Host 185.185.27.176
Germany
Droptop GmbH
-
CheckMK monitoring endpoint publicly available
An open CheckMK agent is publicly available.
This could leak sensitive information such as :
- Process list ( maybe credentials )
- Network interfaces
- Running services
- Firewall rules
- Internal OS configuration
https://docs.checkmk.com/latest/en/wato_monitoringagents.html
First seen 2022-06-17 22:47
Last seen 2024-12-22 00:59
Open for 918 days-
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c226dbe04943Found public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1680 00:07:22 758-15:45:19 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 758-15:45:19 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 758-15:45:19 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 956 00:00:00 758-15:45:14 238 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 4336 06:44:02 758-15:45:13 626 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 1920 13:27:25 758-15:45:11 651 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1736 01:02:13 758-15:45:11 662 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10052 3728 01:31:10 758-15:45:11 690 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3564 01:31:40 758-15:45:11 691 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4692 01:04:20 758-15:45:08 788 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4808 00:00:54 758-15:45:08 800 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 32052 14452 01:06:13 758-15:45:08 801 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6808 1708 00:06:05 758-15:45:08 813 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1116 00:00:00 758-15:45:08 821 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1280 00:00:00 758-15:45:08 822 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13012 5088 00:07:37 758-15:45:04 828 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 1932 00:00:00 22:59:36 2261 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 2020 00:00:00 22:59:36 2263 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 2212 00:00:00 22:59:36 2264 dovecot/log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 59320 50624 00:00:11 22:51:15 2379 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 62612 52940 00:00:05 22:51:13 2380 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 59320 47540 00:00:00 22:51:13 2381 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6164 00:00:01 18-14:07:54 2738 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6152 00:00:00 18:56:45 5136 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6096 00:00:00 4-11:46:18 8370 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6108 00:00:00 12-13:19:44 12923 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14740 9748 00:00:00 41:15 14378 smtpd -n smtps -t inet -u -o stress= -s 2 -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9500 00:00:00 39:21 14390 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9288 00:00:00 19:23 15204 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5616 00:00:00 16:19 15222 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 11032 6696 00:00:00 00:05 15295 sshd: root [priv] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3172 00:00:00 00:05 15296 sshd: root [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10504 5960 00:00:00 00:03 15297 sshd: unknown [priv] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3144 00:00:00 00:03 15298 sshd: unknown [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2556 00:00:00 00:02 15330 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2860 1832 00:00:00 00:02 15352 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6368 00:00:00 12-08:22:24 16697 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2512 664 00:00:00 27-14:26:04 16832 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13016 4808 00:00:42 36-06:59:35 19190 anvil -l -t unix -u Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2024-12-22 00:59 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c22664fbd30cFound public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1680 00:07:21 756-15:20:31 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 756-15:20:31 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 756-15:20:31 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 956 00:00:00 756-15:20:26 238 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 4252 06:43:25 756-15:20:25 626 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 1920 13:27:18 756-15:20:23 651 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1736 01:02:13 756-15:20:23 662 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3556 01:30:59 756-15:20:23 690 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3564 01:31:28 756-15:20:23 691 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4692 01:04:17 756-15:20:20 788 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4808 00:00:54 756-15:20:20 800 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 32052 14476 01:06:04 756-15:20:20 801 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6808 1708 00:06:05 756-15:20:20 813 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1116 00:00:00 756-15:20:20 821 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1280 00:00:00 756-15:20:20 822 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13012 5088 00:07:37 756-15:20:16 828 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6176 00:00:01 16-13:43:06 2738 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 1920 00:00:00 22:34:45 4001 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 2020 00:00:00 22:34:45 4003 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 2212 00:00:00 22:34:45 4004 dovecot/log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6164 00:00:00 2-11:21:30 8370 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6120 00:00:00 10-12:54:56 12923 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6724 2300 00:00:00 05:00:18 14702 dovecot/ssl-params cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6376 00:00:00 10-07:57:36 16697 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5640 00:00:00 01:37:34 16727 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2512 664 00:00:00 25-14:01:16 16832 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14740 9688 00:00:00 45:52 17191 smtpd -n smtps -t inet -u -o stress= -s 2 -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2632 1444 00:00:00 33:45 17280 /usr/sbin/anacron -s cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14740 9540 00:00:00 33:39 17283 smtpd -n smtps -t inet -u -o stress= -s 2 -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9600 00:00:00 27:43 17317 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9484 00:00:00 26:21 17323 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9360 00:00:00 23:47 17337 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 4724 3864 00:00:00 23:41 17339 dovecot/config cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 9084 5360 00:00:00 23:41 17340 dovecot/auth cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 11032 6400 00:00:00 00:04 17442 sshd: root [priv] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3280 00:00:00 00:04 17443 sshd: root [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2700 00:00:00 00:01 17505 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2856 1768 00:00:00 00:01 17527 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 59380 50736 00:00:22 1-22:35:05 17889 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 64604 56224 00:00:10 1-22:35:03 17890 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 59380 47652 00:00:00 1-22:35:03 17891 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13016 4808 00:00:39 34-06:34:47 19190 anvil -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6152 00:00:00 3-06:01:18 26265 /usr/sbin/httpd Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2024-12-20 00:34 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c22670be81bbFound public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1680 00:07:20 754-16:32:51 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 754-16:32:51 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 754-16:32:51 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 956 00:00:00 754-16:32:46 238 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 4288 06:43:09 754-16:32:45 626 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 1920 13:27:09 754-16:32:43 651 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1736 01:02:13 754-16:32:43 662 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3556 01:30:49 754-16:32:43 690 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3564 01:31:19 754-16:32:43 691 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4692 01:04:15 754-16:32:40 788 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4808 00:00:54 754-16:32:40 800 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 32052 14488 01:05:56 754-16:32:40 801 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6808 1708 00:06:05 754-16:32:40 813 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1116 00:00:00 754-16:32:40 821 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1280 00:00:00 754-16:32:40 822 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13012 5092 00:07:37 754-16:32:36 828 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6188 00:00:01 14-14:55:26 2738 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6176 00:00:00 12:33:50 8370 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6136 00:00:00 8-14:07:16 12923 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6388 00:00:00 8-09:09:56 16697 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2512 664 00:00:00 23-15:13:36 16832 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5676 00:00:00 01:19:04 17086 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 7184 2396 00:00:00 37:06 17296 CROND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6260 2344 00:00:00 37:06 17297 /bin/sh -c /usr/share/spamassassin/sa-update.cron 2>&1 | tee -a /var/log/sa-update.log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6260 2660 00:00:00 37:06 17298 /bin/bash /usr/share/spamassassin/sa-update.cron cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5264 1456 00:00:00 37:06 17299 tee -a /var/log/sa-update.log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5260 316 00:00:00 37:05 17313 sleep 2972 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14756 9692 00:00:00 32:54 17319 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9324 00:00:00 28:57 17348 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9484 00:00:00 26:20 17355 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6724 2528 00:00:00 04:56 17467 dovecot/ssl-params cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 5276 00:00:00 01:18 17481 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 11256 6536 00:00:00 00:10 17484 sshd: root [priv] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3304 00:00:00 00:08 17487 sshd: root [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2632 00:00:00 00:02 17652 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2860 1820 00:00:00 00:02 17674 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13016 4816 00:00:37 32-07:47:07 19190 anvil -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6164 00:00:00 1-07:13:38 26265 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 1976 00:00:00 23:47:04 31166 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 1988 00:00:00 23:47:04 31168 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 2096 00:00:00 23:47:04 31169 dovecot/log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 59272 50804 00:00:11 22:44:34 32206 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 61236 51560 00:00:04 22:44:32 32207 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 59272 47712 00:00:00 22:44:32 32208 spamd child Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2024-12-18 01:47 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c226d4801073Found public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1680 00:07:19 752-14:38:52 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 752-14:38:52 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 752-14:38:52 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 956 00:00:00 752-14:38:47 238 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 4336 06:42:53 752-14:38:46 626 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 1920 13:26:59 752-14:38:44 651 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1736 01:02:13 752-14:38:44 662 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3556 01:30:40 752-14:38:44 690 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3564 01:31:09 752-14:38:44 691 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4692 01:04:13 752-14:38:41 788 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4808 00:00:54 752-14:38:41 800 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 32052 14488 01:05:47 752-14:38:41 801 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6808 1708 00:06:05 752-14:38:41 813 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1116 00:00:00 752-14:38:41 821 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1280 00:00:00 752-14:38:41 822 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13012 5092 00:07:36 752-14:38:37 828 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6188 00:00:00 12-13:01:27 2738 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5548 00:00:00 01:15:14 12835 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6136 00:00:00 6-12:13:17 12923 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9508 00:00:00 38:41 13705 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6116 00:00:00 6-10:57:04 13755 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9612 00:00:00 13:42 13910 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9468 00:00:00 13:40 13912 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 9140 5416 00:00:00 10:46 13937 dovecot/auth cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9140 5608 00:00:00 10:46 13938 dovecot/auth -w cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2564 00:00:00 00:02 14171 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2856 1800 00:00:00 00:02 14193 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6388 00:00:00 6-07:15:57 16697 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2512 664 00:00:00 21-13:19:37 16832 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13016 4816 00:00:35 30-05:53:08 19190 anvil -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6268 00:00:01 16-05:08:29 21632 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 59272 50672 00:00:11 22:18:56 31333 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 59272 47588 00:00:00 22:18:54 31334 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 59272 47588 00:00:00 22:18:54 31335 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 1868 00:00:00 21:53:05 31607 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 1920 00:00:00 21:53:05 31609 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 1984 00:00:00 21:53:05 31610 dovecot/log Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2024-12-15 23:53 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c226233ed90fFound public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1680 00:07:18 750-14:50:52 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 750-14:50:52 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 750-14:50:52 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 956 00:00:00 750-14:50:47 238 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 4360 06:42:38 750-14:50:46 626 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 1920 13:26:48 750-14:50:44 651 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1736 01:02:13 750-14:50:44 662 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3556 01:30:31 750-14:50:44 690 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3564 01:31:01 750-14:50:44 691 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4692 01:04:10 750-14:50:41 788 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4808 00:00:53 750-14:50:41 800 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 32052 14492 01:05:38 750-14:50:41 801 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6808 1708 00:06:04 750-14:50:41 813 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1116 00:00:00 750-14:50:41 821 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1280 00:00:00 750-14:50:41 822 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13012 5092 00:07:36 750-14:50:37 828 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6192 00:00:00 10-13:13:27 2738 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6200 00:00:00 4-12:25:17 12923 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6180 00:00:00 4-11:09:04 13755 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9548 00:00:00 18:25 15603 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9272 00:00:00 09:44 15716 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2632 1448 00:00:00 04:06 15787 /usr/sbin/anacron -s cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9312 00:00:00 03:00 15810 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10104 5472 00:00:00 00:05 15852 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3248 00:00:00 00:05 15853 sshd: [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2564 00:00:00 00:02 16018 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2860 1852 00:00:00 00:02 16040 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6400 00:00:00 4-07:27:57 16697 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2512 664 00:00:00 19-13:31:37 16832 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13016 4828 00:00:33 28-06:05:08 19190 anvil -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6272 00:00:01 14-05:20:29 21632 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 59284 50832 00:00:11 22:50:31 32191 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 61424 51740 00:00:04 22:50:29 32192 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 59284 47716 00:00:00 22:50:29 32193 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 1896 00:00:00 22:05:00 32437 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 2036 00:00:00 22:05:00 32439 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 2064 00:00:00 22:05:00 32440 dovecot/log Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2024-12-14 00:05 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c226c001d87cFound public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1680 00:07:17 748-15:50:32 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 748-15:50:32 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 748-15:50:32 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 956 00:00:00 748-15:50:27 238 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 4384 06:42:23 748-15:50:26 626 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 1920 13:26:39 748-15:50:24 651 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1736 01:02:13 748-15:50:24 662 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3556 01:30:23 748-15:50:24 690 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3564 01:30:52 748-15:50:24 691 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4692 01:04:08 748-15:50:21 788 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4808 00:00:53 748-15:50:21 800 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 32052 14492 01:05:29 748-15:50:21 801 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6808 1708 00:06:04 748-15:50:21 813 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1116 00:00:00 748-15:50:21 821 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1280 00:00:00 748-15:50:21 822 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13012 5092 00:07:36 748-15:50:17 828 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6192 00:00:00 8-14:13:07 2738 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 4724 3908 00:00:00 01:18:03 12806 dovecot/config cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 9084 5180 00:00:00 01:18:03 12807 dovecot/auth cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6724 2316 00:00:00 01:18:03 12808 dovecot/ssl-params cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5540 00:00:00 01:12:08 12847 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6200 00:00:00 2-13:24:57 12923 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9312 00:00:00 45:28 13095 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6180 00:00:00 2-12:08:44 13755 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9484 00:00:00 06:25 13975 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9548 00:00:00 06:09 13979 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2632 1448 00:00:00 03:42 14033 /usr/sbin/anacron -s cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10104 5388 00:00:00 00:11 14084 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3148 00:00:00 00:11 14085 sshd: [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2632 00:00:00 00:01 14254 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2856 1832 00:00:00 00:01 14276 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6180 00:00:00 2-08:27:37 16697 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2512 664 00:00:00 17-14:31:17 16832 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13016 4836 00:00:31 26-07:04:48 19190 anvil -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6276 00:00:00 12-06:20:09 21632 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 1868 00:00:00 23:04:40 29843 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 1968 00:00:00 23:04:40 29845 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 2004 00:00:00 23:04:40 29846 dovecot/log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 59268 50832 00:00:11 22:43:42 30068 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 59268 47716 00:00:00 22:43:40 30069 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 59268 47716 00:00:00 22:43:40 30070 spamd child Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2024-12-12 01:04 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c226fe1047a5Found public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1680 00:07:14 746-15:52:41 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 746-15:52:41 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 746-15:52:41 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 956 00:00:00 746-15:52:36 238 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 4428 06:42:02 746-15:52:35 626 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 1920 13:26:24 746-15:52:33 651 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1736 01:02:13 746-15:52:33 662 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3556 01:30:15 746-15:52:33 690 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3564 01:30:44 746-15:52:33 691 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4692 01:04:05 746-15:52:30 788 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4808 00:00:53 746-15:52:30 800 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 32052 14492 01:05:20 746-15:52:30 801 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6808 1708 00:06:04 746-15:52:30 813 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1116 00:00:00 746-15:52:30 821 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1280 00:00:00 746-15:52:30 822 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13012 5092 00:07:36 746-15:52:26 828 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6192 00:00:00 6-14:15:16 2738 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 59372 50908 00:00:12 23:46:57 4999 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 64364 56036 00:00:09 23:46:55 5000 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 59372 47564 00:00:00 23:46:55 5001 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 2036 00:00:00 23:06:49 5242 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 2020 00:00:00 23:06:49 5244 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 2204 00:00:00 23:06:49 5245 dovecot/log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6200 00:00:00 13:27:06 12923 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6180 00:00:00 12:10:53 13755 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6180 00:00:00 08:29:46 16697 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2512 664 00:00:00 15-14:33:26 16832 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13016 4836 00:00:29 24-07:06:57 19190 anvil -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5508 00:00:00 01:25:25 21230 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6276 00:00:00 10-06:22:18 21632 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9548 00:00:00 41:02 21724 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14760 9752 00:00:00 41:00 21726 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14756 9420 00:00:00 39:52 21748 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 4724 3912 00:00:00 14:21 21877 dovecot/config cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 9084 5096 00:00:00 14:21 21878 dovecot/auth cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6724 2528 00:00:00 14:21 21879 dovecot/ssl-params cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 11256 6792 00:00:00 00:11 21968 sshd: root [priv] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3236 00:00:00 00:11 21969 sshd: root [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2632 00:00:00 00:01 22007 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2864 1852 00:00:00 00:01 22029 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2024-12-10 01:06 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c2264a5c5eb7Found public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1680 00:07:13 744-15:38:49 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 744-15:38:49 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 744-15:38:49 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 956 00:00:00 744-15:38:44 238 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 4188 06:41:46 744-15:38:43 626 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 1920 13:26:14 744-15:38:41 651 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1736 01:02:13 744-15:38:41 662 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10052 3728 01:30:07 744-15:38:41 690 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3564 01:30:36 744-15:38:41 691 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4692 01:04:03 744-15:38:38 788 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4808 00:00:53 744-15:38:38 800 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 32052 14492 01:05:11 744-15:38:38 801 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6808 1708 00:06:04 744-15:38:38 813 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1116 00:00:00 744-15:38:38 821 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1280 00:00:00 744-15:38:38 822 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13012 5140 00:07:36 744-15:38:34 828 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6200 00:00:00 4-14:01:26 2737 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6200 00:00:00 4-14:01:24 2738 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6180 00:00:00 02:53:17 9362 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5544 00:00:00 01:12:45 13283 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6724 2556 00:00:00 46:55 13948 dovecot/ssl-params cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9360 00:00:00 33:40 14256 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 4724 3920 00:00:00 32:38 14266 dovecot/config cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 9084 5292 00:00:00 32:38 14267 dovecot/auth cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9592 00:00:00 15:53 14782 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10104 5308 00:00:00 00:27 14930 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3240 00:00:00 00:24 14931 sshd: [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2636 00:00:00 00:01 14985 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2864 1824 00:00:00 00:01 15007 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2512 664 00:00:00 13-14:19:34 16832 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13016 4836 00:00:26 22-06:53:05 19190 anvil -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6276 00:00:00 8-06:08:26 21632 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 59340 50904 00:00:12 23:17:44 28455 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 67148 58784 00:00:12 23:17:42 28456 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 59340 47480 00:00:00 23:17:42 28457 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 1984 00:00:00 22:52:58 28564 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 1980 00:00:00 22:52:58 28566 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 2000 00:00:00 22:52:58 28567 dovecot/log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6200 00:00:00 3-12:02:15 29516 /usr/sbin/httpd Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2024-12-08 00:53 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c2263fd24a46Found public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1680 00:07:12 742-15:45:59 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 742-15:45:59 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 742-15:45:59 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 956 00:00:00 742-15:45:54 238 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 4224 06:41:28 742-15:45:53 626 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 1920 13:26:05 742-15:45:51 651 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1736 01:02:13 742-15:45:51 662 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3556 01:29:54 742-15:45:51 690 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3564 01:30:24 742-15:45:51 691 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4692 01:04:00 742-15:45:48 788 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4808 00:00:53 742-15:45:48 800 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 32052 14496 01:05:02 742-15:45:48 801 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6808 1708 00:06:04 742-15:45:48 813 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1116 00:00:00 742-15:45:48 821 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1280 00:00:00 742-15:45:48 822 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13012 5140 00:07:36 742-15:45:44 828 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6200 00:00:00 2-14:08:36 2737 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6200 00:00:00 2-14:08:34 2738 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6200 00:00:00 2-14:08:22 2741 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5616 00:00:00 01:23:55 10838 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9356 00:00:00 41:30 11076 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9384 00:00:00 14:36 11340 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9552 00:00:00 14:36 11342 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 5296 00:00:00 01:32 11702 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9540 00:00:00 00:36 11706 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 5532 00:00:00 00:17 11710 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10104 5380 00:00:00 00:03 11875 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3212 00:00:00 00:03 11876 sshd: [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2584 00:00:00 00:01 11877 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2860 1764 00:00:00 00:01 11899 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 59324 50892 00:00:12 23:02:45 14126 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 66032 57596 00:00:11 23:02:43 14127 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 59324 47528 00:00:00 23:02:43 14128 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 1892 00:00:00 23:00:04 14182 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 1972 00:00:00 23:00:04 14184 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 1996 00:00:00 23:00:04 14185 dovecot/log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2512 664 00:00:00 11-14:26:44 16832 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13016 4836 00:00:23 20-07:00:15 19190 anvil -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6336 00:00:00 6-06:15:36 21632 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6200 00:00:00 1-12:09:25 29516 /usr/sbin/httpd Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2024-12-06 01:00 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c226bdb1c7b7Found public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1680 00:07:10 740-15:41:10 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 740-15:41:10 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 740-15:41:10 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 956 00:00:00 740-15:41:05 238 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 4260 06:41:07 740-15:41:04 626 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 1920 13:25:36 740-15:41:02 651 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1736 01:02:13 740-15:41:02 662 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3556 01:29:44 740-15:41:02 690 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3564 01:30:13 740-15:41:02 691 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4692 01:03:57 740-15:40:59 788 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4808 00:00:53 740-15:40:59 800 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 32052 14552 01:04:54 740-15:40:59 801 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6808 1708 00:06:04 740-15:40:59 813 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1116 00:00:00 740-15:40:59 821 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1280 00:00:00 740-15:40:59 822 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13012 5152 00:07:35 740-15:40:55 828 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6256 00:00:00 14:03:47 2737 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6256 00:00:00 14:03:45 2738 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6256 00:00:00 14:03:33 2741 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5692 00:00:00 01:24:15 14308 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9356 00:00:00 41:58 15348 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9404 00:00:00 22:51 15610 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10104 5384 00:00:00 00:08 16214 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3100 00:00:00 00:07 16215 sshd: [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 11032 6416 00:00:00 00:05 16216 sshd: root [priv] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3240 00:00:00 00:05 16217 sshd: root [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2640 00:00:00 00:01 16372 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2860 1804 00:00:00 00:01 16394 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2512 664 00:00:00 9-14:21:55 16832 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6268 00:00:00 9-14:04:40 17287 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13016 4892 00:00:21 18-06:55:26 19190 anvil -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6392 00:00:00 4-06:10:47 21632 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 1872 00:00:00 22:55:14 29653 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 1980 00:00:00 22:55:14 29655 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 1924 00:00:00 22:55:14 29656 dovecot/log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 59368 50908 00:00:12 22:39:45 29919 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 61452 51812 00:00:04 22:39:43 29926 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 59368 47628 00:00:00 22:39:43 29927 spamd child Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2024-12-04 00:55 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c2263e49fa48Found public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1680 00:07:09 738-16:25:43 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 738-16:25:43 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 738-16:25:43 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 956 00:00:00 738-16:25:38 238 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 4284 06:40:53 738-16:25:37 626 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 1920 13:25:27 738-16:25:35 651 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1736 01:02:13 738-16:25:35 662 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3556 01:29:35 738-16:25:35 690 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3564 01:30:04 738-16:25:35 691 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4692 01:03:55 738-16:25:32 788 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4808 00:00:53 738-16:25:32 800 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 32052 14556 01:04:45 738-16:25:32 801 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6808 1708 00:06:04 738-16:25:32 813 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1116 00:00:00 738-16:25:32 821 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1280 00:00:00 738-16:25:32 822 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13012 5152 00:07:35 738-16:25:28 828 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6176 00:00:00 8-01:11:43 8477 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5540 00:00:00 33:59 15439 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 59336 50792 00:00:02 25:36 15594 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 59336 47580 00:00:00 25:34 15595 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 59336 47580 00:00:00 25:34 15596 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9356 00:00:00 04:16 15787 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 4724 3876 00:00:00 03:01 15795 dovecot/config cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 9084 5408 00:00:00 03:01 15796 dovecot/auth cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6724 2288 00:00:00 03:01 15797 dovecot/ssl-params cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 5268 00:00:00 01:49 15801 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9492 00:00:00 01:33 15802 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9488 00:00:00 01:33 15804 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6384 00:00:00 2-11:15:52 15807 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2632 00:00:00 00:01 15872 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2860 1812 00:00:00 00:01 15894 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2512 668 00:00:00 7-15:06:28 16832 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6324 00:00:00 7-14:49:13 17287 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13016 4892 00:00:19 16-07:39:59 19190 anvil -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6396 00:00:00 2-06:55:20 21632 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 1932 00:00:00 23:39:48 26728 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 1992 00:00:00 23:39:48 26730 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 2100 00:00:00 23:39:48 26731 dovecot/log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 6384 00:00:00 5-10:47:14 31404 /usr/sbin/httpd Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2024-12-02 01:39 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c226df534d24Found public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1680 00:07:07 736-15:48:03 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 736-15:48:03 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 736-15:48:03 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 956 00:00:00 736-15:47:58 238 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 4308 06:40:35 736-15:47:57 626 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 1920 13:25:15 736-15:47:55 651 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1736 01:02:13 736-15:47:55 662 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3556 01:29:27 736-15:47:55 690 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3564 01:29:56 736-15:47:55 691 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4692 01:03:53 736-15:47:52 788 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4808 00:00:52 736-15:47:52 800 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 32052 15676 01:04:37 736-15:47:52 801 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6808 1708 00:06:03 736-15:47:52 813 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1116 00:00:00 736-15:47:52 821 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1280 00:00:00 736-15:47:52 822 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13012 5152 00:07:35 736-15:47:48 828 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 1968 00:00:00 23:02:01 6523 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 2036 00:00:00 23:02:01 6525 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 1996 00:00:00 23:02:01 6526 dovecot/log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 59388 50856 00:00:11 22:21:25 7385 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 67176 58748 00:00:07 22:21:23 7388 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 59388 47484 00:00:00 22:21:23 7389 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 7288 00:00:00 6-00:34:03 8477 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 7452 00:00:00 10:38:12 15807 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2512 668 00:00:00 5-14:28:48 16832 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 7392 00:00:00 5-14:11:33 17287 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13016 4892 00:00:16 14-07:02:19 19190 anvil -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 7464 00:00:00 06:17:40 21632 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5668 00:00:00 01:35:24 28388 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9528 00:00:00 11:24 30329 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9384 00:00:00 11:22 30332 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9356 00:00:00 11:16 30333 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 11256 6596 00:00:00 00:08 30498 sshd: root [priv] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3156 00:00:00 00:08 30499 sshd: root [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10104 5288 00:00:00 00:07 30500 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3216 00:00:00 00:07 30501 sshd: [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2580 00:00:00 00:01 30536 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2856 1856 00:00:00 00:01 30559 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 7452 00:00:00 3-10:09:34 31404 /usr/sbin/httpd Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2024-11-30 01:02 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c2265e618933Found public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1680 00:07:05 734-15:50:40 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 734-15:50:40 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 734-15:50:40 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 956 00:00:00 734-15:50:35 238 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 4344 06:40:19 734-15:50:34 626 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 1920 13:25:05 734-15:50:32 651 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1736 01:02:13 734-15:50:32 662 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3556 01:29:18 734-15:50:32 690 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3564 01:29:47 734-15:50:32 691 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4692 01:03:51 734-15:50:29 788 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4808 00:00:52 734-15:50:29 800 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 32052 15680 01:04:28 734-15:50:29 801 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6808 1708 00:06:03 734-15:50:29 813 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1116 00:00:00 734-15:50:29 821 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1280 00:00:00 734-15:50:29 822 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13012 5152 00:07:35 734-15:50:25 828 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 1900 00:00:00 23:04:40 7696 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 1972 00:00:00 23:04:40 7698 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 2048 00:00:00 23:04:40 7699 dovecot/log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 59376 50880 00:00:11 22:25:42 8292 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 61892 53432 00:00:04 22:25:40 8293 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 59376 47764 00:00:00 22:25:40 8294 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 7292 00:00:00 4-00:36:40 8477 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2512 668 00:00:00 3-14:31:25 16832 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 7396 00:00:00 3-14:14:10 17287 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 7456 00:00:00 3-14:10:19 17385 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 7556 00:00:14 3-13:50:08 17653 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13016 4892 00:00:14 12-07:04:56 19190 anvil -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9592 00:00:00 35:23 21532 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 4724 3864 00:00:00 31:02 21547 dovecot/config cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 9084 5252 00:00:00 31:02 21548 dovecot/auth cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5676 00:00:00 01:57 21977 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 11032 6544 00:00:00 00:08 21980 sshd: root [priv] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3204 00:00:00 00:08 21981 sshd: root [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2632 00:00:00 00:02 22031 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2860 1860 00:00:00 00:02 22053 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 7456 00:00:00 1-10:12:11 31404 /usr/sbin/httpd Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2024-11-28 01:04 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c22688164b8bFound public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1680 00:07:04 732-15:50:48 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 732-15:50:48 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 732-15:50:48 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 956 00:00:00 732-15:50:43 238 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 4368 06:40:03 732-15:50:42 626 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 1920 13:24:56 732-15:50:40 651 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1736 01:02:13 732-15:50:40 662 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3556 01:29:07 732-15:50:40 690 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3564 01:29:37 732-15:50:40 691 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4692 01:03:48 732-15:50:37 788 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4808 00:00:52 732-15:50:37 800 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 32052 15680 01:04:19 732-15:50:37 801 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6808 1708 00:06:03 732-15:50:37 813 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1116 00:00:00 732-15:50:37 821 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1280 00:00:00 732-15:50:37 822 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13012 5152 00:07:35 732-15:50:33 828 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 7292 00:00:00 2-00:36:48 8477 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 7336 00:00:09 1-23:35:36 10406 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2512 668 00:00:00 1-14:31:33 16832 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 7396 00:00:00 1-14:14:18 17287 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 7456 00:00:00 1-14:10:27 17385 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 7456 00:00:14 1-13:50:16 17653 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12936 4756 00:00:12 10-07:05:04 19190 anvil -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9304 00:00:00 42:49 23751 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 4724 3932 00:00:00 35:06 23826 dovecot/config cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9612 00:00:00 19:10 23948 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9596 00:00:00 19:10 23952 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9340 00:00:00 19:10 23953 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5540 00:00:00 12:13 24037 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2628 00:00:00 00:02 24237 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2860 1760 00:00:00 00:02 24259 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 1828 00:00:00 23:04:47 29675 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 1996 00:00:00 23:04:47 29676 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 1984 00:00:00 23:04:47 29678 dovecot/log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 59428 50920 00:00:11 21:57:53 30287 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 61924 52300 00:00:08 21:57:51 30288 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 59428 47692 00:00:00 21:57:51 30289 spamd child Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2024-11-26 01:04 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c226e0c29aa9Found public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1680 00:07:03 730-15:38:09 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 730-15:38:09 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 730-15:38:09 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 956 00:00:00 730-15:38:04 238 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 4404 06:39:43 730-15:38:03 626 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 1920 13:24:46 730-15:38:01 651 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1736 01:02:12 730-15:38:01 662 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3556 01:28:54 730-15:38:01 690 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3564 01:29:24 730-15:38:01 691 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4692 01:03:45 730-15:37:58 788 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4808 00:00:52 730-15:37:58 800 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 32052 15292 01:04:10 730-15:37:58 801 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6808 1716 00:06:03 730-15:37:58 813 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1116 00:00:00 730-15:37:58 821 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1280 00:00:00 730-15:37:58 822 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13144 5140 00:07:35 730-15:37:54 828 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9412 00:00:00 31:27 8316 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9204 00:00:00 29:34 8352 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9380 00:00:00 25:49 8399 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32188 7292 00:00:00 24:09 8477 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5528 00:00:00 00:46 9285 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 4860 3888 00:00:00 00:05 9317 dovecot/config cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 9084 5356 00:00:00 00:05 9318 dovecot/auth cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6724 2328 00:00:00 00:05 9319 dovecot/ssl-params cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10104 5248 00:00:00 00:03 9320 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3184 00:00:00 00:03 9321 sshd: [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovenull 7084 4844 00:00:00 00:02 9404 dovecot/imap-login cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2620 00:00:00 00:02 9487 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2864 1844 00:00:00 00:02 9509 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 1908 00:00:00 22:52:09 14200 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 1972 00:00:00 22:52:09 14202 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 2132 00:00:00 22:52:09 14203 dovecot/log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 59328 50688 00:00:11 22:41:53 14474 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 61888 52208 00:00:09 22:41:51 14475 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 59328 47660 00:00:00 22:41:51 14476 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12936 4784 00:00:09 8-06:52:25 19190 anvil -l -t unix -u Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2024-11-24 00:52 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c226eedec0d6Found public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1680 00:07:01 728-15:40:25 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 728-15:40:25 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 728-15:40:25 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 956 00:00:00 728-15:40:20 238 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 4276 06:39:20 728-15:40:19 626 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 1920 13:24:30 728-15:40:17 651 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1736 01:02:12 728-15:40:17 662 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3556 01:28:42 728-15:40:17 690 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3564 01:29:12 728-15:40:17 691 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4692 01:03:42 728-15:40:14 788 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4808 00:00:52 728-15:40:14 800 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 32008 15624 01:04:02 728-15:40:14 801 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6808 1716 00:06:03 728-15:40:14 813 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1116 00:00:00 728-15:40:14 821 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1280 00:00:00 728-15:40:14 822 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13144 5140 00:07:35 728-15:40:10 828 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9428 00:00:00 29:35 9078 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9380 00:00:00 26:59 9116 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6724 2400 00:00:00 23:14 9172 dovecot/ssl-params cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9484 00:00:00 20:28 9214 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5516 00:00:00 10:04 9386 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9272 00:00:00 05:05 9477 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 5456 00:00:00 01:30 9528 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 5180 00:00:00 00:30 9543 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 11256 6416 00:00:00 00:10 9558 sshd: root [priv] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3272 00:00:00 00:10 9559 sshd: root [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2560 00:00:00 00:02 9591 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2860 1788 00:00:00 00:02 9613 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12936 4784 00:00:06 6-06:54:41 19190 anvil -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32144 7288 00:00:00 5-00:39:21 20889 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32144 7284 00:00:00 5-00:35:49 21083 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 1976 00:00:00 22:54:20 24705 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 1960 00:00:00 22:54:20 24707 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 2088 00:00:00 22:54:20 24708 dovecot/log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 59276 50708 00:00:12 22:27:12 25336 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 62472 53996 00:00:10 22:27:10 25339 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 59276 47396 00:00:00 22:27:10 25340 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32144 7336 00:00:00 4-14:11:43 28838 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32144 7396 00:00:00 4-14:11:43 28839 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32144 7396 00:00:00 4-09:48:11 30992 /usr/sbin/httpd Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2024-11-22 00:54 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c22680ce34fbFound public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1680 00:07:00 727-04:36:51 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 727-04:36:51 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 727-04:36:51 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 956 00:00:00 727-04:36:46 238 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 4300 06:39:06 727-04:36:45 626 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 1920 13:24:23 727-04:36:43 651 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1736 01:02:12 727-04:36:43 662 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3556 01:28:32 727-04:36:43 690 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3564 01:29:02 727-04:36:43 691 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4692 01:03:40 727-04:36:40 788 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4808 00:00:52 727-04:36:40 800 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 32008 15636 01:03:55 727-04:36:40 801 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6808 1716 00:06:03 727-04:36:40 813 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1116 00:00:00 727-04:36:40 821 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1280 00:00:00 727-04:36:40 822 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13144 5140 00:07:34 727-04:36:36 828 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 59348 50768 00:00:07 12:10:24 6136 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 61572 51932 00:00:04 12:10:22 6137 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 59348 47736 00:00:00 12:10:22 6139 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 1908 00:00:00 11:50:46 6384 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 1972 00:00:00 11:50:46 6386 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 2092 00:00:00 11:50:46 6387 dovecot/log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5472 00:00:00 01:34:32 13439 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9404 00:00:00 39:37 13805 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9488 00:00:00 31:52 13849 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14756 9280 00:00:00 30:05 13865 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9264 00:00:00 29:35 13871 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9304 00:00:00 05:15 14085 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2616 00:00:00 00:02 14226 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2860 1740 00:00:00 00:02 14248 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12936 4852 00:00:04 4-19:51:07 19190 anvil -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32144 7344 00:00:00 3-13:35:47 20889 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32144 7340 00:00:00 3-13:32:15 21083 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32144 7340 00:00:00 3-03:08:09 28838 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32144 7400 00:00:00 3-03:08:09 28839 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32144 7400 00:00:00 2-22:44:37 30992 /usr/sbin/httpd Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2024-11-20 13:50 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c226fce9f579Found public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1680 00:06:59 726-16:24:09 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 726-16:24:09 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 726-16:24:09 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 956 00:00:00 726-16:24:04 238 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 4300 06:39:01 726-16:24:03 626 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 1920 13:24:21 726-16:24:01 651 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1736 01:02:12 726-16:24:01 662 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10052 3724 01:28:29 726-16:24:01 690 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3564 01:28:59 726-16:24:01 691 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4692 01:03:40 726-16:23:58 788 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4808 00:00:52 726-16:23:58 800 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 32008 15636 01:03:53 726-16:23:58 801 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6808 1716 00:06:03 726-16:23:58 813 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1116 00:00:00 726-16:23:58 821 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1280 00:00:00 726-16:23:58 822 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13144 5140 00:07:34 726-16:23:54 828 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5536 00:00:00 56:52 5027 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6724 2356 00:00:00 46:28 5139 dovecot/ssl-params cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 7184 2388 00:00:00 28:05 5343 CROND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6260 2340 00:00:00 28:05 5344 /bin/sh -c /usr/share/spamassassin/sa-update.cron 2>&1 | tee -a /var/log/sa-update.log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6260 2588 00:00:00 28:05 5345 /bin/bash /usr/share/spamassassin/sa-update.cron cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5264 1468 00:00:00 28:05 5346 tee -a /var/log/sa-update.log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5260 328 00:00:00 28:04 5360 sleep 1815 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14756 9544 00:00:00 23:21 5393 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9292 00:00:00 11:53 5538 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9416 00:00:00 01:31 5789 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 11032 6364 00:00:00 00:04 5807 sshd: root [priv] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3184 00:00:00 00:04 5808 sshd: root [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2604 00:00:00 00:01 5973 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2864 1816 00:00:00 00:01 5995 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12936 4856 00:00:03 4-07:38:25 19190 anvil -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32144 7344 00:00:00 3-01:23:05 20889 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32144 7340 00:00:00 3-01:19:33 21083 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 59368 50748 00:00:12 1-00:06:26 22487 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 63236 54728 00:00:06 1-00:06:24 22488 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 59368 47440 00:00:00 1-00:06:24 22489 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 1812 00:00:00 23:38:04 22703 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 1912 00:00:00 23:38:04 22705 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 2028 00:00:00 23:38:04 22706 dovecot/log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32144 7340 00:00:00 2-14:55:27 28838 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32144 7400 00:00:00 2-14:55:27 28839 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32144 7400 00:00:00 2-10:31:55 30992 /usr/sbin/httpd Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2024-11-20 01:38 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c226f381bcfaFound public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1680 00:06:58 724-15:26:36 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 724-15:26:36 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 724-15:26:36 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 956 00:00:00 724-15:26:31 238 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 4328 06:38:48 724-15:26:30 626 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 1920 13:24:13 724-15:26:28 651 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1736 01:02:12 724-15:26:28 662 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3556 01:28:15 724-15:26:28 690 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3564 01:28:45 724-15:26:28 691 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4692 01:03:38 724-15:26:25 788 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4808 00:00:52 724-15:26:25 800 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 32008 15636 01:03:43 724-15:26:25 801 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6808 1716 00:06:02 724-15:26:25 813 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1116 00:00:00 724-15:26:25 821 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1280 00:00:00 724-15:26:25 822 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13144 5140 00:07:34 724-15:26:21 828 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 4724 3908 00:00:00 03:52:40 3485 dovecot/config cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 9084 5236 00:00:00 03:52:40 3486 dovecot/auth cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14760 9384 00:00:00 12:15 5630 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5480 00:00:00 01:39 5705 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9428 00:00:00 00:28 5916 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2624 00:00:00 00:01 6083 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2860 1788 00:00:00 00:01 6105 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12936 5424 00:00:01 2-06:40:52 19190 anvil -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32144 7344 00:00:00 1-00:25:32 20889 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32144 7340 00:00:00 1-00:22:00 21083 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 59336 50784 00:00:11 23:25:31 21774 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 62472 54028 00:00:05 23:25:29 21775 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 59336 47488 00:00:00 23:25:29 21776 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 1980 00:00:00 22:40:30 22907 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 1996 00:00:00 22:40:30 22909 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 2080 00:00:00 22:40:30 22910 dovecot/log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32144 7340 00:00:00 13:57:54 28838 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32144 7400 00:00:00 13:57:54 28839 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32144 7400 00:00:00 09:34:22 30992 /usr/sbin/httpd Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2024-11-18 00:40 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c22605d68e13Found public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1680 00:06:55 722-16:39:22 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 722-16:39:22 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 722-16:39:22 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 956 00:00:00 722-16:39:17 238 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 4356 06:38:28 722-16:39:16 626 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 1920 13:23:53 722-16:39:14 651 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1736 01:02:12 722-16:39:14 662 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3556 01:28:03 722-16:39:14 690 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3564 01:28:33 722-16:39:14 691 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4692 01:03:36 722-16:39:11 788 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4808 00:00:51 722-16:39:11 800 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 31968 15528 01:03:35 722-16:39:11 801 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6808 1716 00:06:02 722-16:39:11 813 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1116 00:00:00 722-16:39:11 821 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1280 00:00:00 722-16:39:11 822 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13144 5140 00:07:34 722-16:39:07 828 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 1920 00:00:00 23:53:13 7260 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 1992 00:00:00 23:53:13 7262 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 1912 00:00:00 23:53:13 7263 dovecot/log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32100 7180 00:00:00 2-17:54:09 7704 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32100 7232 00:00:00 2-17:54:09 7705 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 59304 50668 00:00:11 22:46:26 8207 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 62400 53912 00:00:04 22:46:24 8208 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 59304 47728 00:00:00 22:46:24 8209 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12936 5424 00:00:00 07:53:38 19190 anvil -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5480 00:00:00 01:15:39 24350 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9552 00:00:00 01:05:34 24482 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 7184 2388 00:00:00 43:19 24736 CROND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6260 2356 00:00:00 43:19 24737 /bin/sh -c /usr/share/spamassassin/sa-update.cron 2>&1 | tee -a /var/log/sa-update.log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6260 2556 00:00:00 43:19 24738 /bin/bash /usr/share/spamassassin/sa-update.cron cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5264 1460 00:00:00 43:19 24739 tee -a /var/log/sa-update.log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5260 304 00:00:00 43:18 24753 sleep 3438 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9492 00:00:00 11:38 25089 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 5328 00:00:00 00:30 25200 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9204 00:00:00 00:18 25203 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2632 00:00:00 00:01 25280 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2864 1752 00:00:00 00:01 25302 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32100 7396 00:00:00 6-01:27:13 27162 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32100 7164 00:00:00 6-01:18:27 27981 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32100 7128 00:00:00 5-22:04:21 31152 /usr/sbin/httpd Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2024-11-16 01:53 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c226a070143cFound public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1680 00:06:55 722-16:06:16 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 722-16:06:16 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 722-16:06:16 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 956 00:00:00 722-16:06:11 238 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 4356 06:38:28 722-16:06:10 626 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 1920 13:23:53 722-16:06:08 651 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1736 01:02:12 722-16:06:08 662 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10052 3724 01:28:03 722-16:06:08 690 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3564 01:28:33 722-16:06:08 691 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4692 01:03:36 722-16:06:05 788 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4808 00:00:51 722-16:06:05 800 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 31968 15528 01:03:35 722-16:06:05 801 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6808 1716 00:06:02 722-16:06:05 813 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1116 00:00:00 722-16:06:05 821 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1280 00:00:00 722-16:06:05 822 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13144 5140 00:07:34 722-16:06:01 828 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 1920 00:00:00 23:20:07 7260 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 1992 00:00:00 23:20:07 7262 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 1912 00:00:00 23:20:07 7263 dovecot/log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32100 7180 00:00:00 2-17:21:03 7704 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32100 7232 00:00:00 2-17:21:03 7705 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 59304 50668 00:00:11 22:13:20 8207 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 62400 53912 00:00:04 22:13:18 8208 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 59304 47728 00:00:00 22:13:18 8209 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12936 5424 00:00:00 07:20:32 19190 anvil -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9272 00:00:00 01:00:23 23979 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5480 00:00:00 42:33 24350 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9548 00:00:00 32:28 24482 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9412 00:00:00 12:10 24717 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 7184 2388 00:00:00 10:13 24736 CROND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6260 2356 00:00:00 10:13 24737 /bin/sh -c /usr/share/spamassassin/sa-update.cron 2>&1 | tee -a /var/log/sa-update.log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6260 2556 00:00:00 10:13 24738 /bin/bash /usr/share/spamassassin/sa-update.cron cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5264 1460 00:00:00 10:13 24739 tee -a /var/log/sa-update.log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5260 304 00:00:00 10:12 24753 sleep 3438 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 5408 00:00:00 01:58 24804 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 5244 00:00:00 00:19 24817 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 5220 00:00:00 00:03 24818 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10104 5396 00:00:00 00:01 24819 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3228 00:00:00 00:01 24820 sshd: [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2608 00:00:00 00:01 24888 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2860 1812 00:00:00 00:01 24910 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32100 7396 00:00:00 6-00:54:07 27162 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32100 7164 00:00:00 6-00:45:21 27981 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32100 7128 00:00:00 5-21:31:15 31152 /usr/sbin/httpd Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2024-11-16 01:20 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c2268e4ef207Found public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1680 00:06:54 720-15:29:28 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 720-15:29:28 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 720-15:29:28 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 956 00:00:00 720-15:29:23 238 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 4380 06:38:17 720-15:29:22 626 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 1920 13:23:44 720-15:29:20 651 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1736 01:02:12 720-15:29:20 662 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3556 01:27:58 720-15:29:20 690 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3564 01:28:28 720-15:29:20 691 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4692 01:03:34 720-15:29:17 788 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4808 00:00:51 720-15:29:17 800 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 31968 15552 01:03:26 720-15:29:17 801 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6808 1716 00:06:02 720-15:29:17 813 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1116 00:00:00 720-15:29:17 821 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1280 00:00:00 720-15:29:17 822 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13144 5240 00:07:34 720-15:29:13 828 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 1884 00:00:00 22:43:19 4260 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 2000 00:00:00 22:43:19 4262 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 2096 00:00:00 22:43:19 4263 dovecot/log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32100 7204 00:00:00 16:44:15 7704 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32100 7256 00:00:00 16:44:15 7705 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 59352 50836 00:00:22 1-22:58:39 23824 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 62536 53972 00:00:09 1-22:58:37 23825 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 59352 47464 00:00:00 1-22:58:37 23827 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14756 9512 00:00:00 22:52 24372 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9388 00:00:00 11:37 24557 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5520 00:00:00 08:09 24607 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9372 00:00:00 06:58 24630 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9212 00:00:00 06:53 24636 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 11256 6436 00:00:00 00:08 24725 sshd: root [priv] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3148 00:00:00 00:08 24726 sshd: root [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2604 00:00:00 00:02 24760 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2860 1808 00:00:00 00:02 24782 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13016 4944 00:00:09 15-14:48:32 24822 anvil -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32100 7420 00:00:00 4-00:17:19 27162 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32100 7188 00:00:00 4-00:08:33 27981 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32100 7152 00:00:00 3-20:54:27 31152 /usr/sbin/httpd Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2024-11-14 00:43 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c226f2cafee1Found public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1680 00:06:52 716-15:11:27 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 716-15:11:27 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 716-15:11:27 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 956 00:00:00 716-15:11:22 238 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 4280 06:37:55 716-15:11:21 626 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 1920 13:23:27 716-15:11:19 651 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1736 01:02:12 716-15:11:19 662 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3556 01:27:48 716-15:11:19 690 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3564 01:28:18 716-15:11:19 691 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4692 01:03:31 716-15:11:16 788 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4808 00:00:51 716-15:11:16 800 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 31924 15584 01:03:06 716-15:11:16 801 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6808 1716 00:06:02 716-15:11:16 813 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1116 00:00:00 716-15:11:16 821 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1280 00:00:00 716-15:11:16 822 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13144 5240 00:07:34 716-15:11:12 828 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32060 7360 00:00:00 4-13:20:58 9986 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32060 7348 00:00:00 1-01:49:33 11691 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32060 7348 00:00:00 1-01:49:32 11693 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32060 7232 00:00:00 7-00:10:39 15361 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32060 7360 00:00:00 6-21:57:58 16469 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 59260 47284 00:01:19 7-21:23:58 18176 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 71904 62212 00:01:10 7-21:23:56 18179 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 59260 44204 00:00:00 7-21:23:56 18180 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 1980 00:00:00 22:25:17 18874 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 2052 00:00:00 22:25:17 18876 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 2096 00:00:00 22:25:17 18877 dovecot/log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 9140 5392 00:00:00 01:39:03 20370 dovecot/auth cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6724 2460 00:00:00 01:39:03 20371 dovecot/ssl-params cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9140 5464 00:00:00 01:39:02 20372 dovecot/auth -w cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9516 00:00:00 38:08 23987 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13016 4948 00:00:07 11-14:30:31 24822 anvil -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9320 00:00:00 26:52 24849 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2632 1492 00:00:00 24:19 25057 /usr/sbin/anacron -s cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5620 00:00:00 05:59 26384 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10104 5316 00:00:00 01:51 26697 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3136 00:00:00 01:51 26698 sshd: [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 5248 00:00:00 00:49 26767 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10104 5312 00:00:00 00:05 26816 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3160 00:00:00 00:05 26817 sshd: [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 11032 6292 00:00:00 00:03 26820 sshd: root [priv] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3284 00:00:00 00:03 26821 sshd: root [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2620 00:00:00 00:02 26986 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2856 1812 00:00:00 00:02 27008 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2024-11-10 00:25 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c226284d42f1Found public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1680 00:06:49 714-13:26:18 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 714-13:26:18 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 714-13:26:18 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 956 00:00:00 714-13:26:13 238 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 4316 06:37:34 714-13:26:12 626 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 1920 13:22:57 714-13:26:10 651 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1736 01:02:12 714-13:26:10 662 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3556 01:27:42 714-13:26:10 690 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3564 01:28:13 714-13:26:10 691 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4692 01:03:30 714-13:26:07 788 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4808 00:00:51 714-13:26:07 800 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 31924 15584 01:02:57 714-13:26:07 801 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6808 1716 00:06:02 714-13:26:07 813 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1116 00:00:00 714-13:26:07 821 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1280 00:00:00 714-13:26:07 822 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13144 5240 00:07:34 714-13:26:03 828 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 1980 00:00:00 20:40:04 3709 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 1984 00:00:00 20:40:04 3710 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 2072 00:00:00 20:40:04 3711 dovecot/log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32060 7348 00:00:00 2-13:09:53 8905 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32060 7360 00:00:00 2-11:35:49 9986 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32060 7232 00:00:00 4-22:25:30 15361 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32060 7360 00:00:00 4-20:12:49 16469 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 59260 48704 00:00:59 5-19:38:49 18176 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 71904 62560 00:00:45 5-19:38:47 18179 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 59260 45556 00:00:00 5-19:38:47 18180 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32060 7348 00:00:00 3-09:38:24 20311 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5536 00:00:00 01:37:11 21909 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9488 00:00:00 34:43 22441 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14700 9524 00:00:00 34:40 22442 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9244 00:00:00 05:52 23019 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9448 00:00:00 01:10 23194 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9272 00:00:00 01:09 23196 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9340 00:00:00 01:08 23197 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9200 00:00:00 01:02 23202 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9264 00:00:00 01:02 23203 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9420 00:00:00 01:02 23204 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 5376 00:00:00 01:01 23205 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10504 5932 00:00:00 00:04 23232 sshd: unknown [priv] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3136 00:00:00 00:04 23233 sshd: unknown [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2560 00:00:00 00:01 23269 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2860 1796 00:00:00 00:01 23291 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13016 4948 00:00:05 9-12:45:22 24822 anvil -l -t unix -u Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2024-11-07 22:40 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c226d494ff8cFound public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1680 00:06:47 712-13:25:31 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 712-13:25:31 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 712-13:25:31 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 956 00:00:00 712-13:25:26 238 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 4340 06:37:21 712-13:25:25 626 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 1920 13:22:47 712-13:25:23 651 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1736 01:02:12 712-13:25:23 662 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3556 01:27:37 712-13:25:23 690 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3560 01:28:08 712-13:25:23 691 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4692 01:03:28 712-13:25:20 788 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4808 00:00:51 712-13:25:20 800 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 31924 15584 01:02:47 712-13:25:20 801 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6808 1716 00:06:02 712-13:25:20 813 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1116 00:00:00 712-13:25:20 821 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1280 00:00:00 712-13:25:20 822 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13144 5240 00:07:33 712-13:25:16 828 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 1920 00:00:00 20:39:17 3467 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 2008 00:00:00 20:39:17 3469 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 2088 00:00:00 20:39:17 3470 dovecot/log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32060 7348 00:00:00 13:09:06 8905 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32060 7360 00:00:00 11:35:02 9986 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6724 2548 00:00:00 03:22:58 14979 dovecot/ssl-params cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32060 7232 00:00:00 2-22:24:43 15361 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 4724 3924 00:00:00 01:53:39 15786 dovecot/config cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 9084 5128 00:00:00 01:53:39 15787 dovecot/auth cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14700 9220 00:00:00 29:02 16090 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9216 00:00:00 29:02 16092 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5596 00:00:00 01:51 16467 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32060 7360 00:00:00 2-20:12:02 16469 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 5256 00:00:00 01:40 16474 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 5128 00:00:00 01:34 16475 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 5404 00:00:00 01:28 16476 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 11256 6432 00:00:00 00:06 16532 sshd: root [priv] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3208 00:00:00 00:06 16533 sshd: root [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10504 5732 00:00:00 00:04 16534 sshd: unknown [priv] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3200 00:00:00 00:04 16535 sshd: unknown [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10504 5700 00:00:00 00:03 16536 sshd: unknown [priv] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3244 00:00:00 00:03 16537 sshd: unknown [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2560 00:00:00 00:01 16701 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2856 1768 00:00:00 00:01 16723 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 59260 49904 00:00:39 3-19:38:02 18176 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 67428 58608 00:00:34 3-19:38:00 18179 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 59260 46712 00:00:00 3-19:38:00 18180 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 32060 7348 00:00:00 1-09:37:37 20311 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13016 4948 00:00:04 7-12:44:35 24822 anvil -l -t unix -u Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2024-11-05 22:39 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c226b3c9f577Found public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1680 00:05:51 611-13:36:31 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 611-13:36:31 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 611-13:36:31 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 956 00:00:00 611-13:36:26 238 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 4340 06:22:46 611-13:36:25 626 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 1920 13:05:21 611-13:36:23 651 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1736 01:00:21 611-13:36:23 662 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3556 01:21:21 611-13:36:23 690 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3560 01:21:48 611-13:36:23 691 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4692 01:01:24 611-13:36:20 788 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4820 00:00:43 611-13:36:20 800 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 31288 15040 00:53:58 611-13:36:20 801 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6808 1716 00:05:48 611-13:36:20 813 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1116 00:00:00 611-13:36:20 821 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1280 00:00:00 611-13:36:20 822 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13012 5112 00:07:17 611-13:36:16 828 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 31424 6644 00:00:00 6-23:11:05 2584 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 31424 6640 00:00:00 1-07:43:23 5704 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 31424 6640 00:00:00 1-07:43:22 5705 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 31424 6624 00:00:00 1-07:43:22 5706 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5456 00:00:00 59:35 12335 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14740 9672 00:00:00 55:19 12689 smtpd -n smtps -t inet -u -o stress= -s 2 -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14740 9612 00:00:00 44:34 13640 smtpd -n smtps -t inet -u -o stress= -s 2 -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14740 9516 00:00:00 39:09 14158 smtpd -n smtps -t inet -u -o stress= -s 2 -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9380 00:00:00 35:25 14432 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9268 00:00:00 34:19 14524 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9396 00:00:00 32:38 14706 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2616 00:00:00 00:01 17641 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2860 1804 00:00:00 00:01 17663 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 59056 50384 00:00:11 22:11:16 25263 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 67096 58588 00:00:05 22:11:14 25346 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 59056 47444 00:00:00 22:11:14 25347 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 1812 00:00:00 21:49:10 27429 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 2020 00:00:00 21:49:10 27431 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 1992 00:00:00 21:49:10 27432 dovecot/log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13004 4928 00:01:17 47-02:44:26 28375 anvil -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 31424 6756 00:00:00 4-23:28:14 29694 /usr/sbin/httpd Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2024-07-27 22:49 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c2265c3b0b93Found public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1684 00:05:50 609-13:18:59 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 609-13:18:59 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 609-13:18:59 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 956 00:00:00 609-13:18:54 238 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 4296 06:21:56 609-13:18:53 626 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 1920 13:05:10 609-13:18:51 651 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1736 01:00:19 609-13:18:51 662 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3556 01:21:07 609-13:18:51 690 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3564 01:21:34 609-13:18:51 691 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4692 01:01:20 609-13:18:48 788 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4820 00:00:43 609-13:18:48 800 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 31288 15068 00:53:49 609-13:18:48 801 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6808 1716 00:05:48 609-13:18:48 813 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1116 00:00:00 609-13:18:48 821 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1280 00:00:00 609-13:18:48 822 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13012 5112 00:07:15 609-13:18:44 828 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14740 9532 00:00:01 01:32:21 2139 smtpd -n smtps -t inet -u -o stress= -s 2 -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 31424 6668 00:00:00 4-22:53:33 2584 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 31424 6716 00:00:00 4-22:39:22 4131 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5420 00:00:00 54:02 5486 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14740 9508 00:00:00 16:35 8827 smtpd -n smtps -t inet -u -o stress= -s 2 -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9392 00:00:00 12:49 9187 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9368 00:00:00 12:24 9191 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 59044 50516 00:00:11 22:11:59 9426 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 63444 54792 00:00:05 22:11:58 9427 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 59044 47220 00:00:00 22:11:58 9428 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14740 9500 00:00:00 09:47 9462 smtpd -n smtps -t inet -u -o stress= -s 2 -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9232 00:00:00 04:47 9920 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10104 5548 00:00:00 00:02 10320 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3208 00:00:00 00:02 10321 sshd: [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2680 00:00:00 00:02 10356 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2864 1808 00:00:00 00:02 10378 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 1812 00:00:00 21:31:32 13521 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 1980 00:00:00 21:31:32 13523 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 2188 00:00:00 21:31:32 13524 dovecot/log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13004 4928 00:01:14 45-02:26:54 28375 anvil -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 31424 6784 00:00:00 2-23:10:42 29694 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 31424 6784 00:00:00 2-23:10:41 29695 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 31424 6828 00:00:00 2-23:10:41 29696 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 4724 3892 00:00:00 02:03:47 31888 dovecot/config Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2024-07-25 22:31 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c226905c4261Found public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1684 00:05:47 607-12:47:40 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 607-12:47:40 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 607-12:47:40 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 956 00:00:00 607-12:47:35 238 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 4400 06:21:21 607-12:47:34 626 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 1920 13:04:53 607-12:47:32 651 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1736 01:00:18 607-12:47:32 662 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3556 01:20:57 607-12:47:32 690 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3564 01:21:24 607-12:47:32 691 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4692 01:01:17 607-12:47:29 788 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4820 00:00:43 607-12:47:29 800 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 31288 15072 00:53:40 607-12:47:29 801 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6808 1716 00:05:48 607-12:47:29 813 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1116 00:00:00 607-12:47:29 821 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1280 00:00:00 607-12:47:29 822 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13012 5116 00:07:15 607-12:47:25 828 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 31424 6672 00:00:00 2-22:22:14 2584 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 31424 6720 00:00:00 2-22:08:03 4131 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 1812 00:00:00 21:00:13 6392 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 1960 00:00:00 21:00:13 6394 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 2092 00:00:00 21:00:13 6395 dovecot/log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 59132 50604 00:00:10 20:56:30 6845 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 62584 54272 00:00:05 20:56:28 6846 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 59132 47336 00:00:00 20:56:28 6847 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14740 9604 00:00:00 01:06:47 17895 smtpd -n smtps -t inet -u -o stress= -s 2 -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14756 9540 00:00:00 55:49 18931 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9420 00:00:00 43:38 20219 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9444 00:00:00 41:22 20519 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9412 00:00:00 40:56 20529 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5484 00:00:00 32:54 21375 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6724 2336 00:00:00 24:40 22229 dovecot/ssl-params cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2632 00:00:00 00:01 24755 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2864 1764 00:00:00 00:01 24777 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13004 4932 00:01:11 43-01:55:35 28375 anvil -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 31424 6788 00:00:00 22:39:23 29694 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 31424 6788 00:00:00 22:39:22 29695 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 31424 6832 00:00:00 22:39:22 29696 /usr/sbin/httpd Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2024-07-23 22:00 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c226dfe8c390Found public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1680 00:05:46 603-14:04:10 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 603-14:04:10 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 603-14:04:10 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 956 00:00:00 603-14:04:05 238 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 4204 06:20:00 603-14:04:04 626 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 1920 13:04:41 603-14:04:02 651 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1736 01:00:16 603-14:04:02 662 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3556 01:20:32 603-14:04:02 690 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3564 01:20:59 603-14:04:02 691 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4692 01:01:12 603-14:03:59 788 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4820 00:00:43 603-14:03:59 800 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 31248 13508 00:53:21 603-14:03:59 801 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6808 1716 00:05:47 603-14:03:59 813 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1116 00:00:00 603-14:03:59 821 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1280 00:00:00 603-14:03:59 822 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13012 5116 00:07:13 603-14:03:55 828 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14740 9468 00:00:01 01:36:53 2265 smtpd -n smtps -t inet -u -o stress= -s 2 -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6724 2308 00:00:00 01:01:36 5300 dovecot/ssl-params cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14740 9416 00:00:00 50:39 6250 smtpd -n smtps -t inet -u -o stress= -s 2 -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14740 9516 00:00:00 32:36 7790 smtpd -n smtps -t inet -u -o stress= -s 2 -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5420 00:00:00 29:38 8056 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 31384 5312 00:00:00 5-04:28:17 8261 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2632 1424 00:00:00 15:44 9370 /usr/sbin/anacron -s cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 31384 5160 00:00:00 1-07:32:00 9454 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 31384 5156 00:00:00 1-07:31:59 9456 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9400 00:00:00 11:45 9741 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9396 00:00:00 06:54 10189 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 31384 5300 00:00:00 5-22:28:27 10539 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9304 00:00:00 03:02 10548 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 4724 3912 00:00:00 00:26 10746 dovecot/config cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 9084 5328 00:00:00 00:26 10747 dovecot/auth cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2616 00:00:00 00:01 10868 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2860 1804 00:00:00 00:01 10890 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 31384 5308 00:00:00 5-20:32:32 19485 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 2020 00:00:00 22:16:38 24422 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 1996 00:00:00 22:16:38 24424 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 2092 00:00:00 22:16:38 24425 dovecot/log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 59040 50420 00:00:11 21:20:41 28106 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 62484 53980 00:00:08 21:20:39 28107 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 59040 47364 00:00:00 21:20:39 28108 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13004 4932 00:01:06 39-03:12:05 28375 anvil -l -t unix -u Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2024-07-19 23:16 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c226cebff097Found public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1680 00:05:45 601-14:21:57 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 601-14:21:57 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 601-14:21:57 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 956 00:00:00 601-14:21:52 238 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 4368 06:19:16 601-14:21:51 626 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 1920 13:04:33 601-14:21:49 651 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1736 01:00:15 601-14:21:49 662 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3556 01:20:19 601-14:21:49 690 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3560 01:20:46 601-14:21:49 691 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4692 01:01:09 601-14:21:46 788 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4820 00:00:43 601-14:21:46 800 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 31248 13804 00:53:12 601-14:21:46 801 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6808 1716 00:05:47 601-14:21:46 813 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1116 00:00:00 601-14:21:46 821 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1280 00:00:00 601-14:21:46 822 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13012 5116 00:07:12 601-14:21:42 828 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 31384 5484 00:00:00 4-00:19:26 1353 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 31384 5700 00:00:00 4-00:16:30 1815 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14740 9576 00:00:01 01:56:31 3859 smtpd -n smtps -t inet -u -o stress= -s 2 -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14740 9384 00:00:01 01:53:27 4131 smtpd -n smtps -t inet -u -o stress= -s 2 -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5532 00:00:00 59:31 8253 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 31384 5648 00:00:00 3-04:46:04 8261 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6724 2456 00:00:00 53:31 8725 dovecot/ssl-params cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9564 00:00:00 49:15 8991 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14740 9584 00:00:00 39:58 9911 smtpd -n smtps -t inet -u -o stress= -s 2 -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2688 1972 00:00:00 33:26 10456 /usr/sbin/anacron -s cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 31384 5600 00:00:00 3-22:46:14 10539 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 4724 3856 00:00:00 31:43 10629 dovecot/config cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 9084 5116 00:00:00 31:43 10630 dovecot/auth cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9220 00:00:00 17:10 11871 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9468 00:00:00 12:10 12512 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 5200 00:00:00 00:55 13489 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2636 00:00:00 00:01 13627 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2856 1740 00:00:00 00:01 13649 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 31384 5648 00:00:00 3-20:50:19 19485 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 2020 00:00:00 22:34:25 24719 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 1992 00:00:00 22:34:25 24721 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 2076 00:00:00 22:34:25 24722 dovecot/log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13004 4932 00:01:03 37-03:29:52 28375 anvil -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 59116 50572 00:00:11 21:45:20 29002 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 61240 52816 00:00:08 21:45:18 29003 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 59116 47276 00:00:00 21:45:18 29004 spamd child Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2024-07-17 23:34 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c2263033421fFound public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1680 00:05:44 600-09:58:43 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 600-09:58:43 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 600-09:58:43 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 956 00:00:00 600-09:58:38 238 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 4220 06:18:51 600-09:58:37 626 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 1920 13:04:27 600-09:58:35 651 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1736 01:00:13 600-09:58:35 662 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3556 01:20:12 600-09:58:35 690 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3560 01:20:39 600-09:58:35 691 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4692 01:01:07 600-09:58:32 788 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4820 00:00:43 600-09:58:32 800 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 31248 14144 00:53:06 600-09:58:32 801 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6808 1716 00:05:47 600-09:58:32 813 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1116 00:00:00 600-09:58:32 821 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1280 00:00:00 600-09:58:32 822 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13012 5116 00:07:11 600-09:58:28 828 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 31384 5832 00:00:00 2-19:56:12 1353 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 59032 50452 00:00:09 17:09:37 1416 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 61016 51432 00:00:04 17:09:35 1417 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 59032 47260 00:00:00 17:09:35 1418 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 31384 6000 00:00:00 2-19:53:16 1815 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 31384 5948 00:00:00 2-00:22:50 8261 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 31384 5948 00:00:00 2-18:23:00 10539 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14740 9656 00:00:01 02:05:21 14481 smtpd -n smtps -t inet -u -o stress= -s 2 -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14740 9492 00:00:01 02:04:36 14487 smtpd -n smtps -t inet -u -o stress= -s 2 -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9352 00:00:00 01:14:01 18925 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 31384 5948 00:00:00 2-16:27:05 19485 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5560 00:00:00 53:23 20656 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14740 9396 00:00:00 22:18 24134 smtpd -n smtps -t inet -u -o stress= -s 2 -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9272 00:00:00 19:06 24516 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 4724 3884 00:00:00 05:23 25721 dovecot/config cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 9084 5028 00:00:00 05:23 25722 dovecot/auth cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2604 00:00:00 00:02 26351 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2864 1756 00:00:00 00:01 26373 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13004 4932 00:01:01 35-23:06:38 28375 anvil -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 1948 00:00:00 18:11:11 32093 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 1976 00:00:00 18:11:11 32095 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 2180 00:00:00 18:11:11 32096 dovecot/log Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2024-07-16 19:11 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c2269a2111f7Found public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1820 00:04:23 464-23:45:14 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 464-23:45:14 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 464-23:45:14 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 956 00:00:00 464-23:45:09 238 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 4324 05:30:46 464-23:45:08 626 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 1920 12:01:32 464-23:45:06 651 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1736 00:56:38 464-23:45:06 662 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10052 3724 01:04:18 464-23:45:06 690 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3560 01:04:44 464-23:45:06 691 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4636 00:55:53 464-23:45:03 788 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4856 00:00:34 464-23:45:03 800 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 30444 14828 00:42:35 464-23:45:03 801 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6808 1716 00:05:17 464-23:45:03 813 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1116 00:00:00 464-23:45:03 821 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1280 00:00:00 464-23:45:03 822 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13012 5108 00:06:08 464-23:44:59 828 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 30580 6852 00:00:00 08:08:12 10968 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 59192 50484 00:00:05 07:31:21 14782 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 59192 47448 00:00:00 07:31:19 14783 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 59192 47448 00:00:00 07:31:19 14784 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 30580 6992 00:00:00 07:22:36 15663 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 1980 00:00:02 06:56:12 18268 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 2004 00:00:00 06:56:12 18270 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 2176 00:00:00 06:56:12 18271 dovecot/log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5616 00:00:00 01:01:04 19583 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 4860 3908 00:00:00 32:09 22088 dovecot/config cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14756 9516 00:00:00 27:52 22435 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9288 00:00:00 27:29 22519 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9320 00:00:00 27:13 22522 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovenull 7084 4892 00:00:00 11:10 23929 dovecot/imap-login cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6724 2512 00:00:00 11:10 23931 dovecot/ssl-params cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ elmira 4120 3276 00:00:00 11:09 23933 dovecot/imap cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10104 5544 00:00:00 00:03 25088 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3200 00:00:00 00:03 25089 sshd: [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2628 00:00:00 00:01 25090 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2856 1748 00:00:00 00:01 25112 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12936 5432 00:00:08 6-11:35:32 25438 anvil -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 30580 6920 00:00:00 05:18:38 27927 /usr/sbin/httpd Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2024-03-03 08:56 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c226a59eeb8bFound public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1696 00:01:35 161-02:01:30 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 161-02:01:30 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 161-02:01:30 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 956 00:00:00 161-02:01:25 238 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 1896 00:00:00 10:08:57 305 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 1980 00:00:00 10:08:57 307 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 2164 00:00:00 10:08:57 308 dovecot/log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 4176 01:20:14 161-02:01:24 626 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 1924 06:40:22 161-02:01:22 651 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1844 00:11:36 161-02:01:22 662 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3976 00:22:05 161-02:01:22 690 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3984 00:22:15 161-02:01:22 691 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4772 00:27:19 161-02:01:19 788 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4928 00:00:11 161-02:01:19 800 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 28584 9012 00:15:24 161-02:01:19 801 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6808 1760 00:02:29 161-02:01:19 813 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1116 00:00:00 161-02:01:19 821 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1280 00:00:00 161-02:01:19 822 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13012 5172 00:01:19 161-02:01:15 828 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13016 4920 00:00:42 22-21:14:34 1237 anvil -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28720 5560 00:00:00 4-10:39:57 4768 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28720 5744 00:00:00 4-10:37:55 5071 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 58460 49988 00:00:05 09:18:54 5123 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 64032 55636 00:00:15 09:18:50 5124 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 58460 46644 00:00:00 09:18:50 5125 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5628 00:00:00 01:12:24 18738 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9452 00:00:00 39:10 21864 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9496 00:00:00 38:48 21970 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14740 9532 00:00:00 19:05 23947 smtpd -n smtps -t inet -u -o stress= -s 2 -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9308 00:00:00 16:22 24250 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14740 9636 00:00:00 16:02 24338 smtpd -n smtps -t inet -u -o stress= -s 2 -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14740 9532 00:00:00 06:38 25298 smtpd -n smtps -t inet -u -o stress= -s 2 -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2768 00:00:00 00:02 26133 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2856 1748 00:00:00 00:02 26155 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28720 5692 00:00:00 4-00:33:22 29582 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28720 6044 00:00:00 10:40:09 29721 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28720 6044 00:00:00 10:40:09 29724 /usr/sbin/httpd Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2023-05-04 11:09 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c22623e90f8bFound public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1712 00:01:20 139-21:34:57 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 139-21:34:57 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 139-21:34:57 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 956 00:00:00 139-21:34:52 238 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 3652 01:05:01 139-21:34:51 626 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 1924 05:51:40 139-21:34:49 651 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1844 00:04:55 139-21:34:49 662 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3976 00:19:53 139-21:34:49 690 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3980 00:20:02 139-21:34:49 691 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4772 00:24:07 139-21:34:46 788 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4932 00:00:10 139-21:34:46 800 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 28456 7572 00:13:26 139-21:34:46 801 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6808 1760 00:02:14 139-21:34:46 813 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1116 00:00:00 139-21:34:46 821 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1280 00:00:00 139-21:34:46 822 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13012 5052 00:01:01 139-21:34:42 828 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12936 5500 00:00:03 1-16:48:01 1237 anvil -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28592 4260 00:00:00 3-07:47:38 1696 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28592 4316 00:00:00 3-07:47:37 1699 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28592 4316 00:00:00 3-07:47:36 1704 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9468 00:00:00 20:20 1819 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 58656 50184 00:00:04 06:05:12 1831 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 62504 54132 00:00:05 06:05:10 1832 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 58656 46796 00:00:00 06:05:10 1833 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6724 2280 00:00:00 16:56 2109 dovecot/ssl-params cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9204 00:00:00 16:43 2117 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9536 00:00:00 09:02 2903 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14740 9496 00:00:00 03:03 3483 smtpd -n smtps -t inet -u -o stress= -s 2 -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10104 5504 00:00:00 00:02 3844 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3140 00:00:00 00:02 3845 sshd: [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2704 00:00:00 00:01 3951 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2856 1796 00:00:00 00:01 3973 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 2016 00:00:00 05:42:14 3983 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 1992 00:00:00 05:42:14 3984 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 1972 00:00:00 05:42:14 3985 dovecot/log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28592 4264 00:00:00 2-13:01:27 12586 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28592 4264 00:00:00 2-13:01:27 12587 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5504 00:00:00 01:26:34 28233 pickup -l -t fifo -u Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2023-04-13 06:42 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c22650d9d467Found public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1816 00:01:04 112-14:18:05 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 112-14:18:05 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 112-14:18:05 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 956 00:00:00 112-14:18:00 238 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 3916 00:42:01 112-14:17:59 626 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 1924 04:46:36 112-14:17:57 651 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1688 00:01:01 112-14:17:57 662 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3976 00:15:45 112-14:17:57 690 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10052 4152 00:15:53 112-14:17:57 691 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4776 00:19:36 112-14:17:54 788 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4940 00:00:08 112-14:17:54 800 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 28288 8956 00:10:53 112-14:17:54 801 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6808 1772 00:01:51 112-14:17:54 813 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1116 00:00:00 112-14:17:54 821 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1280 00:00:00 112-14:17:54 822 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13012 5052 00:00:36 112-14:17:50 828 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 29000 6628 00:00:02 3-16:04:19 6673 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13016 4800 00:02:53 48-01:16:40 7504 anvil -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28424 5852 00:00:00 05:05:09 11300 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28424 5984 00:00:00 05:05:08 11311 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6724 2448 00:00:00 01:34:02 14418 dovecot/ssl-params cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14740 9388 00:00:01 01:02:34 15280 smtpd -n smtps -t inet -u -o stress= -s 2 -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5488 00:00:00 45:55 15655 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9200 00:00:00 30:24 15868 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9372 00:00:00 29:47 15886 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14740 9416 00:00:00 26:55 15908 smtpd -n smtps -t inet -u -o stress= -s 2 -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9508 00:00:00 14:52 16017 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14740 9476 00:00:00 10:57 16041 smtpd -n smtps -t inet -u -o stress= -s 2 -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9352 00:00:00 09:37 16069 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14740 9464 00:00:00 04:30 16101 smtpd -n smtps -t inet -u -o stress= -s 2 -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2672 00:00:00 00:01 16219 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2860 1776 00:00:00 00:01 16241 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 29000 6664 00:00:01 4-23:15:04 17004 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28424 5608 00:00:01 4-22:04:25 17618 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 58560 30416 00:01:55 10-20:47:31 19230 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 66528 51172 00:00:25 10-20:47:29 19231 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 58560 28940 00:00:00 10-20:47:29 19232 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 1856 00:00:13 21:25:02 29400 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 2000 00:00:00 21:25:02 29402 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 1976 00:00:00 21:25:02 29403 dovecot/log Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2023-03-16 23:25 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c226404bb9abFound public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1668 00:00:55 97-13:23:37 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 97-13:23:37 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 97-13:23:37 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 956 00:00:00 97-13:23:32 238 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 3936 00:29:07 97-13:23:31 626 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 1952 04:16:20 97-13:23:29 651 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1740 00:01:01 97-13:23:29 662 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 4004 00:12:54 97-13:23:29 690 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 4012 00:13:01 97-13:23:29 691 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4792 00:16:06 97-13:23:26 788 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4940 00:00:07 97-13:23:26 800 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 28204 8376 00:09:23 97-13:23:26 801 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6808 1756 00:01:39 97-13:23:26 813 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1116 00:00:00 97-13:23:26 821 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1280 00:00:00 97-13:23:26 822 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13012 5060 00:00:22 97-13:23:22 828 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28340 5640 00:00:00 04:58:42 4115 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5476 00:00:00 38:53 7213 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9400 00:00:00 34:07 7236 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9288 00:00:00 31:31 7250 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9504 00:00:00 24:24 7318 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13016 4828 00:02:03 33-00:22:12 7504 anvil -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14740 9568 00:00:00 00:51 7561 smtpd -n smtps -t inet -u -o stress= -s 2 -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14740 9412 00:00:00 00:45 7565 smtpd -n smtps -t inet -u -o stress= -s 2 -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14740 9376 00:00:00 00:43 7566 smtpd -n smtps -t inet -u -o stress= -s 2 -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2700 00:00:00 00:02 7752 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2856 1752 00:00:00 00:02 7774 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28340 5128 00:00:00 3-21:50:39 7801 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28340 4828 00:00:00 3-17:01:22 11317 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28340 5056 00:00:00 3-17:01:20 11322 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28340 4968 00:00:00 3-17:01:20 11323 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 58604 49972 00:00:10 21:16:12 25849 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 61120 51616 00:00:03 21:16:09 25850 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 58604 46676 00:00:00 21:16:09 25851 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 1936 00:00:00 20:30:22 26577 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 1964 00:00:00 20:30:22 26579 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 2172 00:00:00 20:30:22 26580 dovecot/log Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2023-03-01 22:30 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c2268c9a1b03Found public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1708 00:00:53 93-13:58:38 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 93-13:58:38 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 93-13:58:38 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 956 00:00:00 93-13:58:33 238 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28288 4704 00:00:00 6-22:41:25 506 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 4236 00:26:18 93-13:58:32 626 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 1952 04:05:59 93-13:58:30 651 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1740 00:01:01 93-13:58:30 662 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 4004 00:12:08 93-13:58:30 690 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 4012 00:12:15 93-13:58:30 691 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4792 00:14:34 93-13:58:27 788 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4940 00:00:06 93-13:58:27 800 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 28156 8132 00:09:00 93-13:58:27 801 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6808 1804 00:01:34 93-13:58:27 813 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1116 00:00:00 93-13:58:27 821 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1280 00:00:00 93-13:58:27 822 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13012 5060 00:00:19 93-13:58:23 828 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28288 4680 00:00:00 6-21:00:17 2125 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5456 00:00:00 01:38:03 4307 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28288 4840 00:00:00 5-02:07:10 5382 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28288 4752 00:00:00 5-02:07:10 5383 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14740 9436 00:00:00 31:32 5686 smtpd -n smtps -t inet -u -o stress= -s 2 -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9228 00:00:00 17:06 6054 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9420 00:00:00 15:47 6094 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9220 00:00:00 15:47 6098 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9304 00:00:00 14:47 6133 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14740 9644 00:00:00 07:35 6278 smtpd -n smtps -t inet -u -o stress= -s 2 -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14740 9496 00:00:00 07:31 6280 smtpd -n smtps -t inet -u -o stress= -s 2 -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9556 00:00:00 06:34 6291 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9336 00:00:00 04:02 6360 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14740 9556 00:00:00 02:28 6384 smtpd -n smtps -t inet -u -o stress= -s 2 -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14740 9680 00:00:00 02:27 6386 smtpd -n smtps -t inet -u -o stress= -s 2 -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2696 00:00:00 00:01 6609 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2860 1740 00:00:00 00:01 6631 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13016 4828 00:01:49 29-00:57:13 7504 anvil -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 58596 50128 00:00:10 21:34:24 23089 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 58596 46740 00:00:00 21:34:22 23090 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 58596 46740 00:00:00 21:34:22 23091 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 1856 00:00:00 21:05:27 23651 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 1944 00:00:00 21:05:27 23653 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 2124 00:00:00 21:05:27 23654 dovecot/log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28288 4788 00:00:00 5-20:23:41 24999 /usr/sbin/httpd Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2023-02-25 23:05 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c226880a125aFound public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1720 00:00:50 88-11:17:36 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 88-11:17:36 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 88-11:17:36 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 956 00:00:00 88-11:17:31 238 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28288 5660 00:00:00 1-20:00:23 506 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 4408 00:22:02 88-11:17:30 626 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 1952 03:46:05 88-11:17:28 651 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1844 00:01:01 88-11:17:28 662 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10052 4172 00:10:40 88-11:17:28 690 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10052 4180 00:10:46 88-11:17:28 691 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4792 00:12:22 88-11:17:25 788 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4940 00:00:06 88-11:17:25 800 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 28156 11208 00:08:28 88-11:17:25 801 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6808 1808 00:01:26 88-11:17:25 813 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1116 00:00:00 88-11:17:25 821 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1280 00:00:00 88-11:17:25 822 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13012 5068 00:00:15 88-11:17:21 828 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28288 5672 00:00:00 1-18:19:15 2125 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14740 9664 00:00:01 01:05:36 3888 smtpd -n smtps -t inet -u -o stress= -s 2 -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14740 9388 00:00:01 45:56 4041 smtpd -n smtps -t inet -u -o stress= -s 2 -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 4724 3884 00:00:00 36:35 4113 dovecot/config cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 9084 5332 00:00:00 36:35 4114 dovecot/auth cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6724 2440 00:00:00 36:35 4115 dovecot/ssl-params cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9416 00:00:00 25:09 4250 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9304 00:00:00 22:28 4311 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5564 00:00:00 21:02 4321 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9444 00:00:00 13:44 4348 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9432 00:00:00 09:49 4364 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14740 9500 00:00:00 09:20 4394 smtpd -n smtps -t inet -u -o stress= -s 2 -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14740 9380 00:00:00 01:19 4435 smtpd -n smtps -t inet -u -o stress= -s 2 -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12924 5536 00:00:00 01:19 4436 proxymap -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 11256 6388 00:00:00 00:10 4444 sshd: root [priv] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3204 00:00:00 00:10 4445 sshd: root [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2700 00:00:00 00:02 4610 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2856 1812 00:00:00 00:02 4632 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13016 4872 00:01:23 23-22:16:11 7504 anvil -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 58520 49976 00:00:09 18:47:33 23937 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 71120 62672 00:00:03 18:47:31 23938 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 58520 46944 00:00:00 18:47:31 23939 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 1896 00:00:00 18:24:15 24354 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 1964 00:00:00 18:24:15 24355 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 2124 00:00:00 18:24:15 24356 dovecot/log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28288 5820 00:00:00 17:42:39 24999 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28288 5820 00:00:00 06:41:12 31835 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28288 5776 00:00:00 06:41:11 31837 /usr/sbin/httpd Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2023-02-20 20:24 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c22675ba4041Found public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1600 00:00:44 78-10:06:06 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 78-10:06:06 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 78-10:06:06 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 956 00:00:00 78-10:06:01 238 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 4248 00:15:30 78-10:06:00 626 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 1956 03:06:43 78-10:05:58 651 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1740 00:01:00 78-10:05:58 662 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10052 4172 00:07:49 78-10:05:58 690 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10052 4180 00:07:53 78-10:05:58 691 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4792 00:08:08 78-10:05:55 788 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4944 00:00:05 78-10:05:55 800 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 28024 8136 00:07:24 78-10:05:55 801 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6808 1812 00:01:08 78-10:05:55 813 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1116 00:00:00 78-10:05:55 821 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1280 00:00:00 78-10:05:55 822 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13012 5068 00:00:10 78-10:05:51 828 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12936 4772 00:00:34 13-21:04:41 7504 anvil -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 58508 49636 00:00:09 17:55:13 7551 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 58508 46596 00:00:00 17:55:11 7552 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 58508 46608 00:00:00 17:55:11 7553 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 1864 00:00:02 17:12:36 8068 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 1992 00:00:00 17:12:36 8070 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 2068 00:00:00 17:12:36 8071 dovecot/log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14740 9616 00:00:00 43:12 20307 smtpd -n smtps -t inet -u -o stress= -s 2 -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6724 2452 00:00:00 36:03 20392 dovecot/ssl-params cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9320 00:00:00 18:08 20483 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5608 00:00:00 15:43 20499 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9264 00:00:00 15:40 20500 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9420 00:00:00 11:37 20538 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9196 00:00:00 03:54 20566 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9360 00:00:00 01:46 20584 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10104 5448 00:00:00 00:02 20600 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3228 00:00:00 00:02 20601 sshd: [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2716 00:00:00 00:01 20690 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2860 1788 00:00:00 00:01 20712 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28156 4864 00:00:00 5-04:27:26 25612 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28156 4904 00:00:00 3-05:07:45 25864 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28156 4904 00:00:00 3-05:07:43 25865 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28156 4904 00:00:00 3-05:07:43 25866 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28156 4824 00:00:00 5-03:17:42 26339 /usr/sbin/httpd Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2023-02-10 19:12 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c226cf710247Found public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1648 00:00:42 73-18:07:03 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 73-18:07:03 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 73-18:07:03 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 956 00:00:00 73-18:06:58 238 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 58460 49944 00:00:02 01:22:00 603 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 58460 46936 00:00:00 01:21:57 604 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 58460 46936 00:00:00 01:21:57 605 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 4372 00:13:37 73-18:06:57 626 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5492 00:00:00 01:19:46 640 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 1956 02:56:31 73-18:06:55 651 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1844 00:01:00 73-18:06:55 662 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 4004 00:06:53 73-18:06:55 690 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10052 4180 00:06:57 73-18:06:55 691 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 1868 00:00:00 01:13:38 722 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 1904 00:00:00 01:13:38 724 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 2076 00:00:00 01:13:38 725 dovecot/log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 4724 3864 00:00:00 01:13:38 727 dovecot/config cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4792 00:07:16 73-18:06:52 788 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4944 00:00:05 73-18:06:52 800 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 28024 14640 00:06:56 73-18:06:52 801 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6808 1812 00:01:03 73-18:06:52 813 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1116 00:00:00 73-18:06:52 821 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1280 00:00:00 73-18:06:52 822 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13012 5076 00:00:08 73-18:06:48 828 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14740 9476 00:00:01 52:11 911 smtpd -n smtps -t inet -u -o stress= -s 2 -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9328 00:00:00 17:40 1078 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9424 00:00:00 14:06 1082 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 5348 00:00:00 01:41 1160 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 5272 00:00:00 01:31 1161 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 5220 00:00:00 01:20 1162 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 5376 00:00:00 01:07 1163 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2712 00:00:00 00:01 1316 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2860 1816 00:00:00 00:01 1338 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12936 4796 00:00:18 9-05:05:38 7504 anvil -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28156 6440 00:00:00 12:28:23 25612 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28156 6460 00:00:00 12:28:22 25615 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28156 6440 00:00:00 11:18:39 26339 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28156 6460 00:00:00 11:18:38 26340 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28156 6460 00:00:00 11:18:37 26343 /usr/sbin/httpd Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2023-02-06 03:13 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c226353c80aaFound public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1672 00:00:40 68-21:16:43 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 68-21:16:43 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 68-21:16:43 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 956 00:00:00 68-21:16:38 238 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 4328 00:11:52 68-21:16:37 626 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 1956 02:51:01 68-21:16:35 651 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1740 00:01:00 68-21:16:35 662 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 4004 00:06:11 68-21:16:35 690 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 4012 00:06:14 68-21:16:35 691 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4792 00:06:54 68-21:16:32 788 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4944 00:00:05 68-21:16:32 800 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 28024 7924 00:06:31 68-21:16:32 801 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6808 1812 00:01:02 68-21:16:32 813 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1116 00:00:00 68-21:16:32 821 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1280 00:00:00 68-21:16:32 822 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13012 5076 00:00:07 68-21:16:28 828 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12936 4804 00:00:07 4-08:15:18 7504 anvil -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 58404 49832 00:00:03 04:56:00 10560 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 61092 51520 00:00:03 04:55:58 10561 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 58404 46548 00:00:00 04:55:58 10562 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 1888 00:00:00 04:23:09 11236 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 1996 00:00:00 04:23:09 11238 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 2128 00:00:00 04:23:09 11239 dovecot/log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 9084 5236 00:00:00 58:26 15624 dovecot/auth cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6724 2476 00:00:00 58:26 15625 dovecot/ssl-params cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5540 00:00:00 42:39 15892 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9536 00:00:00 05:32 16493 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9296 00:00:00 00:59 16568 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10104 5428 00:00:00 00:03 16582 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3208 00:00:00 00:03 16583 sshd: [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2768 00:00:00 00:02 16672 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2860 1796 00:00:00 00:02 16694 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28160 4800 00:00:00 3-05:35:12 28875 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28160 4792 00:00:00 3-04:25:47 30400 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28160 4824 00:00:00 3-01:25:58 32506 /usr/sbin/httpd Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2023-02-01 06:23 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c226d01c9d09Found public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1800 00:00:35 61-06:07:57 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 61-06:07:57 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 61-06:07:57 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 956 00:00:00 61-06:07:52 238 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 58412 49896 00:00:07 13:24:06 303 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 60788 51256 00:00:03 13:24:04 305 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 58412 46664 00:00:00 13:24:04 306 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 1980 00:00:00 13:14:23 428 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 2052 00:00:00 13:14:23 430 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 2120 00:00:00 13:14:23 431 dovecot/log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 4300 00:10:52 61-06:07:51 626 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 1956 02:25:39 61-06:07:49 651 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1740 00:01:00 61-06:07:49 662 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 4004 00:05:31 61-06:07:49 690 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 3936 00:05:33 61-06:07:49 691 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4796 00:05:54 61-06:07:46 788 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4944 00:00:04 61-06:07:46 800 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 28024 9328 00:05:46 61-06:07:46 801 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6808 1812 00:00:53 61-06:07:46 813 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1116 00:00:00 61-06:07:46 821 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1280 00:00:00 61-06:07:46 822 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13012 5096 00:00:06 61-06:07:42 828 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12936 5616 00:00:00 03:23:38 6489 anvil -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28024 6000 00:00:00 1-22:14:59 7312 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9432 00:00:00 01:02:39 8172 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14696 9364 00:00:00 47:41 8405 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5608 00:00:00 30:53 8673 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6724 2424 00:00:00 19:13 8814 dovecot/ssl-params cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14740 9496 00:00:00 08:50 8948 smtpd -n smtps -t inet -u -o stress= -s 2 -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2648 00:00:00 00:02 9138 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2864 1760 00:00:00 00:02 9160 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28024 6164 00:00:00 1-09:29:30 16660 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28024 5924 00:00:00 2-14:28:25 32194 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28024 6104 00:00:00 2-14:27:24 32346 /usr/sbin/httpd Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2023-01-24 15:14 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c2266c9528d2Found public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1884 00:00:33 55-17:42:32 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 55-17:42:32 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 55-17:42:32 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 956 00:00:00 55-17:42:27 238 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 4004 00:09:46 55-17:42:26 626 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 1960 02:10:15 55-17:42:24 651 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1740 00:01:00 55-17:42:24 662 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10052 4176 00:04:53 55-17:42:24 690 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 4016 00:04:55 55-17:42:24 691 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4800 00:05:08 55-17:42:21 788 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4944 00:00:04 55-17:42:21 800 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 27892 10380 00:05:14 55-17:42:21 801 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6808 1816 00:00:49 55-17:42:21 813 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1116 00:00:00 55-17:42:21 821 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1280 00:00:00 55-17:42:21 822 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13012 5100 00:00:06 55-17:42:17 828 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28028 6384 00:00:00 4-02:10:57 7162 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 58408 49944 00:00:03 01:32:22 12366 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 58408 46912 00:00:00 01:32:20 12367 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 58408 46912 00:00:00 01:32:20 12368 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5476 00:00:00 01:05:20 13072 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28028 6496 00:00:00 3-16:06:04 13670 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12936 4908 00:00:11 6-07:03:34 13769 anvil -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 1976 00:00:00 48:40 13973 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 1992 00:00:00 48:40 13975 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 1976 00:00:00 48:40 13976 dovecot/log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 4724 3840 00:00:00 48:40 13978 dovecot/config cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14756 9504 00:00:00 31:39 14498 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9356 00:00:00 24:41 14558 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9372 00:00:00 22:35 14584 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10104 5488 00:00:00 00:02 14828 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3208 00:00:00 00:02 14829 sshd: [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2688 00:00:00 00:01 14959 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2860 1816 00:00:00 00:01 14981 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28028 6548 00:00:00 3-07:32:59 21118 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28028 6620 00:00:00 3-07:32:59 21120 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28028 6548 00:00:00 1-00:19:05 30258 /usr/sbin/httpd Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2023-01-19 02:49 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c2269c400822Found public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1828 00:00:16 28-22:57:54 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 28-22:57:54 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 28-22:57:54 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 956 00:00:00 28-22:57:49 238 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 4172 00:04:07 28-22:57:48 626 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 1960 01:01:50 28-22:57:46 651 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1788 00:01:00 28-22:57:46 662 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 4012 00:01:47 28-22:57:46 690 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 4016 00:01:48 28-22:57:46 691 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4796 00:02:21 28-22:57:43 788 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4944 00:00:02 28-22:57:43 800 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 27760 9004 00:02:43 28-22:57:43 801 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6808 1828 00:00:23 28-22:57:43 813 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1116 00:00:00 28-22:57:43 821 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1280 00:00:00 28-22:57:43 822 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13012 5160 00:00:02 28-22:57:39 828 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 58428 50040 00:00:06 06:43:58 4876 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 62336 54052 00:00:04 06:43:51 4878 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 58428 46768 00:00:00 06:43:50 4882 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 1856 00:00:01 06:03:57 5390 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 1976 00:00:00 06:03:57 5392 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 2188 00:00:00 06:03:55 5393 dovecot/log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 4724 3892 00:00:00 01:07:51 9748 dovecot/config cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 9084 5120 00:00:00 01:07:51 9749 dovecot/auth cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9360 00:00:00 33:13 10810 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9520 00:00:00 19:17 11222 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5456 00:00:00 16:51 11335 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9324 00:00:00 13:34 11446 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9388 00:00:00 05:00 11613 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10104 5184 00:00:00 00:05 11721 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3224 00:00:00 00:02 11722 sshd: [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2696 00:00:00 00:01 11852 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2864 1772 00:00:00 00:01 11874 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 27892 5524 00:00:00 3-09:20:29 15058 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 27892 5508 00:00:00 5-07:15:58 17948 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 27892 5532 00:00:00 5-07:14:58 17960 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 27892 5664 00:00:00 4-18:37:09 25315 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12936 4784 00:00:11 10-16:24:59 27653 anvil -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 27892 5516 00:00:00 2-08:29:43 31164 /usr/sbin/httpd Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2022-12-23 08:04 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c22649b5216dFound public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1716 00:00:06 11-15:34:10 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 11-15:34:10 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 11-15:34:10 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 956 00:00:00 11-15:34:05 238 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 4272 00:01:31 11-15:34:04 626 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 1960 00:16:57 11-15:34:02 651 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1840 00:00:59 11-15:34:02 662 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 4012 00:00:54 11-15:34:02 690 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 4016 00:00:54 11-15:34:02 691 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4796 00:00:47 11-15:33:59 788 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4944 00:00:00 11-15:33:59 800 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 27628 14488 00:01:00 11-15:33:59 801 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6808 1848 00:00:05 11-15:33:59 813 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1116 00:00:00 11-15:33:59 821 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1280 00:00:00 11-15:33:59 822 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13012 5300 00:00:00 11-15:33:55 828 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13052 5044 00:00:13 11-15:33:55 829 anvil -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 58480 50040 00:00:11 23:00:18 1436 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 65504 57412 00:00:04 23:00:16 1437 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 58480 46816 00:00:00 23:00:16 1438 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 1816 00:00:00 22:40:07 1780 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 1904 00:00:00 22:40:07 1782 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 2088 00:00:00 22:40:07 1783 dovecot/log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 27760 6788 00:00:00 22:14:48 2187 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 27760 6736 00:00:00 09:31:32 8714 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5564 00:00:00 21:13 12944 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9520 00:00:00 02:40 13147 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9528 00:00:00 01:33 13159 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2612 00:00:00 00:01 13295 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2864 1844 00:00:00 00:01 13317 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 27760 6644 00:00:00 2-00:16:07 15058 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 27760 6728 00:00:00 2-00:11:16 15137 /usr/sbin/httpd Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2022-12-06 00:40 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c2260b887140Found public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1720 00:00:04 7-20:41:37 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 7-20:41:37 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 7-20:41:37 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 956 00:00:00 7-20:41:32 238 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 4244 00:01:02 7-20:41:31 626 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 1960 00:15:50 7-20:41:29 651 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1840 00:00:59 7-20:41:29 662 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 4020 00:00:39 7-20:41:29 690 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 4024 00:00:39 7-20:41:29 691 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4828 00:00:39 7-20:41:26 788 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4964 00:00:00 7-20:41:26 800 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 27628 8348 00:00:39 7-20:41:26 801 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6808 1880 00:00:04 7-20:41:26 813 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1116 00:00:00 7-20:41:26 821 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1284 00:00:00 7-20:41:26 822 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5112 00:00:00 7-20:41:22 828 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13016 4916 00:00:10 7-20:41:22 829 anvil -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 58400 49772 00:00:12 1-03:09:11 2405 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 60472 50792 00:00:03 1-03:09:08 2406 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 58400 46820 00:00:00 1-03:09:08 2407 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 1908 00:00:00 03:47:28 18761 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 1948 00:00:00 03:47:28 18763 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 1912 00:00:00 03:47:28 18764 dovecot/log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 27764 5240 00:00:00 02:16:37 19232 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 27764 4800 00:00:00 5-04:18:59 19691 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 27764 4800 00:00:00 5-04:18:58 19692 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 27764 4800 00:00:00 5-04:18:58 19693 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 4724 3900 00:00:00 01:09:37 20005 dovecot/config cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 9084 5256 00:00:00 01:09:37 20006 dovecot/auth cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5628 00:00:00 58:53 20108 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9312 00:00:00 23:02 20588 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9380 00:00:00 09:56 20815 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2652 00:00:00 00:02 21025 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2860 1808 00:00:00 00:02 21047 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 27764 4876 00:00:00 1-07:39:19 32237 /usr/sbin/httpd Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2022-12-02 05:47 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c226dc2a6c9cFound public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1340 00:02:42 277-23:50:29 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 277-23:50:29 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 277-23:50:29 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 960 00:00:00 277-23:50:25 235 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 4468 01:25:50 277-23:50:24 623 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 2116 02:18:41 277-23:50:22 648 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1812 00:31:05 277-23:50:22 659 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10052 4196 00:53:58 277-23:50:22 687 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 4004 00:53:32 277-23:50:22 688 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4952 00:23:13 277-23:50:17 787 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4872 00:00:22 277-23:50:17 799 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 29304 13024 00:20:38 277-23:50:17 800 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6812 1692 00:01:39 277-23:50:17 812 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1140 00:00:00 277-23:50:17 820 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1348 00:00:00 277-23:50:17 821 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13020 5100 00:00:48 277-23:50:10 825 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13016 4960 00:02:24 37-11:59:22 13086 anvil -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9316 00:00:00 19:51 13518 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9444 00:00:00 17:08 13786 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9320 00:00:00 17:08 13788 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 29440 5424 00:00:00 3-02:17:10 13924 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9316 00:00:00 13:57 14036 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9484 00:00:00 12:09 14216 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9276 00:00:00 10:42 14305 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9368 00:00:00 08:56 14475 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9196 00:00:00 08:30 14487 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9332 00:00:00 06:23 14663 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5620 00:00:00 04:04 14925 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 58472 49984 00:00:04 05:54:41 14938 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 58472 46680 00:00:00 05:54:39 14939 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 58472 46680 00:00:00 05:54:39 14940 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2684 00:00:00 00:01 15407 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2860 1756 00:00:00 00:01 15429 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 1904 00:00:00 05:48:44 15539 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 1976 00:00:00 05:48:44 15541 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 2096 00:00:00 05:48:44 15542 dovecot/log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 29440 5444 00:00:00 3-06:32:39 22098 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 29440 5472 00:00:00 1-03:01:00 26858 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 29440 5488 00:00:00 1-03:01:00 26859 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 29440 5488 00:00:00 1-03:00:59 26860 /usr/sbin/httpd Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2022-11-09 07:48 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c2268c1a4597Found public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1340 00:02:30 253-15:43:17 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 253-15:43:17 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 253-15:43:17 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 960 00:00:00 253-15:43:13 235 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 4356 01:16:27 253-15:43:12 623 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 2116 01:41:38 253-15:43:10 648 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1812 00:22:52 253-15:43:10 659 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 4008 00:46:43 253-15:43:10 687 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 4004 00:46:20 253-15:43:10 688 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4952 00:18:47 253-15:43:05 787 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4888 00:00:20 253-15:43:05 799 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 29176 14084 00:18:34 253-15:43:05 800 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6812 1696 00:01:21 253-15:43:05 812 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1140 00:00:00 253-15:43:05 820 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1348 00:00:00 253-15:43:05 821 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13020 5136 00:00:44 253-15:42:58 825 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 4724 3900 00:00:00 18:04 1178 dovecot/config cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 9084 5252 00:00:00 18:04 1179 dovecot/auth cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6724 2288 00:00:00 18:04 1180 dovecot/ssl-params cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14740 9660 00:00:00 12:13 1714 smtpd -n smtps -t inet -u -o stress= -s 2 -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 29312 6432 00:00:00 07:19 2269 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9304 00:00:00 04:48 2592 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10104 5440 00:00:00 02:01 2872 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10104 5168 00:00:00 02:01 2874 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10104 5300 00:00:00 02:01 2875 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10104 5416 00:00:00 02:01 2876 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10104 5172 00:00:00 02:01 2877 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10104 5264 00:00:00 02:01 2879 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10104 5296 00:00:00 02:01 2880 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10104 5216 00:00:00 02:01 2881 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10104 5164 00:00:00 02:01 2882 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10104 5332 00:00:00 02:01 2883 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10104 5308 00:00:00 02:01 2884 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10104 5452 00:00:00 02:01 2885 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10104 5176 00:00:00 02:01 2886 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3212 00:00:00 02:01 2891 sshd: [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3232 00:00:00 02:01 2892 sshd: [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3176 00:00:00 02:01 2894 sshd: [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3192 00:00:00 02:01 2895 sshd: [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3156 00:00:00 02:01 2896 sshd: [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3180 00:00:00 02:00 2898 sshd: [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3324 00:00:00 02:00 2899 sshd: [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3220 00:00:00 02:00 2900 sshd: [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3200 00:00:00 02:00 2901 sshd: [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3204 00:00:00 02:00 2902 sshd: [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3136 00:00:00 02:00 2904 sshd: [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3200 00:00:00 02:00 2905 sshd: [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3212 00:00:00 02:00 2906 sshd: [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 5176 00:00:00 01:59 2907 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 10104 5376 00:00:00 01:59 2908 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ sshd 10104 3164 00:00:00 01:59 2909 sshd: [net] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 29312 6456 00:00:00 01:10 3004 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2672 00:00:00 00:02 3177 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2860 1812 00:00:00 00:02 3199 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 58528 48776 00:00:11 22:47:18 5078 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 60268 49916 00:00:02 22:47:16 5079 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 58528 45768 00:00:00 22:47:16 5080 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 1904 00:00:00 22:41:18 5805 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 1948 00:00:00 22:41:18 5807 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 2028 00:00:00 22:41:18 5808 dovecot/log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13128 5024 00:00:28 13-03:52:10 13086 anvil -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5600 00:00:00 01:02:15 29440 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9464 00:00:00 51:28 30447 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9172 00:00:00 49:17 30743 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2022-10-15 23:41 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c2260508efbdFound public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1340 00:02:20 235-20:18:49 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 235-20:18:49 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 235-20:18:49 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 960 00:00:00 235-20:18:45 235 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 4200 01:12:34 235-20:18:44 623 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 2116 01:19:50 235-20:18:42 648 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1812 00:16:14 235-20:18:42 659 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 4004 00:44:49 235-20:18:42 687 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 4000 00:44:27 235-20:18:42 688 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4952 00:16:19 235-20:18:37 787 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4776 00:00:18 235-20:18:37 799 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 29048 9424 00:17:09 235-20:18:37 800 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6812 1696 00:01:05 235-20:18:37 812 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1140 00:00:00 235-20:18:37 820 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1348 00:00:00 235-20:18:37 821 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13020 5072 00:00:40 235-20:18:30 825 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5532 00:00:00 41:45 6908 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6724 2348 00:00:00 40:34 7090 dovecot/ssl-params cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12936 5576 00:00:00 06:01 10134 anvil -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 5228 00:00:00 01:57 10491 sshd: [accepted] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14740 9388 00:00:00 00:56 10600 smtpd -n smtps -t inet -u -o stress= -s 2 -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2672 00:00:00 00:02 10809 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2864 1804 00:00:00 00:02 10831 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 29184 3580 00:00:00 05:50:47 10849 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 29184 3592 00:00:00 05:19:44 13578 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 29184 3592 00:00:00 05:19:43 13579 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 58396 49928 00:00:13 1-02:38:00 24962 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 64304 55768 00:00:06 1-02:37:58 24963 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 58396 46540 00:00:00 1-02:37:58 24964 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 1968 00:00:00 03:16:36 25467 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 1984 00:00:00 03:16:36 25469 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 2192 00:00:00 03:16:36 25470 dovecot/log cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 29184 3592 00:00:00 03:16:21 25560 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 29184 3396 00:00:00 13:47:04 30910 /usr/sbin/httpd Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2022-09-28 04:16 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb7781e0e4f8c396bfa43932d3b9b1c2266a8e875fFound public CheckMk agent: Version: 1.6.0p2 AgentOS: linux Hostname: gofter.org AgentDirectory: /etc/check_mk DataDirectory: /var/lib/check_mk_agent SpoolDirectory: /var/lib/check_mk_agent/spool PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local OnlyFrom: Found linux process list through CheckMk: [header] CGROUP USER VSZ RSS TIME ELAPSED PID COMMAND cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2948 1828 00:01:28 133-14:50:23 1 init cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 133-14:50:23 2 [kthreadd/10046] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 0 0 00:00:00 133-14:50:23 3 [khelper] cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2516 960 00:00:00 133-14:50:19 235 /sbin/udevd -d cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 24048 4444 00:38:04 133-14:50:18 623 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 8760 2124 00:18:30 133-14:50:16 648 /usr/sbin/sshd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2944 1812 00:02:26 133-14:50:16 659 xinetd -stayalive -pidfile /var/run/xinetd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 4008 00:23:30 133-14:50:16 687 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 9804 4008 00:23:18 133-14:50:16 688 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 12868 4944 00:06:44 133-14:50:11 787 /usr/libexec/postfix/master cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 13116 4864 00:00:10 133-14:50:11 799 qmgr -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 28416 13984 00:09:03 133-14:50:11 800 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 6812 1704 00:00:16 133-14:50:11 812 crond cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1140 00:00:00 133-14:50:11 820 /sbin/mingetty console cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2056 1348 00:00:00 133-14:50:11 821 /sbin/mingetty tty2 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5056 00:00:20 133-14:50:04 825 tlsmgr -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 58644 50120 00:00:11 20:52:11 5545 /usr/bin/spamd -d -c -m5 --username spamfilter -H /usr/local/spamassassin -s /usr/local/spamassassin/spamfilter.log -r /var/run/spamd.pid cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 62944 54572 00:00:34 20:52:09 5550 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ spamfilter 61616 53368 00:00:00 20:52:09 5551 spamd child cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28552 6080 00:00:00 01:51:50 16562 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28552 6080 00:00:00 01:51:49 16563 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28552 5984 00:00:00 01:43:20 17452 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12944 5456 00:00:00 48:58 22476 pickup -l -t fifo -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28552 6080 00:00:00 5-10:33:47 26432 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ apache 28552 6080 00:00:00 5-10:33:47 26434 /usr/sbin/httpd cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 14616 9368 00:00:00 06:41 26517 smtpd -n smtp -t inet -u -o stress= -s 2 -o content_filter=spamassassin cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ postfix 12936 5436 00:00:00 06:40 26519 anvil -l -t unix -u cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 5184 2684 00:00:00 00:01 27271 /bin/bash /usr/bin/check_mk_agent cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2864 1748 00:00:00 00:01 27293 ps ax -o cgroup:512,user:32,vsz,rss,cputime,etime,pid,command --columns 10000 cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2928 2012 00:00:00 21:46:58 32625 /usr/sbin/dovecot cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ dovecot 2788 1976 00:00:00 21:46:58 32627 dovecot/anvil cpuset:/;devices:/;freezer:/;perf_event:/;net_prio,net_cls:/;hugetlb:/;cpuacct,cpu:/;name=systemd:/;pids:/;memory:/;blkio:/ root 2784 2168 00:00:00 21:46:58 32628 dovecot/log Found network interfaces through CheckMk: [start_iplink] 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/void inet 127.0.0.1/32 scope host venet0 valid_lft forever preferred_lft forever inet 185.185.27.176/32 brd 185.185.27.176 scope global venet0:0 valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::3/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::2/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:7:7:7:7/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::1234/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9:13:37:13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::13:37/64 scope global valid_lft forever preferred_lft forever inet6 2a01:4f8:bc:ab9::6cdb/64 scope global valid_lft forever preferred_lft forever [end_iplink]Found on 2022-06-17 22:47
Domain summary
No record