18:05,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/31-12:18:05,41) [kdevtmpfs] (root,0,0,00:00:00/31-12:18:05,42) [netns] (root,0,0,00:00:00/31-12:18:05,43) [inet_frag_wq] (root,0,0,00:00:12/31-12:18:05,44) [kauditd] (root,0,0,00:00:00/31-12:18:05,46) [khungtaskd] (root,0,0,00:00:00/31-12:18:05,47) [oom_reaper] (root,0,0,00:00:00/31-12:18:05,48) [writeback] (root,0,0,00:01:32/31-12:18:05,49) [kcompactd0] (root,0,0,00:00:00/31-12:18:05,50) [ksmd] (root,0,0,00:01:31/31-12:18:05,52) [khugepaged] (root,0,0,00:00:00/31-12:18:05,77) [kintegrityd] (root,0,0,00:00:00/31-12:18:05,78) [kblockd] (root,0,0,00:00:00/31-12:18:05,79) [blkcg_punt_bio] (root,0,0,00:00:00/31-12:18:05,80) [tpm_dev_wq] (root,0,0,00:00:00/31-12:18:05,81) [edac-poller] (root,0,0,00:00:00/31-12:18:05,82) [devfreq_wq] (root,0,0,00:00:00/31-12:18:05,111) [watchdogd] (root,0,0,00:00:14/31-12:18:05,112) [kworker/1:1H-kblockd] (root,0,0,00:00:00/31-12:18:05,113) [kswapd0] (root,0,0,00:00:00/31-12:18:04,115) [kthrotld] (root,0,0,00:00:00/31-12:18:03,118) [mld] (root,0,0,00:00:00/31-12:18:03,119) [ipv6_addrconf] (root,0,0,00:00:08/31-12:18:03,120) [kworker/0:1H-kblockd] (root,0,0,00:00:00/31-12:18:03,125) [kstrp] (root,0,0,00:00:00/31-12:18:03,126) [zswap-shrink] (root,0,0,00:00:00/31-12:18:03,127) [kworker/u9:0] (root,0,0,00:00:00/31-12:18:03,132) [charger_manager] (root,0,0,00:00:07/31-12:18:03,139) [kworker/2:1H-kblockd] (root,0,0,00:00:06/31-12:18:03,175) [kworker/3:1H-kblockd] (root,0,0,00:00:00/31-12:18:02,328) [ata_sff] (root,0,0,00:00:00/31-12:18:02,329) [scsi_eh_0] (root,0,0,00:00:00/31-12:18:02,330) [scsi_tmf_0] (root,0,0,00:00:00/31-12:18:02,331) [scsi_eh_1] (root,0,0,00:00:00/31-12:18:02,332) [scsi_tmf_1] (root,0,0,00:00:45/31-12:17:59,350) [jbd2/vda1-8] (root,0,0,00:00:00/31-12:17:59,351) [ext4-rsv-conver] (root,38736,8056,00:01:34/31-12:17:47,423) /usr/lib/systemd/systemd-journald (root,53096,9768,00:00:03/31-12:17:46,442) /usr/lib/systemd/systemd-udevd (root,8624,6248,00:00:47/31-12:17:44,467) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1640,00:00:22/31-12:16:54,486) /sbin/auditd (messagebus,22540,5464,00:03:24/31-12:16:53,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38920,8484,00:01:38/31-12:16:53,507) /usr/lib/systemd/systemd-logind (root,20556,6080,00:00:00/31-12:16:53,563) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9080,00:00:00/31-12:16:51,595) /usr/sbin/wickedd --systemd --foreground (root,23220,9412,00:00:00/31-12:16:51,596) /usr/sbin/wickedd-nanny --systemd --foreground (root,548616,32032,00:00:28/31-12:16:43,1144) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26784,00:00:00/31-12:16:43,1157) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4572,00:00:44/31-12:16:43,1162) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1776,00:00:00/31-12:16:43,1167) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,375136,9844,00:01:25/31-12:16:43,1169) /usr/sbin/rsyslogd -n -iNONE (root,2516,620,00:00:00/31-12:16:42,1177) bpfilter_umh (root,26204,8380,00:00:14/31-12:16:42,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,19768,5772,00:02:56/31-12:16:42,1183) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (spot,285300,120840,19:31:32/31-12:16:42,1191) /usr/bin/python3.11 /usr/bin/spot (ntp,21768,4104,00:00:00/31-12:16:42,1195) ntpd: asynchronous dns resolver (root,23432,4668,00:00:10/31-12:16:40,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7656,00:00:02/31-12:16:40,1277) qmgr -l -t fifo -u (root,8960,2660,00:00:06/31-12:16:40,1300) /usr/sbin/cron -n (root,35064,9940,00:00:00/31-12:16:39,1306) sshd: syslogtunnel [priv] (syslogtunnel,40560,10528,00:00:29/31-12:16:37,1311) /usr/lib/systemd/systemd --user (syslogtunnel,48568,3104,00:00:00/31-12:16:37,1312) (sd-pam) (syslogtunnel,35064,4708,00:02:08/31-12:16:37,1324) sshd: syslogtunnel (root,690960,74144,00:40:52/31-12:16:35,1329) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,213276,54040,00:11:48/31-12:16:20,1334) /usr/bin/python3.11 /usr/bin/spot (root,35056,9824,00:00:00/31-12:16:17,1336) sshd: cm-ssh [priv] (cm-ssh,40560,10504,00:00:29/31-12:16:16,1344) /usr/lib/systemd/systemd --user (cm-ssh,48568,3112,00:00:00/31-12:16:16,1345) (sd-pam) (cm-ssh,35056,4596,00:01:40/31-12:16:16,1365) sshd: cm-ssh (postfix,23460,7508,00:00:00/52:59,3283) pickup -l -t fifo -u (root,0,0,00:00:00/10:35,5728) [kworker/2:1] (root,0,0,00:00:00/47:38,7538) [kworker/0:2-cgroup_destroy] (root,0,0,00:00:00/08:47,8656) [kworker/1:2-ata_sff] (root,0,0,00:00:00/01:06:41,11721) [kworker/2:0-events] (postfix,43844,8720,00:00:00/25-19:41:08,12335) tlsmgr -l -t unix -u (root,0,0,00:00:01/01:57:43,15092) [kworker/1:1-events] (root,0,0,00:00:00/34:03,15506) [kworker/3:0-cgroup_destroy] (root,0,0,00:00:00/03:58,16169) [kworker/3:2] (root,0,0,00:00:00/03:35,16365) [kworker/1:0-ata_sff] (root,0,0,00:00:00/30:20,16739) [kworker/u8:0-ext4-rsv-conversion] (root,6656,3484,00:00:00/00:00,20920) /bin/bash /usr/bin/check_mk_agent (root,13744,3464,00:00:00/00:00,20938) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,964,00:00:00/00:00,20939) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,0,0,00:00:01/01:14:56,22174) [kworker/0:1-events] (root,0,0,00:00:00/13:57,32040) [kworker/u8:2-flush-254:0] (root,0,0,00:00:00/13:57,32042) [kworker/3:1-events] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-10-11 23:06 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe5683636ef1c322Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12644,00:04:33/29-12:28:47,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:01/29-12:28:47,2) [kthreadd] (root,0,0,00:00:00/29-12:28:47,3) [rcu_gp] (root,0,0,00:00:00/29-12:28:47,4) [rcu_par_gp] (root,0,0,00:00:00/29-12:28:47,5) [slub_flushwq] (root,0,0,00:00:00/29-12:28:47,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/29-12:28:47,9) [mm_percpu_wq] (root,0,0,00:00:00/29-12:28:47,10) [rcu_tasks_kthre] (root,0,0,00:00:00/29-12:28:47,11) [rcu_tasks_rude_] (root,0,0,00:00:00/29-12:28:47,12) [rcu_tasks_trace] (root,0,0,00:00:17/29-12:28:47,13) [ksoftirqd/0] (root,0,0,01:17:35/29-12:28:47,14) [rcu_preempt] (root,0,0,00:00:11/29-12:28:47,15) [migration/0] (root,0,0,00:00:00/29-12:28:47,16) [idle_inject/0] (root,0,0,00:00:00/29-12:28:47,18) [cpuhp/0] (root,0,0,00:00:00/29-12:28:47,19) [cpuhp/1] (root,0,0,00:00:00/29-12:28:47,20) [idle_inject/1] (root,0,0,00:00:10/29-12:28:47,21) [migration/1] (root,0,0,00:00:14/29-12:28:47,22) [ksoftirqd/1] (root,0,0,00:00:00/29-12:28:47,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/29-12:28:47,25) [cpuhp/2] (root,0,0,00:00:00/29-12:28:47,26) [idle_inject/2] (root,0,0,00:00:08/29-12:28:47,27) [migration/2] (root,0,0,00:07:52/29-12:28:47,28) [ksoftirqd/2] (root,0,0,00:00:00/29-12:28:47,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/29-12:28:47,31) [cpuhp/3] (root,0,0,00:00:00/29-12:28:47,32) [idle_inject/3] (root,0,0,00:00:09/29-12:28:47,33) [migration/3] (root,0,0,00:01:10/29-12:28:47,34) [ksoftirqd/3] (root,0,0,00:00:00/29-12:28:47,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/29-12:28:47,41) [kdevtmpfs] (root,0,0,00:00:00/29-12:28:47,42) [netns] (root,0,0,00:00:00/29-12:28:47,43) [inet_frag_wq] (root,0,0,00:00:11/29-12:28:47,44) [kauditd] (root,0,0,00:00:00/29-12:28:47,46) [khungtaskd] (root,0,0,00:00:00/29-12:28:47,47) [oom_reaper] (root,0,0,00:00:00/29-12:28:47,48) [writeback] (root,0,0,00:01:26/29-12:28:47,49) [kcompactd0] (root,0,0,00:00:00/29-12:28:47,50) [ksmd] (root,0,0,00:01:25/29-12:28:47,52) [khugepaged] (root,0,0,00:00:00/29-12:28:47,77) [kintegrityd] (root,0,0,00:00:00/29-12:28:47,78) [kblockd] (root,0,0,00:00:00/29-12:28:47,79) [blkcg_punt_bio] (root,0,0,00:00:00/29-12:28:47,80) [tpm_dev_wq] (root,0,0,00:00:00/29-12:28:47,81) [edac-poller] (root,0,0,00:00:00/29-12:28:47,82) [devfreq_wq] (root,0,0,00:00:00/29-12:28:47,111) [watchdogd] (root,0,0,00:00:13/29-12:28:47,112) [kworker/1:1H-kblockd] (root,0,0,00:00:00/29-12:28:47,113) [kswapd0] (root,0,0,00:00:00/29-12:28:46,115) [kthrotld] (root,0,0,00:00:00/29-12:28:45,118) [mld] (root,0,0,00:00:00/29-12:28:45,119) [ipv6_addrconf] (root,0,0,00:00:07/29-12:28:45,120) [kworker/0:1H-kblockd] (root,0,0,00:00:00/29-12:28:45,125) [kstrp] (root,0,0,00:00:00/29-12:28:45,126) [zswap-shrink] (root,0,0,00:00:00/29-12:28:45,127) [kworker/u9:0] (root,0,0,00:00:00/29-12:28:45,132) [charger_manager] (root,0,0,00:00:06/29-12:28:45,139) [kworker/2:1H-kblockd] (root,0,0,00:00:05/29-12:28:45,175) [kworker/3:1H-kblockd] (root,0,0,00:00:00/29-12:28:44,328) [ata_sff] (root,0,0,00:00:00/29-12:28:44,329) [scsi_eh_0] (root,0,0,00:00:00/29-12:28:44,330) [scsi_tmf_0] (root,0,0,00:00:00/29-12:28:44,331) [scsi_eh_1] (root,0,0,00:00:00/29-12:28:44,332) [scsi_tmf_1] (root,0,0,00:00:42/29-12:28:41,350) [jbd2/vda1-8] (root,0,0,00:00:00/29-12:28:41,351) [ext4-rsv-conver] (root,38736,8056,00:01:26/29-12:28:29,423) /usr/lib/systemd/systemd-journald (root,53096,9768,00:00:03/29-12:28:28,442) /usr/lib/systemd/systemd-udevd (root,8624,6248,00:00:44/29-12:28:26,467) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1640,00:00:21/29-12:27:36,486) /sbin/auditd (messagebus,22540,5464,00:03:07/29-12:27:35,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38916,8484,00:01:30/29-12:27:35,507) /usr/lib/systemd/systemd-logind (root,20556,6080,00:00:00/29-12:27:35,563) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9080,00:00:00/29-12:27:33,595) /usr/sbin/wickedd --systemd --foreground (root,23220,9412,00:00:00/29-12:27:33,596) /usr/sbin/wickedd-nanny --systemd --foreground (root,548616,31772,00:00:26/29-12:27:25,1144) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26784,00:00:00/29-12:27:25,1157) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4572,00:00:41/29-12:27:25,1162) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1776,00:00:00/29-12:27:25,1167) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,375136,9900,00:01:18/29-12:27:25,1169) /usr/sbin/rsyslogd -n -iNONE (root,2516,620,00:00:00/29-12:27:24,1177) bpfilter_umh (root,26204,8380,00:00:13/29-12:27:24,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,19768,5772,00:02:44/29-12:27:24,1183) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (spot,285284,120836,18:34:18/29-12:27:24,1191) /usr/bin/python3.11 /usr/bin/spot (ntp,21768,4104,00:00:00/29-12:27:24,1195) ntpd: asynchronous dns resolver (root,23432,4668,00:00:09/29-12:27:22,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7656,00:00:02/29-12:27:22,1277) qmgr -l -t fifo -u (root,8960,2660,00:00:06/29-12:27:22,1300) /usr/sbin/cron -n (root,35064,9940,00:00:00/29-12:27:21,1306) sshd: syslogtunnel [priv] (syslogtunnel,40560,10528,00:00:26/29-12:27:19,1311) /usr/lib/systemd/systemd --user (syslogtunnel,48568,3104,00:00:00/29-12:27:19,1312) (sd-pam) (syslogtunnel,35064,4708,00:01:59/29-12:27:19,1324) sshd: syslogtunnel (root,690960,75048,00:38:12/29-12:27:17,1329) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,212252,52132,00:11:04/29-12:27:02,1334) /usr/bin/python3.11 /usr/bin/spot (root,35056,9824,00:00:00/29-12:26:59,1336) sshd: cm-ssh [priv] (cm-ssh,40560,10504,00:00:26/29-12:26:58,1344) /usr/lib/systemd/systemd --user (cm-ssh,48568,3112,00:00:00/29-12:26:58,1345) (sd-pam) (cm-ssh,35056,4596,00:01:34/29-12:26:58,1365) sshd: cm-ssh (root,0,0,00:00:00/17:45,8480) [kworker/3:2-events] (root,0,0,00:00:00/14:42,10128) [kworker/0:2-cgroup_destroy] (root,0,0,00:00:00/37:20,12096) [kworker/0:1-cgroup_destroy] (postfix,43844,8720,00:00:00/23-19:51:50,12335) tlsmgr -l -t unix -u (root,0,0,00:00:00/37:10,12574) [kworker/2:1-events] (root,0,0,00:00:00/01:52:05,15587) [kworker/3:0-cgroup_destroy] (root,0,0,00:00:01/04:00:58,16484) [kworker/1:2-events] (root,0,0,00:00:00/07:48,17631) [kworker/2:2-cgroup_destroy] (root,0,0,00:00:00/06:14,18659) [kworker/1:0-ata_sff] (root,0,0,00:00:00/04:34,20663) [kworker/0:0-events] (root,0,0,00:00:00/30:45,22253) [kworker/u8:1] (root,0,0,00:00:00/00:57,24493) [kworker/1:1-ata_sff] (root,6656,3488,00:00:00/00:00,25527) /bin/bash /usr/bin/check_mk_agent (root,13744,3472,00:00:00/00:00,25545) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,968,00:00:00/00:00,25546) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (postfix,23460,7532,00:00:00/01:25:58,25776) pickup -l -t fifo -u (root,0,0,00:00:00/01:02:58,32508) [kworker/u8:2-flush-254:0] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-10-09 23:17 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe568363d5529ee9Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,14636,00:04:10/27-13:02:30,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:01/27-13:02:30,2) [kthreadd] (root,0,0,00:00:00/27-13:02:30,3) [rcu_gp] (root,0,0,00:00:00/27-13:02:30,4) [rcu_par_gp] (root,0,0,00:00:00/27-13:02:30,5) [slub_flushwq] (root,0,0,00:00:00/27-13:02:30,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/27-13:02:30,9) [mm_percpu_wq] (root,0,0,00:00:00/27-13:02:30,10) [rcu_tasks_kthre] (root,0,0,00:00:00/27-13:02:30,11) [rcu_tasks_rude_] (root,0,0,00:00:00/27-13:02:30,12) [rcu_tasks_trace] (root,0,0,00:00:15/27-13:02:30,13) [ksoftirqd/0] (root,0,0,01:12:33/27-13:02:30,14) [rcu_preempt] (root,0,0,00:00:11/27-13:02:30,15) [migration/0] (root,0,0,00:00:00/27-13:02:30,16) [idle_inject/0] (root,0,0,00:00:00/27-13:02:30,18) [cpuhp/0] (root,0,0,00:00:00/27-13:02:30,19) [cpuhp/1] (root,0,0,00:00:00/27-13:02:30,20) [idle_inject/1] (root,0,0,00:00:10/27-13:02:30,21) [migration/1] (root,0,0,00:00:13/27-13:02:30,22) [ksoftirqd/1] (root,0,0,00:00:00/27-13:02:30,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/27-13:02:30,25) [cpuhp/2] (root,0,0,00:00:00/27-13:02:30,26) [idle_inject/2] (root,0,0,00:00:08/27-13:02:30,27) [migration/2] (root,0,0,00:07:27/27-13:02:30,28) [ksoftirqd/2] (root,0,0,00:00:00/27-13:02:30,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/27-13:02:30,31) [cpuhp/3] (root,0,0,00:00:00/27-13:02:30,32) [idle_inject/3] (root,0,0,00:00:08/27-13:02:30,33) [migration/3] (root,0,0,00:01:06/27-13:02:30,34) [ksoftirqd/3] (root,0,0,00:00:00/27-13:02:30,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/27-13:02:30,41) [kdevtmpfs] (root,0,0,00:00:00/27-13:02:30,42) [netns] (root,0,0,00:00:00/27-13:02:30,43) [inet_frag_wq] (root,0,0,00:00:10/27-13:02:30,44) [kauditd] (root,0,0,00:00:00/27-13:02:30,46) [khungtaskd] (root,0,0,00:00:00/27-13:02:30,47) [oom_reaper] (root,0,0,00:00:00/27-13:02:30,48) [writeback] (root,0,0,00:01:20/27-13:02:30,49) [kcompactd0] (root,0,0,00:00:00/27-13:02:30,50) [ksmd] (root,0,0,00:01:19/27-13:02:30,52) [khugepaged] (root,0,0,00:00:00/27-13:02:30,77) [kintegrityd] (root,0,0,00:00:00/27-13:02:30,78) [kblockd] (root,0,0,00:00:00/27-13:02:30,79) [blkcg_punt_bio] (root,0,0,00:00:00/27-13:02:30,80) [tpm_dev_wq] (root,0,0,00:00:00/27-13:02:30,81) [edac-poller] (root,0,0,00:00:00/27-13:02:30,82) [devfreq_wq] (root,0,0,00:00:00/27-13:02:30,111) [watchdogd] (root,0,0,00:00:12/27-13:02:30,112) [kworker/1:1H-kblockd] (root,0,0,00:00:00/27-13:02:30,113) [kswapd0] (root,0,0,00:00:00/27-13:02:29,115) [kthrotld] (root,0,0,00:00:00/27-13:02:28,118) [mld] (root,0,0,00:00:00/27-13:02:28,119) [ipv6_addrconf] (root,0,0,00:00:07/27-13:02:28,120) [kworker/0:1H-kblockd] (root,0,0,00:00:00/27-13:02:28,125) [kstrp] (root,0,0,00:00:00/27-13:02:28,126) [zswap-shrink] (root,0,0,00:00:00/27-13:02:28,127) [kworker/u9:0] (root,0,0,00:00:00/27-13:02:28,132) [charger_manager] (root,0,0,00:00:06/27-13:02:28,139) [kworker/2:1H-kblockd] (root,0,0,00:00:05/27-13:02:28,175) [kworker/3:1H-kblockd] (root,0,0,00:00:00/27-13:02:27,328) [ata_sff] (root,0,0,00:00:00/27-13:02:27,329) [scsi_eh_0] (root,0,0,00:00:00/27-13:02:27,330) [scsi_tmf_0] (root,0,0,00:00:00/27-13:02:27,331) [scsi_eh_1] (root,0,0,00:00:00/27-13:02:27,332) [scsi_tmf_1] (root,0,0,00:00:40/27-13:02:24,350) [jbd2/vda1-8] (root,0,0,00:00:00/27-13:02:24,351) [ext4-rsv-conver] (root,38736,8056,00:01:19/27-13:02:12,423) /usr/lib/systemd/systemd-journald (root,53096,9768,00:00:03/27-13:02:11,442) /usr/lib/systemd/systemd-udevd (root,8624,6248,00:00:41/27-13:02:09,467) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1640,00:00:19/27-13:01:19,486) /sbin/auditd (messagebus,22540,5464,00:02:50/27-13:01:18,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38920,8476,00:01:22/27-13:01:18,507) /usr/lib/systemd/systemd-logind (root,20556,6080,00:00:00/27-13:01:18,563) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9080,00:00:00/27-13:01:16,595) /usr/sbin/wickedd --systemd --foreground (root,23220,9412,00:00:00/27-13:01:16,596) /usr/sbin/wickedd-nanny --systemd --foreground (root,548360,31684,00:00:24/27-13:01:08,1144) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26784,00:00:00/27-13:01:08,1157) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4572,00:00:39/27-13:01:08,1162) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1776,00:00:00/27-13:01:08,1167) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,375136,9900,00:01:11/27-13:01:08,1169) /usr/sbin/rsyslogd -n -iNONE (root,2516,620,00:00:00/27-13:01:07,1177) bpfilter_umh (root,26204,8380,00:00:12/27-13:01:07,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,19768,5772,00:02:33/27-13:01:07,1183) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (spot,281940,117960,17:36:51/27-13:01:07,1191) /usr/bin/python3.11 /usr/bin/spot (ntp,21768,4104,00:00:00/27-13:01:07,1195) ntpd: asynchronous dns resolver (root,23432,4668,00:00:09/27-13:01:05,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7656,00:00:01/27-13:01:05,1277) qmgr -l -t fifo -u (root,8960,2660,00:00:05/27-13:01:05,1300) /usr/sbin/cron -n (root,35064,9940,00:00:00/27-13:01:04,1306) sshd: syslogtunnel [priv] (syslogtunnel,40560,10528,00:00:24/27-13:01:02,1311) /usr/lib/systemd/systemd --user (syslogtunnel,48568,3104,00:00:00/27-13:01:02,1312) (sd-pam) (syslogtunnel,35064,4708,00:01:51/27-13:01:02,1324) sshd: syslogtunnel (root,690960,73880,00:35:37/27-13:01:00,1329) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,211228,51232,00:10:21/27-13:00:45,1334) /usr/bin/python3.11 /usr/bin/spot (root,35056,9824,00:00:00/27-13:00:42,1336) sshd: cm-ssh [priv] (cm-ssh,40560,10504,00:00:24/27-13:00:41,1344) /usr/lib/systemd/systemd --user (cm-ssh,48568,3112,00:00:00/27-13:00:41,1345) (sd-pam) (cm-ssh,35056,4596,00:01:28/27-13:00:41,1365) sshd: cm-ssh (root,0,0,00:00:00/36:19,1830) [kworker/u8:1-ext4-rsv-conversion] (root,6656,3484,00:00:00/00:01,2382) /bin/bash /usr/bin/check_mk_agent (root,13744,3444,00:00:00/00:00,2401) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,952,00:00:00/00:00,2402) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,0,0,00:00:00/30:04,7927) [kworker/0:1-events] (root,0,0,00:00:00/24:02,11958) [kworker/3:1-events] (postfix,43844,8720,00:00:00/21-20:25:33,12335) tlsmgr -l -t unix -u (root,0,0,00:00:00/20:46,13856) [kworker/2:2-events] (root,0,0,00:00:00/18:51,14919) [kworker/1:1-events] (root,0,0,00:00:00/17:48,17271) [kworker/u8:0-ext4-rsv-conversion] (root,0,0,00:00:00/14:42,21081) [kworker/2:0-events] (root,0,0,00:00:00/11:24,23845) [kworker/0:2] (root,0,0,00:00:00/08:28,25300) [kworker/1:0-ata_sff] (root,0,0,00:00:00/05:20,27945) [kworker/3:2-cgroup_destroy] (postfix,23460,7600,00:00:00/41:46,29816) pickup -l -t fifo -u (root,0,0,00:00:00/03:17,30146) [kworker/1:2-ata_sff] (root,0,0,00:00:00/02:05,32492) [kworker/2:1] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-10-07 23:51 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe5683634983f4e9Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12612,00:03:43/25-12:47:16,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:00/25-12:47:16,2) [kthreadd] (root,0,0,00:00:00/25-12:47:16,3) [rcu_gp] (root,0,0,00:00:00/25-12:47:16,4) [rcu_par_gp] (root,0,0,00:00:00/25-12:47:16,5) [slub_flushwq] (root,0,0,00:00:00/25-12:47:16,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/25-12:47:16,9) [mm_percpu_wq] (root,0,0,00:00:00/25-12:47:16,10) [rcu_tasks_kthre] (root,0,0,00:00:00/25-12:47:16,11) [rcu_tasks_rude_] (root,0,0,00:00:00/25-12:47:16,12) [rcu_tasks_trace] (root,0,0,00:00:14/25-12:47:16,13) [ksoftirqd/0] (root,0,0,01:07:22/25-12:47:16,14) [rcu_preempt] (root,0,0,00:00:10/25-12:47:16,15) [migration/0] (root,0,0,00:00:00/25-12:47:16,16) [idle_inject/0] (root,0,0,00:00:00/25-12:47:16,18) [cpuhp/0] (root,0,0,00:00:00/25-12:47:16,19) [cpuhp/1] (root,0,0,00:00:00/25-12:47:16,20) [idle_inject/1] (root,0,0,00:00:09/25-12:47:16,21) [migration/1] (root,0,0,00:00:12/25-12:47:16,22) [ksoftirqd/1] (root,0,0,00:00:00/25-12:47:16,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/25-12:47:16,25) [cpuhp/2] (root,0,0,00:00:00/25-12:47:16,26) [idle_inject/2] (root,0,0,00:00:07/25-12:47:16,27) [migration/2] (root,0,0,00:07:03/25-12:47:16,28) [ksoftirqd/2] (root,0,0,00:00:00/25-12:47:16,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/25-12:47:16,31) [cpuhp/3] (root,0,0,00:00:00/25-12:47:16,32) [idle_inject/3] (root,0,0,00:00:07/25-12:47:16,33) [migration/3] (root,0,0,00:01:02/25-12:47:16,34) [ksoftirqd/3] (root,0,0,00:00:00/25-12:47:16,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/25-12:47:16,41) [kdevtmpfs] (root,0,0,00:00:00/25-12:47:16,42) [netns] (root,0,0,00:00:00/25-12:47:16,43) [inet_frag_wq] (root,0,0,00:00:09/25-12:47:16,44) [kauditd] (root,0,0,00:00:00/25-12:47:16,46) [khungtaskd] (root,0,0,00:00:00/25-12:47:16,47) [oom_reaper] (root,0,0,00:00:00/25-12:47:16,48) [writeback] (root,0,0,00:01:14/25-12:47:16,49) [kcompactd0] (root,0,0,00:00:00/25-12:47:16,50) [ksmd] (root,0,0,00:01:13/25-12:47:16,52) [khugepaged] (root,0,0,00:00:00/25-12:47:16,77) [kintegrityd] (root,0,0,00:00:00/25-12:47:16,78) [kblockd] (root,0,0,00:00:00/25-12:47:16,79) [blkcg_punt_bio] (root,0,0,00:00:00/25-12:47:16,80) [tpm_dev_wq] (root,0,0,00:00:00/25-12:47:16,81) [edac-poller] (root,0,0,00:00:00/25-12:47:16,82) [devfreq_wq] (root,0,0,00:00:00/25-12:47:16,111) [watchdogd] (root,0,0,00:00:11/25-12:47:16,112) [kworker/1:1H-kblockd] (root,0,0,00:00:00/25-12:47:16,113) [kswapd0] (root,0,0,00:00:00/25-12:47:15,115) [kthrotld] (root,0,0,00:00:00/25-12:47:14,118) [mld] (root,0,0,00:00:00/25-12:47:14,119) [ipv6_addrconf] (root,0,0,00:00:06/25-12:47:14,120) [kworker/0:1H-kblockd] (root,0,0,00:00:00/25-12:47:14,125) [kstrp] (root,0,0,00:00:00/25-12:47:14,126) [zswap-shrink] (root,0,0,00:00:00/25-12:47:14,127) [kworker/u9:0] (root,0,0,00:00:00/25-12:47:14,132) [charger_manager] (root,0,0,00:00:05/25-12:47:14,139) [kworker/2:1H-kblockd] (root,0,0,00:00:04/25-12:47:14,175) [kworker/3:1H-kblockd] (root,0,0,00:00:00/25-12:47:13,328) [ata_sff] (root,0,0,00:00:00/25-12:47:13,329) [scsi_eh_0] (root,0,0,00:00:00/25-12:47:13,330) [scsi_tmf_0] (root,0,0,00:00:00/25-12:47:13,331) [scsi_eh_1] (root,0,0,00:00:00/25-12:47:13,332) [scsi_tmf_1] (root,0,0,00:00:37/25-12:47:10,350) [jbd2/vda1-8] (root,0,0,00:00:00/25-12:47:10,351) [ext4-rsv-conver] (root,38736,8056,00:01:11/25-12:46:58,423) /usr/lib/systemd/systemd-journald (root,53096,9768,00:00:03/25-12:46:57,442) /usr/lib/systemd/systemd-udevd (root,8624,6248,00:00:38/25-12:46:55,467) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1640,00:00:17/25-12:46:05,486) /sbin/auditd (messagebus,22540,5464,00:02:31/25-12:46:04,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38916,8488,00:01:13/25-12:46:04,507) /usr/lib/systemd/systemd-logind (root,20556,6080,00:00:00/25-12:46:04,563) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9080,00:00:00/25-12:46:02,595) /usr/sbin/wickedd --systemd --foreground (root,23220,9412,00:00:00/25-12:46:02,596) /usr/sbin/wickedd-nanny --systemd --foreground (root,0,0,00:00:00/28:48,786) [kworker/u8:0-events_unbound] (root,548360,30644,00:00:22/25-12:45:54,1144) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26784,00:00:00/25-12:45:54,1157) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4572,00:00:36/25-12:45:54,1162) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1776,00:00:00/25-12:45:54,1167) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,375136,9920,00:01:04/25-12:45:54,1169) /usr/sbin/rsyslogd -n -iNONE (root,2516,620,00:00:00/25-12:45:53,1177) bpfilter_umh (root,26204,8380,00:00:11/25-12:45:53,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,19768,5772,00:02:22/25-12:45:53,1183) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (spot,281988,117972,16:40:34/25-12:45:53,1191) /usr/bin/python3.11 /usr/bin/spot (ntp,21768,4104,00:00:00/25-12:45:53,1195) ntpd: asynchronous dns resolver (root,23432,4668,00:00:08/25-12:45:51,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7656,00:00:01/25-12:45:51,1277) qmgr -l -t fifo -u (root,8960,2660,00:00:05/25-12:45:51,1300) /usr/sbin/cron -n (root,35064,9940,00:00:00/25-12:45:50,1306) sshd: syslogtunnel [priv] (syslogtunnel,40560,10528,00:00:21/25-12:45:48,1311) /usr/lib/systemd/systemd --user (syslogtunnel,48568,3104,00:00:00/25-12:45:48,1312) (sd-pam) (syslogtunnel,35064,4708,00:01:42/25-12:45:48,1324) sshd: syslogtunnel (root,690560,73120,00:33:01/25-12:45:46,1329) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,210204,49340,00:09:38/25-12:45:31,1334) /usr/bin/python3.11 /usr/bin/spot (root,35056,9824,00:00:00/25-12:45:28,1336) sshd: cm-ssh [priv] (cm-ssh,40560,10504,00:00:22/25-12:45:27,1344) /usr/lib/systemd/systemd --user (cm-ssh,48568,3112,00:00:00/25-12:45:27,1345) (sd-pam) (cm-ssh,35056,4596,00:01:21/25-12:45:27,1365) sshd: cm-ssh (root,0,0,00:00:00/22:25,2345) [kworker/0:1-events] (root,0,0,00:00:00/19:23,4593) [kworker/3:2] (root,0,0,00:00:00/17:52,5684) [kworker/1:2-events] (root,0,0,00:00:00/13:22,11394) [kworker/0:2-events] (postfix,43844,8720,00:00:00/19-20:10:19,12335) tlsmgr -l -t unix -u (postfix,23460,7636,00:00:00/46:29,12828) pickup -l -t fifo -u (root,0,0,00:00:00/07:29,18198) [kworker/1:1-ata_sff] (root,0,0,00:00:00/07:12,19000) [kworker/2:2-events] (root,0,0,00:00:00/04:15,21632) [kworker/0:0] (root,0,0,00:00:00/02:18,22612) [kworker/1:0-ata_sff] (root,0,0,00:00:00/01:18,23029) [kworker/2:0-cgroup_destroy] (root,6656,3488,00:00:00/00:00,24383) /bin/bash /usr/bin/check_mk_agent (root,13744,3384,00:00:00/00:00,24401) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,968,00:00:00/00:00,24402) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,0,0,00:00:00/35:32,26884) [kworker/u8:1-flush-254:0] (root,0,0,00:00:00/32:17,30219) [kworker/2:1-events] (root,0,0,00:00:00/56:37,31144) [kworker/3:0-events] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-10-05 23:36 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe568363611a7a31Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12612,00:03:16/23-12:49:19,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:00/23-12:49:19,2) [kthreadd] (root,0,0,00:00:00/23-12:49:19,3) [rcu_gp] (root,0,0,00:00:00/23-12:49:19,4) [rcu_par_gp] (root,0,0,00:00:00/23-12:49:19,5) [slub_flushwq] (root,0,0,00:00:00/23-12:49:19,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/23-12:49:19,9) [mm_percpu_wq] (root,0,0,00:00:00/23-12:49:19,10) [rcu_tasks_kthre] (root,0,0,00:00:00/23-12:49:19,11) [rcu_tasks_rude_] (root,0,0,00:00:00/23-12:49:19,12) [rcu_tasks_trace] (root,0,0,00:00:13/23-12:49:19,13) [ksoftirqd/0] (root,0,0,01:02:11/23-12:49:19,14) [rcu_preempt] (root,0,0,00:00:09/23-12:49:19,15) [migration/0] (root,0,0,00:00:00/23-12:49:19,16) [idle_inject/0] (root,0,0,00:00:00/23-12:49:19,18) [cpuhp/0] (root,0,0,00:00:00/23-12:49:19,19) [cpuhp/1] (root,0,0,00:00:00/23-12:49:19,20) [idle_inject/1] (root,0,0,00:00:08/23-12:49:19,21) [migration/1] (root,0,0,00:00:11/23-12:49:19,22) [ksoftirqd/1] (root,0,0,00:00:00/23-12:49:19,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/23-12:49:19,25) [cpuhp/2] (root,0,0,00:00:00/23-12:49:19,26) [idle_inject/2] (root,0,0,00:00:07/23-12:49:19,27) [migration/2] (root,0,0,00:06:35/23-12:49:19,28) [ksoftirqd/2] (root,0,0,00:00:00/23-12:49:19,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/23-12:49:19,31) [cpuhp/3] (root,0,0,00:00:00/23-12:49:19,32) [idle_inject/3] (root,0,0,00:00:07/23-12:49:19,33) [migration/3] (root,0,0,00:00:58/23-12:49:19,34) [ksoftirqd/3] (root,0,0,00:00:00/23-12:49:19,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/23-12:49:19,41) [kdevtmpfs] (root,0,0,00:00:00/23-12:49:19,42) [netns] (root,0,0,00:00:00/23-12:49:19,43) [inet_frag_wq] (root,0,0,00:00:08/23-12:49:19,44) [kauditd] (root,0,0,00:00:00/23-12:49:19,46) [khungtaskd] (root,0,0,00:00:00/23-12:49:19,47) [oom_reaper] (root,0,0,00:00:00/23-12:49:19,48) [writeback] (root,0,0,00:01:09/23-12:49:19,49) [kcompactd0] (root,0,0,00:00:00/23-12:49:19,50) [ksmd] (root,0,0,00:01:08/23-12:49:19,52) [khugepaged] (root,0,0,00:00:00/23-12:49:19,77) [kintegrityd] (root,0,0,00:00:00/23-12:49:19,78) [kblockd] (root,0,0,00:00:00/23-12:49:19,79) [blkcg_punt_bio] (root,0,0,00:00:00/23-12:49:19,80) [tpm_dev_wq] (root,0,0,00:00:00/23-12:49:19,81) [edac-poller] (root,0,0,00:00:00/23-12:49:19,82) [devfreq_wq] (root,0,0,00:00:00/23-12:49:19,111) [watchdogd] (root,0,0,00:00:10/23-12:49:19,112) [kworker/1:1H-kblockd] (root,0,0,00:00:00/23-12:49:19,113) [kswapd0] (root,0,0,00:00:00/23-12:49:18,115) [kthrotld] (root,0,0,00:00:00/23-12:49:17,118) [mld] (root,0,0,00:00:00/23-12:49:17,119) [ipv6_addrconf] (root,0,0,00:00:06/23-12:49:17,120) [kworker/0:1H-kblockd] (root,0,0,00:00:00/23-12:49:17,125) [kstrp] (root,0,0,00:00:00/23-12:49:17,126) [zswap-shrink] (root,0,0,00:00:00/23-12:49:17,127) [kworker/u9:0] (root,0,0,00:00:00/23-12:49:17,132) [charger_manager] (root,0,0,00:00:05/23-12:49:17,139) [kworker/2:1H-kblockd] (root,0,0,00:00:04/23-12:49:17,175) [kworker/3:1H-kblockd] (root,0,0,00:00:00/23-12:49:16,328) [ata_sff] (root,0,0,00:00:00/23-12:49:16,329) [scsi_eh_0] (root,0,0,00:00:00/23-12:49:16,330) [scsi_tmf_0] (root,0,0,00:00:00/23-12:49:16,331) [scsi_eh_1] (root,0,0,00:00:00/23-12:49:16,332) [scsi_tmf_1] (root,0,0,00:00:34/23-12:49:13,350) [jbd2/vda1-8] (root,0,0,00:00:00/23-12:49:13,351) [ext4-rsv-conver] (root,38736,8056,00:01:03/23-12:49:01,423) /usr/lib/systemd/systemd-journald (root,53096,9768,00:00:02/23-12:49:00,442) /usr/lib/systemd/systemd-udevd (root,8624,6248,00:00:35/23-12:48:58,467) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1640,00:00:14/23-12:48:08,486) /sbin/auditd (messagebus,22540,5464,00:02:13/23-12:48:07,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38920,8484,00:01:04/23-12:48:07,507) /usr/lib/systemd/systemd-logind (root,20556,6080,00:00:00/23-12:48:07,563) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9080,00:00:00/23-12:48:05,595) /usr/sbin/wickedd --systemd --foreground (root,23220,9412,00:00:00/23-12:48:05,596) /usr/sbin/wickedd-nanny --systemd --foreground (root,0,0,00:00:00/10:07,621) [kworker/1:2-ata_sff] (root,548360,30644,00:00:21/23-12:47:57,1144) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26784,00:00:00/23-12:47:57,1157) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4572,00:00:34/23-12:47:57,1162) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1776,00:00:00/23-12:47:57,1167) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,375136,9920,00:00:56/23-12:47:57,1169) /usr/sbin/rsyslogd -n -iNONE (root,2516,620,00:00:00/23-12:47:56,1177) bpfilter_umh (root,26204,8380,00:00:09/23-12:47:56,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,19768,5772,00:02:11/23-12:47:56,1183) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (spot,282132,118008,15:41:00/23-12:47:56,1191) /usr/bin/python3.11 /usr/bin/spot (ntp,21768,4104,00:00:00/23-12:47:56,1195) ntpd: asynchronous dns resolver (root,23432,4668,00:00:07/23-12:47:54,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7656,00:00:01/23-12:47:54,1277) qmgr -l -t fifo -u (root,8960,2660,00:00:05/23-12:47:54,1300) /usr/sbin/cron -n (root,35064,9940,00:00:00/23-12:47:53,1306) sshd: syslogtunnel [priv] (syslogtunnel,40560,10528,00:00:18/23-12:47:51,1311) /usr/lib/systemd/systemd --user (syslogtunnel,48568,3104,00:00:00/23-12:47:51,1312) (sd-pam) (syslogtunnel,35064,4708,00:01:33/23-12:47:51,1324) sshd: syslogtunnel (root,690304,72920,00:30:25/23-12:47:49,1329) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,209180,48696,00:08:55/23-12:47:34,1334) /usr/bin/python3.11 /usr/bin/spot (root,35056,9824,00:00:00/23-12:47:31,1336) sshd: cm-ssh [priv] (cm-ssh,40560,10504,00:00:19/23-12:47:30,1344) /usr/lib/systemd/systemd --user (cm-ssh,48568,3112,00:00:00/23-12:47:30,1345) (sd-pam) (cm-ssh,35056,4596,00:01:15/23-12:47:30,1365) sshd: cm-ssh (root,0,0,00:00:00/01:12:23,2040) [kworker/1:0-ata_sff] (root,0,0,00:00:00/35:52,3541) [kworker/2:1-events] (postfix,23460,7540,00:00:00/01:10:35,3658) pickup -l -t fifo -u (root,0,0,00:00:00/07:50,4809) [kworker/2:2-events] (root,0,0,00:00:00/01:07:34,7057) [kworker/u8:0-events_unbound] (root,0,0,00:00:00/04:55,10574) [kworker/0:1-events] (root,0,0,00:00:00/04:55,10575) [kworker/1:1-events] (postfix,43844,8720,00:00:00/17-20:12:22,12335) tlsmgr -l -t unix -u (root,0,0,00:00:00/01:42,15723) [kworker/u8:1-flush-254:0] (root,6656,3488,00:00:00/00:00,16851) /bin/bash /usr/bin/check_mk_agent (root,13744,3416,00:00:00/00:00,16869) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,968,00:00:00/00:00,16870) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,0,0,00:00:00/22:33,17863) [kworker/u8:2-events_unbound] (root,0,0,00:00:00/22:31,17906) [kworker/0:0-cgroup_destroy] (root,0,0,00:00:00/54:02,22335) [kworker/0:2-cgroup_destroy] (root,0,0,00:00:00/16:32,24038) [kworker/3:0-events] (root,0,0,00:00:00/10:40,32615) [kworker/3:2-cgroup_destroy] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-10-03 23:38 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe5683639a412fcaFound public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12612,00:02:49/21-13:01:14,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:00/21-13:01:14,2) [kthreadd] (root,0,0,00:00:00/21-13:01:14,3) [rcu_gp] (root,0,0,00:00:00/21-13:01:14,4) [rcu_par_gp] (root,0,0,00:00:00/21-13:01:14,5) [slub_flushwq] (root,0,0,00:00:00/21-13:01:14,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/21-13:01:14,9) [mm_percpu_wq] (root,0,0,00:00:00/21-13:01:14,10) [rcu_tasks_kthre] (root,0,0,00:00:00/21-13:01:14,11) [rcu_tasks_rude_] (root,0,0,00:00:00/21-13:01:14,12) [rcu_tasks_trace] (root,0,0,00:00:12/21-13:01:14,13) [ksoftirqd/0] (root,0,0,00:57:01/21-13:01:14,14) [rcu_preempt] (root,0,0,00:00:08/21-13:01:14,15) [migration/0] (root,0,0,00:00:00/21-13:01:14,16) [idle_inject/0] (root,0,0,00:00:00/21-13:01:14,18) [cpuhp/0] (root,0,0,00:00:00/21-13:01:14,19) [cpuhp/1] (root,0,0,00:00:00/21-13:01:14,20) [idle_inject/1] (root,0,0,00:00:08/21-13:01:14,21) [migration/1] (root,0,0,00:00:10/21-13:01:14,22) [ksoftirqd/1] (root,0,0,00:00:00/21-13:01:14,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/21-13:01:14,25) [cpuhp/2] (root,0,0,00:00:00/21-13:01:14,26) [idle_inject/2] (root,0,0,00:00:06/21-13:01:14,27) [migration/2] (root,0,0,00:06:11/21-13:01:14,28) [ksoftirqd/2] (root,0,0,00:00:00/21-13:01:14,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/21-13:01:14,31) [cpuhp/3] (root,0,0,00:00:00/21-13:01:14,32) [idle_inject/3] (root,0,0,00:00:06/21-13:01:14,33) [migration/3] (root,0,0,00:00:53/21-13:01:14,34) [ksoftirqd/3] (root,0,0,00:00:00/21-13:01:14,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/21-13:01:14,41) [kdevtmpfs] (root,0,0,00:00:00/21-13:01:14,42) [netns] (root,0,0,00:00:00/21-13:01:14,43) [inet_frag_wq] (root,0,0,00:00:07/21-13:01:14,44) [kauditd] (root,0,0,00:00:00/21-13:01:14,46) [khungtaskd] (root,0,0,00:00:00/21-13:01:14,47) [oom_reaper] (root,0,0,00:00:00/21-13:01:14,48) [writeback] (root,0,0,00:01:03/21-13:01:14,49) [kcompactd0] (root,0,0,00:00:00/21-13:01:14,50) [ksmd] (root,0,0,00:01:02/21-13:01:14,52) [khugepaged] (root,0,0,00:00:00/21-13:01:14,77) [kintegrityd] (root,0,0,00:00:00/21-13:01:14,78) [kblockd] (root,0,0,00:00:00/21-13:01:14,79) [blkcg_punt_bio] (root,0,0,00:00:00/21-13:01:14,80) [tpm_dev_wq] (root,0,0,00:00:00/21-13:01:14,81) [edac-poller] (root,0,0,00:00:00/21-13:01:14,82) [devfreq_wq] (root,0,0,00:00:00/21-13:01:14,111) [watchdogd] (root,0,0,00:00:09/21-13:01:14,112) [kworker/1:1H-kblockd] (root,0,0,00:00:00/21-13:01:14,113) [kswapd0] (root,0,0,00:00:00/21-13:01:13,115) [kthrotld] (root,0,0,00:00:00/21-13:01:12,118) [mld] (root,0,0,00:00:00/21-13:01:12,119) [ipv6_addrconf] (root,0,0,00:00:05/21-13:01:12,120) [kworker/0:1H-kblockd] (root,0,0,00:00:00/21-13:01:12,125) [kstrp] (root,0,0,00:00:00/21-13:01:12,126) [zswap-shrink] (root,0,0,00:00:00/21-13:01:12,127) [kworker/u9:0] (root,0,0,00:00:00/21-13:01:12,132) [charger_manager] (root,0,0,00:00:04/21-13:01:12,139) [kworker/2:1H-kblockd] (root,0,0,00:00:04/21-13:01:12,175) [kworker/3:1H-kblockd] (root,0,0,00:00:00/21-13:01:11,328) [ata_sff] (root,0,0,00:00:00/21-13:01:11,329) [scsi_eh_0] (root,0,0,00:00:00/21-13:01:11,330) [scsi_tmf_0] (root,0,0,00:00:00/21-13:01:11,331) [scsi_eh_1] (root,0,0,00:00:00/21-13:01:11,332) [scsi_tmf_1] (root,0,0,00:00:31/21-13:01:08,350) [jbd2/vda1-8] (root,0,0,00:00:00/21-13:01:08,351) [ext4-rsv-conver] (root,38736,8056,00:00:54/21-13:00:56,423) /usr/lib/systemd/systemd-journald (root,53096,9768,00:00:02/21-13:00:55,442) /usr/lib/systemd/systemd-udevd (root,8624,6248,00:00:32/21-13:00:53,467) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1640,00:00:12/21-13:00:03,486) /sbin/auditd (messagebus,22540,5464,00:01:54/21-13:00:02,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38920,8484,00:00:55/21-13:00:02,507) /usr/lib/systemd/systemd-logind (root,20556,6080,00:00:00/21-13:00:02,563) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9080,00:00:00/21-13:00:00,595) /usr/sbin/wickedd --systemd --foreground (root,23220,9412,00:00:00/21-13:00:00,596) /usr/sbin/wickedd-nanny --systemd --foreground (root,548104,30056,00:00:19/21-12:59:52,1144) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26784,00:00:00/21-12:59:52,1157) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4572,00:00:31/21-12:59:52,1162) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1776,00:00:00/21-12:59:52,1167) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,375136,9944,00:00:49/21-12:59:52,1169) /usr/sbin/rsyslogd -n -iNONE (root,2516,620,00:00:00/21-12:59:51,1177) bpfilter_umh (root,26204,8380,00:00:08/21-12:59:51,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,19768,5772,00:02:00/21-12:59:51,1183) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (spot,281796,117924,14:41:39/21-12:59:51,1191) /usr/bin/python3.11 /usr/bin/spot (ntp,21768,4104,00:00:00/21-12:59:51,1195) ntpd: asynchronous dns resolver (root,23432,4668,00:00:07/21-12:59:49,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7656,00:00:01/21-12:59:49,1277) qmgr -l -t fifo -u (root,8960,2660,00:00:04/21-12:59:49,1300) /usr/sbin/cron -n (root,35064,9940,00:00:00/21-12:59:48,1306) sshd: syslogtunnel [priv] (syslogtunnel,40560,10528,00:00:16/21-12:59:46,1311) /usr/lib/systemd/systemd --user (syslogtunnel,48568,3104,00:00:00/21-12:59:46,1312) (sd-pam) (syslogtunnel,35064,4708,00:01:24/21-12:59:46,1324) sshd: syslogtunnel (root,688884,74572,00:27:48/21-12:59:44,1329) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,208156,46820,00:08:10/21-12:59:29,1334) /usr/bin/python3.11 /usr/bin/spot (root,35056,9824,00:00:00/21-12:59:26,1336) sshd: cm-ssh [priv] (cm-ssh,40560,10504,00:00:16/21-12:59:25,1344) /usr/lib/systemd/systemd --user (cm-ssh,48568,3112,00:00:00/21-12:59:25,1345) (sd-pam) (cm-ssh,35056,4596,00:01:08/21-12:59:25,1365) sshd: cm-ssh (root,0,0,00:00:00/06:14,1770) [kworker/1:0-ata_sff] (postfix,23460,7548,00:00:00/04:34,3254) pickup -l -t fifo -u (root,0,0,00:00:01/03:18:12,6274) [kworker/1:1-events] (root,0,0,00:00:00/01:54,7339) [kworker/0:0] (root,0,0,00:00:00/01:43,7341) [kworker/u8:0-flush-254:0] (root,0,0,00:00:00/01:02,8543) [kworker/1:2-ata_sff] (root,6656,3488,00:00:00/00:00,9399) /bin/bash /usr/bin/check_mk_agent (root,13744,3368,00:00:00/00:00,9417) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,964,00:00:00/00:00,9418) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (postfix,43844,8720,00:00:00/15-20:24:17,12335) tlsmgr -l -t unix -u (root,0,0,00:00:00/24:25,14389) [kworker/u8:1-ext4-rsv-conversion] (root,0,0,00:00:00/21:44,16609) [kworker/0:2-events] (root,0,0,00:00:00/15:52,22180) [kworker/u8:2-events_unbound] (root,0,0,00:00:00/15:52,22181) [kworker/2:0-events] (root,0,0,00:00:00/13:03,25771) [kworker/3:0-events] (root,0,0,00:00:00/10:24,29107) [kworker/0:1-cgroup_destroy] (root,0,0,00:00:00/10:14,29304) [kworker/2:2-events] (root,0,0,00:00:00/07:33,31797) [kworker/3:1-events] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-10-01 23:49 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe568363b2d64cf3Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12612,00:02:12/19-13:00:12,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:00/19-13:00:12,2) [kthreadd] (root,0,0,00:00:00/19-13:00:12,3) [rcu_gp] (root,0,0,00:00:00/19-13:00:12,4) [rcu_par_gp] (root,0,0,00:00:00/19-13:00:12,5) [slub_flushwq] (root,0,0,00:00:00/19-13:00:12,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/19-13:00:12,9) [mm_percpu_wq] (root,0,0,00:00:00/19-13:00:12,10) [rcu_tasks_kthre] (root,0,0,00:00:00/19-13:00:12,11) [rcu_tasks_rude_] (root,0,0,00:00:00/19-13:00:12,12) [rcu_tasks_trace] (root,0,0,00:00:11/19-13:00:12,13) [ksoftirqd/0] (root,0,0,00:51:32/19-13:00:12,14) [rcu_preempt] (root,0,0,00:00:07/19-13:00:12,15) [migration/0] (root,0,0,00:00:00/19-13:00:12,16) [idle_inject/0] (root,0,0,00:00:00/19-13:00:12,18) [cpuhp/0] (root,0,0,00:00:00/19-13:00:12,19) [cpuhp/1] (root,0,0,00:00:00/19-13:00:12,20) [idle_inject/1] (root,0,0,00:00:07/19-13:00:12,21) [migration/1] (root,0,0,00:00:09/19-13:00:12,22) [ksoftirqd/1] (root,0,0,00:00:00/19-13:00:12,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/19-13:00:12,25) [cpuhp/2] (root,0,0,00:00:00/19-13:00:12,26) [idle_inject/2] (root,0,0,00:00:05/19-13:00:12,27) [migration/2] (root,0,0,00:05:40/19-13:00:12,28) [ksoftirqd/2] (root,0,0,00:00:00/19-13:00:12,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/19-13:00:12,31) [cpuhp/3] (root,0,0,00:00:00/19-13:00:12,32) [idle_inject/3] (root,0,0,00:00:06/19-13:00:12,33) [migration/3] (root,0,0,00:00:48/19-13:00:12,34) [ksoftirqd/3] (root,0,0,00:00:00/19-13:00:12,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/19-13:00:12,41) [kdevtmpfs] (root,0,0,00:00:00/19-13:00:12,42) [netns] (root,0,0,00:00:00/19-13:00:12,43) [inet_frag_wq] (root,0,0,00:00:05/19-13:00:12,44) [kauditd] (root,0,0,00:00:00/19-13:00:12,46) [khungtaskd] (root,0,0,00:00:00/19-13:00:12,47) [oom_reaper] (root,0,0,00:00:00/19-13:00:12,48) [writeback] (root,0,0,00:00:57/19-13:00:12,49) [kcompactd0] (root,0,0,00:00:00/19-13:00:12,50) [ksmd] (root,0,0,00:00:56/19-13:00:12,52) [khugepaged] (root,0,0,00:00:00/19-13:00:12,77) [kintegrityd] (root,0,0,00:00:00/19-13:00:12,78) [kblockd] (root,0,0,00:00:00/19-13:00:12,79) [blkcg_punt_bio] (root,0,0,00:00:00/19-13:00:12,80) [tpm_dev_wq] (root,0,0,00:00:00/19-13:00:12,81) [edac-poller] (root,0,0,00:00:00/19-13:00:12,82) [devfreq_wq] (root,0,0,00:00:00/19-13:00:12,111) [watchdogd] (root,0,0,00:00:08/19-13:00:12,112) [kworker/1:1H-kblockd] (root,0,0,00:00:00/19-13:00:12,113) [kswapd0] (root,0,0,00:00:00/19-13:00:11,115) [kthrotld] (root,0,0,00:00:00/19-13:00:10,118) [mld] (root,0,0,00:00:00/19-13:00:10,119) [ipv6_addrconf] (root,0,0,00:00:05/19-13:00:10,120) [kworker/0:1H-kblockd] (root,0,0,00:00:00/19-13:00:10,125) [kstrp] (root,0,0,00:00:00/19-13:00:10,126) [zswap-shrink] (root,0,0,00:00:00/19-13:00:10,127) [kworker/u9:0] (root,0,0,00:00:00/19-13:00:10,132) [charger_manager] (root,0,0,00:00:04/19-13:00:10,139) [kworker/2:1H-kblockd] (root,0,0,00:00:03/19-13:00:10,175) [kworker/3:1H-kblockd] (root,0,0,00:00:00/19-13:00:09,328) [ata_sff] (root,0,0,00:00:00/19-13:00:09,329) [scsi_eh_0] (root,0,0,00:00:00/19-13:00:09,330) [scsi_tmf_0] (root,0,0,00:00:00/19-13:00:09,331) [scsi_eh_1] (root,0,0,00:00:00/19-13:00:09,332) [scsi_tmf_1] (root,0,0,00:00:28/19-13:00:06,350) [jbd2/vda1-8] (root,0,0,00:00:00/19-13:00:06,351) [ext4-rsv-conver] (root,38736,8056,00:00:44/19-12:59:54,423) /usr/lib/systemd/systemd-journald (root,53096,9768,00:00:02/19-12:59:53,442) /usr/lib/systemd/systemd-udevd (root,8624,6248,00:00:29/19-12:59:51,467) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1640,00:00:10/19-12:59:01,486) /sbin/auditd (messagebus,22540,5464,00:01:29/19-12:59:00,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38916,8468,00:00:43/19-12:59:00,507) /usr/lib/systemd/systemd-logind (root,20556,6080,00:00:00/19-12:59:00,563) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9080,00:00:00/19-12:58:58,595) /usr/sbin/wickedd --systemd --foreground (root,23220,9412,00:00:00/19-12:58:58,596) /usr/sbin/wickedd-nanny --systemd --foreground (root,548104,28756,00:00:17/19-12:58:50,1144) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26784,00:00:00/19-12:58:50,1157) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4572,00:00:29/19-12:58:50,1162) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1776,00:00:00/19-12:58:50,1167) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,375136,9944,00:00:39/19-12:58:50,1169) /usr/sbin/rsyslogd -n -iNONE (root,2516,620,00:00:00/19-12:58:49,1177) bpfilter_umh (root,26204,8380,00:00:06/19-12:58:49,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,19768,5772,00:01:48/19-12:58:49,1183) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (spot,283540,119116,13:33:16/19-12:58:49,1191) /usr/bin/python3.11 /usr/bin/spot (ntp,21768,4104,00:00:00/19-12:58:49,1195) ntpd: asynchronous dns resolver (root,23432,4668,00:00:06/19-12:58:47,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7656,00:00:01/19-12:58:47,1277) qmgr -l -t fifo -u (root,8960,2660,00:00:04/19-12:58:47,1300) /usr/sbin/cron -n (root,35064,9940,00:00:00/19-12:58:46,1306) sshd: syslogtunnel [priv] (syslogtunnel,40560,10528,00:00:12/19-12:58:44,1311) /usr/lib/systemd/systemd --user (syslogtunnel,48568,3104,00:00:00/19-12:58:44,1312) (sd-pam) (syslogtunnel,35064,4708,00:01:14/19-12:58:44,1324) sshd: syslogtunnel (root,688884,74548,00:25:07/19-12:58:42,1329) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,207132,45284,00:07:23/19-12:58:27,1334) /usr/bin/python3.11 /usr/bin/spot (root,35056,9824,00:00:00/19-12:58:24,1336) sshd: cm-ssh [priv] (cm-ssh,40560,10504,00:00:12/19-12:58:23,1344) /usr/lib/systemd/systemd --user (cm-ssh,48568,3112,00:00:00/19-12:58:23,1345) (sd-pam) (cm-ssh,35056,4596,00:01:02/19-12:58:23,1365) sshd: cm-ssh (postfix,23460,7632,00:00:00/23:32,4199) pickup -l -t fifo -u (root,0,0,00:00:00/18:40,8952) [kworker/u8:2-writeback] (postfix,43844,8720,00:00:00/13-20:23:15,12335) tlsmgr -l -t unix -u (root,0,0,00:00:00/13:57,12435) [kworker/1:1-events] (root,0,0,00:00:00/11:03,15854) [kworker/0:0-events] (root,0,0,00:00:00/10:53,15856) [kworker/2:2-cgroup_destroy] (root,0,0,00:00:00/08:47,16478) [kworker/1:0-ata_sff] (root,0,0,00:00:00/08:17,17477) [kworker/3:0-events] (root,0,0,00:00:00/36:41,21298) [kworker/u8:0-ext4-rsv-conversion] (root,0,0,00:00:00/03:36,23445) [kworker/1:2-ata_sff] (root,0,0,00:00:00/03:18,23631) [kworker/0:1] (root,0,0,00:00:00/34:25,25356) [kworker/3:2-cgroup_destroy] (root,0,0,00:00:00/34:25,25358) [kworker/0:2-events] (root,0,0,00:00:00/00:52,26264) [kworker/2:0-cgroup_destroy] (root,6656,3480,00:00:00/00:00,27492) /bin/bash /usr/bin/check_mk_agent (root,13744,3496,00:00:00/00:00,27510) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,960,00:00:00/00:00,27511) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,0,0,00:00:00/01:33:14,31130) [kworker/2:1-events] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-09-29 23:48 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe56836335470389Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12608,00:01:33/17-12:59:34,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:00/17-12:59:34,2) [kthreadd] (root,0,0,00:00:00/17-12:59:34,3) [rcu_gp] (root,0,0,00:00:00/17-12:59:34,4) [rcu_par_gp] (root,0,0,00:00:00/17-12:59:34,5) [slub_flushwq] (root,0,0,00:00:00/17-12:59:34,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/17-12:59:34,9) [mm_percpu_wq] (root,0,0,00:00:00/17-12:59:34,10) [rcu_tasks_kthre] (root,0,0,00:00:00/17-12:59:34,11) [rcu_tasks_rude_] (root,0,0,00:00:00/17-12:59:34,12) [rcu_tasks_trace] (root,0,0,00:00:09/17-12:59:34,13) [ksoftirqd/0] (root,0,0,00:45:37/17-12:59:34,14) [rcu_preempt] (root,0,0,00:00:07/17-12:59:34,15) [migration/0] (root,0,0,00:00:00/17-12:59:34,16) [idle_inject/0] (root,0,0,00:00:00/17-12:59:34,18) [cpuhp/0] (root,0,0,00:00:00/17-12:59:34,19) [cpuhp/1] (root,0,0,00:00:00/17-12:59:34,20) [idle_inject/1] (root,0,0,00:00:06/17-12:59:34,21) [migration/1] (root,0,0,00:00:08/17-12:59:34,22) [ksoftirqd/1] (root,0,0,00:00:00/17-12:59:34,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/17-12:59:34,25) [cpuhp/2] (root,0,0,00:00:00/17-12:59:34,26) [idle_inject/2] (root,0,0,00:00:05/17-12:59:34,27) [migration/2] (root,0,0,00:04:52/17-12:59:34,28) [ksoftirqd/2] (root,0,0,00:00:00/17-12:59:34,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/17-12:59:34,31) [cpuhp/3] (root,0,0,00:00:00/17-12:59:34,32) [idle_inject/3] (root,0,0,00:00:05/17-12:59:34,33) [migration/3] (root,0,0,00:00:41/17-12:59:34,34) [ksoftirqd/3] (root,0,0,00:00:00/17-12:59:34,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/17-12:59:34,41) [kdevtmpfs] (root,0,0,00:00:00/17-12:59:34,42) [netns] (root,0,0,00:00:00/17-12:59:34,43) [inet_frag_wq] (root,0,0,00:00:03/17-12:59:34,44) [kauditd] (root,0,0,00:00:00/17-12:59:34,46) [khungtaskd] (root,0,0,00:00:00/17-12:59:34,47) [oom_reaper] (root,0,0,00:00:00/17-12:59:34,48) [writeback] (root,0,0,00:00:50/17-12:59:34,49) [kcompactd0] (root,0,0,00:00:00/17-12:59:34,50) [ksmd] (root,0,0,00:00:49/17-12:59:34,52) [khugepaged] (root,0,0,00:00:00/17-12:59:34,77) [kintegrityd] (root,0,0,00:00:00/17-12:59:34,78) [kblockd] (root,0,0,00:00:00/17-12:59:34,79) [blkcg_punt_bio] (root,0,0,00:00:00/17-12:59:34,80) [tpm_dev_wq] (root,0,0,00:00:00/17-12:59:34,81) [edac-poller] (root,0,0,00:00:00/17-12:59:34,82) [devfreq_wq] (root,0,0,00:00:00/17-12:59:34,111) [watchdogd] (root,0,0,00:00:07/17-12:59:34,112) [kworker/1:1H-kblockd] (root,0,0,00:00:00/17-12:59:34,113) [kswapd0] (root,0,0,00:00:00/17-12:59:33,115) [kthrotld] (root,0,0,00:00:00/17-12:59:32,118) [mld] (root,0,0,00:00:00/17-12:59:32,119) [ipv6_addrconf] (root,0,0,00:00:04/17-12:59:32,120) [kworker/0:1H-kblockd] (root,0,0,00:00:00/17-12:59:32,125) [kstrp] (root,0,0,00:00:00/17-12:59:32,126) [zswap-shrink] (root,0,0,00:00:00/17-12:59:32,127) [kworker/u9:0] (root,0,0,00:00:00/17-12:59:32,132) [charger_manager] (root,0,0,00:00:03/17-12:59:32,139) [kworker/2:1H-kblockd] (root,0,0,00:00:03/17-12:59:32,175) [kworker/3:1H-kblockd] (root,0,0,00:00:00/17-12:59:31,328) [ata_sff] (root,0,0,00:00:00/17-12:59:31,329) [scsi_eh_0] (root,0,0,00:00:00/17-12:59:31,330) [scsi_tmf_0] (root,0,0,00:00:00/17-12:59:31,331) [scsi_eh_1] (root,0,0,00:00:00/17-12:59:31,332) [scsi_tmf_1] (root,0,0,00:00:24/17-12:59:28,350) [jbd2/vda1-8] (root,0,0,00:00:00/17-12:59:28,351) [ext4-rsv-conver] (root,38604,8056,00:00:31/17-12:59:16,423) /usr/lib/systemd/systemd-journald (root,53096,9768,00:00:02/17-12:59:15,442) /usr/lib/systemd/systemd-udevd (root,8624,6248,00:00:26/17-12:59:13,467) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1640,00:00:07/17-12:58:23,486) /sbin/auditd (messagebus,22540,5464,00:01:01/17-12:58:22,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38908,8472,00:00:30/17-12:58:22,507) /usr/lib/systemd/systemd-logind (root,20556,6080,00:00:00/17-12:58:22,563) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9080,00:00:00/17-12:58:20,595) /usr/sbin/wickedd --systemd --foreground (root,23220,9412,00:00:00/17-12:58:20,596) /usr/sbin/wickedd-nanny --systemd --foreground (root,548104,28756,00:00:15/17-12:58:12,1144) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26784,00:00:00/17-12:58:12,1157) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4572,00:00:25/17-12:58:12,1162) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1776,00:00:00/17-12:58:12,1167) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,375136,10000,00:00:29/17-12:58:12,1169) /usr/sbin/rsyslogd -n -iNONE (root,2516,620,00:00:00/17-12:58:11,1177) bpfilter_umh (root,26204,8380,00:00:04/17-12:58:11,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,19768,5772,00:01:36/17-12:58:11,1183) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (spot,282900,118904,11:53:23/17-12:58:11,1191) /usr/bin/python3.11 /usr/bin/spot (ntp,21768,4104,00:00:00/17-12:58:11,1195) ntpd: asynchronous dns resolver (root,23432,4668,00:00:05/17-12:58:09,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7656,00:00:01/17-12:58:09,1277) qmgr -l -t fifo -u (root,8960,2660,00:00:03/17-12:58:09,1300) /usr/sbin/cron -n (root,35064,9940,00:00:00/17-12:58:08,1306) sshd: syslogtunnel [priv] (syslogtunnel,40560,10528,00:00:08/17-12:58:06,1311) /usr/lib/systemd/systemd --user (syslogtunnel,48568,3104,00:00:00/17-12:58:06,1312) (sd-pam) (syslogtunnel,35064,4708,00:01:03/17-12:58:06,1324) sshd: syslogtunnel (root,688884,74448,00:22:27/17-12:58:04,1329) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,206108,44016,00:06:36/17-12:57:49,1334) /usr/bin/python3.11 /usr/bin/spot (root,35056,9824,00:00:00/17-12:57:46,1336) sshd: cm-ssh [priv] (cm-ssh,40560,10504,00:00:08/17-12:57:45,1344) /usr/lib/systemd/systemd --user (cm-ssh,48568,3112,00:00:00/17-12:57:45,1345) (sd-pam) (cm-ssh,35056,4596,00:00:55/17-12:57:45,1365) sshd: cm-ssh (root,0,0,00:00:00/01:54,2210) [kworker/1:1-ata_sff] (checkmk,40568,10604,00:00:00/00:02,5041) /usr/lib/systemd/systemd --user (checkmk,196228,3364,00:00:00/00:02,5042) (sd-pam) (root,0,0,00:00:00/00:01,5229) [kworker/3:2-events] (root,6656,3484,00:00:00/00:00,5274) /bin/bash /usr/bin/check_mk_agent (root,13744,3528,00:00:00/00:00,5292) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,952,00:00:00/00:00,5293) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,0,0,00:00:00/01:02:03,6772) [kworker/u8:0-events_unbound] (postfix,43844,8720,00:00:00/11-20:22:37,12335) tlsmgr -l -t unix -u (root,0,0,00:00:00/21:47,13668) [kworker/0:0-events] (root,0,0,00:00:00/54:05,16710) [kworker/2:0-events] (root,0,0,00:00:00/13:18,21833) [kworker/u8:2-events_unbound] (root,0,0,00:00:00/11:18,23446) [kworker/0:1-cgroup_destroy] (root,0,0,00:00:00/09:09,26004) [kworker/3:1-cgroup_destroy] (postfix,23460,7576,00:00:00/44:54,26393) pickup -l -t fifo -u (root,0,0,00:00:00/38:14,28908) [kworker/1:0-events] (root,0,0,00:00:00/07:05,30060) [kworker/1:2-ata_sff] (root,0,0,00:00:00/06:48,30253) [kworker/2:1-cgroup_destroy] (root,0,0,00:00:00/04:29,31713) [kworker/u8:1-flush-254:0] (root,0,0,00:00:00/04:29,31714) [kworker/u8:3] (root,0,0,00:00:00/34:17,32047) [kworker/3:0-events] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-09-27 23:48 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe5683634d13eb27Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12608,00:00:59/15-13:05:55,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:00/15-13:05:55,2) [kthreadd] (root,0,0,00:00:00/15-13:05:55,3) [rcu_gp] (root,0,0,00:00:00/15-13:05:55,4) [rcu_par_gp] (root,0,0,00:00:00/15-13:05:55,5) [slub_flushwq] (root,0,0,00:00:00/15-13:05:55,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/15-13:05:55,9) [mm_percpu_wq] (root,0,0,00:00:00/15-13:05:55,10) [rcu_tasks_kthre] (root,0,0,00:00:00/15-13:05:55,11) [rcu_tasks_rude_] (root,0,0,00:00:00/15-13:05:55,12) [rcu_tasks_trace] (root,0,0,00:00:07/15-13:05:55,13) [ksoftirqd/0] (root,0,0,00:39:59/15-13:05:55,14) [rcu_preempt] (root,0,0,00:00:06/15-13:05:55,15) [migration/0] (root,0,0,00:00:00/15-13:05:55,16) [idle_inject/0] (root,0,0,00:00:00/15-13:05:55,18) [cpuhp/0] (root,0,0,00:00:00/15-13:05:55,19) [cpuhp/1] (root,0,0,00:00:00/15-13:05:55,20) [idle_inject/1] (root,0,0,00:00:05/15-13:05:55,21) [migration/1] (root,0,0,00:00:06/15-13:05:55,22) [ksoftirqd/1] (root,0,0,00:00:00/15-13:05:55,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/15-13:05:55,25) [cpuhp/2] (root,0,0,00:00:00/15-13:05:55,26) [idle_inject/2] (root,0,0,00:00:04/15-13:05:55,27) [migration/2] (root,0,0,00:04:09/15-13:05:55,28) [ksoftirqd/2] (root,0,0,00:00:00/15-13:05:55,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/15-13:05:55,31) [cpuhp/3] (root,0,0,00:00:00/15-13:05:55,32) [idle_inject/3] (root,0,0,00:00:04/15-13:05:55,33) [migration/3] (root,0,0,00:00:34/15-13:05:55,34) [ksoftirqd/3] (root,0,0,00:00:00/15-13:05:55,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/15-13:05:55,41) [kdevtmpfs] (root,0,0,00:00:00/15-13:05:55,42) [netns] (root,0,0,00:00:00/15-13:05:55,43) [inet_frag_wq] (root,0,0,00:00:02/15-13:05:55,44) [kauditd] (root,0,0,00:00:00/15-13:05:55,46) [khungtaskd] (root,0,0,00:00:00/15-13:05:55,47) [oom_reaper] (root,0,0,00:00:00/15-13:05:55,48) [writeback] (root,0,0,00:00:44/15-13:05:55,49) [kcompactd0] (root,0,0,00:00:00/15-13:05:55,50) [ksmd] (root,0,0,00:00:43/15-13:05:55,52) [khugepaged] (root,0,0,00:00:00/15-13:05:55,77) [kintegrityd] (root,0,0,00:00:00/15-13:05:55,78) [kblockd] (root,0,0,00:00:00/15-13:05:55,79) [blkcg_punt_bio] (root,0,0,00:00:00/15-13:05:55,80) [tpm_dev_wq] (root,0,0,00:00:00/15-13:05:55,81) [edac-poller] (root,0,0,00:00:00/15-13:05:55,82) [devfreq_wq] (root,0,0,00:00:00/15-13:05:55,111) [watchdogd] (root,0,0,00:00:06/15-13:05:55,112) [kworker/1:1H-kblockd] (root,0,0,00:00:00/15-13:05:55,113) [kswapd0] (root,0,0,00:00:00/15-13:05:54,115) [kthrotld] (root,0,0,00:00:00/15-13:05:53,118) [mld] (root,0,0,00:00:00/15-13:05:53,119) [ipv6_addrconf] (root,0,0,00:00:03/15-13:05:53,120) [kworker/0:1H-kblockd] (root,0,0,00:00:00/15-13:05:53,125) [kstrp] (root,0,0,00:00:00/15-13:05:53,126) [zswap-shrink] (root,0,0,00:00:00/15-13:05:53,127) [kworker/u9:0] (root,0,0,00:00:00/15-13:05:53,132) [charger_manager] (root,0,0,00:00:03/15-13:05:53,139) [kworker/2:1H-kblockd] (root,0,0,00:00:02/15-13:05:53,175) [kworker/3:1H-kblockd] (root,0,0,00:00:00/15-13:05:52,328) [ata_sff] (root,0,0,00:00:00/15-13:05:52,329) [scsi_eh_0] (root,0,0,00:00:00/15-13:05:52,330) [scsi_tmf_0] (root,0,0,00:00:00/15-13:05:52,331) [scsi_eh_1] (root,0,0,00:00:00/15-13:05:52,332) [scsi_tmf_1] (root,0,0,00:00:21/15-13:05:49,350) [jbd2/vda1-8] (root,0,0,00:00:00/15-13:05:49,351) [ext4-rsv-conver] (root,38604,8056,00:00:21/15-13:05:37,423) /usr/lib/systemd/systemd-journald (root,53096,9768,00:00:01/15-13:05:36,442) /usr/lib/systemd/systemd-udevd (root,8624,6248,00:00:23/15-13:05:34,467) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1640,00:00:04/15-13:04:44,486) /sbin/auditd (messagebus,22540,5464,00:00:37/15-13:04:43,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38904,8464,00:00:19/15-13:04:43,507) /usr/lib/systemd/systemd-logind (root,20556,6080,00:00:00/15-13:04:43,563) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9080,00:00:00/15-13:04:41,595) /usr/sbin/wickedd --systemd --foreground (root,23220,9412,00:00:00/15-13:04:41,596) /usr/sbin/wickedd-nanny --systemd --foreground (root,548104,28756,00:00:13/15-13:04:33,1144) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26784,00:00:00/15-13:04:33,1157) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4572,00:00:23/15-13:04:33,1162) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1776,00:00:00/15-13:04:33,1167) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,375136,10000,00:00:19/15-13:04:33,1169) /usr/sbin/rsyslogd -n -iNONE (root,2516,620,00:00:00/15-13:04:32,1177) bpfilter_umh (root,26204,8380,00:00:02/15-13:04:32,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,19768,5772,00:01:25/15-13:04:32,1183) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (spot,282644,118840,10:04:11/15-13:04:32,1191) /usr/bin/python3.11 /usr/bin/spot (ntp,21768,4104,00:00:00/15-13:04:32,1195) ntpd: asynchronous dns resolver (root,23432,4668,00:00:05/15-13:04:30,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7656,00:00:01/15-13:04:30,1277) qmgr -l -t fifo -u (root,8960,2660,00:00:03/15-13:04:30,1300) /usr/sbin/cron -n (root,35064,9940,00:00:00/15-13:04:29,1306) sshd: syslogtunnel [priv] (syslogtunnel,40560,10528,00:00:05/15-13:04:27,1311) /usr/lib/systemd/systemd --user (syslogtunnel,48568,3104,00:00:00/15-13:04:27,1312) (sd-pam) (syslogtunnel,35064,4708,00:00:53/15-13:04:27,1324) sshd: syslogtunnel (root,688884,74424,00:19:49/15-13:04:25,1329) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,205084,42240,00:05:50/15-13:04:10,1334) /usr/bin/python3.11 /usr/bin/spot (root,35056,9824,00:00:00/15-13:04:07,1336) sshd: cm-ssh [priv] (cm-ssh,40560,10504,00:00:05/15-13:04:06,1344) /usr/lib/systemd/systemd --user (cm-ssh,48568,3112,00:00:00/15-13:04:06,1345) (sd-pam) (cm-ssh,35056,4596,00:00:49/15-13:04:06,1365) sshd: cm-ssh (root,0,0,00:00:00/05:32,2686) [kworker/1:0-ata_sff] (root,0,0,00:00:00/31:29,7219) [kworker/1:1-events] (root,0,0,00:00:00/00:22,7502) [kworker/1:2-ata_sff] (root,6656,3484,00:00:00/00:00,8592) /bin/bash /usr/bin/check_mk_agent (root,13744,3528,00:00:00/00:00,8610) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,964,00:00:00/00:00,8611) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,0,0,00:00:00/01:00:41,8909) [kworker/u8:1] (root,0,0,00:00:00/01:00:41,8911) [kworker/2:0-events] (root,0,0,00:00:00/25:39,11176) [kworker/0:0-cgroup_destroy] (postfix,43844,8720,00:00:00/9-20:28:58,12335) tlsmgr -l -t unix -u (root,0,0,00:00:02/01:54:31,13420) [kworker/0:2-events] (root,0,0,00:00:00/16:31,22031) [kworker/2:1-cgroup_destroy] (root,0,0,00:00:00/48:06,22774) [kworker/3:1-events] (postfix,23460,7484,00:00:00/01:13:36,27498) pickup -l -t fifo -u (root,0,0,00:00:00/01:10:29,32254) [kworker/u8:2-flush-254:0] (root,0,0,00:00:00/03:28:34,32741) [kworker/3:0-events] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-09-25 23:54 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe568363fcac6cd8Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12608,00:00:51/13-13:10:48,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:00/13-13:10:48,2) [kthreadd] (root,0,0,00:00:00/13-13:10:48,3) [rcu_gp] (root,0,0,00:00:00/13-13:10:48,4) [rcu_par_gp] (root,0,0,00:00:00/13-13:10:48,5) [slub_flushwq] (root,0,0,00:00:00/13-13:10:48,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/13-13:10:48,9) [mm_percpu_wq] (root,0,0,00:00:00/13-13:10:48,10) [rcu_tasks_kthre] (root,0,0,00:00:00/13-13:10:48,11) [rcu_tasks_rude_] (root,0,0,00:00:00/13-13:10:48,12) [rcu_tasks_trace] (root,0,0,00:00:06/13-13:10:48,13) [ksoftirqd/0] (root,0,0,00:34:26/13-13:10:48,14) [rcu_preempt] (root,0,0,00:00:05/13-13:10:48,15) [migration/0] (root,0,0,00:00:00/13-13:10:48,16) [idle_inject/0] (root,0,0,00:00:00/13-13:10:48,18) [cpuhp/0] (root,0,0,00:00:00/13-13:10:48,19) [cpuhp/1] (root,0,0,00:00:00/13-13:10:48,20) [idle_inject/1] (root,0,0,00:00:05/13-13:10:48,21) [migration/1] (root,0,0,00:00:05/13-13:10:48,22) [ksoftirqd/1] (root,0,0,00:00:00/13-13:10:48,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/13-13:10:48,25) [cpuhp/2] (root,0,0,00:00:00/13-13:10:48,26) [idle_inject/2] (root,0,0,00:00:04/13-13:10:48,27) [migration/2] (root,0,0,00:03:34/13-13:10:48,28) [ksoftirqd/2] (root,0,0,00:00:00/13-13:10:48,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/13-13:10:48,31) [cpuhp/3] (root,0,0,00:00:00/13-13:10:48,32) [idle_inject/3] (root,0,0,00:00:04/13-13:10:48,33) [migration/3] (root,0,0,00:00:29/13-13:10:48,34) [ksoftirqd/3] (root,0,0,00:00:00/13-13:10:48,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/13-13:10:48,41) [kdevtmpfs] (root,0,0,00:00:00/13-13:10:48,42) [netns] (root,0,0,00:00:00/13-13:10:48,43) [inet_frag_wq] (root,0,0,00:00:01/13-13:10:48,44) [kauditd] (root,0,0,00:00:00/13-13:10:48,46) [khungtaskd] (root,0,0,00:00:00/13-13:10:48,47) [oom_reaper] (root,0,0,00:00:00/13-13:10:48,48) [writeback] (root,0,0,00:00:38/13-13:10:48,49) [kcompactd0] (root,0,0,00:00:00/13-13:10:48,50) [ksmd] (root,0,0,00:00:37/13-13:10:48,52) [khugepaged] (root,0,0,00:00:00/13-13:10:48,77) [kintegrityd] (root,0,0,00:00:00/13-13:10:48,78) [kblockd] (root,0,0,00:00:00/13-13:10:48,79) [blkcg_punt_bio] (root,0,0,00:00:00/13-13:10:48,80) [tpm_dev_wq] (root,0,0,00:00:00/13-13:10:48,81) [edac-poller] (root,0,0,00:00:00/13-13:10:48,82) [devfreq_wq] (root,0,0,00:00:00/13-13:10:48,111) [watchdogd] (root,0,0,00:00:05/13-13:10:48,112) [kworker/1:1H-kblockd] (root,0,0,00:00:00/13-13:10:48,113) [kswapd0] (root,0,0,00:00:00/13-13:10:47,115) [kthrotld] (root,0,0,00:00:00/13-13:10:46,118) [mld] (root,0,0,00:00:00/13-13:10:46,119) [ipv6_addrconf] (root,0,0,00:00:03/13-13:10:46,120) [kworker/0:1H-kblockd] (root,0,0,00:00:00/13-13:10:46,125) [kstrp] (root,0,0,00:00:00/13-13:10:46,126) [zswap-shrink] (root,0,0,00:00:00/13-13:10:46,127) [kworker/u9:0] (root,0,0,00:00:00/13-13:10:46,132) [charger_manager] (root,0,0,00:00:02/13-13:10:46,139) [kworker/2:1H-kblockd] (root,0,0,00:00:02/13-13:10:46,175) [kworker/3:1H-kblockd] (root,0,0,00:00:00/13-13:10:45,328) [ata_sff] (root,0,0,00:00:00/13-13:10:45,329) [scsi_eh_0] (root,0,0,00:00:00/13-13:10:45,330) [scsi_tmf_0] (root,0,0,00:00:00/13-13:10:45,331) [scsi_eh_1] (root,0,0,00:00:00/13-13:10:45,332) [scsi_tmf_1] (root,0,0,00:00:18/13-13:10:42,350) [jbd2/vda1-8] (root,0,0,00:00:00/13-13:10:42,351) [ext4-rsv-conver] (root,38604,8056,00:00:18/13-13:10:30,423) /usr/lib/systemd/systemd-journald (root,53096,9768,00:00:01/13-13:10:29,442) /usr/lib/systemd/systemd-udevd (root,8624,6248,00:00:20/13-13:10:27,467) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1640,00:00:04/13-13:09:37,486) /sbin/auditd (messagebus,22540,5464,00:00:32/13-13:09:36,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38900,8468,00:00:16/13-13:09:36,507) /usr/lib/systemd/systemd-logind (root,20556,6080,00:00:00/13-13:09:36,563) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9080,00:00:00/13-13:09:34,595) /usr/sbin/wickedd --systemd --foreground (root,23220,9412,00:00:00/13-13:09:34,596) /usr/sbin/wickedd-nanny --systemd --foreground (root,547848,27412,00:00:11/13-13:09:26,1144) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26784,00:00:00/13-13:09:26,1157) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4572,00:00:20/13-13:09:26,1162) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1776,00:00:00/13-13:09:26,1167) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,375136,10000,00:00:17/13-13:09:26,1169) /usr/sbin/rsyslogd -n -iNONE (root,2516,620,00:00:00/13-13:09:25,1177) bpfilter_umh (root,26204,8380,00:00:02/13-13:09:25,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,19768,5772,00:01:14/13-13:09:25,1183) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (spot,283092,116388,08:28:47/13-13:09:25,1191) /usr/bin/python3.11 /usr/bin/spot (ntp,21768,4104,00:00:00/13-13:09:25,1195) ntpd: asynchronous dns resolver (root,23432,4668,00:00:04/13-13:09:23,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7656,00:00:00/13-13:09:23,1277) qmgr -l -t fifo -u (root,8960,2660,00:00:02/13-13:09:23,1300) /usr/sbin/cron -n (root,35064,9940,00:00:00/13-13:09:22,1306) sshd: syslogtunnel [priv] (syslogtunnel,40560,10528,00:00:04/13-13:09:20,1311) /usr/lib/systemd/systemd --user (syslogtunnel,48568,3104,00:00:00/13-13:09:20,1312) (sd-pam) (syslogtunnel,35064,4708,00:00:46/13-13:09:20,1324) sshd: syslogtunnel (root,688884,74376,00:17:11/13-13:09:18,1329) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,204060,40724,00:05:03/13-13:09:03,1334) /usr/bin/python3.11 /usr/bin/spot (root,35056,9824,00:00:00/13-13:09:00,1336) sshd: cm-ssh [priv] (cm-ssh,40560,10504,00:00:04/13-13:08:59,1344) /usr/lib/systemd/systemd --user (cm-ssh,48568,3112,00:00:00/13-13:08:59,1345) (sd-pam) (cm-ssh,35056,4596,00:00:42/13-13:08:59,1365) sshd: cm-ssh (root,0,0,00:00:00/02:42:24,1985) [kworker/0:1-events] (root,0,0,00:00:00/14:37,6264) [kworker/2:2-events] (root,0,0,00:00:00/03:06:53,9123) [kworker/3:2-events] (root,0,0,00:00:01/01:53:26,11706) [kworker/0:2-events] (root,0,0,00:00:00/08:51,12093) [kworker/1:0-ata_sff] (postfix,43844,8720,00:00:00/7-20:33:51,12335) tlsmgr -l -t unix -u (root,0,0,00:00:01/01:52:36,12879) [kworker/1:1-events] (root,0,0,00:00:00/29:04,17770) [kworker/u8:0-flush-254:0] (root,0,0,00:00:00/03:38,18332) [kworker/1:2-ata_sff] (root,0,0,00:00:00/26:57,20239) [kworker/2:1-cgroup_destroy] (root,0,0,00:00:00/01:19:30,22058) [kworker/u8:2-ext4-rsv-conversion] (root,0,0,00:00:00/01:37,22335) [kworker/0:0] (root,0,0,00:00:00/01:27,22756) [kworker/2:0] (postfix,23460,7624,00:00:00/00:24,25934) pickup -l -t fifo -u (root,6656,3484,00:00:00/00:00,26279) /bin/bash /usr/bin/check_mk_agent (root,13744,3408,00:00:00/00:00,26297) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,964,00:00:00/00:00,26298) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,0,0,00:00:00/01:16:30,27511) [kworker/3:0-events] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-09-23 23:59 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe568363a91f14b7Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12604,00:00:44/11-12:56:43,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:00/11-12:56:43,2) [kthreadd] (root,0,0,00:00:00/11-12:56:43,3) [rcu_gp] (root,0,0,00:00:00/11-12:56:43,4) [rcu_par_gp] (root,0,0,00:00:00/11-12:56:43,5) [slub_flushwq] (root,0,0,00:00:00/11-12:56:43,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/11-12:56:43,9) [mm_percpu_wq] (root,0,0,00:00:00/11-12:56:43,10) [rcu_tasks_kthre] (root,0,0,00:00:00/11-12:56:43,11) [rcu_tasks_rude_] (root,0,0,00:00:00/11-12:56:43,12) [rcu_tasks_trace] (root,0,0,00:00:05/11-12:56:43,13) [ksoftirqd/0] (root,0,0,00:29:11/11-12:56:43,14) [rcu_preempt] (root,0,0,00:00:04/11-12:56:43,15) [migration/0] (root,0,0,00:00:00/11-12:56:43,16) [idle_inject/0] (root,0,0,00:00:00/11-12:56:43,18) [cpuhp/0] (root,0,0,00:00:00/11-12:56:43,19) [cpuhp/1] (root,0,0,00:00:00/11-12:56:43,20) [idle_inject/1] (root,0,0,00:00:04/11-12:56:43,21) [migration/1] (root,0,0,00:00:05/11-12:56:43,22) [ksoftirqd/1] (root,0,0,00:00:00/11-12:56:43,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/11-12:56:43,25) [cpuhp/2] (root,0,0,00:00:00/11-12:56:43,26) [idle_inject/2] (root,0,0,00:00:03/11-12:56:43,27) [migration/2] (root,0,0,00:03:00/11-12:56:43,28) [ksoftirqd/2] (root,0,0,00:00:00/11-12:56:43,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/11-12:56:43,31) [cpuhp/3] (root,0,0,00:00:00/11-12:56:43,32) [idle_inject/3] (root,0,0,00:00:03/11-12:56:43,33) [migration/3] (root,0,0,00:00:24/11-12:56:43,34) [ksoftirqd/3] (root,0,0,00:00:00/11-12:56:43,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/11-12:56:43,41) [kdevtmpfs] (root,0,0,00:00:00/11-12:56:43,42) [netns] (root,0,0,00:00:00/11-12:56:43,43) [inet_frag_wq] (root,0,0,00:00:01/11-12:56:43,44) [kauditd] (root,0,0,00:00:00/11-12:56:43,46) [khungtaskd] (root,0,0,00:00:00/11-12:56:43,47) [oom_reaper] (root,0,0,00:00:00/11-12:56:43,48) [writeback] (root,0,0,00:00:32/11-12:56:43,49) [kcompactd0] (root,0,0,00:00:00/11-12:56:43,50) [ksmd] (root,0,0,00:00:31/11-12:56:43,52) [khugepaged] (root,0,0,00:00:00/11-12:56:43,77) [kintegrityd] (root,0,0,00:00:00/11-12:56:43,78) [kblockd] (root,0,0,00:00:00/11-12:56:43,79) [blkcg_punt_bio] (root,0,0,00:00:00/11-12:56:43,80) [tpm_dev_wq] (root,0,0,00:00:00/11-12:56:43,81) [edac-poller] (root,0,0,00:00:00/11-12:56:43,82) [devfreq_wq] (root,0,0,00:00:00/11-12:56:43,111) [watchdogd] (root,0,0,00:00:05/11-12:56:43,112) [kworker/1:1H-kblockd] (root,0,0,00:00:00/11-12:56:43,113) [kswapd0] (root,0,0,00:00:00/11-12:56:42,115) [kthrotld] (root,0,0,00:00:00/11-12:56:41,118) [mld] (root,0,0,00:00:00/11-12:56:41,119) [ipv6_addrconf] (root,0,0,00:00:02/11-12:56:41,120) [kworker/0:1H-kblockd] (root,0,0,00:00:00/11-12:56:41,125) [kstrp] (root,0,0,00:00:00/11-12:56:41,126) [zswap-shrink] (root,0,0,00:00:00/11-12:56:41,127) [kworker/u9:0] (root,0,0,00:00:00/11-12:56:41,132) [charger_manager] (root,0,0,00:00:02/11-12:56:41,139) [kworker/2:1H-kblockd] (root,0,0,00:00:01/11-12:56:41,175) [kworker/3:1H-kblockd] (root,0,0,00:00:00/11-12:56:40,328) [ata_sff] (root,0,0,00:00:00/11-12:56:40,329) [scsi_eh_0] (root,0,0,00:00:00/11-12:56:40,330) [scsi_tmf_0] (root,0,0,00:00:00/11-12:56:40,331) [scsi_eh_1] (root,0,0,00:00:00/11-12:56:40,332) [scsi_tmf_1] (root,0,0,00:00:15/11-12:56:37,350) [jbd2/vda1-8] (root,0,0,00:00:00/11-12:56:37,351) [ext4-rsv-conver] (root,38604,8056,00:00:15/11-12:56:25,423) /usr/lib/systemd/systemd-journald (root,53096,9768,00:00:01/11-12:56:24,442) /usr/lib/systemd/systemd-udevd (root,8624,6248,00:00:17/11-12:56:22,467) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1640,00:00:03/11-12:55:32,486) /sbin/auditd (messagebus,22540,5464,00:00:28/11-12:55:31,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38736,8448,00:00:14/11-12:55:31,507) /usr/lib/systemd/systemd-logind (root,20556,6080,00:00:00/11-12:55:31,563) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9080,00:00:00/11-12:55:29,595) /usr/sbin/wickedd --systemd --foreground (root,23220,9412,00:00:00/11-12:55:29,596) /usr/sbin/wickedd-nanny --systemd --foreground (root,547848,26896,00:00:10/11-12:55:21,1144) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26784,00:00:00/11-12:55:21,1157) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4572,00:00:17/11-12:55:21,1162) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1776,00:00:00/11-12:55:21,1167) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,375052,10300,00:00:14/11-12:55:21,1169) /usr/sbin/rsyslogd -n -iNONE (root,2516,620,00:00:00/11-12:55:20,1177) bpfilter_umh (root,26204,8380,00:00:02/11-12:55:20,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,19768,5772,00:01:03/11-12:55:20,1183) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (spot,284952,116172,07:06:49/11-12:55:20,1191) /usr/bin/python3.11 /usr/bin/spot (ntp,21768,4104,00:00:00/11-12:55:20,1195) ntpd: asynchronous dns resolver (root,23432,4668,00:00:03/11-12:55:18,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7656,00:00:00/11-12:55:18,1277) qmgr -l -t fifo -u (root,8960,2660,00:00:02/11-12:55:18,1300) /usr/sbin/cron -n (root,35064,9940,00:00:00/11-12:55:17,1306) sshd: syslogtunnel [priv] (syslogtunnel,40560,10528,00:00:03/11-12:55:15,1311) /usr/lib/systemd/systemd --user (syslogtunnel,48568,3104,00:00:00/11-12:55:15,1312) (sd-pam) (syslogtunnel,35064,4708,00:00:39/11-12:55:15,1324) sshd: syslogtunnel (root,688628,74168,00:14:37/11-12:55:13,1329) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,203036,39444,00:04:15/11-12:54:58,1334) /usr/bin/python3.11 /usr/bin/spot (root,35056,9824,00:00:00/11-12:54:55,1336) sshd: cm-ssh [priv] (cm-ssh,40560,10504,00:00:04/11-12:54:54,1344) /usr/lib/systemd/systemd --user (cm-ssh,48568,3112,00:00:00/11-12:54:54,1345) (sd-pam) (cm-ssh,35056,4596,00:00:36/11-12:54:54,1365) sshd: cm-ssh (root,0,0,00:00:00/01:48,4451) [kworker/3:2-events] (root,0,0,00:00:00/25:44,6303) [kworker/3:0-cgroup_destroy] (root,0,0,00:00:00/00:31,7183) [kworker/1:1-ata_sff] (root,6656,3484,00:00:00/00:00,7942) /bin/bash /usr/bin/check_mk_agent (root,13744,3384,00:00:00/00:00,7960) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,968,00:00:00/00:00,7961) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,0,0,00:00:00/52:24,8954) [kworker/1:2-events] (postfix,43844,8720,00:00:00/5-20:19:46,12335) tlsmgr -l -t unix -u (root,0,0,00:00:00/01:52:48,13214) [kworker/u8:0-flush-254:0] (root,0,0,00:00:00/01:52:37,13216) [kworker/2:1-events] (root,0,0,00:00:01/01:15:50,22036) [kworker/0:1-events] (root,0,0,00:00:00/01:40:44,23787) [kworker/2:0-events] (root,0,0,00:00:00/38:00,24283) [kworker/u8:1-events_unbound] (root,0,0,00:00:00/38:00,24284) [kworker/3:1-cgroup_destroy] (root,0,0,00:00:01/02:16:51,28509) [kworker/0:0-events] (postfix,23460,7592,00:00:00/06:08,32678) pickup -l -t fifo -u (root,0,0,00:00:00/05:41,32679) [kworker/1:0-ata_sff] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-09-21 23:45 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe5683639fe37367Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12604,00:00:37/9-12:53:18,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:00/9-12:53:18,2) [kthreadd] (root,0,0,00:00:00/9-12:53:18,3) [rcu_gp] (root,0,0,00:00:00/9-12:53:18,4) [rcu_par_gp] (root,0,0,00:00:00/9-12:53:18,5) [slub_flushwq] (root,0,0,00:00:00/9-12:53:18,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/9-12:53:18,9) [mm_percpu_wq] (root,0,0,00:00:00/9-12:53:18,10) [rcu_tasks_kthre] (root,0,0,00:00:00/9-12:53:18,11) [rcu_tasks_rude_] (root,0,0,00:00:00/9-12:53:18,12) [rcu_tasks_trace] (root,0,0,00:00:04/9-12:53:18,13) [ksoftirqd/0] (root,0,0,00:23:56/9-12:53:18,14) [rcu_preempt] (root,0,0,00:00:03/9-12:53:18,15) [migration/0] (root,0,0,00:00:00/9-12:53:18,16) [idle_inject/0] (root,0,0,00:00:00/9-12:53:18,18) [cpuhp/0] (root,0,0,00:00:00/9-12:53:18,19) [cpuhp/1] (root,0,0,00:00:00/9-12:53:18,20) [idle_inject/1] (root,0,0,00:00:03/9-12:53:18,21) [migration/1] (root,0,0,00:00:04/9-12:53:18,22) [ksoftirqd/1] (root,0,0,00:00:00/9-12:53:18,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/9-12:53:18,25) [cpuhp/2] (root,0,0,00:00:00/9-12:53:18,26) [idle_inject/2] (root,0,0,00:00:02/9-12:53:18,27) [migration/2] (root,0,0,00:02:29/9-12:53:18,28) [ksoftirqd/2] (root,0,0,00:00:00/9-12:53:18,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/9-12:53:18,31) [cpuhp/3] (root,0,0,00:00:00/9-12:53:18,32) [idle_inject/3] (root,0,0,00:00:03/9-12:53:18,33) [migration/3] (root,0,0,00:00:20/9-12:53:18,34) [ksoftirqd/3] (root,0,0,00:00:00/9-12:53:18,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/9-12:53:18,41) [kdevtmpfs] (root,0,0,00:00:00/9-12:53:18,42) [netns] (root,0,0,00:00:00/9-12:53:18,43) [inet_frag_wq] (root,0,0,00:00:01/9-12:53:18,44) [kauditd] (root,0,0,00:00:00/9-12:53:18,46) [khungtaskd] (root,0,0,00:00:00/9-12:53:18,47) [oom_reaper] (root,0,0,00:00:00/9-12:53:18,48) [writeback] (root,0,0,00:00:26/9-12:53:18,49) [kcompactd0] (root,0,0,00:00:00/9-12:53:18,50) [ksmd] (root,0,0,00:00:25/9-12:53:18,52) [khugepaged] (root,0,0,00:00:00/9-12:53:18,77) [kintegrityd] (root,0,0,00:00:00/9-12:53:18,78) [kblockd] (root,0,0,00:00:00/9-12:53:18,79) [blkcg_punt_bio] (root,0,0,00:00:00/9-12:53:18,80) [tpm_dev_wq] (root,0,0,00:00:00/9-12:53:18,81) [edac-poller] (root,0,0,00:00:00/9-12:53:18,82) [devfreq_wq] (root,0,0,00:00:00/9-12:53:18,111) [watchdogd] (root,0,0,00:00:04/9-12:53:18,112) [kworker/1:1H-kblockd] (root,0,0,00:00:00/9-12:53:18,113) [kswapd0] (root,0,0,00:00:00/9-12:53:17,115) [kthrotld] (root,0,0,00:00:00/9-12:53:16,118) [mld] (root,0,0,00:00:00/9-12:53:16,119) [ipv6_addrconf] (root,0,0,00:00:02/9-12:53:16,120) [kworker/0:1H-kblockd] (root,0,0,00:00:00/9-12:53:16,125) [kstrp] (root,0,0,00:00:00/9-12:53:16,126) [zswap-shrink] (root,0,0,00:00:00/9-12:53:16,127) [kworker/u9:0] (root,0,0,00:00:00/9-12:53:16,132) [charger_manager] (root,0,0,00:00:01/9-12:53:16,139) [kworker/2:1H-kblockd] (root,0,0,00:00:01/9-12:53:16,175) [kworker/3:1H-kblockd] (root,0,0,00:00:00/9-12:53:15,328) [ata_sff] (root,0,0,00:00:00/9-12:53:15,329) [scsi_eh_0] (root,0,0,00:00:00/9-12:53:15,330) [scsi_tmf_0] (root,0,0,00:00:00/9-12:53:15,331) [scsi_eh_1] (root,0,0,00:00:00/9-12:53:15,332) [scsi_tmf_1] (root,0,0,00:00:12/9-12:53:12,350) [jbd2/vda1-8] (root,0,0,00:00:00/9-12:53:12,351) [ext4-rsv-conver] (root,38604,8056,00:00:13/9-12:53:00,423) /usr/lib/systemd/systemd-journald (root,53096,9768,00:00:01/9-12:52:59,442) /usr/lib/systemd/systemd-udevd (root,8624,6248,00:00:14/9-12:52:57,467) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1640,00:00:02/9-12:52:07,486) /sbin/auditd (messagebus,22540,5464,00:00:23/9-12:52:06,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38900,8452,00:00:11/9-12:52:06,507) /usr/lib/systemd/systemd-logind (root,20556,6080,00:00:00/9-12:52:06,563) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9080,00:00:00/9-12:52:04,595) /usr/sbin/wickedd --systemd --foreground (root,23220,9412,00:00:00/9-12:52:04,596) /usr/sbin/wickedd-nanny --systemd --foreground (root,547848,26896,00:00:08/9-12:51:56,1144) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26784,00:00:00/9-12:51:56,1157) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4572,00:00:14/9-12:51:56,1162) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1776,00:00:00/9-12:51:56,1167) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,375052,10300,00:00:12/9-12:51:56,1169) /usr/sbin/rsyslogd -n -iNONE (root,2516,620,00:00:00/9-12:51:55,1177) bpfilter_umh (root,26204,8380,00:00:01/9-12:51:55,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,19768,5772,00:00:52/9-12:51:55,1183) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (spot,285272,116252,05:38:08/9-12:51:55,1191) /usr/bin/python3.11 /usr/bin/spot (ntp,21768,4104,00:00:00/9-12:51:55,1195) ntpd: asynchronous dns resolver (root,23432,4668,00:00:03/9-12:51:53,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7656,00:00:00/9-12:51:53,1277) qmgr -l -t fifo -u (root,8960,2660,00:00:02/9-12:51:53,1300) /usr/sbin/cron -n (root,35064,9940,00:00:00/9-12:51:52,1306) sshd: syslogtunnel [priv] (syslogtunnel,40560,10528,00:00:03/9-12:51:50,1311) /usr/lib/systemd/systemd --user (syslogtunnel,48568,3104,00:00:00/9-12:51:50,1312) (sd-pam) (syslogtunnel,35064,4708,00:00:32/9-12:51:50,1324) sshd: syslogtunnel (root,688232,70408,00:12:03/9-12:51:48,1329) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,202012,38176,00:03:29/9-12:51:33,1334) /usr/bin/python3.11 /usr/bin/spot (root,35056,9824,00:00:00/9-12:51:30,1336) sshd: cm-ssh [priv] (cm-ssh,40560,10504,00:00:03/9-12:51:29,1344) /usr/lib/systemd/systemd --user (cm-ssh,48568,3112,00:00:00/9-12:51:29,1345) (sd-pam) (cm-ssh,35056,4596,00:00:29/9-12:51:29,1365) sshd: cm-ssh (root,0,0,00:00:02/02:48:13,3216) [kworker/0:2-events] (root,0,0,00:00:00/01:47,3458) [kworker/1:0-ata_sff] (root,6656,3484,00:00:00/00:00,6167) /bin/bash /usr/bin/check_mk_agent (root,13744,3460,00:00:00/00:00,6185) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,952,00:00:00/00:00,6186) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (postfix,23460,7520,00:00:00/24:42,10453) pickup -l -t fifo -u (postfix,43844,8720,00:00:00/3-20:16:21,12335) tlsmgr -l -t unix -u (root,0,0,00:00:00/01:21:30,17277) [kworker/2:1-cgroup_destroy] (root,0,0,00:00:00/04:56:31,22356) [kworker/u8:0-flush-254:0] (root,0,0,00:00:00/01:46:25,23799) [kworker/3:0-events] (root,0,0,00:00:00/01:42:05,26332) [kworker/u8:2-flush-254:0] (root,0,0,00:00:01/02:58:11,26333) [kworker/1:2-events] (root,0,0,00:00:00/08:10,27924) [kworker/3:1] (root,0,0,00:00:00/08:00,27925) [kworker/0:1-events] (root,0,0,00:00:00/08:00,27927) [kworker/2:0-events] (root,0,0,00:00:00/06:57,29199) [kworker/1:1-ata_sff] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-09-19 23:42 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe568363841b10b7Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12604,00:00:29/7-12:50:09,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:00/7-12:50:09,2) [kthreadd] (root,0,0,00:00:00/7-12:50:09,3) [rcu_gp] (root,0,0,00:00:00/7-12:50:09,4) [rcu_par_gp] (root,0,0,00:00:00/7-12:50:09,5) [slub_flushwq] (root,0,0,00:00:00/7-12:50:09,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/7-12:50:09,9) [mm_percpu_wq] (root,0,0,00:00:00/7-12:50:09,10) [rcu_tasks_kthre] (root,0,0,00:00:00/7-12:50:09,11) [rcu_tasks_rude_] (root,0,0,00:00:00/7-12:50:09,12) [rcu_tasks_trace] (root,0,0,00:00:03/7-12:50:09,13) [ksoftirqd/0] (root,0,0,00:18:34/7-12:50:09,14) [rcu_preempt] (root,0,0,00:00:02/7-12:50:09,15) [migration/0] (root,0,0,00:00:00/7-12:50:09,16) [idle_inject/0] (root,0,0,00:00:00/7-12:50:09,18) [cpuhp/0] (root,0,0,00:00:00/7-12:50:09,19) [cpuhp/1] (root,0,0,00:00:00/7-12:50:09,20) [idle_inject/1] (root,0,0,00:00:02/7-12:50:09,21) [migration/1] (root,0,0,00:00:03/7-12:50:09,22) [ksoftirqd/1] (root,0,0,00:00:00/7-12:50:09,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/7-12:50:09,25) [cpuhp/2] (root,0,0,00:00:00/7-12:50:09,26) [idle_inject/2] (root,0,0,00:00:02/7-12:50:09,27) [migration/2] (root,0,0,00:01:55/7-12:50:09,28) [ksoftirqd/2] (root,0,0,00:00:00/7-12:50:09,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/7-12:50:09,31) [cpuhp/3] (root,0,0,00:00:00/7-12:50:09,32) [idle_inject/3] (root,0,0,00:00:02/7-12:50:09,33) [migration/3] (root,0,0,00:00:15/7-12:50:09,34) [ksoftirqd/3] (root,0,0,00:00:00/7-12:50:09,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/7-12:50:09,41) [kdevtmpfs] (root,0,0,00:00:00/7-12:50:09,42) [netns] (root,0,0,00:00:00/7-12:50:09,43) [inet_frag_wq] (root,0,0,00:00:01/7-12:50:09,44) [kauditd] (root,0,0,00:00:00/7-12:50:09,46) [khungtaskd] (root,0,0,00:00:00/7-12:50:09,47) [oom_reaper] (root,0,0,00:00:00/7-12:50:09,48) [writeback] (root,0,0,00:00:20/7-12:50:09,49) [kcompactd0] (root,0,0,00:00:00/7-12:50:09,50) [ksmd] (root,0,0,00:00:20/7-12:50:09,52) [khugepaged] (root,0,0,00:00:00/7-12:50:09,77) [kintegrityd] (root,0,0,00:00:00/7-12:50:09,78) [kblockd] (root,0,0,00:00:00/7-12:50:09,79) [blkcg_punt_bio] (root,0,0,00:00:00/7-12:50:09,80) [tpm_dev_wq] (root,0,0,00:00:00/7-12:50:09,81) [edac-poller] (root,0,0,00:00:00/7-12:50:09,82) [devfreq_wq] (root,0,0,00:00:00/7-12:50:09,111) [watchdogd] (root,0,0,00:00:03/7-12:50:09,112) [kworker/1:1H-kblockd] (root,0,0,00:00:00/7-12:50:09,113) [kswapd0] (root,0,0,00:00:00/7-12:50:08,115) [kthrotld] (root,0,0,00:00:00/7-12:50:07,118) [mld] (root,0,0,00:00:00/7-12:50:07,119) [ipv6_addrconf] (root,0,0,00:00:01/7-12:50:07,120) [kworker/0:1H-kblockd] (root,0,0,00:00:00/7-12:50:07,125) [kstrp] (root,0,0,00:00:00/7-12:50:07,126) [zswap-shrink] (root,0,0,00:00:00/7-12:50:07,127) [kworker/u9:0] (root,0,0,00:00:00/7-12:50:07,132) [charger_manager] (root,0,0,00:00:01/7-12:50:07,139) [kworker/2:1H-kblockd] (root,0,0,00:00:01/7-12:50:07,175) [kworker/3:1H-kblockd] (root,0,0,00:00:00/7-12:50:06,328) [ata_sff] (root,0,0,00:00:00/7-12:50:06,329) [scsi_eh_0] (root,0,0,00:00:00/7-12:50:06,330) [scsi_tmf_0] (root,0,0,00:00:00/7-12:50:06,331) [scsi_eh_1] (root,0,0,00:00:00/7-12:50:06,332) [scsi_tmf_1] (root,0,0,00:00:09/7-12:50:03,350) [jbd2/vda1-8] (root,0,0,00:00:00/7-12:50:03,351) [ext4-rsv-conver] (root,38604,8056,00:00:10/7-12:49:51,423) /usr/lib/systemd/systemd-journald (root,53096,9768,00:00:01/7-12:49:50,442) /usr/lib/systemd/systemd-udevd (root,8624,6248,00:00:11/7-12:49:48,467) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1640,00:00:02/7-12:48:58,486) /sbin/auditd (messagebus,22540,5464,00:00:18/7-12:48:57,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38888,8456,00:00:09/7-12:48:57,507) /usr/lib/systemd/systemd-logind (root,20556,6080,00:00:00/7-12:48:57,563) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9080,00:00:00/7-12:48:55,595) /usr/sbin/wickedd --systemd --foreground (root,23220,9412,00:00:00/7-12:48:55,596) /usr/sbin/wickedd-nanny --systemd --foreground (root,547592,25652,00:00:06/7-12:48:47,1144) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26784,00:00:00/7-12:48:47,1157) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4572,00:00:11/7-12:48:47,1162) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1776,00:00:00/7-12:48:47,1167) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,375052,10300,00:00:09/7-12:48:47,1169) /usr/sbin/rsyslogd -n -iNONE (root,2516,620,00:00:00/7-12:48:46,1177) bpfilter_umh (root,26204,8380,00:00:01/7-12:48:46,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,19768,5772,00:00:41/7-12:48:46,1183) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (spot,214484,108532,04:12:54/7-12:48:46,1191) /usr/bin/python3.11 /usr/bin/spot (ntp,21768,4104,00:00:00/7-12:48:46,1195) ntpd: asynchronous dns resolver (root,23432,4668,00:00:02/7-12:48:44,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7656,00:00:00/7-12:48:44,1277) qmgr -l -t fifo -u (root,8960,2660,00:00:01/7-12:48:44,1300) /usr/sbin/cron -n (root,35064,9940,00:00:00/7-12:48:43,1306) sshd: syslogtunnel [priv] (syslogtunnel,40560,10528,00:00:02/7-12:48:41,1311) /usr/lib/systemd/systemd --user (syslogtunnel,48568,3104,00:00:00/7-12:48:41,1312) (sd-pam) (syslogtunnel,35064,4708,00:00:25/7-12:48:41,1324) sshd: syslogtunnel (root,687976,73284,00:09:30/7-12:48:39,1329) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,200988,36788,00:02:40/7-12:48:24,1334) /usr/bin/python3.11 /usr/bin/spot (root,35056,9824,00:00:00/7-12:48:21,1336) sshd: cm-ssh [priv] (cm-ssh,40560,10504,00:00:02/7-12:48:20,1344) /usr/lib/systemd/systemd --user (cm-ssh,48568,3112,00:00:00/7-12:48:20,1345) (sd-pam) (cm-ssh,35056,4596,00:00:23/7-12:48:20,1365) sshd: cm-ssh (root,6656,3488,00:00:00/00:00,3431) /bin/bash /usr/bin/check_mk_agent (root,13744,3384,00:00:00/00:00,3449) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,956,00:00:00/00:00,3450) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,0,0,00:00:01/02:08:05,11332) [kworker/1:2-events] (postfix,43844,8720,00:00:00/1-20:13:12,12335) tlsmgr -l -t unix -u (root,0,0,00:00:00/02:41:56,13138) [kworker/u8:2-ext4-rsv-conversion] (root,0,0,00:00:00/17:32,17165) [kworker/2:2-events] (root,0,0,00:00:00/51:37,20804) [kworker/2:0-cgroup_destroy] (postfix,23460,7576,00:00:00/43:33,23923) pickup -l -t fifo -u (root,0,0,00:00:00/08:46,25551) [kworker/1:0-ata_sff] (root,0,0,00:00:00/08:35,25960) [kworker/u8:1-writeback] (root,0,0,00:00:00/40:23,27124) [kworker/3:0-events] (root,0,0,00:00:00/06:41,27429) [kworker/3:1] (root,0,0,00:00:00/06:31,27431) [kworker/0:2-events] (root,0,0,00:00:01/01:13:36,27928) [kworker/0:1-cgroup_destroy] (root,0,0,00:00:00/03:35,30633) [kworker/1:1-ata_sff] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-09-17 23:38 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe568363be992309Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12600,00:00:22/5-12:56:45,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:00/5-12:56:45,2) [kthreadd] (root,0,0,00:00:00/5-12:56:45,3) [rcu_gp] (root,0,0,00:00:00/5-12:56:45,4) [rcu_par_gp] (root,0,0,00:00:00/5-12:56:45,5) [slub_flushwq] (root,0,0,00:00:00/5-12:56:45,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/5-12:56:45,9) [mm_percpu_wq] (root,0,0,00:00:00/5-12:56:45,10) [rcu_tasks_kthre] (root,0,0,00:00:00/5-12:56:45,11) [rcu_tasks_rude_] (root,0,0,00:00:00/5-12:56:45,12) [rcu_tasks_trace] (root,0,0,00:00:02/5-12:56:45,13) [ksoftirqd/0] (root,0,0,00:13:26/5-12:56:45,14) [rcu_preempt] (root,0,0,00:00:02/5-12:56:45,15) [migration/0] (root,0,0,00:00:00/5-12:56:45,16) [idle_inject/0] (root,0,0,00:00:00/5-12:56:45,18) [cpuhp/0] (root,0,0,00:00:00/5-12:56:45,19) [cpuhp/1] (root,0,0,00:00:00/5-12:56:45,20) [idle_inject/1] (root,0,0,00:00:02/5-12:56:45,21) [migration/1] (root,0,0,00:00:02/5-12:56:45,22) [ksoftirqd/1] (root,0,0,00:00:00/5-12:56:45,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/5-12:56:45,25) [cpuhp/2] (root,0,0,00:00:00/5-12:56:45,26) [idle_inject/2] (root,0,0,00:00:01/5-12:56:45,27) [migration/2] (root,0,0,00:01:18/5-12:56:45,28) [ksoftirqd/2] (root,0,0,00:00:00/5-12:56:45,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/5-12:56:45,31) [cpuhp/3] (root,0,0,00:00:00/5-12:56:45,32) [idle_inject/3] (root,0,0,00:00:01/5-12:56:45,33) [migration/3] (root,0,0,00:00:10/5-12:56:45,34) [ksoftirqd/3] (root,0,0,00:00:00/5-12:56:45,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/5-12:56:45,41) [kdevtmpfs] (root,0,0,00:00:00/5-12:56:45,42) [netns] (root,0,0,00:00:00/5-12:56:45,43) [inet_frag_wq] (root,0,0,00:00:00/5-12:56:45,44) [kauditd] (root,0,0,00:00:00/5-12:56:45,46) [khungtaskd] (root,0,0,00:00:00/5-12:56:45,47) [oom_reaper] (root,0,0,00:00:00/5-12:56:45,48) [writeback] (root,0,0,00:00:15/5-12:56:45,49) [kcompactd0] (root,0,0,00:00:00/5-12:56:45,50) [ksmd] (root,0,0,00:00:14/5-12:56:45,52) [khugepaged] (root,0,0,00:00:00/5-12:56:45,77) [kintegrityd] (root,0,0,00:00:00/5-12:56:45,78) [kblockd] (root,0,0,00:00:00/5-12:56:45,79) [blkcg_punt_bio] (root,0,0,00:00:00/5-12:56:45,80) [tpm_dev_wq] (root,0,0,00:00:00/5-12:56:45,81) [edac-poller] (root,0,0,00:00:00/5-12:56:45,82) [devfreq_wq] (root,0,0,00:00:00/5-12:56:45,111) [watchdogd] (root,0,0,00:00:02/5-12:56:45,112) [kworker/1:1H-kblockd] (root,0,0,00:00:00/5-12:56:45,113) [kswapd0] (root,0,0,00:00:00/5-12:56:44,115) [kthrotld] (root,0,0,00:00:00/5-12:56:43,118) [mld] (root,0,0,00:00:00/5-12:56:43,119) [ipv6_addrconf] (root,0,0,00:00:01/5-12:56:43,120) [kworker/0:1H-kblockd] (root,0,0,00:00:00/5-12:56:43,125) [kstrp] (root,0,0,00:00:00/5-12:56:43,126) [zswap-shrink] (root,0,0,00:00:00/5-12:56:43,127) [kworker/u9:0] (root,0,0,00:00:00/5-12:56:43,132) [charger_manager] (root,0,0,00:00:00/5-12:56:43,139) [kworker/2:1H-kblockd] (root,0,0,00:00:00/5-12:56:43,175) [kworker/3:1H-kblockd] (root,0,0,00:00:00/5-12:56:42,328) [ata_sff] (root,0,0,00:00:00/5-12:56:42,329) [scsi_eh_0] (root,0,0,00:00:00/5-12:56:42,330) [scsi_tmf_0] (root,0,0,00:00:00/5-12:56:42,331) [scsi_eh_1] (root,0,0,00:00:00/5-12:56:42,332) [scsi_tmf_1] (root,0,0,00:00:07/5-12:56:39,350) [jbd2/vda1-8] (root,0,0,00:00:00/5-12:56:39,351) [ext4-rsv-conver] (root,0,0,00:00:00/24:05,365) [kworker/2:0-cgroup_destroy] (root,38604,7676,00:00:07/5-12:56:27,423) /usr/lib/systemd/systemd-journald (root,53096,9768,00:00:00/5-12:56:26,442) /usr/lib/systemd/systemd-udevd (root,8624,6248,00:00:08/5-12:56:24,467) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1640,00:00:01/5-12:55:34,486) /sbin/auditd (messagebus,22540,5464,00:00:13/5-12:55:33,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38888,8448,00:00:07/5-12:55:33,507) /usr/lib/systemd/systemd-logind (root,0,0,00:00:01/02:37:41,521) [kworker/1:0-events] (root,20556,6080,00:00:00/5-12:55:33,563) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9080,00:00:00/5-12:55:31,595) /usr/sbin/wickedd --systemd --foreground (root,23220,9412,00:00:00/5-12:55:31,596) /usr/sbin/wickedd-nanny --systemd --foreground (root,0,0,00:00:00/23:44,1004) [kworker/u8:0] (root,547592,24868,00:00:04/5-12:55:23,1144) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26784,00:00:00/5-12:55:23,1157) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4572,00:00:08/5-12:55:23,1162) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1776,00:00:00/5-12:55:23,1167) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,375052,10040,00:00:07/5-12:55:23,1169) /usr/sbin/rsyslogd -n -iNONE (root,2516,620,00:00:00/5-12:55:22,1177) bpfilter_umh (root,26204,8380,00:00:01/5-12:55:22,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,19768,5772,00:00:30/5-12:55:22,1183) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (spot,216172,103716,02:53:48/5-12:55:22,1191) /usr/bin/python3.11 /usr/bin/spot (ntp,21768,4104,00:00:00/5-12:55:22,1195) ntpd: asynchronous dns resolver (root,23432,4668,00:00:01/5-12:55:20,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7656,00:00:00/5-12:55:20,1277) qmgr -l -t fifo -u (root,8960,2660,00:00:01/5-12:55:20,1300) /usr/sbin/cron -n (root,35064,9940,00:00:00/5-12:55:19,1306) sshd: syslogtunnel [priv] (syslogtunnel,40560,10528,00:00:01/5-12:55:17,1311) /usr/lib/systemd/systemd --user (syslogtunnel,48568,3104,00:00:00/5-12:55:17,1312) (sd-pam) (syslogtunnel,35064,4708,00:00:18/5-12:55:17,1324) sshd: syslogtunnel (root,687976,73136,00:06:54/5-12:55:15,1329) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,199964,36376,00:01:56/5-12:55:00,1334) /usr/bin/python3.11 /usr/bin/spot (root,35056,9824,00:00:00/5-12:54:57,1336) sshd: cm-ssh [priv] (cm-ssh,40560,10504,00:00:02/5-12:54:56,1344) /usr/lib/systemd/systemd --user (cm-ssh,48568,3112,00:00:00/5-12:54:56,1345) (sd-pam) (cm-ssh,35056,4596,00:00:17/5-12:54:56,1365) sshd: cm-ssh (root,0,0,00:00:00/02:26:03,9177) [kworker/3:0-cgroup_destroy] (root,0,0,00:00:00/46:17,9590) [kworker/0:0-events] (root,0,0,00:00:00/46:07,9591) [kworker/u8:1-writeback] (postfix,23460,7608,00:00:00/01:10:10,18000) pickup -l -t fifo -u (root,0,0,00:00:00/01:08:09,20561) [kworker/3:1-events] (root,0,0,00:00:00/07:13,23079) [kworker/1:2-ata_sff] (root,0,0,00:00:00/35:04,24015) [kworker/0:1-events] (root,0,0,00:00:00/02:17,27872) [kworker/0:2] (root,0,0,00:00:00/02:07,27874) [kworker/2:2-events] (root,0,0,00:00:00/02:00,27875) [kworker/1:1-ata_sff] (root,6656,3488,00:00:00/00:00,30769) /bin/bash /usr/bin/check_mk_agent (root,13744,3384,00:00:00/00:00,30787) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,964,00:00:00/00:00,30788) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,0,0,00:00:00/02:47:58,32239) [kworker/2:1-cgroup_destroy] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-09-15 23:45 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe5683631fcf0749Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189460,12600,00:00:14/3-12:41:25,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:00/3-12:41:25,2) [kthreadd] (root,0,0,00:00:00/3-12:41:25,3) [rcu_gp] (root,0,0,00:00:00/3-12:41:25,4) [rcu_par_gp] (root,0,0,00:00:00/3-12:41:25,5) [slub_flushwq] (root,0,0,00:00:00/3-12:41:25,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/3-12:41:25,9) [mm_percpu_wq] (root,0,0,00:00:00/3-12:41:25,10) [rcu_tasks_kthre] (root,0,0,00:00:00/3-12:41:25,11) [rcu_tasks_rude_] (root,0,0,00:00:00/3-12:41:25,12) [rcu_tasks_trace] (root,0,0,00:00:01/3-12:41:25,13) [ksoftirqd/0] (root,0,0,00:08:34/3-12:41:25,14) [rcu_preempt] (root,0,0,00:00:01/3-12:41:25,15) [migration/0] (root,0,0,00:00:00/3-12:41:25,16) [idle_inject/0] (root,0,0,00:00:00/3-12:41:25,18) [cpuhp/0] (root,0,0,00:00:00/3-12:41:25,19) [cpuhp/1] (root,0,0,00:00:00/3-12:41:25,20) [idle_inject/1] (root,0,0,00:00:01/3-12:41:25,21) [migration/1] (root,0,0,00:00:01/3-12:41:25,22) [ksoftirqd/1] (root,0,0,00:00:00/3-12:41:25,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/3-12:41:25,25) [cpuhp/2] (root,0,0,00:00:00/3-12:41:25,26) [idle_inject/2] (root,0,0,00:00:01/3-12:41:25,27) [migration/2] (root,0,0,00:00:48/3-12:41:25,28) [ksoftirqd/2] (root,0,0,00:00:00/3-12:41:25,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/3-12:41:25,31) [cpuhp/3] (root,0,0,00:00:00/3-12:41:25,32) [idle_inject/3] (root,0,0,00:00:01/3-12:41:25,33) [migration/3] (root,0,0,00:00:06/3-12:41:25,34) [ksoftirqd/3] (root,0,0,00:00:00/3-12:41:25,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/3-12:41:25,41) [kdevtmpfs] (root,0,0,00:00:00/3-12:41:25,42) [netns] (root,0,0,00:00:00/3-12:41:25,43) [inet_frag_wq] (root,0,0,00:00:00/3-12:41:25,44) [kauditd] (root,0,0,00:00:00/3-12:41:25,46) [khungtaskd] (root,0,0,00:00:00/3-12:41:25,47) [oom_reaper] (root,0,0,00:00:00/3-12:41:25,48) [writeback] (root,0,0,00:00:09/3-12:41:25,49) [kcompactd0] (root,0,0,00:00:00/3-12:41:25,50) [ksmd] (root,0,0,00:00:08/3-12:41:25,52) [khugepaged] (root,0,0,00:00:00/3-12:41:25,77) [kintegrityd] (root,0,0,00:00:00/3-12:41:25,78) [kblockd] (root,0,0,00:00:00/3-12:41:25,79) [blkcg_punt_bio] (root,0,0,00:00:00/3-12:41:25,80) [tpm_dev_wq] (root,0,0,00:00:00/3-12:41:25,81) [edac-poller] (root,0,0,00:00:00/3-12:41:25,82) [devfreq_wq] (root,0,0,00:00:00/3-12:41:25,111) [watchdogd] (root,0,0,00:00:01/3-12:41:25,112) [kworker/1:1H-kblockd] (root,0,0,00:00:00/3-12:41:25,113) [kswapd0] (root,0,0,00:00:00/3-12:41:24,115) [kthrotld] (root,0,0,00:00:00/3-12:41:23,118) [mld] (root,0,0,00:00:00/3-12:41:23,119) [ipv6_addrconf] (root,0,0,00:00:00/3-12:41:23,120) [kworker/0:1H-kblockd] (root,0,0,00:00:00/3-12:41:23,125) [kstrp] (root,0,0,00:00:00/3-12:41:23,126) [zswap-shrink] (root,0,0,00:00:00/3-12:41:23,127) [kworker/u9:0] (root,0,0,00:00:00/3-12:41:23,132) [charger_manager] (root,0,0,00:00:00/3-12:41:23,139) [kworker/2:1H-kblockd] (root,0,0,00:00:00/3-12:41:23,175) [kworker/3:1H-kblockd] (root,0,0,00:00:00/3-12:41:22,328) [ata_sff] (root,0,0,00:00:00/3-12:41:22,329) [scsi_eh_0] (root,0,0,00:00:00/3-12:41:22,330) [scsi_tmf_0] (root,0,0,00:00:00/3-12:41:22,331) [scsi_eh_1] (root,0,0,00:00:00/3-12:41:22,332) [scsi_tmf_1] (root,0,0,00:00:04/3-12:41:19,350) [jbd2/vda1-8] (root,0,0,00:00:00/3-12:41:19,351) [ext4-rsv-conver] (root,38604,7676,00:00:04/3-12:41:07,423) /usr/lib/systemd/systemd-journald (root,53096,9768,00:00:00/3-12:41:06,442) /usr/lib/systemd/systemd-udevd (root,8624,6248,00:00:05/3-12:41:04,467) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1640,00:00:01/3-12:40:14,486) /sbin/auditd (messagebus,22540,5464,00:00:08/3-12:40:13,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38888,8436,00:00:04/3-12:40:13,507) /usr/lib/systemd/systemd-logind (root,20556,6080,00:00:00/3-12:40:13,563) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9080,00:00:00/3-12:40:11,595) /usr/sbin/wickedd --systemd --foreground (root,23220,9412,00:00:00/3-12:40:11,596) /usr/sbin/wickedd-nanny --systemd --foreground (root,547592,24604,00:00:03/3-12:40:03,1144) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26784,00:00:00/3-12:40:03,1157) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4572,00:00:05/3-12:40:03,1162) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1776,00:00:00/3-12:40:03,1167) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,375052,10040,00:00:04/3-12:40:03,1169) /usr/sbin/rsyslogd -n -iNONE (root,2516,620,00:00:00/3-12:40:02,1177) bpfilter_umh (root,26204,8380,00:00:00/3-12:40:02,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,19768,5772,00:00:19/3-12:40:02,1183) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (spot,213656,101948,01:52:33/3-12:40:02,1191) /usr/bin/python3.11 /usr/bin/spot (ntp,21768,4104,00:00:00/3-12:40:02,1195) ntpd: asynchronous dns resolver (root,23432,4668,00:00:01/3-12:40:00,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7656,00:00:00/3-12:40:00,1277) qmgr -l -t fifo -u (root,8960,2660,00:00:00/3-12:40:00,1300) /usr/sbin/cron -n (root,35064,9940,00:00:00/3-12:39:59,1306) sshd: syslogtunnel [priv] (syslogtunnel,40560,10528,00:00:01/3-12:39:57,1311) /usr/lib/systemd/systemd --user (syslogtunnel,48568,3104,00:00:00/3-12:39:57,1312) (sd-pam) (syslogtunnel,35064,4708,00:00:11/3-12:39:57,1324) sshd: syslogtunnel (root,687720,72696,00:04:25/3-12:39:55,1329) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,199964,34904,00:01:15/3-12:39:40,1334) /usr/bin/python3.11 /usr/bin/spot (root,35056,9824,00:00:00/3-12:39:37,1336) sshd: cm-ssh [priv] (cm-ssh,40560,10504,00:00:01/3-12:39:36,1344) /usr/lib/systemd/systemd --user (cm-ssh,48568,3112,00:00:00/3-12:39:36,1345) (sd-pam) (cm-ssh,35056,4596,00:00:10/3-12:39:36,1365) sshd: cm-ssh (postfix,23460,7544,00:00:00/01:17:05,2879) pickup -l -t fifo -u (root,0,0,00:00:00/02:28:58,4439) [kworker/2:2-events] (root,0,0,00:00:00/16:03,6392) [kworker/0:0-events] (root,0,0,00:00:00/01:11:39,7095) [kworker/0:1-events] (root,0,0,00:00:00/09:55,14538) [kworker/1:0-ata_sff] (root,0,0,00:00:00/38:09,17024) [kworker/u8:0] (root,0,0,00:00:00/04:51,18103) [kworker/0:2] (root,0,0,00:00:00/04:45,18291) [kworker/1:2-ata_sff] (root,0,0,00:00:00/01:33:49,22443) [kworker/3:1-cgroup_destroy] (root,6656,3488,00:00:00/00:00,23618) /bin/bash /usr/bin/check_mk_agent (root,13744,3504,00:00:00/00:00,23636) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,964,00:00:00/00:00,23637) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,0,0,00:00:00/02:40:07,26586) [kworker/u8:1-writeback] (root,0,0,00:00:00/02:40:04,26588) [kworker/3:2-events] (root,0,0,00:00:00/01:27:44,28081) [kworker/1:1-events] (root,0,0,00:00:00/27:15,28973) [kworker/2:0-events] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-09-13 23:30 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbbdf2c1a4295b567ff3c93ce4fe56836386f7a300Found public CheckMk agent: Version: 1.5.0p25 AgentOS: linux Hostname: sarpedon AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found process list through CheckMk: (root,189264,12588,00:00:08/1-18:26:57,1) /usr/lib/systemd/systemd showopts --switched-root --system --deserialize 29 (root,0,0,00:00:00/1-18:26:57,2) [kthreadd] (root,0,0,00:00:00/1-18:26:57,3) [rcu_gp] (root,0,0,00:00:00/1-18:26:57,4) [rcu_par_gp] (root,0,0,00:00:00/1-18:26:57,5) [slub_flushwq] (root,0,0,00:00:00/1-18:26:57,7) [kworker/0:0H-events_highpri] (root,0,0,00:00:00/1-18:26:57,9) [mm_percpu_wq] (root,0,0,00:00:00/1-18:26:57,10) [rcu_tasks_kthre] (root,0,0,00:00:00/1-18:26:57,11) [rcu_tasks_rude_] (root,0,0,00:00:00/1-18:26:57,12) [rcu_tasks_trace] (root,0,0,00:00:00/1-18:26:57,13) [ksoftirqd/0] (root,0,0,00:04:24/1-18:26:57,14) [rcu_preempt] (root,0,0,00:00:00/1-18:26:57,15) [migration/0] (root,0,0,00:00:00/1-18:26:57,16) [idle_inject/0] (root,0,0,00:00:00/1-18:26:57,18) [cpuhp/0] (root,0,0,00:00:00/1-18:26:57,19) [cpuhp/1] (root,0,0,00:00:00/1-18:26:57,20) [idle_inject/1] (root,0,0,00:00:00/1-18:26:57,21) [migration/1] (root,0,0,00:00:00/1-18:26:57,22) [ksoftirqd/1] (root,0,0,00:00:00/1-18:26:57,24) [kworker/1:0H-events_highpri] (root,0,0,00:00:00/1-18:26:57,25) [cpuhp/2] (root,0,0,00:00:00/1-18:26:57,26) [idle_inject/2] (root,0,0,00:00:00/1-18:26:57,27) [migration/2] (root,0,0,00:00:24/1-18:26:57,28) [ksoftirqd/2] (root,0,0,00:00:00/1-18:26:57,30) [kworker/2:0H-events_highpri] (root,0,0,00:00:00/1-18:26:57,31) [cpuhp/3] (root,0,0,00:00:00/1-18:26:57,32) [idle_inject/3] (root,0,0,00:00:00/1-18:26:57,33) [migration/3] (root,0,0,00:00:03/1-18:26:57,34) [ksoftirqd/3] (root,0,0,00:00:00/1-18:26:57,36) [kworker/3:0H-events_highpri] (root,0,0,00:00:00/1-18:26:57,41) [kdevtmpfs] (root,0,0,00:00:00/1-18:26:57,42) [netns] (root,0,0,00:00:00/1-18:26:57,43) [inet_frag_wq] (root,0,0,00:00:00/1-18:26:57,44) [kauditd] (root,0,0,00:00:00/1-18:26:57,46) [khungtaskd] (root,0,0,00:00:00/1-18:26:57,47) [oom_reaper] (root,0,0,00:00:00/1-18:26:57,48) [writeback] (root,0,0,00:00:04/1-18:26:57,49) [kcompactd0] (root,0,0,00:00:00/1-18:26:57,50) [ksmd] (root,0,0,00:00:04/1-18:26:57,52) [khugepaged] (root,0,0,00:00:00/1-18:26:57,77) [kintegrityd] (root,0,0,00:00:00/1-18:26:57,78) [kblockd] (root,0,0,00:00:00/1-18:26:57,79) [blkcg_punt_bio] (root,0,0,00:00:00/1-18:26:57,80) [tpm_dev_wq] (root,0,0,00:00:00/1-18:26:57,81) [edac-poller] (root,0,0,00:00:00/1-18:26:57,82) [devfreq_wq] (root,0,0,00:00:00/1-18:26:57,111) [watchdogd] (root,0,0,00:00:00/1-18:26:57,112) [kworker/1:1H-kblockd] (root,0,0,00:00:00/1-18:26:57,113) [kswapd0] (root,0,0,00:00:00/1-18:26:56,115) [kthrotld] (root,0,0,00:00:00/1-18:26:55,118) [mld] (root,0,0,00:00:00/1-18:26:55,119) [ipv6_addrconf] (root,0,0,00:00:00/1-18:26:55,120) [kworker/0:1H-kblockd] (root,0,0,00:00:00/1-18:26:55,125) [kstrp] (root,0,0,00:00:00/1-18:26:55,126) [zswap-shrink] (root,0,0,00:00:00/1-18:26:55,127) [kworker/u9:0] (root,0,0,00:00:00/1-18:26:55,132) [charger_manager] (root,0,0,00:00:00/1-18:26:55,139) [kworker/2:1H-kblockd] (root,0,0,00:00:00/1-18:26:55,175) [kworker/3:1H-kblockd] (root,0,0,00:00:00/1-18:26:54,328) [ata_sff] (root,0,0,00:00:00/1-18:26:54,329) [scsi_eh_0] (root,0,0,00:00:00/1-18:26:54,330) [scsi_tmf_0] (root,0,0,00:00:00/1-18:26:54,331) [scsi_eh_1] (root,0,0,00:00:00/1-18:26:54,332) [scsi_tmf_1] (root,0,0,00:00:02/1-18:26:51,350) [jbd2/vda1-8] (root,0,0,00:00:00/1-18:26:51,351) [ext4-rsv-conver] (root,38604,7676,00:00:02/1-18:26:39,423) /usr/lib/systemd/systemd-journald (root,53096,9768,00:00:00/1-18:26:38,442) /usr/lib/systemd/systemd-udevd (root,8624,6248,00:00:02/1-18:26:36,467) /usr/sbin/haveged -w 1024 -v 0 -F (root,13476,1640,00:00:00/1-18:25:46,486) /sbin/auditd (messagebus,22540,5464,00:00:04/1-18:25:45,492) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only (root,38876,8424,00:00:02/1-18:25:45,507) /usr/lib/systemd/systemd-logind (root,20556,6080,00:00:00/1-18:25:45,563) /usr/lib/wicked/bin/wickedd-auto4 --systemd --foreground (root,23304,9080,00:00:00/1-18:25:43,595) /usr/sbin/wickedd --systemd --foreground (root,23220,9412,00:00:00/1-18:25:43,596) /usr/sbin/wickedd-nanny --systemd --foreground (root,547336,23512,00:00:01/1-18:25:35,1144) python3 /services/inst/nemo-exportd/bin/nemo-exportd (root,37016,26784,00:00:00/1-18:25:35,1157) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (root,21172,4572,00:00:02/1-18:25:35,1162) /usr/sbin/xinetd -stayalive -dontfork (root,2984,1776,00:00:00/1-18:25:35,1167) /sbin/agetty -o -p -- \u --noclear tty1 linux (root,374848,9428,00:00:02/1-18:25:35,1169) /usr/sbin/rsyslogd -n -iNONE (root,2516,620,00:00:00/1-18:25:34,1177) bpfilter_umh (root,26204,8380,00:00:00/1-18:25:34,1182) sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups (ntp,19768,5772,00:00:09/1-18:25:34,1183) /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -c /etc/ntp.conf (spot,213800,101324,01:01:08/1-18:25:34,1191) /usr/bin/python3.11 /usr/bin/spot (ntp,21768,4104,00:00:00/1-18:25:34,1195) ntpd: asynchronous dns resolver (root,23432,4668,00:00:00/1-18:25:32,1275) /usr/lib/postfix/bin//master -w (postfix,23508,7656,00:00:00/1-18:25:32,1277) qmgr -l -t fifo -u (root,8960,2660,00:00:00/1-18:25:32,1300) /usr/sbin/cron -n (root,35064,9940,00:00:00/1-18:25:31,1306) sshd: syslogtunnel [priv] (syslogtunnel,40560,10528,00:00:00/1-18:25:29,1311) /usr/lib/systemd/systemd --user (syslogtunnel,48568,3104,00:00:00/1-18:25:29,1312) (sd-pam) (syslogtunnel,35064,4708,00:00:06/1-18:25:29,1324) sshd: syslogtunnel (root,687316,71956,00:02:16/1-18:25:27,1329) /opt/dfn-cert-salt/bin/python /opt/dfn-cert-salt/bin/salt-minion (spot,199964,34648,00:00:36/1-18:25:12,1334) /usr/bin/python3.11 /usr/bin/spot (root,35056,9824,00:00:00/1-18:25:09,1336) sshd: cm-ssh [priv] (cm-ssh,40560,10504,00:00:00/1-18:25:08,1344) /usr/lib/systemd/systemd --user (cm-ssh,48568,3112,00:00:00/1-18:25:08,1345) (sd-pam) (cm-ssh,35056,4596,00:00:05/1-18:25:08,1365) sshd: cm-ssh (root,0,0,00:00:00/01:25:10,1385) [kworker/u8:1-events_unbound] (root,0,0,00:00:00/01:06:45,3702) [kworker/3:1-cgroup_destroy] (postfix,23460,7532,00:00:00/44:36,6056) pickup -l -t fifo -u (root,0,0,00:00:00/33:59,7526) [kworker/2:1] (root,0,0,00:00:00/15:10,9094) [kworker/u8:2-ext4-rsv-conversion] (root,0,0,00:00:00/12:06,9339) [kworker/0:0-events] (root,0,0,00:00:00/11:55,9341) [kworker/3:2-cgroup_destroy] (root,0,0,00:00:00/09:47,9450) [kworker/1:0-ata_sff] (root,0,0,00:00:00/04:37,11004) [kworker/1:1-ata_sff] (root,0,0,00:00:00/01:01,11197) [kworker/3:0-events] (root,6656,3488,00:00:00/00:00,11347) /bin/bash /usr/bin/check_mk_agent (root,13744,3460,00:00:00/00:00,11365) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000 (root,11644,964,00:00:00/00:00,11366) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) / (root,0,0,00:00:02/05:10:43,22064) [kworker/1:2-events] (root,0,0,00:00:02/02:23:39,24106) [kworker/0:2-events] (root,0,0,00:00:00/01:39:20,30936) [kworker/2:0-events] Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 1e:aa:0b:90:2b:aa brd ff:ff:ff:ff:ff:ff altname enp0s18 altname ens18 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 3e:c0:6b:94:ec:c1 brd ff:ff:ff:ff:ff:ff altname enp0s19 altname ens19 [end_iplink]Found on 2024-09-12 05:15
Domain summary
No record