Host 194.36.62.27
Germany
STARFACE GmbH
-
CheckMK monitoring endpoint publicly available
An open CheckMK agent is publicly available.
This could leak sensitive information such as :
- Process list ( maybe credentials )
- Network interfaces
- Running services
- Firewall rules
- Internal OS configuration
https://docs.checkmk.com/latest/en/wato_monitoringagents.html
First seen 2022-12-05 20:29
Last seen 2024-12-22 00:59
Open for 747 days-
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbdd10b2ab078d20ece547164709fb4086c5cd4b62Found public CheckMk agent: Version: 1.2.0p1 AgentOS: linux PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local AgentDirectory: /etc/check_mk Found process list through CheckMk: (root,19496,1328,0.0) /sbin/init (root,0,0,0.0) [kthreadd] (root,0,0,0.0) [migration/0] (root,0,0,0.0) [ksoftirqd/0] (root,0,0,0.0) [stopper/0] (root,0,0,0.0) [watchdog/0] (root,0,0,0.0) [migration/1] (root,0,0,0.0) [stopper/1] (root,0,0,0.0) [ksoftirqd/1] (root,0,0,0.0) [watchdog/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events_long/0] (root,0,0,0.0) [events_long/1] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [cgroup] (root,0,0,0.0) [khelper] (root,0,0,0.0) [netns] (root,0,0,0.0) [async/mgr] (root,0,0,0.0) [pm] (root,0,0,0.0) [sync_supers] (root,0,0,0.0) [bdi-default] (root,0,0,0.0) [kintegrityd/0] (root,0,0,0.0) [kintegrityd/1] (root,0,0,0.0) [kblockd/0] (root,0,0,0.0) [kblockd/1] (root,0,0,0.0) [kacpid] (root,0,0,0.0) [kacpi_notify] (root,0,0,0.0) [kacpi_hotplug] (root,0,0,0.0) [ata_aux] (root,0,0,0.0) [ata_sff/0] (root,0,0,0.0) [ata_sff/1] (root,0,0,0.0) [ksuspend_usbd] (root,0,0,0.0) [khubd] (root,0,0,0.0) [kseriod] (root,0,0,0.0) [md/0] (root,0,0,0.0) [md/1] (root,0,0,0.0) [md_misc/0] (root,0,0,0.0) [md_misc/1] (root,0,0,0.0) [linkwatch] (root,0,0,0.0) [khungtaskd] (root,0,0,0.0) [lru-add-drain/0] (root,0,0,0.0) [lru-add-drain/1] (root,0,0,0.0) [kswapd0] (root,0,0,0.0) [ksmd] (root,0,0,0.0) [khugepaged] (root,0,0,0.0) [aio/0] (root,0,0,0.0) [aio/1] (root,0,0,0.0) [crypto/0] (root,0,0,0.0) [crypto/1] (root,0,0,0.0) [kthrotld/0] (root,0,0,0.0) [kthrotld/1] (root,0,0,0.0) [kpsmoused] (root,0,0,0.0) [usbhid_resumer] (root,0,0,0.0) [deferwq] (root,0,0,0.0) [kdmremove] (root,0,0,0.0) [kstriped] (root,0,0,0.0) [scsi_eh_0] (root,0,0,0.0) [scsi_eh_1] (root,0,0,0.0) [virtio-blk] (root,0,0,0.0) [jbd2/vda1-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,10908,280,0.0) /sbin/udevd -d (root,0,0,0.0) [virtio-net] (root,0,0,0.0) [vballoon] (root,0,0,0.0) [kauditd] (root,0,0,0.0) [flush-252:0] (root,9116,228,0.0) /sbin/dhclient -H 10872 -1 -q -lf /var/lib/dhclient/dhclient-eth0.leases -pf /var/run/dhclient-eth0.pid eth0 (root,29764,696,0.0) auditd (root,251456,2928,0.0) /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 (root,18248,512,0.0) irqbalance --pid=/var/run/irqbalance.pid (root,10904,240,0.0) /sbin/udevd -d (root,10904,208,0.0) /sbin/udevd -d (dbus,21432,372,0.0) dbus-daemon --system (root,4076,512,0.0) /usr/sbin/acpid (postgres,288272,4232,0.0) /usr/bin/postmaster -p 5432 -D /var/lib/pgsql/data (root,81036,2972,0.0) /usr/libexec/postfix/master (postfix,81288,3076,0.0) qmgr -l -t fifo -u (tomcat,3814244,816856,0.2) /usr/lib/jvm/java/bin/java -Djavax.sql.DataSource.Factory=org.apache.commons.dbcp.BasicDataSourceFactory -Xmx1002M -XX:MaxDirectMemorySize=64M -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/home/starface/tomcat-jmv-dump.hprof -Dderby.storage.pageCacheSize=200 -XX:+UseParallelGC -Dorg.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH=true -Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true -Dorg.apache.tomcat.util.http.Parameters.MAX_COUNT=10000 -Djdk.tls.ephemeralDHKeySize=4096 -classpath :/usr/share/tomcat6/bin/bootstrap.jar:/usr/share/tomcat6/bin/tomcat-juli.jar:/usr/share/java/commons-daemon.jar -Dcatalina.base=/usr/share/tomcat6 -Dcatalina.home=/usr/share/tomcat6 -Djava.endorsed.dirs= -Djava.io.tmpdir=/var/cache/tomcat6/temp -Djava.util.logging.config.file=/usr/share/tomcat6/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager org.apache.catalina.startup.Bootstrap start (root,6740,300,0.0) /usr/sbin/gpm -m /dev/input/mice -t exps2 (root,116880,724,0.0) crond (root,21104,316,0.0) /usr/sbin/atd (uucp,165500,888,0.0) /usr/sbin/faxq (uucp,66168,808,0.0) /usr/sbin/hfaxd -l 127.0.0.1 -i hylafax (postgres,179180,696,0.0) postgres: logger process (postgres,288432,9812,0.0) postgres: writer process (postgres,288432,916,0.0) postgres: wal writer process (postgres,288568,1220,0.0) postgres: autovacuum launcher process (postgres,179488,888,0.0) postgres: stats collector process (asterisk,1388308,39948,0.4) /usr/sbin/asterisk -n (root,3013244,147164,0.0) java -jar /var/lib/watchdog/watchdog.jar (root,108352,1188,0.0) /bin/bash /usr/sbin/adminshell.sh (root,4060,460,0.0) /sbin/mingetty /dev/tty2 (root,4060,460,0.0) /sbin/mingetty /dev/tty3 (root,114552,768,0.0) dialog --msgbox ?You may now access the web-based interface by browsing to http://194.36.62.27 10 50 (root,4060,460,0.0) /sbin/mingetty /dev/tty4 (root,4060,460,0.0) /sbin/mingetty /dev/tty5 (root,4060,460,0.0) /sbin/mingetty /dev/tty6 (postgres,289672,4548,0.0) postgres: asterisk asterisk ::1(33370) idle (postgres,289816,5104,0.0) postgres: asterisk asterisk 127.0.0.1(54104) idle (daemon,3063920,276356,0.1) /usr/lib/jvm/java/bin/java -Djdk.tls.ephemeralDHKeySize=4096 -DopenfireHome=/opt/openfire -Dopenfire.lib.dir=/opt/openfire/lib -classpath /opt/openfire/lib/startup.jar -jar /opt/openfire/lib/startup.jar (ntp,30740,1556,0.0) ntpd -u ntp:ntp -p /var/run/ntpd.pid -g (postgres,295248,14328,0.0) postgres: asterisk asterisk 127.0.0.1(60366) idle (uucp,18168,920,0.0) /usr/sbin/iaxmodem ttyIAX1 (uucp,18168,920,0.0) /usr/sbin/iaxmodem ttyIAX10 (uucp,18172,920,0.0) /usr/sbin/iaxmodem ttyIAX2 (uucp,18168,920,0.0) /usr/sbin/iaxmodem ttyIAX3 (uucp,18164,912,0.0) /usr/sbin/iaxmodem ttyIAX4 (uucp,18168,916,0.0) /usr/sbin/iaxmodem ttyIAX5 (uucp,18164,916,0.0) /usr/sbin/iaxmodem ttyIAX6 (uucp,18164,924,0.0) /usr/sbin/iaxmodem ttyIAX7 (uucp,18172,960,0.0) /usr/sbin/iaxmodem ttyIAX8 (uucp,18168,920,0.0) /usr/sbin/iaxmodem ttyIAX9 (uucp,68672,1608,0.0) /usr/sbin/faxgetty ttyIAX1 (uucp,68672,1600,0.0) /usr/sbin/faxgetty ttyIAX10 (uucp,68672,1600,0.0) /usr/sbin/faxgetty ttyIAX2 (uucp,68672,1600,0.0) /usr/sbin/faxgetty ttyIAX3 (uucp,68672,1604,0.0) /usr/sbin/faxgetty ttyIAX4 (uucp,68672,1604,0.0) /usr/sbin/faxgetty ttyIAX5 (uucp,68672,1604,0.0) /usr/sbin/faxgetty ttyIAX6 (uucp,68752,1764,0.0) /usr/sbin/faxgetty ttyIAX7 (uucp,68752,1816,0.0) /usr/sbin/faxgetty ttyIAX8 (uucp,68672,1600,0.0) /usr/sbin/faxgetty ttyIAX9 (postgres,315660,76884,0.2) postgres: asterisk asterisk 127.0.0.1(39118) idle (postgres,290000,6120,0.0) postgres: asterisk asterisk 127.0.0.1(43290) idle (postfix,81116,3428,0.0) pickup -l -t fifo -u (postfix,81120,3476,0.0) showq -t unix -u (root,92544,2860,0.0) sudo /var/lib/tomcat6/webapps/localhost/starface/WEB-INF/system-scripts/check_mk_agent.sh (root,9240,1168,0.0) /bin/bash /var/lib/tomcat6/webapps/localhost/starface/WEB-INF/system-scripts/check_mk_agent.sh (root,13368,984,0.0) ps ax -o user,vsz,rss,pcpu,command --columns 10000 (root,8388,792,0.0) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4) / (postgres,294296,10340,0.0) postgres: asterisk asterisk 127.0.0.1(56460) idle (postgres,294544,10368,0.0) postgres: asterisk asterisk 127.0.0.1(56496) idle
Found on 2024-12-22 00:59 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbdd10b2ab078d20ece547164709fb408639a190afFound public CheckMk agent: Version: 1.2.0p1 AgentOS: linux PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local AgentDirectory: /etc/check_mk Found process list through CheckMk: (root,19496,1380,0.0) /sbin/init (root,0,0,0.0) [kthreadd] (root,0,0,0.0) [migration/0] (root,0,0,0.0) [ksoftirqd/0] (root,0,0,0.0) [stopper/0] (root,0,0,0.0) [watchdog/0] (root,0,0,0.0) [migration/1] (root,0,0,0.0) [stopper/1] (root,0,0,0.0) [ksoftirqd/1] (root,0,0,0.0) [watchdog/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events_long/0] (root,0,0,0.0) [events_long/1] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [cgroup] (root,0,0,0.0) [khelper] (root,0,0,0.0) [netns] (root,0,0,0.0) [async/mgr] (root,0,0,0.0) [pm] (root,0,0,0.0) [sync_supers] (root,0,0,0.0) [bdi-default] (root,0,0,0.0) [kintegrityd/0] (root,0,0,0.0) [kintegrityd/1] (root,0,0,0.0) [kblockd/0] (root,0,0,0.0) [kblockd/1] (root,0,0,0.0) [kacpid] (root,0,0,0.0) [kacpi_notify] (root,0,0,0.0) [kacpi_hotplug] (root,0,0,0.0) [ata_aux] (root,0,0,0.0) [ata_sff/0] (root,0,0,0.0) [ata_sff/1] (root,0,0,0.0) [ksuspend_usbd] (root,0,0,0.0) [khubd] (root,0,0,0.0) [kseriod] (root,0,0,0.0) [md/0] (root,0,0,0.0) [md/1] (root,0,0,0.0) [md_misc/0] (root,0,0,0.0) [md_misc/1] (root,0,0,0.0) [linkwatch] (root,0,0,0.0) [khungtaskd] (root,0,0,0.0) [lru-add-drain/0] (root,0,0,0.0) [lru-add-drain/1] (root,0,0,0.0) [kswapd0] (root,0,0,0.0) [ksmd] (root,0,0,0.0) [khugepaged] (root,0,0,0.0) [aio/0] (root,0,0,0.0) [aio/1] (root,0,0,0.0) [crypto/0] (root,0,0,0.0) [crypto/1] (root,0,0,0.0) [kthrotld/0] (root,0,0,0.0) [kthrotld/1] (root,0,0,0.0) [kpsmoused] (root,0,0,0.0) [usbhid_resumer] (root,0,0,0.0) [deferwq] (root,0,0,0.0) [kdmremove] (root,0,0,0.0) [kstriped] (root,0,0,0.0) [scsi_eh_0] (root,0,0,0.0) [scsi_eh_1] (root,0,0,0.0) [virtio-blk] (root,0,0,0.0) [jbd2/vda1-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,10908,284,0.0) /sbin/udevd -d (root,0,0,0.0) [virtio-net] (root,0,0,0.0) [vballoon] (postgres,294316,10400,0.0) postgres: asterisk asterisk 127.0.0.1(51818) idle (postgres,294480,10408,0.0) postgres: asterisk asterisk 127.0.0.1(51848) idle (root,0,0,0.0) [kauditd] (root,0,0,0.0) [flush-252:0] (root,9116,228,0.0) /sbin/dhclient -H 10872 -1 -q -lf /var/lib/dhclient/dhclient-eth0.leases -pf /var/run/dhclient-eth0.pid eth0 (root,29764,696,0.0) auditd (root,251456,2632,0.0) /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 (root,18248,524,0.0) irqbalance --pid=/var/run/irqbalance.pid (root,10904,244,0.0) /sbin/udevd -d (root,10904,212,0.0) /sbin/udevd -d (dbus,21432,372,0.0) dbus-daemon --system (root,4076,512,0.0) /usr/sbin/acpid (postgres,288272,4236,0.0) /usr/bin/postmaster -p 5432 -D /var/lib/pgsql/data (root,81036,3036,0.0) /usr/libexec/postfix/master (postfix,81288,3600,0.0) qmgr -l -t fifo -u (tomcat,3812196,879176,0.2) /usr/lib/jvm/java/bin/java -Djavax.sql.DataSource.Factory=org.apache.commons.dbcp.BasicDataSourceFactory -Xmx1002M -XX:MaxDirectMemorySize=64M -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/home/starface/tomcat-jmv-dump.hprof -Dderby.storage.pageCacheSize=200 -XX:+UseParallelGC -Dorg.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH=true -Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true -Dorg.apache.tomcat.util.http.Parameters.MAX_COUNT=10000 -Djdk.tls.ephemeralDHKeySize=4096 -classpath :/usr/share/tomcat6/bin/bootstrap.jar:/usr/share/tomcat6/bin/tomcat-juli.jar:/usr/share/java/commons-daemon.jar -Dcatalina.base=/usr/share/tomcat6 -Dcatalina.home=/usr/share/tomcat6 -Djava.endorsed.dirs= -Djava.io.tmpdir=/var/cache/tomcat6/temp -Djava.util.logging.config.file=/usr/share/tomcat6/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager org.apache.catalina.startup.Bootstrap start (root,6740,376,0.0) /usr/sbin/gpm -m /dev/input/mice -t exps2 (root,116880,760,0.0) crond (root,21104,324,0.0) /usr/sbin/atd (uucp,165500,932,0.0) /usr/sbin/faxq (uucp,66168,812,0.0) /usr/sbin/hfaxd -l 127.0.0.1 -i hylafax (postgres,179180,700,0.0) postgres: logger process (postgres,288432,9300,0.0) postgres: writer process (postgres,288432,920,0.0) postgres: wal writer process (postgres,288568,1228,0.0) postgres: autovacuum launcher process (postgres,179488,892,0.0) postgres: stats collector process (asterisk,1388308,42324,0.4) /usr/sbin/asterisk -n (root,3013244,146908,0.0) java -jar /var/lib/watchdog/watchdog.jar (root,108352,1188,0.0) /bin/bash /usr/sbin/adminshell.sh (root,4060,460,0.0) /sbin/mingetty /dev/tty2 (root,4060,460,0.0) /sbin/mingetty /dev/tty3 (root,114552,768,0.0) dialog --msgbox ?You may now access the web-based interface by browsing to http://194.36.62.27 10 50 (root,4060,460,0.0) /sbin/mingetty /dev/tty4 (root,4060,460,0.0) /sbin/mingetty /dev/tty5 (root,4060,460,0.0) /sbin/mingetty /dev/tty6 (postgres,289672,4552,0.0) postgres: asterisk asterisk ::1(33370) idle (postgres,295272,15240,0.0) postgres: asterisk asterisk 127.0.0.1(52910) idle (postgres,289816,5100,0.0) postgres: asterisk asterisk 127.0.0.1(54104) idle (daemon,3063920,222748,0.1) /usr/lib/jvm/java/bin/java -Djdk.tls.ephemeralDHKeySize=4096 -DopenfireHome=/opt/openfire -Dopenfire.lib.dir=/opt/openfire/lib -classpath /opt/openfire/lib/startup.jar -jar /opt/openfire/lib/startup.jar (ntp,30740,1568,0.0) ntpd -u ntp:ntp -p /var/run/ntpd.pid -g (uucp,18168,1052,0.0) /usr/sbin/iaxmodem ttyIAX1 (uucp,18168,1052,0.0) /usr/sbin/iaxmodem ttyIAX10 (uucp,18172,1052,0.0) /usr/sbin/iaxmodem ttyIAX2 (uucp,18168,1052,0.0) /usr/sbin/iaxmodem ttyIAX3 (uucp,18164,1044,0.0) /usr/sbin/iaxmodem ttyIAX4 (uucp,18168,1048,0.0) /usr/sbin/iaxmodem ttyIAX5 (uucp,18164,1048,0.0) /usr/sbin/iaxmodem ttyIAX6 (uucp,18164,1056,0.0) /usr/sbin/iaxmodem ttyIAX7 (uucp,18172,1092,0.0) /usr/sbin/iaxmodem ttyIAX8 (uucp,18168,1048,0.0) /usr/sbin/iaxmodem ttyIAX9 (uucp,68672,1748,0.0) /usr/sbin/faxgetty ttyIAX1 (uucp,68672,1740,0.0) /usr/sbin/faxgetty ttyIAX10 (uucp,68672,1740,0.0) /usr/sbin/faxgetty ttyIAX2 (uucp,68672,1740,0.0) /usr/sbin/faxgetty ttyIAX3 (uucp,68672,1744,0.0) /usr/sbin/faxgetty ttyIAX4 (uucp,68672,1744,0.0) /usr/sbin/faxgetty ttyIAX5 (uucp,68672,1744,0.0) /usr/sbin/faxgetty ttyIAX6 (uucp,68752,2004,0.0) /usr/sbin/faxgetty ttyIAX7 (uucp,68752,2052,0.0) /usr/sbin/faxgetty ttyIAX8 (uucp,68672,1740,0.0) /usr/sbin/faxgetty ttyIAX9 (postgres,290440,6688,0.0) postgres: asterisk asterisk 127.0.0.1(38500) idle (postgres,290000,6072,0.0) postgres: asterisk asterisk 127.0.0.1(38702) idle (postfix,81116,3428,0.0) pickup -l -t fifo -u (postfix,81120,3476,0.0) showq -t unix -u (root,92544,2868,0.0) sudo /var/lib/tomcat6/webapps/localhost/starface/WEB-INF/system-scripts/check_mk_agent.sh (root,9240,1168,0.0) /bin/bash /var/lib/tomcat6/webapps/localhost/starface/WEB-INF/system-scripts/check_mk_agent.sh (root,13368,984,0.0) ps ax -o user,vsz,rss,pcpu,command --columns 10000 (root,8388,792,0.0) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4) /
Found on 2024-12-20 00:36 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbdd10b2ab078d20ece547164709fb4086dadf6695Found public CheckMk agent: Version: 1.2.0p1 AgentOS: linux PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local AgentDirectory: /etc/check_mk Found process list through CheckMk: (root,19496,1500,0.0) /sbin/init (root,0,0,0.0) [kthreadd] (root,0,0,0.0) [migration/0] (root,0,0,0.0) [ksoftirqd/0] (root,0,0,0.0) [stopper/0] (root,0,0,0.0) [watchdog/0] (root,0,0,0.0) [migration/1] (root,0,0,0.0) [stopper/1] (root,0,0,0.0) [ksoftirqd/1] (root,0,0,0.0) [watchdog/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events_long/0] (root,0,0,0.0) [events_long/1] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [cgroup] (root,0,0,0.0) [khelper] (root,0,0,0.0) [netns] (root,0,0,0.0) [async/mgr] (root,0,0,0.0) [pm] (root,0,0,0.0) [sync_supers] (root,0,0,0.0) [bdi-default] (root,0,0,0.0) [kintegrityd/0] (root,0,0,0.0) [kintegrityd/1] (root,0,0,0.0) [kblockd/0] (root,0,0,0.0) [kblockd/1] (root,0,0,0.0) [kacpid] (root,0,0,0.0) [kacpi_notify] (root,0,0,0.0) [kacpi_hotplug] (root,0,0,0.0) [ata_aux] (root,0,0,0.0) [ata_sff/0] (root,0,0,0.0) [ata_sff/1] (root,0,0,0.0) [ksuspend_usbd] (root,0,0,0.0) [khubd] (root,0,0,0.0) [kseriod] (root,0,0,0.0) [md/0] (root,0,0,0.0) [md/1] (root,0,0,0.0) [md_misc/0] (root,0,0,0.0) [md_misc/1] (root,0,0,0.0) [linkwatch] (root,0,0,0.0) [khungtaskd] (root,0,0,0.0) [lru-add-drain/0] (root,0,0,0.0) [lru-add-drain/1] (root,0,0,0.0) [kswapd0] (root,0,0,0.0) [ksmd] (root,0,0,0.0) [khugepaged] (root,0,0,0.0) [aio/0] (root,0,0,0.0) [aio/1] (root,0,0,0.0) [crypto/0] (root,0,0,0.0) [crypto/1] (root,0,0,0.0) [kthrotld/0] (root,0,0,0.0) [kthrotld/1] (root,0,0,0.0) [kpsmoused] (root,0,0,0.0) [usbhid_resumer] (root,0,0,0.0) [deferwq] (root,0,0,0.0) [kdmremove] (root,0,0,0.0) [kstriped] (root,0,0,0.0) [scsi_eh_0] (root,0,0,0.0) [scsi_eh_1] (root,0,0,0.0) [virtio-blk] (root,0,0,0.0) [jbd2/vda1-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,10908,352,0.0) /sbin/udevd -d (root,0,0,0.0) [virtio-net] (root,0,0,0.0) [vballoon] (root,0,0,0.0) [kauditd] (root,0,0,0.0) [flush-252:0] (root,9116,232,0.0) /sbin/dhclient -H 10872 -1 -q -lf /var/lib/dhclient/dhclient-eth0.leases -pf /var/run/dhclient-eth0.pid eth0 (root,29764,704,0.0) auditd (root,251260,2188,0.0) /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 (root,18248,548,0.0) irqbalance --pid=/var/run/irqbalance.pid (root,10904,332,0.0) /sbin/udevd -d (root,10904,288,0.0) /sbin/udevd -d (dbus,21432,392,0.0) dbus-daemon --system (root,4076,516,0.0) /usr/sbin/acpid (postgres,288272,6704,0.0) /usr/bin/postmaster -p 5432 -D /var/lib/pgsql/data (root,81036,3380,0.0) /usr/libexec/postfix/master (postfix,81288,3604,0.0) qmgr -l -t fifo -u (tomcat,3803996,618632,0.2) /usr/lib/jvm/java/bin/java -Djavax.sql.DataSource.Factory=org.apache.commons.dbcp.BasicDataSourceFactory -Xmx1002M -XX:MaxDirectMemorySize=64M -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/home/starface/tomcat-jmv-dump.hprof -Dderby.storage.pageCacheSize=200 -XX:+UseParallelGC -Dorg.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH=true -Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true -Dorg.apache.tomcat.util.http.Parameters.MAX_COUNT=10000 -Djdk.tls.ephemeralDHKeySize=4096 -classpath :/usr/share/tomcat6/bin/bootstrap.jar:/usr/share/tomcat6/bin/tomcat-juli.jar:/usr/share/java/commons-daemon.jar -Dcatalina.base=/usr/share/tomcat6 -Dcatalina.home=/usr/share/tomcat6 -Djava.endorsed.dirs= -Djava.io.tmpdir=/var/cache/tomcat6/temp -Djava.util.logging.config.file=/usr/share/tomcat6/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager org.apache.catalina.startup.Bootstrap start (root,6740,376,0.0) /usr/sbin/gpm -m /dev/input/mice -t exps2 (root,116880,760,0.0) crond (root,21104,332,0.0) /usr/sbin/atd (uucp,165500,936,0.0) /usr/sbin/faxq (uucp,66168,812,0.0) /usr/sbin/hfaxd -l 127.0.0.1 -i hylafax (postgres,179180,776,0.0) postgres: logger process (postgres,288432,8328,0.0) postgres: writer process (postgres,288432,992,0.0) postgres: wal writer process (postgres,288568,1304,0.0) postgres: autovacuum launcher process (postgres,179488,968,0.0) postgres: stats collector process (asterisk,1388308,42936,0.4) /usr/sbin/asterisk -n (root,3013244,148904,0.0) java -jar /var/lib/watchdog/watchdog.jar (root,108352,1192,0.0) /bin/bash /usr/sbin/adminshell.sh (root,4060,464,0.0) /sbin/mingetty /dev/tty2 (root,4060,464,0.0) /sbin/mingetty /dev/tty3 (root,114552,776,0.0) dialog --msgbox ?You may now access the web-based interface by browsing to http://194.36.62.27 10 50 (root,4060,464,0.0) /sbin/mingetty /dev/tty4 (root,4060,464,0.0) /sbin/mingetty /dev/tty5 (root,4060,464,0.0) /sbin/mingetty /dev/tty6 (postgres,289672,4612,0.0) postgres: asterisk asterisk ::1(33370) idle (postgres,294312,10468,0.0) postgres: asterisk asterisk 127.0.0.1(47186) idle (postgres,294296,10404,0.0) postgres: asterisk asterisk 127.0.0.1(47214) idle (postgres,289816,5316,0.0) postgres: asterisk asterisk 127.0.0.1(54104) idle (daemon,3062892,191716,0.1) /usr/lib/jvm/java/bin/java -Djdk.tls.ephemeralDHKeySize=4096 -DopenfireHome=/opt/openfire -Dopenfire.lib.dir=/opt/openfire/lib -classpath /opt/openfire/lib/startup.jar -jar /opt/openfire/lib/startup.jar (ntp,30740,2092,0.0) ntpd -u ntp:ntp -p /var/run/ntpd.pid -g (uucp,18168,1164,0.0) /usr/sbin/iaxmodem ttyIAX1 (uucp,18168,1160,0.0) /usr/sbin/iaxmodem ttyIAX10 (uucp,18172,1168,0.0) /usr/sbin/iaxmodem ttyIAX2 (uucp,18168,1164,0.0) /usr/sbin/iaxmodem ttyIAX3 (uucp,18164,1156,0.0) /usr/sbin/iaxmodem ttyIAX4 (uucp,18168,1164,0.0) /usr/sbin/iaxmodem ttyIAX5 (uucp,18164,1156,0.0) /usr/sbin/iaxmodem ttyIAX6 (uucp,18164,1164,0.0) /usr/sbin/iaxmodem ttyIAX7 (uucp,18172,1176,0.0) /usr/sbin/iaxmodem ttyIAX8 (uucp,18168,1164,0.0) /usr/sbin/iaxmodem ttyIAX9 (uucp,68672,2144,0.0) /usr/sbin/faxgetty ttyIAX1 (uucp,68672,2140,0.0) /usr/sbin/faxgetty ttyIAX10 (uucp,68672,2140,0.0) /usr/sbin/faxgetty ttyIAX2 (uucp,68672,2140,0.0) /usr/sbin/faxgetty ttyIAX3 (uucp,68672,2144,0.0) /usr/sbin/faxgetty ttyIAX4 (uucp,68672,2140,0.0) /usr/sbin/faxgetty ttyIAX5 (uucp,68672,2144,0.0) /usr/sbin/faxgetty ttyIAX6 (uucp,68752,2352,0.0) /usr/sbin/faxgetty ttyIAX7 (uucp,68752,2352,0.0) /usr/sbin/faxgetty ttyIAX8 (uucp,68672,2140,0.0) /usr/sbin/faxgetty ttyIAX9 (postgres,290472,7636,0.0) postgres: asterisk asterisk 127.0.0.1(33936) idle (postgres,290140,6296,0.0) postgres: asterisk asterisk 127.0.0.1(34066) idle (postfix,81116,3428,0.0) pickup -l -t fifo -u (postfix,81120,3476,0.0) showq -t unix -u (root,92544,2860,0.0) sudo /var/lib/tomcat6/webapps/localhost/starface/WEB-INF/system-scripts/check_mk_agent.sh (root,9240,1172,0.0) /bin/bash /var/lib/tomcat6/webapps/localhost/starface/WEB-INF/system-scripts/check_mk_agent.sh (root,13368,984,0.0) ps ax -o user,vsz,rss,pcpu,command --columns 10000 (root,8388,796,0.0) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4) / (postgres,294552,10488,0.0) postgres: asterisk asterisk 127.0.0.1(44384) idle (postgres,292596,13284,0.0) postgres: asterisk asterisk 127.0.0.1(46066) idle
Found on 2024-12-18 01:49 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbdd10b2ab078d20ece547164709fb4086c43ca98cFound public CheckMk agent: Version: 1.2.0p1 AgentOS: linux PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local AgentDirectory: /etc/check_mk Found process list through CheckMk: (root,19496,1616,0.0) /sbin/init (root,0,0,0.0) [kthreadd] (root,0,0,0.0) [migration/0] (root,0,0,0.0) [ksoftirqd/0] (root,0,0,0.0) [stopper/0] (root,0,0,0.0) [watchdog/0] (root,0,0,0.0) [migration/1] (root,0,0,0.0) [stopper/1] (root,0,0,0.0) [ksoftirqd/1] (root,0,0,0.0) [watchdog/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events_long/0] (root,0,0,0.0) [events_long/1] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [cgroup] (root,0,0,0.0) [khelper] (root,0,0,0.0) [netns] (root,0,0,0.0) [async/mgr] (root,0,0,0.0) [pm] (root,0,0,0.0) [sync_supers] (root,0,0,0.0) [bdi-default] (root,0,0,0.0) [kintegrityd/0] (root,0,0,0.0) [kintegrityd/1] (root,0,0,0.0) [kblockd/0] (root,0,0,0.0) [kblockd/1] (root,0,0,0.0) [kacpid] (root,0,0,0.0) [kacpi_notify] (root,0,0,0.0) [kacpi_hotplug] (root,0,0,0.0) [ata_aux] (root,0,0,0.0) [ata_sff/0] (root,0,0,0.0) [ata_sff/1] (root,0,0,0.0) [ksuspend_usbd] (root,0,0,0.0) [khubd] (root,0,0,0.0) [kseriod] (root,0,0,0.0) [md/0] (root,0,0,0.0) [md/1] (root,0,0,0.0) [md_misc/0] (root,0,0,0.0) [md_misc/1] (root,0,0,0.0) [linkwatch] (root,0,0,0.0) [khungtaskd] (root,0,0,0.0) [lru-add-drain/0] (root,0,0,0.0) [lru-add-drain/1] (root,0,0,0.0) [kswapd0] (root,0,0,0.0) [ksmd] (root,0,0,0.0) [khugepaged] (root,0,0,0.0) [aio/0] (root,0,0,0.0) [aio/1] (root,0,0,0.0) [crypto/0] (root,0,0,0.0) [crypto/1] (root,0,0,0.0) [kthrotld/0] (root,0,0,0.0) [kthrotld/1] (root,0,0,0.0) [kpsmoused] (root,0,0,0.0) [usbhid_resumer] (root,0,0,0.0) [deferwq] (root,0,0,0.0) [kdmremove] (root,0,0,0.0) [kstriped] (root,0,0,0.0) [scsi_eh_0] (root,0,0,0.0) [scsi_eh_1] (root,0,0,0.0) [virtio-blk] (root,0,0,0.0) [jbd2/vda1-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,10908,356,0.0) /sbin/udevd -d (root,0,0,0.0) [virtio-net] (root,0,0,0.0) [vballoon] (root,0,0,0.0) [kauditd] (root,0,0,0.0) [flush-252:0] (root,9116,336,0.0) /sbin/dhclient -H 10872 -1 -q -lf /var/lib/dhclient/dhclient-eth0.leases -pf /var/run/dhclient-eth0.pid eth0 (root,29764,712,0.0) auditd (root,251260,2256,0.0) /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 (root,18248,548,0.0) irqbalance --pid=/var/run/irqbalance.pid (root,10904,332,0.0) /sbin/udevd -d (root,10904,288,0.0) /sbin/udevd -d (dbus,21432,568,0.0) dbus-daemon --system (root,4076,528,0.0) /usr/sbin/acpid (postgres,288272,6720,0.0) /usr/bin/postmaster -p 5432 -D /var/lib/pgsql/data (postgres,291528,9908,0.0) postgres: asterisk asterisk 127.0.0.1(47120) idle (root,81036,3448,0.0) /usr/libexec/postfix/master (postfix,81288,3604,0.0) qmgr -l -t fifo -u (tomcat,3803996,511504,0.2) /usr/lib/jvm/java/bin/java -Djavax.sql.DataSource.Factory=org.apache.commons.dbcp.BasicDataSourceFactory -Xmx1002M -XX:MaxDirectMemorySize=64M -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/home/starface/tomcat-jmv-dump.hprof -Dderby.storage.pageCacheSize=200 -XX:+UseParallelGC -Dorg.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH=true -Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true -Dorg.apache.tomcat.util.http.Parameters.MAX_COUNT=10000 -Djdk.tls.ephemeralDHKeySize=4096 -classpath :/usr/share/tomcat6/bin/bootstrap.jar:/usr/share/tomcat6/bin/tomcat-juli.jar:/usr/share/java/commons-daemon.jar -Dcatalina.base=/usr/share/tomcat6 -Dcatalina.home=/usr/share/tomcat6 -Djava.endorsed.dirs= -Djava.io.tmpdir=/var/cache/tomcat6/temp -Djava.util.logging.config.file=/usr/share/tomcat6/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager org.apache.catalina.startup.Bootstrap start (root,6740,376,0.0) /usr/sbin/gpm -m /dev/input/mice -t exps2 (root,116880,760,0.0) crond (root,21104,332,0.0) /usr/sbin/atd (uucp,165500,968,0.0) /usr/sbin/faxq (uucp,66168,812,0.0) /usr/sbin/hfaxd -l 127.0.0.1 -i hylafax (postgres,179180,776,0.0) postgres: logger process (postgres,288432,8192,0.0) postgres: writer process (postgres,288432,996,0.0) postgres: wal writer process (postgres,288568,1304,0.0) postgres: autovacuum launcher process (postgres,179488,968,0.0) postgres: stats collector process (asterisk,1388308,45752,0.4) /usr/sbin/asterisk -n (root,3013244,153844,0.0) java -jar /var/lib/watchdog/watchdog.jar (root,108352,1472,0.0) /bin/bash /usr/sbin/adminshell.sh (root,4060,532,0.0) /sbin/mingetty /dev/tty2 (root,4060,536,0.0) /sbin/mingetty /dev/tty3 (root,114552,1308,0.0) dialog --msgbox ?You may now access the web-based interface by browsing to http://194.36.62.27 10 50 (root,4060,536,0.0) /sbin/mingetty /dev/tty4 (root,4060,536,0.0) /sbin/mingetty /dev/tty5 (root,4060,532,0.0) /sbin/mingetty /dev/tty6 (postgres,289672,5024,0.0) postgres: asterisk asterisk ::1(33370) idle (postgres,294312,10328,0.0) postgres: asterisk asterisk 127.0.0.1(47186) idle (postgres,294296,10292,0.0) postgres: asterisk asterisk 127.0.0.1(47214) idle (postgres,289816,5936,0.0) postgres: asterisk asterisk 127.0.0.1(54104) idle (daemon,3062892,196268,0.1) /usr/lib/jvm/java/bin/java -Djdk.tls.ephemeralDHKeySize=4096 -DopenfireHome=/opt/openfire -Dopenfire.lib.dir=/opt/openfire/lib -classpath /opt/openfire/lib/startup.jar -jar /opt/openfire/lib/startup.jar (ntp,30740,2180,0.0) ntpd -u ntp:ntp -p /var/run/ntpd.pid -g (uucp,18168,1164,0.0) /usr/sbin/iaxmodem ttyIAX1 (uucp,18168,1160,0.0) /usr/sbin/iaxmodem ttyIAX10 (uucp,18172,1168,0.0) /usr/sbin/iaxmodem ttyIAX2 (uucp,18168,1164,0.0) /usr/sbin/iaxmodem ttyIAX3 (uucp,18164,1156,0.0) /usr/sbin/iaxmodem ttyIAX4 (uucp,18168,1164,0.0) /usr/sbin/iaxmodem ttyIAX5 (uucp,18164,1156,0.0) /usr/sbin/iaxmodem ttyIAX6 (uucp,18164,1192,0.0) /usr/sbin/iaxmodem ttyIAX7 (uucp,18172,1204,0.0) /usr/sbin/iaxmodem ttyIAX8 (uucp,18168,1164,0.0) /usr/sbin/iaxmodem ttyIAX9 (uucp,68672,2144,0.0) /usr/sbin/faxgetty ttyIAX1 (uucp,68672,2140,0.0) /usr/sbin/faxgetty ttyIAX10 (uucp,68672,2140,0.0) /usr/sbin/faxgetty ttyIAX2 (uucp,68672,2140,0.0) /usr/sbin/faxgetty ttyIAX3 (uucp,68672,2144,0.0) /usr/sbin/faxgetty ttyIAX4 (uucp,68672,2140,0.0) /usr/sbin/faxgetty ttyIAX5 (uucp,68672,2144,0.0) /usr/sbin/faxgetty ttyIAX6 (uucp,68752,2380,0.0) /usr/sbin/faxgetty ttyIAX7 (uucp,68752,2380,0.0) /usr/sbin/faxgetty ttyIAX8 (uucp,68672,2140,0.0) /usr/sbin/faxgetty ttyIAX9 (postfix,81116,3432,0.0) pickup -l -t fifo -u (postfix,81120,3480,0.0) showq -t unix -u (root,92544,2868,0.0) sudo /var/lib/tomcat6/webapps/localhost/starface/WEB-INF/system-scripts/check_mk_agent.sh (root,9240,1168,0.0) /bin/bash /var/lib/tomcat6/webapps/localhost/starface/WEB-INF/system-scripts/check_mk_agent.sh (root,13372,992,0.0) ps ax -o user,vsz,rss,pcpu,command --columns 10000 (root,8388,792,0.0) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4) / (postgres,294552,10388,0.0) postgres: asterisk asterisk 127.0.0.1(44384) idle (postgres,292596,12688,0.0) postgres: asterisk asterisk 127.0.0.1(46066) idle
Found on 2024-12-17 20:18 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbdd10b2ab078d20ece547164709fb40865dfe5072Found public CheckMk agent: Version: 1.2.0p1 AgentOS: linux PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local AgentDirectory: /etc/check_mk Found process list through CheckMk: (root,19496,1652,0.0) /sbin/init (root,0,0,0.0) [kthreadd] (root,0,0,0.0) [migration/0] (root,0,0,0.0) [ksoftirqd/0] (root,0,0,0.0) [stopper/0] (root,0,0,0.0) [watchdog/0] (root,0,0,0.0) [migration/1] (root,0,0,0.0) [stopper/1] (root,0,0,0.0) [ksoftirqd/1] (root,0,0,0.0) [watchdog/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events_long/0] (root,0,0,0.0) [events_long/1] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [cgroup] (root,0,0,0.0) [khelper] (root,0,0,0.0) [netns] (root,0,0,0.0) [async/mgr] (root,0,0,0.0) [pm] (root,0,0,0.0) [sync_supers] (root,0,0,0.0) [bdi-default] (root,0,0,0.0) [kintegrityd/0] (root,0,0,0.0) [kintegrityd/1] (root,0,0,0.0) [kblockd/0] (root,0,0,0.0) [kblockd/1] (root,0,0,0.0) [kacpid] (root,0,0,0.0) [kacpi_notify] (root,0,0,0.0) [kacpi_hotplug] (root,0,0,0.0) [ata_aux] (root,0,0,0.0) [ata_sff/0] (root,0,0,0.0) [ata_sff/1] (root,0,0,0.0) [ksuspend_usbd] (root,0,0,0.0) [khubd] (root,0,0,0.0) [kseriod] (root,0,0,0.0) [md/0] (root,0,0,0.0) [md/1] (root,0,0,0.0) [md_misc/0] (root,0,0,0.0) [md_misc/1] (root,0,0,0.0) [linkwatch] (root,0,0,0.0) [khungtaskd] (root,0,0,0.0) [lru-add-drain/0] (root,0,0,0.0) [lru-add-drain/1] (root,0,0,0.0) [kswapd0] (root,0,0,0.0) [ksmd] (root,0,0,0.0) [khugepaged] (root,0,0,0.0) [aio/0] (root,0,0,0.0) [aio/1] (root,0,0,0.0) [crypto/0] (root,0,0,0.0) [crypto/1] (root,0,0,0.0) [kthrotld/0] (root,0,0,0.0) [kthrotld/1] (root,0,0,0.0) [kpsmoused] (root,0,0,0.0) [usbhid_resumer] (root,0,0,0.0) [deferwq] (root,0,0,0.0) [kdmremove] (root,0,0,0.0) [kstriped] (root,0,0,0.0) [scsi_eh_0] (root,0,0,0.0) [scsi_eh_1] (root,0,0,0.0) [virtio-blk] (root,0,0,0.0) [scsi_eh_2] (root,0,0,0.0) [jbd2/vda1-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,10644,340,0.0) /sbin/udevd -d (root,0,0,0.0) [virtio-net] (root,0,0,0.0) [kauditd] (root,0,0,0.0) [flush-252:0] (root,9116,480,0.0) /sbin/dhclient -H 10872 -1 -q -lf /var/lib/dhclient/dhclient-eth0.leases -pf /var/run/dhclient-eth0.pid eth0 (root,29764,696,0.0) auditd (root,18248,524,0.0) irqbalance --pid=/var/run/irqbalance.pid (dbus,21432,644,0.0) dbus-daemon --system (postgres,290552,7688,0.0) postgres: asterisk asterisk 127.0.0.1(52958) idle (root,81036,2604,0.0) /usr/libexec/postfix/master (postfix,81288,2844,0.0) qmgr -l -t fifo -u (root,6740,296,0.0) /usr/sbin/gpm -m /dev/input/mice -t exps2 (root,116912,720,0.0) crond (root,21104,408,0.0) /usr/sbin/atd (uucp,165500,1112,0.0) /usr/sbin/faxq (uucp,66168,752,0.0) /usr/sbin/hfaxd -l 127.0.0.1 -i hylafax (root,3013240,123508,0.1) java -jar /var/lib/watchdog/watchdog.jar (root,108352,1188,0.0) /bin/bash /usr/sbin/adminshell.sh (root,4060,460,0.0) /sbin/mingetty /dev/tty2 (root,114552,760,0.0) dialog --msgbox ?You may now access the web-based interface by browsing to http://194.36.62.27 10 50 (root,4060,460,0.0) /sbin/mingetty /dev/tty3 (root,4060,460,0.0) /sbin/mingetty /dev/tty4 (root,4060,460,0.0) /sbin/mingetty /dev/tty5 (root,4060,460,0.0) /sbin/mingetty /dev/tty6 (postgres,294244,10324,0.0) postgres: asterisk asterisk 127.0.0.1(44666) idle (postfix,81116,3424,0.0) pickup -l -t fifo -u (postgres,294228,10240,0.0) postgres: asterisk asterisk 127.0.0.1(44730) idle (postfix,81120,3476,0.0) showq -t unix -u (postgres,289936,5000,0.0) postgres: asterisk asterisk 127.0.0.1(60954) idle (root,92544,2868,0.0) sudo /var/lib/tomcat6/webapps/localhost/starface/WEB-INF/system-scripts/check_mk_agent.sh (root,9240,1168,0.0) /bin/bash /var/lib/tomcat6/webapps/localhost/starface/WEB-INF/system-scripts/check_mk_agent.sh (root,13368,988,0.0) ps ax -o user,vsz,rss,pcpu,command --columns 10000 (root,8388,792,0.0) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4) / (root,4076,512,0.0) /usr/sbin/acpid (root,252024,5624,0.0) /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 (postgres,294396,14692,0.0) postgres: asterisk asterisk 127.0.0.1(47052) idle (uucp,18168,1168,0.0) /usr/sbin/iaxmodem ttyIAX10 (uucp,68672,2148,0.0) /usr/sbin/faxgetty ttyIAX10 (uucp,18168,1172,0.0) /usr/sbin/iaxmodem ttyIAX8 (uucp,68672,2140,0.0) /usr/sbin/faxgetty ttyIAX8 (uucp,18168,1168,0.0) /usr/sbin/iaxmodem ttyIAX9 (uucp,68672,2140,0.0) /usr/sbin/faxgetty ttyIAX9 (uucp,18164,1168,0.0) /usr/sbin/iaxmodem ttyIAX4 (uucp,68672,2140,0.0) /usr/sbin/faxgetty ttyIAX4 (uucp,18172,1176,0.0) /usr/sbin/iaxmodem ttyIAX5 (uucp,68672,2144,0.0) /usr/sbin/faxgetty ttyIAX5 (uucp,18164,1160,0.0) /usr/sbin/iaxmodem ttyIAX6 (uucp,68672,2144,0.0) /usr/sbin/faxgetty ttyIAX6 (uucp,18168,1168,0.0) /usr/sbin/iaxmodem ttyIAX7 (uucp,68672,2148,0.0) /usr/sbin/faxgetty ttyIAX7 (uucp,18168,1164,0.0) /usr/sbin/iaxmodem ttyIAX1 (uucp,68672,2148,0.0) /usr/sbin/faxgetty ttyIAX1 (uucp,18172,1172,0.0) /usr/sbin/iaxmodem ttyIAX2 (uucp,68672,2144,0.0) /usr/sbin/faxgetty ttyIAX2 (uucp,18172,1172,0.0) /usr/sbin/iaxmodem ttyIAX3 (uucp,68672,2140,0.0) /usr/sbin/faxgetty ttyIAX3 (postgres,288276,4464,0.0) /usr/bin/postmaster -p 5432 -D /var/lib/pgsql/data (root,10640,216,0.0) /sbin/udevd -d (root,10640,216,0.0) /sbin/udevd -d (postgres,179184,692,0.0) postgres: logger process (postgres,288572,40300,0.0) postgres: writer process (postgres,288420,924,0.0) postgres: wal writer process (postgres,288828,1292,0.0) postgres: autovacuum launcher process (postgres,179628,928,0.0) postgres: stats collector process (asterisk,1386548,66236,0.5) /usr/sbin/asterisk -n (postgres,289656,4584,0.0) postgres: asterisk asterisk ::1(60188) idle (tomcat,3842988,617400,0.2) /usr/lib/jvm/java/bin/java -Djavax.sql.DataSource.Factory=org.apache.commons.dbcp.BasicDataSourceFactory -Xmx1002M -XX:MaxDirectMemorySize=64M -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/home/starface/tomcat-jmv-dump.hprof -Dderby.storage.pageCacheSize=200 -XX:+UseParallelGC -Dorg.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH=true -Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true -Dorg.apache.tomcat.util.http.Parameters.MAX_COUNT=10000 -Djdk.tls.ephemeralDHKeySize=4096 -classpath :/usr/share/tomcat6/bin/bootstrap.jar:/usr/share/tomcat6/bin/tomcat-juli.jar:/usr/share/java/commons-daemon.jar -Dcatalina.base=/usr/share/tomcat6 -Dcatalina.home=/usr/share/tomcat6 -Djava.endorsed.dirs= -Djava.io.tmpdir=/var/cache/tomcat6/temp -Djava.util.logging.config.file=/usr/share/tomcat6/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager org.apache.catalina.startup.Bootstrap start (postgres,289812,5696,0.0) postgres: asterisk asterisk 127.0.0.1(41614) idle (daemon,3063432,174212,0.1) /usr/lib/jvm/java/bin/java -Djdk.tls.ephemeralDHKeySize=4096 -DopenfireHome=/opt/openfire -Dopenfire.lib.dir=/opt/openfire/lib -classpath /opt/openfire/lib/startup.jar -jar /opt/openfire/lib/startup.jar (ntp,30740,1596,0.0) ntpd -u ntp:ntp -p /var/run/ntpd.pid -g
Found on 2023-03-20 22:35 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbdd10b2ab078d20ece547164709fb4086f4a7b000Found public CheckMk agent: Version: 1.2.0p1 AgentOS: linux PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local AgentDirectory: /etc/check_mk Found process list through CheckMk: (root,19496,1648,0.0) /sbin/init (root,0,0,0.0) [kthreadd] (root,0,0,0.0) [migration/0] (root,0,0,0.0) [ksoftirqd/0] (root,0,0,0.0) [stopper/0] (root,0,0,0.0) [watchdog/0] (root,0,0,0.0) [migration/1] (root,0,0,0.0) [stopper/1] (root,0,0,0.0) [ksoftirqd/1] (root,0,0,0.0) [watchdog/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events_long/0] (root,0,0,0.0) [events_long/1] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [cgroup] (root,0,0,0.0) [khelper] (root,0,0,0.0) [netns] (root,0,0,0.0) [async/mgr] (root,0,0,0.0) [pm] (root,0,0,0.0) [sync_supers] (root,0,0,0.0) [bdi-default] (root,0,0,0.0) [kintegrityd/0] (root,0,0,0.0) [kintegrityd/1] (root,0,0,0.0) [kblockd/0] (root,0,0,0.0) [kblockd/1] (root,0,0,0.0) [kacpid] (root,0,0,0.0) [kacpi_notify] (root,0,0,0.0) [kacpi_hotplug] (root,0,0,0.0) [ata_aux] (root,0,0,0.0) [ata_sff/0] (root,0,0,0.0) [ata_sff/1] (root,0,0,0.0) [ksuspend_usbd] (root,0,0,0.0) [khubd] (root,0,0,0.0) [kseriod] (root,0,0,0.0) [md/0] (root,0,0,0.0) [md/1] (root,0,0,0.0) [md_misc/0] (root,0,0,0.0) [md_misc/1] (root,0,0,0.0) [linkwatch] (root,0,0,0.0) [khungtaskd] (root,0,0,0.0) [lru-add-drain/0] (root,0,0,0.0) [lru-add-drain/1] (root,0,0,0.0) [kswapd0] (root,0,0,0.0) [ksmd] (root,0,0,0.0) [khugepaged] (root,0,0,0.0) [aio/0] (root,0,0,0.0) [aio/1] (root,0,0,0.0) [crypto/0] (root,0,0,0.0) [crypto/1] (root,0,0,0.0) [kthrotld/0] (root,0,0,0.0) [kthrotld/1] (root,0,0,0.0) [kpsmoused] (root,0,0,0.0) [usbhid_resumer] (root,0,0,0.0) [deferwq] (root,0,0,0.0) [kdmremove] (root,0,0,0.0) [kstriped] (root,0,0,0.0) [scsi_eh_0] (root,0,0,0.0) [scsi_eh_1] (root,0,0,0.0) [virtio-blk] (root,0,0,0.0) [scsi_eh_2] (uucp,18168,1176,0.0) /usr/sbin/iaxmodem ttyIAX10 (root,0,0,0.0) [jbd2/vda1-8] (root,0,0,0.0) [ext4-dio-unwrit] (uucp,68672,2152,0.0) /usr/sbin/faxgetty ttyIAX10 (uucp,18164,1196,0.0) /usr/sbin/iaxmodem ttyIAX8 (uucp,68752,2388,0.0) /usr/sbin/faxgetty ttyIAX8 (uucp,18172,1168,0.0) /usr/sbin/iaxmodem ttyIAX9 (uucp,68672,2152,0.0) /usr/sbin/faxgetty ttyIAX9 (uucp,18168,1176,0.0) /usr/sbin/iaxmodem ttyIAX4 (uucp,68672,2156,0.0) /usr/sbin/faxgetty ttyIAX4 (root,10644,340,0.0) /sbin/udevd -d (uucp,18172,1168,0.0) /usr/sbin/iaxmodem ttyIAX5 (uucp,68672,2152,0.0) /usr/sbin/faxgetty ttyIAX5 (uucp,18164,1160,0.0) /usr/sbin/iaxmodem ttyIAX6 (uucp,68672,2148,0.0) /usr/sbin/faxgetty ttyIAX6 (uucp,18172,1176,0.0) /usr/sbin/iaxmodem ttyIAX7 (uucp,68672,2152,0.0) /usr/sbin/faxgetty ttyIAX7 (uucp,18172,1176,0.0) /usr/sbin/iaxmodem ttyIAX1 (uucp,68672,2152,0.0) /usr/sbin/faxgetty ttyIAX1 (root,0,0,0.0) [virtio-net] (uucp,18164,1164,0.0) /usr/sbin/iaxmodem ttyIAX2 (uucp,68672,2152,0.0) /usr/sbin/faxgetty ttyIAX2 (uucp,18168,1172,0.0) /usr/sbin/iaxmodem ttyIAX3 (uucp,68672,2152,0.0) /usr/sbin/faxgetty ttyIAX3 (root,0,0,0.0) [kauditd] (root,0,0,0.0) [flush-252:0] (root,9116,480,0.0) /sbin/dhclient -H 10872 -1 -q -lf /var/lib/dhclient/dhclient-eth0.leases -pf /var/run/dhclient-eth0.pid eth0 (root,29764,696,0.0) auditd (root,18248,512,0.0) irqbalance --pid=/var/run/irqbalance.pid (dbus,21432,644,0.0) dbus-daemon --system (root,81036,2604,0.0) /usr/libexec/postfix/master (postfix,81288,2832,0.0) qmgr -l -t fifo -u (root,6740,296,0.0) /usr/sbin/gpm -m /dev/input/mice -t exps2 (root,116912,720,0.0) crond (root,21104,408,0.0) /usr/sbin/atd (uucp,165500,1120,0.0) /usr/sbin/faxq (uucp,66168,752,0.0) /usr/sbin/hfaxd -l 127.0.0.1 -i hylafax (root,3013240,121772,0.1) java -jar /var/lib/watchdog/watchdog.jar (root,108352,1188,0.0) /bin/bash /usr/sbin/adminshell.sh (root,4060,460,0.0) /sbin/mingetty /dev/tty2 (root,114552,760,0.0) dialog --msgbox ?You may now access the web-based interface by browsing to http://194.36.62.27 10 50 (root,4060,460,0.0) /sbin/mingetty /dev/tty3 (root,4060,460,0.0) /sbin/mingetty /dev/tty4 (root,4060,460,0.0) /sbin/mingetty /dev/tty5 (root,4060,460,0.0) /sbin/mingetty /dev/tty6 (postgres,290820,9368,0.0) postgres: asterisk asterisk 127.0.0.1(51482) idle (postgres,291496,12652,0.0) postgres: asterisk asterisk 127.0.0.1(51630) idle (postfix,81116,3428,0.0) pickup -l -t fifo -u (postfix,81120,3480,0.0) showq -t unix -u (root,92544,2860,0.0) sudo /var/lib/tomcat6/webapps/localhost/starface/WEB-INF/system-scripts/check_mk_agent.sh (root,9240,1168,0.0) /bin/bash /var/lib/tomcat6/webapps/localhost/starface/WEB-INF/system-scripts/check_mk_agent.sh (root,13368,984,0.0) ps ax -o user,vsz,rss,pcpu,command --columns 10000 (root,8388,796,0.0) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4) / (postgres,294540,10248,0.0) postgres: asterisk asterisk 127.0.0.1(40130) idle (root,4076,512,0.0) /usr/sbin/acpid (root,252024,5608,0.0) /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 (postgres,294696,10508,0.0) postgres: asterisk asterisk 127.0.0.1(43744) idle (postgres,288276,4508,0.0) /usr/bin/postmaster -p 5432 -D /var/lib/pgsql/data (root,10640,216,0.0) /sbin/udevd -d (root,10640,216,0.0) /sbin/udevd -d (postgres,179184,696,0.0) postgres: logger process (postgres,288572,38564,0.0) postgres: writer process (postgres,288420,924,0.0) postgres: wal writer process (postgres,288828,1328,0.0) postgres: autovacuum launcher process (postgres,179628,928,0.0) postgres: stats collector process (asterisk,1386052,61108,0.5) /usr/sbin/asterisk -n (postgres,289656,5044,0.0) postgres: asterisk asterisk ::1(60188) idle (tomcat,3839904,625752,0.2) /usr/lib/jvm/java/bin/java -Djavax.sql.DataSource.Factory=org.apache.commons.dbcp.BasicDataSourceFactory -Xmx1002M -XX:MaxDirectMemorySize=64M -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/home/starface/tomcat-jmv-dump.hprof -Dderby.storage.pageCacheSize=200 -XX:+UseParallelGC -Dorg.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH=true -Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true -Dorg.apache.tomcat.util.http.Parameters.MAX_COUNT=10000 -Djdk.tls.ephemeralDHKeySize=4096 -classpath :/usr/share/tomcat6/bin/bootstrap.jar:/usr/share/tomcat6/bin/tomcat-juli.jar:/usr/share/java/commons-daemon.jar -Dcatalina.base=/usr/share/tomcat6 -Dcatalina.home=/usr/share/tomcat6 -Djava.endorsed.dirs= -Djava.io.tmpdir=/var/cache/tomcat6/temp -Djava.util.logging.config.file=/usr/share/tomcat6/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager org.apache.catalina.startup.Bootstrap start (postgres,289812,5436,0.0) postgres: asterisk asterisk 127.0.0.1(41614) idle (daemon,3063432,247096,0.1) /usr/lib/jvm/java/bin/java -Djdk.tls.ephemeralDHKeySize=4096 -DopenfireHome=/opt/openfire -Dopenfire.lib.dir=/opt/openfire/lib -classpath /opt/openfire/lib/startup.jar -jar /opt/openfire/lib/startup.jar (ntp,30740,1588,0.0) ntpd -u ntp:ntp -p /var/run/ntpd.pid -g (postgres,294716,10212,0.0) postgres: asterisk asterisk 127.0.0.1(46796) idle
Found on 2023-03-08 12:08 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbdd10b2ab078d20ece547164709fb408683c71576Found public CheckMk agent: Version: 1.2.0p1 AgentOS: linux PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local AgentDirectory: /etc/check_mk Found process list through CheckMk: (root,19496,1668,0.0) /sbin/init (root,0,0,0.0) [kthreadd] (root,0,0,0.0) [migration/0] (root,0,0,0.0) [ksoftirqd/0] (root,0,0,0.0) [stopper/0] (root,0,0,0.0) [watchdog/0] (root,0,0,0.0) [migration/1] (root,0,0,0.0) [stopper/1] (root,0,0,0.0) [ksoftirqd/1] (root,0,0,0.0) [watchdog/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events_long/0] (root,0,0,0.0) [events_long/1] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [cgroup] (root,0,0,0.0) [khelper] (root,0,0,0.0) [netns] (root,0,0,0.0) [async/mgr] (root,0,0,0.0) [pm] (root,0,0,0.0) [sync_supers] (root,0,0,0.0) [bdi-default] (root,0,0,0.0) [kintegrityd/0] (root,0,0,0.0) [kintegrityd/1] (root,0,0,0.0) [kblockd/0] (root,0,0,0.0) [kblockd/1] (root,0,0,0.0) [kacpid] (root,0,0,0.0) [kacpi_notify] (root,0,0,0.0) [kacpi_hotplug] (root,0,0,0.0) [ata_aux] (root,0,0,0.0) [ata_sff/0] (root,0,0,0.0) [ata_sff/1] (root,0,0,0.0) [ksuspend_usbd] (root,0,0,0.0) [khubd] (root,0,0,0.0) [kseriod] (root,0,0,0.0) [md/0] (root,0,0,0.0) [md/1] (root,0,0,0.0) [md_misc/0] (root,0,0,0.0) [md_misc/1] (root,0,0,0.0) [linkwatch] (root,0,0,0.0) [khungtaskd] (root,0,0,0.0) [lru-add-drain/0] (root,0,0,0.0) [lru-add-drain/1] (root,0,0,0.0) [kswapd0] (root,0,0,0.0) [ksmd] (root,0,0,0.0) [khugepaged] (root,0,0,0.0) [aio/0] (root,0,0,0.0) [aio/1] (root,0,0,0.0) [crypto/0] (root,0,0,0.0) [crypto/1] (root,0,0,0.0) [kthrotld/0] (root,0,0,0.0) [kthrotld/1] (root,0,0,0.0) [kpsmoused] (root,0,0,0.0) [usbhid_resumer] (root,0,0,0.0) [deferwq] (root,0,0,0.0) [kdmremove] (root,0,0,0.0) [kstriped] (root,0,0,0.0) [scsi_eh_0] (root,0,0,0.0) [scsi_eh_1] (root,0,0,0.0) [virtio-blk] (root,0,0,0.0) [scsi_eh_2] (root,0,0,0.0) [jbd2/vda1-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,10644,340,0.0) /sbin/udevd -d (root,0,0,0.0) [virtio-net] (root,0,0,0.0) [kauditd] (root,0,0,0.0) [flush-252:0] (root,9116,464,0.0) /sbin/dhclient -H 10872 -1 -q -lf /var/lib/dhclient/dhclient-eth0.leases -pf /var/run/dhclient-eth0.pid eth0 (root,29764,696,0.0) auditd (root,18248,524,0.0) irqbalance --pid=/var/run/irqbalance.pid (dbus,21432,648,0.0) dbus-daemon --system (postgres,294484,10256,0.0) postgres: asterisk asterisk 127.0.0.1(41298) idle (postgres,294256,9784,0.0) postgres: asterisk asterisk 127.0.0.1(38934) idle (root,81036,2604,0.0) /usr/libexec/postfix/master (postfix,81288,2832,0.0) qmgr -l -t fifo -u (root,6740,296,0.0) /usr/sbin/gpm -m /dev/input/mice -t exps2 (root,116912,980,0.0) crond (root,21104,408,0.0) /usr/sbin/atd (uucp,165500,1108,0.0) /usr/sbin/faxq (uucp,66168,752,0.0) /usr/sbin/hfaxd -l 127.0.0.1 -i hylafax (root,3013240,128488,0.1) java -jar /var/lib/watchdog/watchdog.jar (root,108352,1188,0.0) /bin/bash /usr/sbin/adminshell.sh (root,4060,460,0.0) /sbin/mingetty /dev/tty2 (root,114552,760,0.0) dialog --msgbox ?You may now access the web-based interface by browsing to http://194.36.62.27 10 50 (root,4060,460,0.0) /sbin/mingetty /dev/tty3 (root,4060,460,0.0) /sbin/mingetty /dev/tty4 (root,4060,460,0.0) /sbin/mingetty /dev/tty5 (root,4060,460,0.0) /sbin/mingetty /dev/tty6 (postfix,81116,3428,0.0) pickup -l -t fifo -u (postfix,81120,3484,0.0) showq -t unix -u (root,92544,2864,0.0) sudo /var/lib/tomcat6/webapps/localhost/starface/WEB-INF/system-scripts/check_mk_agent.sh (root,9240,1172,0.0) /bin/bash /var/lib/tomcat6/webapps/localhost/starface/WEB-INF/system-scripts/check_mk_agent.sh (root,13368,984,0.0) ps ax -o user,vsz,rss,pcpu,command --columns 10000 (root,8388,788,0.0) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4) / (uucp,18164,1160,0.0) /usr/sbin/iaxmodem ttyIAX10 (uucp,68672,2140,0.0) /usr/sbin/faxgetty ttyIAX10 (uucp,18172,1176,0.0) /usr/sbin/iaxmodem ttyIAX8 (uucp,68672,2144,0.0) /usr/sbin/faxgetty ttyIAX8 (uucp,18168,1168,0.0) /usr/sbin/iaxmodem ttyIAX9 (uucp,68672,2140,0.0) /usr/sbin/faxgetty ttyIAX9 (uucp,18168,1168,0.0) /usr/sbin/iaxmodem ttyIAX4 (uucp,68672,2140,0.0) /usr/sbin/faxgetty ttyIAX4 (uucp,18168,1164,0.0) /usr/sbin/iaxmodem ttyIAX5 (uucp,68672,2144,0.0) /usr/sbin/faxgetty ttyIAX5 (uucp,18172,1168,0.0) /usr/sbin/iaxmodem ttyIAX6 (uucp,68672,2144,0.0) /usr/sbin/faxgetty ttyIAX6 (uucp,18168,1172,0.0) /usr/sbin/iaxmodem ttyIAX7 (uucp,68672,2140,0.0) /usr/sbin/faxgetty ttyIAX7 (uucp,18168,1176,0.0) /usr/sbin/iaxmodem ttyIAX1 (uucp,68672,2140,0.0) /usr/sbin/faxgetty ttyIAX1 (uucp,18168,1164,0.0) /usr/sbin/iaxmodem ttyIAX2 (uucp,68672,2144,0.0) /usr/sbin/faxgetty ttyIAX2 (uucp,18164,1168,0.0) /usr/sbin/iaxmodem ttyIAX3 (uucp,68672,2144,0.0) /usr/sbin/faxgetty ttyIAX3 (postgres,294552,10256,0.0) postgres: asterisk asterisk 127.0.0.1(45184) idle (root,4076,512,0.0) /usr/sbin/acpid (root,251640,5088,0.0) /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 (postgres,301660,81700,0.0) postgres: asterisk asterisk 127.0.0.1(35904) idle (postgres,288276,4508,0.0) /usr/bin/postmaster -p 5432 -D /var/lib/pgsql/data (root,10640,224,0.0) /sbin/udevd -d (root,10640,224,0.0) /sbin/udevd -d (postgres,179184,696,0.0) postgres: logger process (postgres,288572,34632,0.0) postgres: writer process (postgres,288420,924,0.0) postgres: wal writer process (postgres,288828,1332,0.0) postgres: autovacuum launcher process (postgres,179628,928,0.0) postgres: stats collector process (asterisk,1388532,59076,0.5) /usr/sbin/asterisk -n (postgres,289656,5136,0.0) postgres: asterisk asterisk ::1(60188) idle (tomcat,3900308,718620,0.3) /usr/lib/jvm/java/bin/java -Djavax.sql.DataSource.Factory=org.apache.commons.dbcp.BasicDataSourceFactory -Xmx1002M -XX:MaxDirectMemorySize=64M -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/home/starface/tomcat-jmv-dump.hprof -Dderby.storage.pageCacheSize=200 -XX:+UseParallelGC -Dorg.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH=true -Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true -Dorg.apache.tomcat.util.http.Parameters.MAX_COUNT=10000 -Djdk.tls.ephemeralDHKeySize=4096 -classpath :/usr/share/tomcat6/bin/bootstrap.jar:/usr/share/tomcat6/bin/tomcat-juli.jar:/usr/share/java/commons-daemon.jar -Dcatalina.base=/usr/share/tomcat6 -Dcatalina.home=/usr/share/tomcat6 -Djava.endorsed.dirs= -Djava.io.tmpdir=/var/cache/tomcat6/temp -Djava.util.logging.config.file=/usr/share/tomcat6/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager org.apache.catalina.startup.Bootstrap start (postgres,289812,5424,0.0) postgres: asterisk asterisk 127.0.0.1(41614) idle (daemon,3061376,319436,0.1) /usr/lib/jvm/java/bin/java -Djdk.tls.ephemeralDHKeySize=4096 -DopenfireHome=/opt/openfire -Dopenfire.lib.dir=/opt/openfire/lib -classpath /opt/openfire/lib/startup.jar -jar /opt/openfire/lib/startup.jar (ntp,30740,1580,0.0) ntpd -u ntp:ntp -p /var/run/ntpd.pid -g (postgres,290588,8136,0.0) postgres: asterisk asterisk 127.0.0.1(37480) idle
Found on 2023-02-17 02:32 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbdd10b2ab078d20ece547164709fb408618dd9537Found public CheckMk agent: Version: 1.2.0p1 AgentOS: linux PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local AgentDirectory: /etc/check_mk Found process list through CheckMk: (root,19496,1700,0.0) /sbin/init (root,0,0,0.0) [kthreadd] (root,0,0,0.0) [migration/0] (root,0,0,0.0) [ksoftirqd/0] (root,0,0,0.0) [stopper/0] (root,0,0,0.0) [watchdog/0] (root,0,0,0.0) [migration/1] (root,0,0,0.0) [stopper/1] (root,0,0,0.0) [ksoftirqd/1] (root,0,0,0.0) [watchdog/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events_long/0] (root,0,0,0.0) [events_long/1] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [cgroup] (root,0,0,0.0) [khelper] (root,0,0,0.0) [netns] (root,0,0,0.0) [async/mgr] (root,0,0,0.0) [pm] (root,0,0,0.0) [sync_supers] (root,0,0,0.0) [bdi-default] (root,0,0,0.0) [kintegrityd/0] (root,0,0,0.0) [kintegrityd/1] (root,0,0,0.0) [kblockd/0] (root,0,0,0.0) [kblockd/1] (root,0,0,0.0) [kacpid] (root,0,0,0.0) [kacpi_notify] (root,0,0,0.0) [kacpi_hotplug] (root,0,0,0.0) [ata_aux] (root,0,0,0.0) [ata_sff/0] (root,0,0,0.0) [ata_sff/1] (root,0,0,0.0) [ksuspend_usbd] (root,0,0,0.0) [khubd] (root,0,0,0.0) [kseriod] (root,0,0,0.0) [md/0] (root,0,0,0.0) [md/1] (root,0,0,0.0) [md_misc/0] (root,0,0,0.0) [md_misc/1] (root,0,0,0.0) [linkwatch] (root,0,0,0.0) [khungtaskd] (root,0,0,0.0) [lru-add-drain/0] (root,0,0,0.0) [lru-add-drain/1] (root,0,0,0.0) [kswapd0] (root,0,0,0.0) [ksmd] (root,0,0,0.0) [khugepaged] (root,0,0,0.0) [aio/0] (root,0,0,0.0) [aio/1] (root,0,0,0.0) [crypto/0] (root,0,0,0.0) [crypto/1] (root,0,0,0.0) [kthrotld/0] (root,0,0,0.0) [kthrotld/1] (root,0,0,0.0) [kpsmoused] (root,0,0,0.0) [usbhid_resumer] (root,0,0,0.0) [deferwq] (root,0,0,0.0) [kdmremove] (root,0,0,0.0) [kstriped] (root,0,0,0.0) [scsi_eh_0] (root,0,0,0.0) [scsi_eh_1] (root,0,0,0.0) [virtio-blk] (root,0,0,0.0) [scsi_eh_2] (root,0,0,0.0) [jbd2/vda1-8] (root,0,0,0.0) [ext4-dio-unwrit] (postgres,294544,10296,0.0) postgres: asterisk asterisk 127.0.0.1(60822) idle (root,10644,340,0.0) /sbin/udevd -d (root,0,0,0.0) [virtio-net] (root,0,0,0.0) [kauditd] (root,0,0,0.0) [flush-252:0] (root,9116,464,0.0) /sbin/dhclient -H 10872 -1 -q -lf /var/lib/dhclient/dhclient-eth0.leases -pf /var/run/dhclient-eth0.pid eth0 (root,29764,696,0.0) auditd (root,18248,524,0.0) irqbalance --pid=/var/run/irqbalance.pid (dbus,21432,648,0.0) dbus-daemon --system (root,81036,2604,0.0) /usr/libexec/postfix/master (postfix,81288,2832,0.0) qmgr -l -t fifo -u (root,6740,296,0.0) /usr/sbin/gpm -m /dev/input/mice -t exps2 (root,116912,980,0.0) crond (root,21104,408,0.0) /usr/sbin/atd (uucp,165500,1112,0.0) /usr/sbin/faxq (uucp,66168,752,0.0) /usr/sbin/hfaxd -l 127.0.0.1 -i hylafax (root,3013012,128972,0.1) java -jar /var/lib/watchdog/watchdog.jar (root,108352,1188,0.0) /bin/bash /usr/sbin/adminshell.sh (root,4060,460,0.0) /sbin/mingetty /dev/tty2 (root,114552,760,0.0) dialog --msgbox ?You may now access the web-based interface by browsing to http://194.36.62.27 10 50 (root,4060,460,0.0) /sbin/mingetty /dev/tty3 (root,4060,460,0.0) /sbin/mingetty /dev/tty4 (root,4060,460,0.0) /sbin/mingetty /dev/tty5 (root,4060,460,0.0) /sbin/mingetty /dev/tty6 (postgres,294432,10308,0.0) postgres: asterisk asterisk 127.0.0.1(49934) idle (uucp,18164,1160,0.0) /usr/sbin/iaxmodem ttyIAX10 (uucp,68672,2148,0.0) /usr/sbin/faxgetty ttyIAX10 (uucp,18172,1176,0.0) /usr/sbin/iaxmodem ttyIAX8 (uucp,68672,2152,0.0) /usr/sbin/faxgetty ttyIAX8 (uucp,18168,1168,0.0) /usr/sbin/iaxmodem ttyIAX9 (uucp,68672,2148,0.0) /usr/sbin/faxgetty ttyIAX9 (uucp,18168,1168,0.0) /usr/sbin/iaxmodem ttyIAX4 (uucp,68672,2148,0.0) /usr/sbin/faxgetty ttyIAX4 (uucp,18168,1164,0.0) /usr/sbin/iaxmodem ttyIAX5 (uucp,68672,2152,0.0) /usr/sbin/faxgetty ttyIAX5 (uucp,18172,1168,0.0) /usr/sbin/iaxmodem ttyIAX6 (uucp,68672,2152,0.0) /usr/sbin/faxgetty ttyIAX6 (uucp,18168,1172,0.0) /usr/sbin/iaxmodem ttyIAX7 (uucp,68672,2148,0.0) /usr/sbin/faxgetty ttyIAX7 (uucp,18168,1176,0.0) /usr/sbin/iaxmodem ttyIAX1 (uucp,68672,2148,0.0) /usr/sbin/faxgetty ttyIAX1 (uucp,18168,1164,0.0) /usr/sbin/iaxmodem ttyIAX2 (uucp,68672,2152,0.0) /usr/sbin/faxgetty ttyIAX2 (uucp,18164,1168,0.0) /usr/sbin/iaxmodem ttyIAX3 (uucp,68672,2152,0.0) /usr/sbin/faxgetty ttyIAX3 (root,4076,512,0.0) /usr/sbin/acpid (root,251640,5056,0.0) /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 (postgres,291156,12132,0.0) postgres: asterisk asterisk 127.0.0.1(37804) idle (postgres,294540,10312,0.0) postgres: asterisk asterisk 127.0.0.1(54252) idle (postgres,290484,10880,0.0) postgres: asterisk asterisk 127.0.0.1(39114) idle (postfix,81116,3428,0.0) pickup -l -t fifo -u (postgres,288276,4508,0.0) /usr/bin/postmaster -p 5432 -D /var/lib/pgsql/data (root,10640,224,0.0) /sbin/udevd -d (root,10640,224,0.0) /sbin/udevd -d (postfix,81120,3480,0.0) showq -t unix -u (postgres,179184,696,0.0) postgres: logger process (postgres,288572,34164,0.0) postgres: writer process (postgres,288420,924,0.0) postgres: wal writer process (postgres,288828,1332,0.0) postgres: autovacuum launcher process (postgres,179628,928,0.0) postgres: stats collector process (asterisk,1386052,58944,0.5) /usr/sbin/asterisk -n (root,92544,2864,0.0) sudo /var/lib/tomcat6/webapps/localhost/starface/WEB-INF/system-scripts/check_mk_agent.sh (root,9240,1172,0.0) /bin/bash /var/lib/tomcat6/webapps/localhost/starface/WEB-INF/system-scripts/check_mk_agent.sh (root,13364,980,0.0) ps ax -o user,vsz,rss,pcpu,command --columns 10000 (root,8388,796,0.0) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4) / (postgres,289656,5136,0.0) postgres: asterisk asterisk ::1(60188) idle (tomcat,3900308,708680,0.3) /usr/lib/jvm/java/bin/java -Djavax.sql.DataSource.Factory=org.apache.commons.dbcp.BasicDataSourceFactory -Xmx1002M -XX:MaxDirectMemorySize=64M -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/home/starface/tomcat-jmv-dump.hprof -Dderby.storage.pageCacheSize=200 -XX:+UseParallelGC -Dorg.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH=true -Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true -Dorg.apache.tomcat.util.http.Parameters.MAX_COUNT=10000 -Djdk.tls.ephemeralDHKeySize=4096 -classpath :/usr/share/tomcat6/bin/bootstrap.jar:/usr/share/tomcat6/bin/tomcat-juli.jar:/usr/share/java/commons-daemon.jar -Dcatalina.base=/usr/share/tomcat6 -Dcatalina.home=/usr/share/tomcat6 -Djava.endorsed.dirs= -Djava.io.tmpdir=/var/cache/tomcat6/temp -Djava.util.logging.config.file=/usr/share/tomcat6/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager org.apache.catalina.startup.Bootstrap start (postgres,289812,5424,0.0) postgres: asterisk asterisk 127.0.0.1(41614) idle (daemon,3061376,317416,0.1) /usr/lib/jvm/java/bin/java -Djdk.tls.ephemeralDHKeySize=4096 -DopenfireHome=/opt/openfire -Dopenfire.lib.dir=/opt/openfire/lib -classpath /opt/openfire/lib/startup.jar -jar /opt/openfire/lib/startup.jar (ntp,30740,1648,0.0) ntpd -u ntp:ntp -p /var/run/ntpd.pid -g
Found on 2023-02-15 19:16 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbdd10b2ab078d20ece547164709fb408645d78d5bFound public CheckMk agent: Version: 1.2.0p1 AgentOS: linux PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local AgentDirectory: /etc/check_mk Found process list through CheckMk: (root,19496,1704,0.0) /sbin/init (root,0,0,0.0) [kthreadd] (root,0,0,0.0) [migration/0] (root,0,0,0.0) [ksoftirqd/0] (root,0,0,0.0) [stopper/0] (root,0,0,0.0) [watchdog/0] (root,0,0,0.0) [migration/1] (root,0,0,0.0) [stopper/1] (root,0,0,0.0) [ksoftirqd/1] (root,0,0,0.0) [watchdog/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events_long/0] (root,0,0,0.0) [events_long/1] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [cgroup] (root,0,0,0.0) [khelper] (root,0,0,0.0) [netns] (root,0,0,0.0) [async/mgr] (root,0,0,0.0) [pm] (root,0,0,0.0) [sync_supers] (root,0,0,0.0) [bdi-default] (root,0,0,0.0) [kintegrityd/0] (root,0,0,0.0) [kintegrityd/1] (root,0,0,0.0) [kblockd/0] (root,0,0,0.0) [kblockd/1] (root,0,0,0.0) [kacpid] (root,0,0,0.0) [kacpi_notify] (root,0,0,0.0) [kacpi_hotplug] (root,0,0,0.0) [ata_aux] (root,0,0,0.0) [ata_sff/0] (root,0,0,0.0) [ata_sff/1] (root,0,0,0.0) [ksuspend_usbd] (root,0,0,0.0) [khubd] (root,0,0,0.0) [kseriod] (root,0,0,0.0) [md/0] (root,0,0,0.0) [md/1] (root,0,0,0.0) [md_misc/0] (root,0,0,0.0) [md_misc/1] (root,0,0,0.0) [linkwatch] (root,0,0,0.0) [khungtaskd] (root,0,0,0.0) [lru-add-drain/0] (root,0,0,0.0) [lru-add-drain/1] (root,0,0,0.0) [kswapd0] (root,0,0,0.0) [ksmd] (root,0,0,0.0) [khugepaged] (root,0,0,0.0) [aio/0] (root,0,0,0.0) [aio/1] (root,0,0,0.0) [crypto/0] (root,0,0,0.0) [crypto/1] (root,0,0,0.0) [kthrotld/0] (root,0,0,0.0) [kthrotld/1] (root,0,0,0.0) [kpsmoused] (root,0,0,0.0) [usbhid_resumer] (root,0,0,0.0) [deferwq] (root,0,0,0.0) [kdmremove] (root,0,0,0.0) [kstriped] (root,0,0,0.0) [scsi_eh_0] (root,0,0,0.0) [scsi_eh_1] (root,0,0,0.0) [virtio-blk] (root,0,0,0.0) [scsi_eh_2] (root,0,0,0.0) [jbd2/vda1-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,10644,340,0.0) /sbin/udevd -d (root,0,0,0.0) [virtio-net] (root,0,0,0.0) [kauditd] (postgres,299156,72236,0.0) postgres: asterisk asterisk 127.0.0.1(59738) idle (root,0,0,0.0) [flush-252:0] (root,9116,224,0.0) /sbin/dhclient -H 10872 -1 -q -lf /var/lib/dhclient/dhclient-eth0.leases -pf /var/run/dhclient-eth0.pid eth0 (root,29764,696,0.0) auditd (root,18248,524,0.0) irqbalance --pid=/var/run/irqbalance.pid (dbus,21432,648,0.0) dbus-daemon --system (root,81036,2604,0.0) /usr/libexec/postfix/master (postfix,81288,2832,0.0) qmgr -l -t fifo -u (root,6740,296,0.0) /usr/sbin/gpm -m /dev/input/mice -t exps2 (root,116912,980,0.0) crond (root,21104,408,0.0) /usr/sbin/atd (uucp,165500,1164,0.0) /usr/sbin/faxq (uucp,66168,752,0.0) /usr/sbin/hfaxd -l 127.0.0.1 -i hylafax (root,3013012,128372,0.1) java -jar /var/lib/watchdog/watchdog.jar (root,108352,1188,0.0) /bin/bash /usr/sbin/adminshell.sh (root,4060,460,0.0) /sbin/mingetty /dev/tty2 (root,114552,760,0.0) dialog --msgbox ?You may now access the web-based interface by browsing to http://194.36.62.27 10 50 (root,4060,460,0.0) /sbin/mingetty /dev/tty3 (root,4060,460,0.0) /sbin/mingetty /dev/tty4 (root,4060,460,0.0) /sbin/mingetty /dev/tty5 (root,4060,460,0.0) /sbin/mingetty /dev/tty6 (postgres,290044,5840,0.0) postgres: asterisk asterisk 127.0.0.1(48368) idle (uucp,18172,1168,0.0) /usr/sbin/iaxmodem ttyIAX10 (uucp,68672,2148,0.0) /usr/sbin/faxgetty ttyIAX10 (uucp,18168,1172,0.0) /usr/sbin/iaxmodem ttyIAX8 (uucp,68672,2152,0.0) /usr/sbin/faxgetty ttyIAX8 (uucp,18168,1172,0.0) /usr/sbin/iaxmodem ttyIAX9 (uucp,68672,2152,0.0) /usr/sbin/faxgetty ttyIAX9 (uucp,18164,1160,0.0) /usr/sbin/iaxmodem ttyIAX4 (uucp,68672,2156,0.0) /usr/sbin/faxgetty ttyIAX4 (uucp,18172,1164,0.0) /usr/sbin/iaxmodem ttyIAX5 (uucp,68672,2152,0.0) /usr/sbin/faxgetty ttyIAX5 (uucp,18164,1160,0.0) /usr/sbin/iaxmodem ttyIAX6 (uucp,68672,2152,0.0) /usr/sbin/faxgetty ttyIAX6 (uucp,18172,1176,0.0) /usr/sbin/iaxmodem ttyIAX7 (uucp,68672,2152,0.0) /usr/sbin/faxgetty ttyIAX7 (uucp,18168,1164,0.0) /usr/sbin/iaxmodem ttyIAX1 (uucp,68672,2152,0.0) /usr/sbin/faxgetty ttyIAX1 (uucp,18164,1164,0.0) /usr/sbin/iaxmodem ttyIAX2 (uucp,68672,2152,0.0) /usr/sbin/faxgetty ttyIAX2 (uucp,18164,1168,0.0) /usr/sbin/iaxmodem ttyIAX3 (uucp,68672,2152,0.0) /usr/sbin/faxgetty ttyIAX3 (postgres,290044,5776,0.0) postgres: asterisk asterisk 127.0.0.1(50282) idle (postgres,290596,8224,0.0) postgres: asterisk asterisk 127.0.0.1(50314) idle (postfix,81116,3432,0.0) pickup -l -t fifo -u (root,4076,512,0.0) /usr/sbin/acpid (root,251640,4296,0.0) /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 (root,16948,656,0.0) /usr/sbin/anacron -s (postfix,81120,3480,0.0) showq -t unix -u (root,92544,2864,0.0) sudo /var/lib/tomcat6/webapps/localhost/starface/WEB-INF/system-scripts/check_mk_agent.sh (root,9240,1172,0.0) /bin/bash /var/lib/tomcat6/webapps/localhost/starface/WEB-INF/system-scripts/check_mk_agent.sh (root,13364,980,0.0) ps ax -o user,vsz,rss,pcpu,command --columns 10000 (root,8388,792,0.0) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4) / (postgres,288276,6608,0.0) /usr/bin/postmaster -p 5432 -D /var/lib/pgsql/data (root,10640,228,0.0) /sbin/udevd -d (root,10640,224,0.0) /sbin/udevd -d (postgres,179184,692,0.0) postgres: logger process (postgres,288572,30524,0.0) postgres: writer process (postgres,288420,924,0.0) postgres: wal writer process (postgres,288828,1300,0.0) postgres: autovacuum launcher process (postgres,179628,928,0.0) postgres: stats collector process (asterisk,1385556,56636,0.5) /usr/sbin/asterisk -n (postgres,289656,5152,0.0) postgres: asterisk asterisk ::1(60188) idle (postgres,294212,9664,0.0) postgres: asterisk asterisk 127.0.0.1(57802) idle (tomcat,3895176,720708,0.3) /usr/lib/jvm/java/bin/java -Djavax.sql.DataSource.Factory=org.apache.commons.dbcp.BasicDataSourceFactory -Xmx1002M -XX:MaxDirectMemorySize=64M -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/home/starface/tomcat-jmv-dump.hprof -Dderby.storage.pageCacheSize=200 -XX:+UseParallelGC -Dorg.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH=true -Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true -Dorg.apache.tomcat.util.http.Parameters.MAX_COUNT=10000 -Djdk.tls.ephemeralDHKeySize=4096 -classpath :/usr/share/tomcat6/bin/bootstrap.jar:/usr/share/tomcat6/bin/tomcat-juli.jar:/usr/share/java/commons-daemon.jar -Dcatalina.base=/usr/share/tomcat6 -Dcatalina.home=/usr/share/tomcat6 -Djava.endorsed.dirs= -Djava.io.tmpdir=/var/cache/tomcat6/temp -Djava.util.logging.config.file=/usr/share/tomcat6/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager org.apache.catalina.startup.Bootstrap start (postgres,289812,5612,0.0) postgres: asterisk asterisk 127.0.0.1(41614) idle (daemon,3058300,293336,0.1) /usr/lib/jvm/java/bin/java -Djdk.tls.ephemeralDHKeySize=4096 -DopenfireHome=/opt/openfire -Dopenfire.lib.dir=/opt/openfire/lib -classpath /opt/openfire/lib/startup.jar -jar /opt/openfire/lib/startup.jar (ntp,30740,2076,0.0) ntpd -u ntp:ntp -p /var/run/ntpd.pid -g
Found on 2023-02-04 02:21 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbdd10b2ab078d20ece547164709fb4086febdcfe1Found public CheckMk agent: Version: 1.2.0p1 AgentOS: linux PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local AgentDirectory: /etc/check_mk Found process list through CheckMk: (root,19496,1704,0.0) /sbin/init (root,0,0,0.0) [kthreadd] (root,0,0,0.0) [migration/0] (root,0,0,0.0) [ksoftirqd/0] (root,0,0,0.0) [stopper/0] (root,0,0,0.0) [watchdog/0] (root,0,0,0.0) [migration/1] (root,0,0,0.0) [stopper/1] (root,0,0,0.0) [ksoftirqd/1] (root,0,0,0.0) [watchdog/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events_long/0] (root,0,0,0.0) [events_long/1] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [cgroup] (root,0,0,0.0) [khelper] (root,0,0,0.0) [netns] (root,0,0,0.0) [async/mgr] (root,0,0,0.0) [pm] (root,0,0,0.0) [sync_supers] (root,0,0,0.0) [bdi-default] (root,0,0,0.0) [kintegrityd/0] (root,0,0,0.0) [kintegrityd/1] (root,0,0,0.0) [kblockd/0] (root,0,0,0.0) [kblockd/1] (root,0,0,0.0) [kacpid] (root,0,0,0.0) [kacpi_notify] (root,0,0,0.0) [kacpi_hotplug] (root,0,0,0.0) [ata_aux] (root,0,0,0.0) [ata_sff/0] (root,0,0,0.0) [ata_sff/1] (root,0,0,0.0) [ksuspend_usbd] (root,0,0,0.0) [khubd] (root,0,0,0.0) [kseriod] (root,0,0,0.0) [md/0] (root,0,0,0.0) [md/1] (root,0,0,0.0) [md_misc/0] (root,0,0,0.0) [md_misc/1] (root,0,0,0.0) [linkwatch] (root,0,0,0.0) [khungtaskd] (root,0,0,0.0) [lru-add-drain/0] (root,0,0,0.0) [lru-add-drain/1] (root,0,0,0.0) [kswapd0] (root,0,0,0.0) [ksmd] (root,0,0,0.0) [khugepaged] (root,0,0,0.0) [aio/0] (root,0,0,0.0) [aio/1] (root,0,0,0.0) [crypto/0] (root,0,0,0.0) [crypto/1] (root,0,0,0.0) [kthrotld/0] (root,0,0,0.0) [kthrotld/1] (root,0,0,0.0) [kpsmoused] (root,0,0,0.0) [usbhid_resumer] (root,0,0,0.0) [deferwq] (root,0,0,0.0) [kdmremove] (root,0,0,0.0) [kstriped] (root,0,0,0.0) [scsi_eh_0] (root,0,0,0.0) [scsi_eh_1] (root,0,0,0.0) [virtio-blk] (root,0,0,0.0) [scsi_eh_2] (root,0,0,0.0) [jbd2/vda1-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,10644,340,0.0) /sbin/udevd -d (root,0,0,0.0) [virtio-net] (root,0,0,0.0) [kauditd] (root,0,0,0.0) [flush-252:0] (root,9116,240,0.0) /sbin/dhclient -H 10872 -1 -q -lf /var/lib/dhclient/dhclient-eth0.leases -pf /var/run/dhclient-eth0.pid eth0 (root,29764,696,0.0) auditd (root,18248,524,0.0) irqbalance --pid=/var/run/irqbalance.pid (dbus,21432,648,0.0) dbus-daemon --system (root,81036,2604,0.0) /usr/libexec/postfix/master (postfix,81288,2828,0.0) qmgr -l -t fifo -u (root,6740,296,0.0) /usr/sbin/gpm -m /dev/input/mice -t exps2 (root,116912,980,0.0) crond (root,21104,408,0.0) /usr/sbin/atd (uucp,165500,1164,0.0) /usr/sbin/faxq (uucp,66168,748,0.0) /usr/sbin/hfaxd -l 127.0.0.1 -i hylafax (root,3013012,128676,0.1) java -jar /var/lib/watchdog/watchdog.jar (root,108352,1188,0.0) /bin/bash /usr/sbin/adminshell.sh (root,4060,460,0.0) /sbin/mingetty /dev/tty2 (root,114552,760,0.0) dialog --msgbox ?You may now access the web-based interface by browsing to http://194.36.62.27 10 50 (root,4060,460,0.0) /sbin/mingetty /dev/tty3 (root,4060,460,0.0) /sbin/mingetty /dev/tty4 (root,4060,460,0.0) /sbin/mingetty /dev/tty5 (root,4060,460,0.0) /sbin/mingetty /dev/tty6 (uucp,18168,1168,0.0) /usr/sbin/iaxmodem ttyIAX10 (uucp,68672,2152,0.0) /usr/sbin/faxgetty ttyIAX10 (uucp,18168,1164,0.0) /usr/sbin/iaxmodem ttyIAX8 (uucp,68672,2152,0.0) /usr/sbin/faxgetty ttyIAX8 (uucp,18168,1168,0.0) /usr/sbin/iaxmodem ttyIAX9 (uucp,68672,2148,0.0) /usr/sbin/faxgetty ttyIAX9 (uucp,18168,1168,0.0) /usr/sbin/iaxmodem ttyIAX4 (uucp,68672,2152,0.0) /usr/sbin/faxgetty ttyIAX4 (uucp,18168,1168,0.0) /usr/sbin/iaxmodem ttyIAX5 (uucp,68672,2148,0.0) /usr/sbin/faxgetty ttyIAX5 (uucp,18168,1168,0.0) /usr/sbin/iaxmodem ttyIAX6 (uucp,68672,2148,0.0) /usr/sbin/faxgetty ttyIAX6 (uucp,18168,1164,0.0) /usr/sbin/iaxmodem ttyIAX7 (uucp,68672,2148,0.0) /usr/sbin/faxgetty ttyIAX7 (uucp,18172,1172,0.0) /usr/sbin/iaxmodem ttyIAX1 (uucp,68672,2148,0.0) /usr/sbin/faxgetty ttyIAX1 (uucp,18168,1164,0.0) /usr/sbin/iaxmodem ttyIAX2 (uucp,68672,2148,0.0) /usr/sbin/faxgetty ttyIAX2 (uucp,18168,1168,0.0) /usr/sbin/iaxmodem ttyIAX3 (uucp,68672,2152,0.0) /usr/sbin/faxgetty ttyIAX3 (postgres,294552,10176,0.0) postgres: asterisk asterisk 127.0.0.1(35894) idle (postfix,81116,3428,0.0) pickup -l -t fifo -u (postfix,81120,3480,0.0) showq -t unix -u (root,92544,2864,0.0) sudo /var/lib/tomcat6/webapps/localhost/starface/WEB-INF/system-scripts/check_mk_agent.sh (root,9240,1168,0.0) /bin/bash /var/lib/tomcat6/webapps/localhost/starface/WEB-INF/system-scripts/check_mk_agent.sh (root,13364,980,0.0) ps ax -o user,vsz,rss,pcpu,command --columns 10000 (root,8388,792,0.0) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4) / (postgres,294656,10088,0.0) postgres: asterisk asterisk 127.0.0.1(37772) idle (postgres,294544,10104,0.0) postgres: asterisk asterisk 127.0.0.1(41752) idle (root,4076,512,0.0) /usr/sbin/acpid (root,251640,4092,0.0) /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 (postgres,292296,14184,0.0) postgres: asterisk asterisk 127.0.0.1(43786) idle (postgres,291140,12692,0.0) postgres: asterisk asterisk 127.0.0.1(43788) idle (postgres,288276,6608,0.0) /usr/bin/postmaster -p 5432 -D /var/lib/pgsql/data (root,10640,228,0.0) /sbin/udevd -d (root,10640,224,0.0) /sbin/udevd -d (postgres,179184,692,0.0) postgres: logger process (postgres,288572,29956,0.0) postgres: writer process (postgres,288420,924,0.0) postgres: wal writer process (postgres,288828,1300,0.0) postgres: autovacuum launcher process (postgres,179628,928,0.0) postgres: stats collector process (asterisk,1385556,56020,0.5) /usr/sbin/asterisk -n (postgres,289656,5148,0.0) postgres: asterisk asterisk ::1(60188) idle (tomcat,3895176,700772,0.3) /usr/lib/jvm/java/bin/java -Djavax.sql.DataSource.Factory=org.apache.commons.dbcp.BasicDataSourceFactory -Xmx1002M -XX:MaxDirectMemorySize=64M -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/home/starface/tomcat-jmv-dump.hprof -Dderby.storage.pageCacheSize=200 -XX:+UseParallelGC -Dorg.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH=true -Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true -Dorg.apache.tomcat.util.http.Parameters.MAX_COUNT=10000 -Djdk.tls.ephemeralDHKeySize=4096 -classpath :/usr/share/tomcat6/bin/bootstrap.jar:/usr/share/tomcat6/bin/tomcat-juli.jar:/usr/share/java/commons-daemon.jar -Dcatalina.base=/usr/share/tomcat6 -Dcatalina.home=/usr/share/tomcat6 -Djava.endorsed.dirs= -Djava.io.tmpdir=/var/cache/tomcat6/temp -Djava.util.logging.config.file=/usr/share/tomcat6/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager org.apache.catalina.startup.Bootstrap start (postgres,289812,6016,0.0) postgres: asterisk asterisk 127.0.0.1(41614) idle (daemon,3058300,270620,0.1) /usr/lib/jvm/java/bin/java -Djdk.tls.ephemeralDHKeySize=4096 -DopenfireHome=/opt/openfire -Dopenfire.lib.dir=/opt/openfire/lib -classpath /opt/openfire/lib/startup.jar -jar /opt/openfire/lib/startup.jar (ntp,30740,2076,0.0) ntpd -u ntp:ntp -p /var/run/ntpd.pid -g
Found on 2023-02-02 17:45 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbdd10b2ab078d20ece547164709fb4086834324a4Found public CheckMk agent: Version: 1.2.0p1 AgentOS: linux PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local AgentDirectory: /etc/check_mk Found process list through CheckMk: (root,19496,1704,0.0) /sbin/init (root,0,0,0.0) [kthreadd] (root,0,0,0.0) [migration/0] (root,0,0,0.0) [ksoftirqd/0] (root,0,0,0.0) [stopper/0] (root,0,0,0.0) [watchdog/0] (root,0,0,0.0) [migration/1] (root,0,0,0.0) [stopper/1] (root,0,0,0.0) [ksoftirqd/1] (root,0,0,0.0) [watchdog/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events_long/0] (root,0,0,0.0) [events_long/1] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [cgroup] (root,0,0,0.0) [khelper] (root,0,0,0.0) [netns] (root,0,0,0.0) [async/mgr] (root,0,0,0.0) [pm] (root,0,0,0.0) [sync_supers] (root,0,0,0.0) [bdi-default] (root,0,0,0.0) [kintegrityd/0] (root,0,0,0.0) [kintegrityd/1] (root,0,0,0.0) [kblockd/0] (root,0,0,0.0) [kblockd/1] (root,0,0,0.0) [kacpid] (root,0,0,0.0) [kacpi_notify] (root,0,0,0.0) [kacpi_hotplug] (root,0,0,0.0) [ata_aux] (root,0,0,0.0) [ata_sff/0] (root,0,0,0.0) [ata_sff/1] (root,0,0,0.0) [ksuspend_usbd] (root,0,0,0.0) [khubd] (root,0,0,0.0) [kseriod] (root,0,0,0.0) [md/0] (root,0,0,0.0) [md/1] (root,0,0,0.0) [md_misc/0] (root,0,0,0.0) [md_misc/1] (root,0,0,0.0) [linkwatch] (root,0,0,0.0) [khungtaskd] (root,0,0,0.0) [lru-add-drain/0] (root,0,0,0.0) [lru-add-drain/1] (root,0,0,0.0) [kswapd0] (root,0,0,0.0) [ksmd] (root,0,0,0.0) [khugepaged] (root,0,0,0.0) [aio/0] (root,0,0,0.0) [aio/1] (root,0,0,0.0) [crypto/0] (root,0,0,0.0) [crypto/1] (root,0,0,0.0) [kthrotld/0] (root,0,0,0.0) [kthrotld/1] (root,0,0,0.0) [kpsmoused] (root,0,0,0.0) [usbhid_resumer] (root,0,0,0.0) [deferwq] (root,0,0,0.0) [kdmremove] (root,0,0,0.0) [kstriped] (root,0,0,0.0) [scsi_eh_0] (root,0,0,0.0) [scsi_eh_1] (root,0,0,0.0) [virtio-blk] (root,0,0,0.0) [scsi_eh_2] (root,0,0,0.0) [jbd2/vda1-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,10644,416,0.0) /sbin/udevd -d (root,0,0,0.0) [virtio-net] (root,0,0,0.0) [kauditd] (root,0,0,0.0) [flush-252:0] (root,9116,224,0.0) /sbin/dhclient -H 10872 -1 -q -lf /var/lib/dhclient/dhclient-eth0.leases -pf /var/run/dhclient-eth0.pid eth0 (root,29764,696,0.0) auditd (root,18248,512,0.0) irqbalance --pid=/var/run/irqbalance.pid (dbus,21432,648,0.0) dbus-daemon --system (root,81036,2604,0.0) /usr/libexec/postfix/master (postfix,81288,2812,0.0) qmgr -l -t fifo -u (root,6740,296,0.0) /usr/sbin/gpm -m /dev/input/mice -t exps2 (root,116912,980,0.0) crond (root,21104,408,0.0) /usr/sbin/atd (uucp,165500,1164,0.0) /usr/sbin/faxq (uucp,66168,748,0.0) /usr/sbin/hfaxd -l 127.0.0.1 -i hylafax (root,3013012,130280,0.1) java -jar /var/lib/watchdog/watchdog.jar (root,108352,1188,0.0) /bin/bash /usr/sbin/adminshell.sh (root,4060,460,0.0) /sbin/mingetty /dev/tty2 (root,114552,760,0.0) dialog --msgbox ?You may now access the web-based interface by browsing to http://194.36.62.27 10 50 (root,4060,460,0.0) /sbin/mingetty /dev/tty3 (root,4060,460,0.0) /sbin/mingetty /dev/tty4 (root,4060,460,0.0) /sbin/mingetty /dev/tty5 (root,4060,460,0.0) /sbin/mingetty /dev/tty6 (postgres,294036,10088,0.0) postgres: asterisk asterisk 127.0.0.1(50044) idle (postgres,291476,12568,0.0) postgres: asterisk asterisk 127.0.0.1(36626) idle (uucp,18172,1200,0.0) /usr/sbin/iaxmodem ttyIAX10 (uucp,68752,2160,0.0) /usr/sbin/faxgetty ttyIAX10 (uucp,18168,1172,0.0) /usr/sbin/iaxmodem ttyIAX8 (uucp,68672,2152,0.0) /usr/sbin/faxgetty ttyIAX8 (uucp,18168,1168,0.0) /usr/sbin/iaxmodem ttyIAX9 (uucp,68672,2152,0.0) /usr/sbin/faxgetty ttyIAX9 (uucp,18172,1168,0.0) /usr/sbin/iaxmodem ttyIAX4 (uucp,68672,2152,0.0) /usr/sbin/faxgetty ttyIAX4 (uucp,18172,1176,0.0) /usr/sbin/iaxmodem ttyIAX5 (uucp,68672,2152,0.0) /usr/sbin/faxgetty ttyIAX5 (uucp,18168,1172,0.0) /usr/sbin/iaxmodem ttyIAX6 (uucp,68672,2152,0.0) /usr/sbin/faxgetty ttyIAX6 (uucp,18172,1176,0.0) /usr/sbin/iaxmodem ttyIAX7 (uucp,68672,2156,0.0) /usr/sbin/faxgetty ttyIAX7 (uucp,18168,1164,0.0) /usr/sbin/iaxmodem ttyIAX1 (uucp,68672,2148,0.0) /usr/sbin/faxgetty ttyIAX1 (uucp,18168,1172,0.0) /usr/sbin/iaxmodem ttyIAX2 (uucp,68672,2152,0.0) /usr/sbin/faxgetty ttyIAX2 (uucp,18164,1168,0.0) /usr/sbin/iaxmodem ttyIAX3 (uucp,68672,2148,0.0) /usr/sbin/faxgetty ttyIAX3 (postgres,294680,10348,0.0) postgres: asterisk asterisk 127.0.0.1(56140) idle (postfix,81116,3428,0.0) pickup -l -t fifo -u (root,4076,512,0.0) /usr/sbin/acpid (root,251640,3792,0.0) /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 (postfix,81120,3484,0.0) showq -t unix -u (postfix,81324,3664,0.0) smtp -t unix -u (root,92544,2860,0.0) sudo /var/lib/tomcat6/webapps/localhost/starface/WEB-INF/system-scripts/check_mk_agent.sh (root,9240,1168,0.0) /bin/bash /var/lib/tomcat6/webapps/localhost/starface/WEB-INF/system-scripts/check_mk_agent.sh (root,13364,980,0.0) ps ax -o user,vsz,rss,pcpu,command --columns 10000 (root,8388,796,0.0) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4) / (postgres,288276,6612,0.0) /usr/bin/postmaster -p 5432 -D /var/lib/pgsql/data (root,10640,296,0.0) /sbin/udevd -d (root,10640,292,0.0) /sbin/udevd -d (postgres,179184,692,0.0) postgres: logger process (postgres,288572,29256,0.0) postgres: writer process (postgres,288420,928,0.0) postgres: wal writer process (postgres,288828,1300,0.0) postgres: autovacuum launcher process (postgres,179628,928,0.0) postgres: stats collector process (asterisk,1386052,50832,0.5) /usr/sbin/asterisk -n (postgres,289656,5120,0.0) postgres: asterisk asterisk ::1(60188) idle (tomcat,3875792,699752,0.3) /usr/lib/jvm/java/bin/java -Djavax.sql.DataSource.Factory=org.apache.commons.dbcp.BasicDataSourceFactory -Xmx1002M -XX:MaxDirectMemorySize=64M -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/home/starface/tomcat-jmv-dump.hprof -Dderby.storage.pageCacheSize=200 -XX:+UseParallelGC -Dorg.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH=true -Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true -Dorg.apache.tomcat.util.http.Parameters.MAX_COUNT=10000 -Djdk.tls.ephemeralDHKeySize=4096 -classpath :/usr/share/tomcat6/bin/bootstrap.jar:/usr/share/tomcat6/bin/tomcat-juli.jar:/usr/share/java/commons-daemon.jar -Dcatalina.base=/usr/share/tomcat6 -Dcatalina.home=/usr/share/tomcat6 -Djava.endorsed.dirs= -Djava.io.tmpdir=/var/cache/tomcat6/temp -Djava.util.logging.config.file=/usr/share/tomcat6/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager org.apache.catalina.startup.Bootstrap start (postgres,289812,5992,0.0) postgres: asterisk asterisk 127.0.0.1(41614) idle (daemon,3058300,216216,0.1) /usr/lib/jvm/java/bin/java -Djdk.tls.ephemeralDHKeySize=4096 -DopenfireHome=/opt/openfire -Dopenfire.lib.dir=/opt/openfire/lib -classpath /opt/openfire/lib/startup.jar -jar /opt/openfire/lib/startup.jar (ntp,30740,2132,0.0) ntpd -u ntp:ntp -p /var/run/ntpd.pid -g (postgres,295964,15128,0.0) postgres: asterisk asterisk 127.0.0.1(33302) idle
Found on 2023-01-31 17:07 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbdd10b2ab078d20ece547164709fb4086caa075b2Found public CheckMk agent: Version: 1.2.0p1 AgentOS: linux PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local AgentDirectory: /etc/check_mk Found process list through CheckMk: (root,19496,1512,0.0) /sbin/init (root,0,0,0.0) [kthreadd] (root,0,0,0.0) [migration/0] (root,0,0,0.0) [ksoftirqd/0] (root,0,0,0.0) [stopper/0] (root,0,0,0.0) [watchdog/0] (root,0,0,0.0) [migration/1] (root,0,0,0.0) [stopper/1] (root,0,0,0.0) [ksoftirqd/1] (root,0,0,0.0) [watchdog/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events_long/0] (root,0,0,0.0) [events_long/1] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [cgroup] (root,0,0,0.0) [khelper] (root,0,0,0.0) [netns] (root,0,0,0.0) [async/mgr] (root,0,0,0.0) [pm] (root,0,0,0.0) [sync_supers] (root,0,0,0.0) [bdi-default] (root,0,0,0.0) [kintegrityd/0] (root,0,0,0.0) [kintegrityd/1] (root,0,0,0.0) [kblockd/0] (root,0,0,0.0) [kblockd/1] (root,0,0,0.0) [kacpid] (root,0,0,0.0) [kacpi_notify] (root,0,0,0.0) [kacpi_hotplug] (root,0,0,0.0) [ata_aux] (root,0,0,0.0) [ata_sff/0] (root,0,0,0.0) [ata_sff/1] (root,0,0,0.0) [ksuspend_usbd] (root,0,0,0.0) [khubd] (root,0,0,0.0) [kseriod] (root,0,0,0.0) [md/0] (root,0,0,0.0) [md/1] (root,0,0,0.0) [md_misc/0] (root,0,0,0.0) [md_misc/1] (root,0,0,0.0) [linkwatch] (root,0,0,0.0) [khungtaskd] (root,0,0,0.0) [lru-add-drain/0] (root,0,0,0.0) [lru-add-drain/1] (root,0,0,0.0) [kswapd0] (root,0,0,0.0) [ksmd] (root,0,0,0.0) [khugepaged] (root,0,0,0.0) [aio/0] (root,0,0,0.0) [aio/1] (root,0,0,0.0) [crypto/0] (root,0,0,0.0) [crypto/1] (root,0,0,0.0) [kthrotld/0] (root,0,0,0.0) [kthrotld/1] (root,0,0,0.0) [kpsmoused] (root,0,0,0.0) [usbhid_resumer] (root,0,0,0.0) [deferwq] (root,0,0,0.0) [kdmremove] (root,0,0,0.0) [kstriped] (root,0,0,0.0) [scsi_eh_0] (root,0,0,0.0) [scsi_eh_1] (root,0,0,0.0) [virtio-blk] (root,0,0,0.0) [scsi_eh_2] (root,0,0,0.0) [jbd2/vda1-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,10780,276,0.0) /sbin/udevd -d (root,0,0,0.0) [virtio-net] (root,0,0,0.0) [kauditd] (root,0,0,0.0) [flush-252:0] (root,9116,660,0.0) /sbin/dhclient -H 10872 -1 -q -lf /var/lib/dhclient/dhclient-eth0.leases -pf /var/run/dhclient-eth0.pid eth0 (root,29764,684,0.0) auditd (root,252024,5584,0.0) /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 (root,18248,524,0.0) irqbalance --pid=/var/run/irqbalance.pid (root,10792,240,0.0) /sbin/udevd -d (dbus,21432,620,0.0) dbus-daemon --system (root,4076,472,0.0) /usr/sbin/acpid (postgres,288172,3332,0.0) /usr/bin/postmaster -p 5432 -D /var/lib/pgsql/data (postgres,179192,720,0.0) postgres: logger process (postgres,288456,64168,0.0) postgres: writer process (postgres,288316,960,0.0) postgres: wal writer process (postgres,288728,1340,0.0) postgres: autovacuum launcher process (postgres,179520,992,0.0) postgres: stats collector process (root,81036,1256,0.0) /usr/libexec/postfix/master (postfix,81288,1500,0.0) qmgr -l -t fifo -u (root,6732,400,0.0) /usr/sbin/gpm -m /dev/input/mice -t exps2 (root,116880,684,0.0) crond (root,21104,392,0.0) /usr/sbin/atd (uucp,165492,1168,0.0) /usr/sbin/faxq (uucp,66160,672,0.0) /usr/sbin/hfaxd -l 127.0.0.1 -i hylafax (postgres,291932,11172,0.0) postgres: asterisk asterisk 127.0.0.1(46960) idle (root,3014264,120220,0.1) java -jar /var/lib/watchdog/watchdog.jar (root,108316,612,0.0) /bin/bash /usr/sbin/adminshell.sh (root,114552,596,0.0) dialog --msgbox ?You may now access the web-based interface by browsing to http://194.36.62.27 10 50 (root,4060,432,0.0) /sbin/mingetty /dev/tty2 (root,4060,432,0.0) /sbin/mingetty /dev/tty3 (root,10776,224,0.0) /sbin/udevd -d (root,4060,432,0.0) /sbin/mingetty /dev/tty4 (root,4060,432,0.0) /sbin/mingetty /dev/tty5 (root,4060,432,0.0) /sbin/mingetty /dev/tty6 (postgres,294560,10732,0.0) postgres: asterisk asterisk 127.0.0.1(50424) idle (asterisk,1388336,63556,0.5) /usr/sbin/asterisk -n (postgres,289572,4644,0.0) postgres: asterisk asterisk ::1(44958) idle (postgres,291376,9696,0.0) postgres: asterisk asterisk 127.0.0.1(51792) idle (postgres,294336,10664,0.0) postgres: asterisk asterisk 127.0.0.1(38862) idle (uucp,18168,1168,0.0) /usr/sbin/iaxmodem ttyIAX10 (uucp,68672,2156,0.0) /usr/sbin/faxgetty ttyIAX10 (uucp,18168,1204,0.0) /usr/sbin/iaxmodem ttyIAX8 (uucp,68752,2384,0.0) /usr/sbin/faxgetty ttyIAX8 (uucp,18172,1180,0.0) /usr/sbin/iaxmodem ttyIAX9 (uucp,68672,2152,0.0) /usr/sbin/faxgetty ttyIAX9 (uucp,18172,1168,0.0) /usr/sbin/iaxmodem ttyIAX4 (uucp,68672,2148,0.0) /usr/sbin/faxgetty ttyIAX4 (uucp,18168,1172,0.0) /usr/sbin/iaxmodem ttyIAX5 (uucp,68672,2156,0.0) /usr/sbin/faxgetty ttyIAX5 (uucp,18168,1180,0.0) /usr/sbin/iaxmodem ttyIAX6 (uucp,68752,2156,0.0) /usr/sbin/faxgetty ttyIAX6 (uucp,18168,1164,0.0) /usr/sbin/iaxmodem ttyIAX7 (uucp,68672,2152,0.0) /usr/sbin/faxgetty ttyIAX7 (uucp,18168,1176,0.0) /usr/sbin/iaxmodem ttyIAX1 (uucp,68672,2152,0.0) /usr/sbin/faxgetty ttyIAX1 (uucp,18168,1192,0.0) /usr/sbin/iaxmodem ttyIAX2 (uucp,68752,2156,0.0) /usr/sbin/faxgetty ttyIAX2 (uucp,18172,1172,0.0) /usr/sbin/iaxmodem ttyIAX3 (uucp,68672,2152,0.0) /usr/sbin/faxgetty ttyIAX3 (tomcat,3932804,973412,0.2) /usr/lib/jvm/java/bin/java -Djavax.sql.DataSource.Factory=org.apache.commons.dbcp.BasicDataSourceFactory -Xmx1002M -XX:MaxDirectMemorySize=64M -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/home/starface/tomcat-jmv-dump.hprof -Dderby.storage.pageCacheSize=200 -XX:+UseParallelGC -Dorg.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH=true -Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true -Dorg.apache.tomcat.util.http.Parameters.MAX_COUNT=10000 -Djdk.tls.ephemeralDHKeySize=4096 -classpath :/usr/share/tomcat6/bin/bootstrap.jar:/usr/share/tomcat6/bin/tomcat-juli.jar:/usr/share/java/commons-daemon.jar -Dcatalina.base=/usr/share/tomcat6 -Dcatalina.home=/usr/share/tomcat6 -Djava.endorsed.dirs= -Djava.io.tmpdir=/var/cache/tomcat6/temp -Djava.util.logging.config.file=/usr/share/tomcat6/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager org.apache.catalina.startup.Bootstrap start (postgres,289720,5684,0.0) postgres: asterisk asterisk 127.0.0.1(38438) idle (daemon,3069876,159044,0.1) /usr/lib/jvm/java/bin/java -Djdk.tls.ephemeralDHKeySize=4096 -DopenfireHome=/opt/openfire -Dopenfire.lib.dir=/opt/openfire/lib -classpath /opt/openfire/lib/startup.jar -jar /opt/openfire/lib/startup.jar (ntp,30740,1580,0.0) ntpd -u ntp:ntp -p /var/run/ntpd.pid -g (postfix,81116,3428,0.0) pickup -l -t fifo -u (postgres,290768,10812,0.0) postgres: asterisk asterisk 127.0.0.1(38520) idle (postgres,290564,9288,0.0) postgres: asterisk asterisk 127.0.0.1(49406) idle (postfix,81120,3476,0.0) showq -t unix -u (root,92544,2868,0.0) sudo /var/lib/tomcat6/webapps/localhost/starface/WEB-INF/system-scripts/check_mk_agent.sh (root,9240,1172,0.0) /bin/bash /var/lib/tomcat6/webapps/localhost/starface/WEB-INF/system-scripts/check_mk_agent.sh (root,13372,984,0.0) ps ax -o user,vsz,rss,pcpu,command --columns 10000 (root,8388,796,0.0) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4) /
Found on 2023-01-21 11:08 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbdd10b2ab078d20ece547164709fb40860be98aabFound public CheckMk agent: Version: 1.2.0p1 AgentOS: linux PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local AgentDirectory: /etc/check_mk Found process list through CheckMk: (root,19496,1512,0.0) /sbin/init (root,0,0,0.0) [kthreadd] (root,0,0,0.0) [migration/0] (root,0,0,0.0) [ksoftirqd/0] (root,0,0,0.0) [stopper/0] (root,0,0,0.0) [watchdog/0] (root,0,0,0.0) [migration/1] (root,0,0,0.0) [stopper/1] (root,0,0,0.0) [ksoftirqd/1] (root,0,0,0.0) [watchdog/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events_long/0] (root,0,0,0.0) [events_long/1] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [cgroup] (root,0,0,0.0) [khelper] (root,0,0,0.0) [netns] (root,0,0,0.0) [async/mgr] (root,0,0,0.0) [pm] (root,0,0,0.0) [sync_supers] (root,0,0,0.0) [bdi-default] (root,0,0,0.0) [kintegrityd/0] (root,0,0,0.0) [kintegrityd/1] (root,0,0,0.0) [kblockd/0] (root,0,0,0.0) [kblockd/1] (root,0,0,0.0) [kacpid] (root,0,0,0.0) [kacpi_notify] (root,0,0,0.0) [kacpi_hotplug] (root,0,0,0.0) [ata_aux] (root,0,0,0.0) [ata_sff/0] (root,0,0,0.0) [ata_sff/1] (root,0,0,0.0) [ksuspend_usbd] (root,0,0,0.0) [khubd] (root,0,0,0.0) [kseriod] (root,0,0,0.0) [md/0] (root,0,0,0.0) [md/1] (root,0,0,0.0) [md_misc/0] (root,0,0,0.0) [md_misc/1] (root,0,0,0.0) [linkwatch] (root,0,0,0.0) [khungtaskd] (root,0,0,0.0) [lru-add-drain/0] (root,0,0,0.0) [lru-add-drain/1] (root,0,0,0.0) [kswapd0] (root,0,0,0.0) [ksmd] (root,0,0,0.0) [khugepaged] (root,0,0,0.0) [aio/0] (root,0,0,0.0) [aio/1] (root,0,0,0.0) [crypto/0] (root,0,0,0.0) [crypto/1] (root,0,0,0.0) [kthrotld/0] (root,0,0,0.0) [kthrotld/1] (root,0,0,0.0) [kpsmoused] (root,0,0,0.0) [usbhid_resumer] (root,0,0,0.0) [deferwq] (root,0,0,0.0) [kdmremove] (root,0,0,0.0) [kstriped] (root,0,0,0.0) [scsi_eh_0] (root,0,0,0.0) [scsi_eh_1] (root,0,0,0.0) [virtio-blk] (root,0,0,0.0) [scsi_eh_2] (root,0,0,0.0) [jbd2/vda1-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,10780,276,0.0) /sbin/udevd -d (root,0,0,0.0) [virtio-net] (root,0,0,0.0) [kauditd] (root,0,0,0.0) [flush-252:0] (root,9116,480,0.0) /sbin/dhclient -H 10872 -1 -q -lf /var/lib/dhclient/dhclient-eth0.leases -pf /var/run/dhclient-eth0.pid eth0 (root,29764,684,0.0) auditd (root,252024,5612,0.0) /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 (root,18248,500,0.0) irqbalance --pid=/var/run/irqbalance.pid (root,10792,240,0.0) /sbin/udevd -d (dbus,21432,620,0.0) dbus-daemon --system (root,4076,472,0.0) /usr/sbin/acpid (postgres,288172,3332,0.0) /usr/bin/postmaster -p 5432 -D /var/lib/pgsql/data (postgres,179192,720,0.0) postgres: logger process (postgres,288456,61592,0.0) postgres: writer process (postgres,288316,960,0.0) postgres: wal writer process (postgres,288728,1340,0.0) postgres: autovacuum launcher process (postgres,179520,992,0.0) postgres: stats collector process (root,81036,1256,0.0) /usr/libexec/postfix/master (postfix,81288,1500,0.0) qmgr -l -t fifo -u (root,6732,400,0.0) /usr/sbin/gpm -m /dev/input/mice -t exps2 (root,116880,684,0.0) crond (root,21104,392,0.0) /usr/sbin/atd (uucp,165492,1172,0.0) /usr/sbin/faxq (uucp,66160,672,0.0) /usr/sbin/hfaxd -l 127.0.0.1 -i hylafax (root,3014264,120548,0.1) java -jar /var/lib/watchdog/watchdog.jar (root,108316,612,0.0) /bin/bash /usr/sbin/adminshell.sh (root,114552,596,0.0) dialog --msgbox ?You may now access the web-based interface by browsing to http://194.36.62.27 10 50 (root,4060,432,0.0) /sbin/mingetty /dev/tty2 (root,4060,432,0.0) /sbin/mingetty /dev/tty3 (root,10776,224,0.0) /sbin/udevd -d (root,4060,432,0.0) /sbin/mingetty /dev/tty4 (root,4060,432,0.0) /sbin/mingetty /dev/tty5 (root,4060,432,0.0) /sbin/mingetty /dev/tty6 (postgres,290788,9192,0.0) postgres: asterisk asterisk 127.0.0.1(39914) idle (postgres,293120,11060,0.0) postgres: asterisk asterisk 127.0.0.1(40646) idle (asterisk,1387344,55260,0.5) /usr/sbin/asterisk -n (postgres,289572,4640,0.0) postgres: asterisk asterisk ::1(44958) idle (postfix,81116,3428,0.0) pickup -l -t fifo -u (postfix,81120,3476,0.0) showq -t unix -u (root,92544,2860,0.0) sudo /var/lib/tomcat6/webapps/localhost/starface/WEB-INF/system-scripts/check_mk_agent.sh (root,9240,1168,0.0) /bin/bash /var/lib/tomcat6/webapps/localhost/starface/WEB-INF/system-scripts/check_mk_agent.sh (root,13364,980,0.0) ps ax -o user,vsz,rss,pcpu,command --columns 10000 (root,8388,792,0.0) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4) / (tomcat,3910196,1069840,0.2) /usr/lib/jvm/java/bin/java -Djavax.sql.DataSource.Factory=org.apache.commons.dbcp.BasicDataSourceFactory -Xmx1002M -XX:MaxDirectMemorySize=64M -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/home/starface/tomcat-jmv-dump.hprof -Dderby.storage.pageCacheSize=200 -XX:+UseParallelGC -Dorg.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH=true -Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true -Dorg.apache.tomcat.util.http.Parameters.MAX_COUNT=10000 -Djdk.tls.ephemeralDHKeySize=4096 -classpath :/usr/share/tomcat6/bin/bootstrap.jar:/usr/share/tomcat6/bin/tomcat-juli.jar:/usr/share/java/commons-daemon.jar -Dcatalina.base=/usr/share/tomcat6 -Dcatalina.home=/usr/share/tomcat6 -Djava.endorsed.dirs= -Djava.io.tmpdir=/var/cache/tomcat6/temp -Djava.util.logging.config.file=/usr/share/tomcat6/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager org.apache.catalina.startup.Bootstrap start (postgres,289720,5664,0.0) postgres: asterisk asterisk 127.0.0.1(38438) idle (daemon,3069876,153040,0.1) /usr/lib/jvm/java/bin/java -Djdk.tls.ephemeralDHKeySize=4096 -DopenfireHome=/opt/openfire -Dopenfire.lib.dir=/opt/openfire/lib -classpath /opt/openfire/lib/startup.jar -jar /opt/openfire/lib/startup.jar (postgres,294348,10696,0.0) postgres: asterisk asterisk 127.0.0.1(58782) idle (ntp,30740,1580,0.0) ntpd -u ntp:ntp -p /var/run/ntpd.pid -g (postgres,294548,10888,0.0) postgres: asterisk asterisk 127.0.0.1(45942) idle (postgres,290768,10200,0.0) postgres: asterisk asterisk 127.0.0.1(38520) idle (uucp,18172,1176,0.0) /usr/sbin/iaxmodem ttyIAX10 (uucp,68672,2148,0.0) /usr/sbin/faxgetty ttyIAX10 (uucp,18168,1204,0.0) /usr/sbin/iaxmodem ttyIAX8 (uucp,68752,2388,0.0) /usr/sbin/faxgetty ttyIAX8 (uucp,18172,1176,0.0) /usr/sbin/iaxmodem ttyIAX9 (uucp,68672,2152,0.0) /usr/sbin/faxgetty ttyIAX9 (uucp,18168,1168,0.0) /usr/sbin/iaxmodem ttyIAX4 (uucp,68672,2156,0.0) /usr/sbin/faxgetty ttyIAX4 (uucp,18172,1172,0.0) /usr/sbin/iaxmodem ttyIAX5 (uucp,68672,2148,0.0) /usr/sbin/faxgetty ttyIAX5 (uucp,18168,1164,0.0) /usr/sbin/iaxmodem ttyIAX6 (uucp,68672,2148,0.0) /usr/sbin/faxgetty ttyIAX6 (uucp,18164,1160,0.0) /usr/sbin/iaxmodem ttyIAX7 (uucp,68672,2152,0.0) /usr/sbin/faxgetty ttyIAX7 (uucp,18168,1176,0.0) /usr/sbin/iaxmodem ttyIAX1 (uucp,68672,2148,0.0) /usr/sbin/faxgetty ttyIAX1 (uucp,18168,1168,0.0) /usr/sbin/iaxmodem ttyIAX2 (uucp,68672,2152,0.0) /usr/sbin/faxgetty ttyIAX2 (uucp,18172,1168,0.0) /usr/sbin/iaxmodem ttyIAX3 (uucp,68672,2148,0.0) /usr/sbin/faxgetty ttyIAX3
Found on 2023-01-10 21:22 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbdd10b2ab078d20ece547164709fb408643416904Found public CheckMk agent: Version: 1.2.0p1 AgentOS: linux PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local AgentDirectory: /etc/check_mk Found process list through CheckMk: (root,19496,1528,0.0) /sbin/init (root,0,0,0.0) [kthreadd] (root,0,0,0.0) [migration/0] (root,0,0,0.0) [ksoftirqd/0] (root,0,0,0.0) [stopper/0] (root,0,0,0.0) [watchdog/0] (root,0,0,0.0) [migration/1] (root,0,0,0.0) [stopper/1] (root,0,0,0.0) [ksoftirqd/1] (root,0,0,0.0) [watchdog/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events_long/0] (root,0,0,0.0) [events_long/1] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [cgroup] (root,0,0,0.0) [khelper] (root,0,0,0.0) [netns] (root,0,0,0.0) [async/mgr] (root,0,0,0.0) [pm] (root,0,0,0.0) [sync_supers] (root,0,0,0.0) [bdi-default] (root,0,0,0.0) [kintegrityd/0] (root,0,0,0.0) [kintegrityd/1] (root,0,0,0.0) [kblockd/0] (root,0,0,0.0) [kblockd/1] (root,0,0,0.0) [kacpid] (root,0,0,0.0) [kacpi_notify] (root,0,0,0.0) [kacpi_hotplug] (root,0,0,0.0) [ata_aux] (root,0,0,0.0) [ata_sff/0] (root,0,0,0.0) [ata_sff/1] (root,0,0,0.0) [ksuspend_usbd] (root,0,0,0.0) [khubd] (root,0,0,0.0) [kseriod] (root,0,0,0.0) [md/0] (root,0,0,0.0) [md/1] (root,0,0,0.0) [md_misc/0] (root,0,0,0.0) [md_misc/1] (root,0,0,0.0) [linkwatch] (root,0,0,0.0) [khungtaskd] (root,0,0,0.0) [lru-add-drain/0] (root,0,0,0.0) [lru-add-drain/1] (root,0,0,0.0) [kswapd0] (root,0,0,0.0) [ksmd] (root,0,0,0.0) [khugepaged] (root,0,0,0.0) [aio/0] (root,0,0,0.0) [aio/1] (root,0,0,0.0) [crypto/0] (root,0,0,0.0) [crypto/1] (root,0,0,0.0) [kthrotld/0] (root,0,0,0.0) [kthrotld/1] (root,0,0,0.0) [kpsmoused] (root,0,0,0.0) [usbhid_resumer] (root,0,0,0.0) [deferwq] (root,0,0,0.0) [kdmremove] (root,0,0,0.0) [kstriped] (root,0,0,0.0) [scsi_eh_0] (root,0,0,0.0) [scsi_eh_1] (root,0,0,0.0) [virtio-blk] (root,0,0,0.0) [scsi_eh_2] (root,0,0,0.0) [jbd2/vda1-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,10780,276,0.0) /sbin/udevd -d (root,0,0,0.0) [virtio-net] (root,0,0,0.0) [kauditd] (root,0,0,0.0) [flush-252:0] (root,9116,664,0.0) /sbin/dhclient -H 10872 -1 -q -lf /var/lib/dhclient/dhclient-eth0.leases -pf /var/run/dhclient-eth0.pid eth0 (root,29764,684,0.0) auditd (root,252024,5628,0.0) /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 (root,18248,500,0.0) irqbalance --pid=/var/run/irqbalance.pid (root,10792,240,0.0) /sbin/udevd -d (dbus,21432,636,0.0) dbus-daemon --system (root,4076,472,0.0) /usr/sbin/acpid (postgres,288172,3332,0.0) /usr/bin/postmaster -p 5432 -D /var/lib/pgsql/data (postgres,179192,720,0.0) postgres: logger process (postgres,288456,59364,0.0) postgres: writer process (postgres,288316,960,0.0) postgres: wal writer process (postgres,288728,1336,0.0) postgres: autovacuum launcher process (postgres,179520,992,0.0) postgres: stats collector process (root,81036,1256,0.0) /usr/libexec/postfix/master (postfix,81288,1472,0.0) qmgr -l -t fifo -u (root,6732,400,0.0) /usr/sbin/gpm -m /dev/input/mice -t exps2 (root,116880,684,0.0) crond (root,21104,392,0.0) /usr/sbin/atd (uucp,165492,1028,0.0) /usr/sbin/faxq (uucp,66160,672,0.0) /usr/sbin/hfaxd -l 127.0.0.1 -i hylafax (root,3014264,121128,0.1) java -jar /var/lib/watchdog/watchdog.jar (root,108316,612,0.0) /bin/bash /usr/sbin/adminshell.sh (root,114552,596,0.0) dialog --msgbox ?You may now access the web-based interface by browsing to http://194.36.62.27 10 50 (root,4060,432,0.0) /sbin/mingetty /dev/tty2 (root,4060,432,0.0) /sbin/mingetty /dev/tty3 (root,10776,224,0.0) /sbin/udevd -d (root,4060,432,0.0) /sbin/mingetty /dev/tty4 (root,4060,432,0.0) /sbin/mingetty /dev/tty5 (root,4060,432,0.0) /sbin/mingetty /dev/tty6 (postfix,81120,3472,0.0) showq -t unix -u (root,92544,2864,0.0) sudo /var/lib/tomcat6/webapps/localhost/starface/WEB-INF/system-scripts/check_mk_agent.sh (root,9240,1168,0.0) /bin/bash /var/lib/tomcat6/webapps/localhost/starface/WEB-INF/system-scripts/check_mk_agent.sh (root,13364,980,0.0) ps ax -o user,vsz,rss,pcpu,command --columns 10000 (root,8388,796,0.0) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4) / (uucp,18168,1168,0.0) /usr/sbin/iaxmodem ttyIAX10 (uucp,68672,2156,0.0) /usr/sbin/faxgetty ttyIAX10 (uucp,18172,1176,0.0) /usr/sbin/iaxmodem ttyIAX8 (uucp,68672,2148,0.0) /usr/sbin/faxgetty ttyIAX8 (uucp,18168,1164,0.0) /usr/sbin/iaxmodem ttyIAX9 (uucp,68672,2148,0.0) /usr/sbin/faxgetty ttyIAX9 (uucp,18172,1176,0.0) /usr/sbin/iaxmodem ttyIAX4 (uucp,68672,2152,0.0) /usr/sbin/faxgetty ttyIAX4 (uucp,18168,1168,0.0) /usr/sbin/iaxmodem ttyIAX5 (uucp,68672,2152,0.0) /usr/sbin/faxgetty ttyIAX5 (uucp,18168,1168,0.0) /usr/sbin/iaxmodem ttyIAX6 (uucp,68672,2152,0.0) /usr/sbin/faxgetty ttyIAX6 (uucp,18168,1164,0.0) /usr/sbin/iaxmodem ttyIAX7 (uucp,68672,2148,0.0) /usr/sbin/faxgetty ttyIAX7 (uucp,18168,1168,0.0) /usr/sbin/iaxmodem ttyIAX1 (uucp,68672,2148,0.0) /usr/sbin/faxgetty ttyIAX1 (uucp,18168,1168,0.0) /usr/sbin/iaxmodem ttyIAX2 (uucp,68672,2156,0.0) /usr/sbin/faxgetty ttyIAX2 (uucp,18168,1168,0.0) /usr/sbin/iaxmodem ttyIAX3 (uucp,68672,2148,0.0) /usr/sbin/faxgetty ttyIAX3 (asterisk,1386848,72460,0.5) /usr/sbin/asterisk -n (postgres,289572,4644,0.0) postgres: asterisk asterisk ::1(44958) idle (tomcat,3860188,899096,0.3) /usr/lib/jvm/java/bin/java -Djavax.sql.DataSource.Factory=org.apache.commons.dbcp.BasicDataSourceFactory -Xmx1002M -XX:MaxDirectMemorySize=64M -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/home/starface/tomcat-jmv-dump.hprof -Dderby.storage.pageCacheSize=200 -XX:+UseParallelGC -Dorg.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH=true -Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true -Dorg.apache.tomcat.util.http.Parameters.MAX_COUNT=10000 -Djdk.tls.ephemeralDHKeySize=4096 -classpath :/usr/share/tomcat6/bin/bootstrap.jar:/usr/share/tomcat6/bin/tomcat-juli.jar:/usr/share/java/commons-daemon.jar -Dcatalina.base=/usr/share/tomcat6 -Dcatalina.home=/usr/share/tomcat6 -Djava.endorsed.dirs= -Djava.io.tmpdir=/var/cache/tomcat6/temp -Djava.util.logging.config.file=/usr/share/tomcat6/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager org.apache.catalina.startup.Bootstrap start (postgres,290328,8112,0.0) postgres: asterisk asterisk 127.0.0.1(51204) idle (postgres,289720,6140,0.0) postgres: asterisk asterisk 127.0.0.1(38438) idle (daemon,3061660,181364,0.1) /usr/lib/jvm/java/bin/java -Djdk.tls.ephemeralDHKeySize=4096 -DopenfireHome=/opt/openfire -Dopenfire.lib.dir=/opt/openfire/lib -classpath /opt/openfire/lib/startup.jar -jar /opt/openfire/lib/startup.jar (ntp,30740,2180,0.0) ntpd -u ntp:ntp -p /var/run/ntpd.pid -g (postgres,289872,6408,0.0) postgres: asterisk asterisk 127.0.0.1(51772) idle (postgres,289860,6516,0.0) postgres: asterisk asterisk 127.0.0.1(38204) idle (postgres,290768,12392,0.0) postgres: asterisk asterisk 127.0.0.1(38520) idle (postgres,290704,10036,0.0) postgres: asterisk asterisk 127.0.0.1(39358) idle (postfix,81116,3428,0.0) pickup -l -t fifo -u
Found on 2022-12-25 10:01 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbdd10b2ab078d20ece547164709fb40860c16e92cFound public CheckMk agent: Version: 1.2.0p1 AgentOS: linux PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local AgentDirectory: /etc/check_mk Found process list through CheckMk: (root,19496,1516,0.0) /sbin/init (root,0,0,0.0) [kthreadd] (root,0,0,0.0) [migration/0] (root,0,0,0.0) [ksoftirqd/0] (root,0,0,0.0) [stopper/0] (root,0,0,0.0) [watchdog/0] (root,0,0,0.0) [migration/1] (root,0,0,0.0) [stopper/1] (root,0,0,0.0) [ksoftirqd/1] (root,0,0,0.0) [watchdog/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events_long/0] (root,0,0,0.0) [events_long/1] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [cgroup] (root,0,0,0.0) [khelper] (root,0,0,0.0) [netns] (root,0,0,0.0) [async/mgr] (root,0,0,0.0) [pm] (root,0,0,0.0) [sync_supers] (root,0,0,0.0) [bdi-default] (root,0,0,0.0) [kintegrityd/0] (root,0,0,0.0) [kintegrityd/1] (root,0,0,0.0) [kblockd/0] (root,0,0,0.0) [kblockd/1] (root,0,0,0.0) [kacpid] (root,0,0,0.0) [kacpi_notify] (root,0,0,0.0) [kacpi_hotplug] (root,0,0,0.0) [ata_aux] (root,0,0,0.0) [ata_sff/0] (root,0,0,0.0) [ata_sff/1] (root,0,0,0.0) [ksuspend_usbd] (root,0,0,0.0) [khubd] (root,0,0,0.0) [kseriod] (root,0,0,0.0) [md/0] (root,0,0,0.0) [md/1] (root,0,0,0.0) [md_misc/0] (root,0,0,0.0) [md_misc/1] (root,0,0,0.0) [linkwatch] (root,0,0,0.0) [khungtaskd] (root,0,0,0.0) [lru-add-drain/0] (root,0,0,0.0) [lru-add-drain/1] (root,0,0,0.0) [kswapd0] (root,0,0,0.0) [ksmd] (root,0,0,0.0) [khugepaged] (root,0,0,0.0) [aio/0] (root,0,0,0.0) [aio/1] (root,0,0,0.0) [crypto/0] (root,0,0,0.0) [crypto/1] (root,0,0,0.0) [kthrotld/0] (root,0,0,0.0) [kthrotld/1] (root,0,0,0.0) [kpsmoused] (root,0,0,0.0) [usbhid_resumer] (root,0,0,0.0) [deferwq] (root,0,0,0.0) [kdmremove] (root,0,0,0.0) [kstriped] (root,0,0,0.0) [scsi_eh_0] (root,0,0,0.0) [scsi_eh_1] (root,0,0,0.0) [virtio-blk] (root,0,0,0.0) [scsi_eh_2] (root,0,0,0.0) [jbd2/vda1-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,10780,276,0.0) /sbin/udevd -d (root,0,0,0.0) [virtio-net] (root,0,0,0.0) [kauditd] (root,0,0,0.0) [flush-252:0] (root,9116,472,0.0) /sbin/dhclient -H 10872 -1 -q -lf /var/lib/dhclient/dhclient-eth0.leases -pf /var/run/dhclient-eth0.pid eth0 (root,29764,684,0.0) auditd (root,252024,5584,0.0) /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 (root,18248,500,0.0) irqbalance --pid=/var/run/irqbalance.pid (root,10792,240,0.0) /sbin/udevd -d (dbus,21432,632,0.0) dbus-daemon --system (root,4076,472,0.0) /usr/sbin/acpid (postgres,294552,10556,0.0) postgres: asterisk asterisk 127.0.0.1(36438) idle (postgres,288172,3332,0.0) /usr/bin/postmaster -p 5432 -D /var/lib/pgsql/data (postgres,179192,720,0.0) postgres: logger process (postgres,288456,58352,0.0) postgres: writer process (postgres,288316,960,0.0) postgres: wal writer process (postgres,288728,1316,0.0) postgres: autovacuum launcher process (postgres,179520,992,0.0) postgres: stats collector process (root,81036,1256,0.0) /usr/libexec/postfix/master (postfix,81288,1484,0.0) qmgr -l -t fifo -u (root,6732,400,0.0) /usr/sbin/gpm -m /dev/input/mice -t exps2 (root,116880,684,0.0) crond (root,21104,392,0.0) /usr/sbin/atd (uucp,165492,1168,0.0) /usr/sbin/faxq (uucp,66160,672,0.0) /usr/sbin/hfaxd -l 127.0.0.1 -i hylafax (root,3014264,116760,0.1) java -jar /var/lib/watchdog/watchdog.jar (root,108316,612,0.0) /bin/bash /usr/sbin/adminshell.sh (root,114552,596,0.0) dialog --msgbox ?You may now access the web-based interface by browsing to http://194.36.62.27 10 50 (root,4060,432,0.0) /sbin/mingetty /dev/tty2 (root,4060,432,0.0) /sbin/mingetty /dev/tty3 (root,10776,224,0.0) /sbin/udevd -d (root,4060,432,0.0) /sbin/mingetty /dev/tty4 (root,4060,432,0.0) /sbin/mingetty /dev/tty5 (root,4060,432,0.0) /sbin/mingetty /dev/tty6 (postgres,290904,10204,0.0) postgres: asterisk asterisk 127.0.0.1(38678) idle (tomcat,3832904,863072,0.3) /usr/lib/jvm/java/bin/java -Djavax.sql.DataSource.Factory=org.apache.commons.dbcp.BasicDataSourceFactory -Xmx1002M -XX:MaxDirectMemorySize=64M -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/home/starface/tomcat-jmv-dump.hprof -Dderby.storage.pageCacheSize=200 -XX:+UseParallelGC -Dorg.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH=true -Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true -Dorg.apache.tomcat.util.http.Parameters.MAX_COUNT=10000 -Djdk.tls.ephemeralDHKeySize=4096 -classpath :/usr/share/tomcat6/bin/bootstrap.jar:/usr/share/tomcat6/bin/tomcat-juli.jar:/usr/share/java/commons-daemon.jar -Dcatalina.base=/usr/share/tomcat6 -Dcatalina.home=/usr/share/tomcat6 -Djava.endorsed.dirs= -Djava.io.tmpdir=/var/cache/tomcat6/temp -Djava.util.logging.config.file=/usr/share/tomcat6/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager org.apache.catalina.startup.Bootstrap start (asterisk,1386848,81100,0.5) /usr/sbin/asterisk -n (postgres,289572,4432,0.0) postgres: asterisk asterisk ::1(44958) idle (postgres,289720,5424,0.0) postgres: asterisk asterisk 127.0.0.1(57180) idle (daemon,3060412,317904,0.1) /usr/lib/jvm/java/bin/java -Djdk.tls.ephemeralDHKeySize=4096 -DopenfireHome=/opt/openfire -Dopenfire.lib.dir=/opt/openfire/lib -classpath /opt/openfire/lib/startup.jar -jar /opt/openfire/lib/startup.jar (ntp,30740,2064,0.0) ntpd -u ntp:ntp -p /var/run/ntpd.pid -g (uucp,18168,1192,0.0) /usr/sbin/iaxmodem ttyIAX10 (uucp,68752,2152,0.0) /usr/sbin/faxgetty ttyIAX10 (uucp,18168,1172,0.0) /usr/sbin/iaxmodem ttyIAX8 (uucp,68672,2148,0.0) /usr/sbin/faxgetty ttyIAX8 (uucp,18172,1176,0.0) /usr/sbin/iaxmodem ttyIAX9 (uucp,68672,2152,0.0) /usr/sbin/faxgetty ttyIAX9 (uucp,18172,1176,0.0) /usr/sbin/iaxmodem ttyIAX4 (uucp,68752,2156,0.0) /usr/sbin/faxgetty ttyIAX4 (uucp,18172,1192,0.0) /usr/sbin/iaxmodem ttyIAX5 (uucp,68752,2156,0.0) /usr/sbin/faxgetty ttyIAX5 (uucp,18172,1192,0.0) /usr/sbin/iaxmodem ttyIAX6 (uucp,68752,2156,0.0) /usr/sbin/faxgetty ttyIAX6 (uucp,18168,1188,0.0) /usr/sbin/iaxmodem ttyIAX7 (uucp,68752,2156,0.0) /usr/sbin/faxgetty ttyIAX7 (uucp,18172,1196,0.0) /usr/sbin/iaxmodem ttyIAX1 (uucp,68752,2156,0.0) /usr/sbin/faxgetty ttyIAX1 (uucp,18168,1188,0.0) /usr/sbin/iaxmodem ttyIAX2 (uucp,68752,2160,0.0) /usr/sbin/faxgetty ttyIAX2 (uucp,18164,1164,0.0) /usr/sbin/iaxmodem ttyIAX3 (uucp,68672,2148,0.0) /usr/sbin/faxgetty ttyIAX3 (postgres,290460,8132,0.0) postgres: asterisk asterisk 127.0.0.1(44740) idle (postfix,81116,3436,0.0) pickup -l -t fifo -u (postgres,294436,10852,0.0) postgres: asterisk asterisk 127.0.0.1(36824) idle (postfix,81324,3720,0.0) smtp -t unix -u (postfix,81324,3716,0.0) smtp -t unix -u (postfix,81156,3472,0.0) bounce -z -n defer -t unix -u (postfix,81156,3472,0.0) bounce -z -n defer -t unix -u (postfix,81120,3484,0.0) showq -t unix -u (root,92544,2868,0.0) sudo /var/lib/tomcat6/webapps/localhost/starface/WEB-INF/system-scripts/check_mk_agent.sh (root,9240,1168,0.0) /bin/bash /var/lib/tomcat6/webapps/localhost/starface/WEB-INF/system-scripts/check_mk_agent.sh (root,13364,984,0.0) ps ax -o user,vsz,rss,pcpu,command --columns 10000 (root,8388,796,0.0) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4) /
Found on 2022-12-13 23:28 -
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbdd10b2ab078d20ece547164709fb4086b49781c8Found public CheckMk agent: Version: 1.2.0p1 AgentOS: linux PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local AgentDirectory: /etc/check_mk Found process list through CheckMk: (root,19496,1516,0.0) /sbin/init (root,0,0,0.0) [kthreadd] (root,0,0,0.0) [migration/0] (root,0,0,0.0) [ksoftirqd/0] (root,0,0,0.0) [stopper/0] (root,0,0,0.0) [watchdog/0] (root,0,0,0.0) [migration/1] (root,0,0,0.0) [stopper/1] (root,0,0,0.0) [ksoftirqd/1] (root,0,0,0.0) [watchdog/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events_long/0] (root,0,0,0.0) [events_long/1] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [cgroup] (root,0,0,0.0) [khelper] (root,0,0,0.0) [netns] (root,0,0,0.0) [async/mgr] (root,0,0,0.0) [pm] (root,0,0,0.0) [sync_supers] (root,0,0,0.0) [bdi-default] (root,0,0,0.0) [kintegrityd/0] (root,0,0,0.0) [kintegrityd/1] (root,0,0,0.0) [kblockd/0] (root,0,0,0.0) [kblockd/1] (root,0,0,0.0) [kacpid] (root,0,0,0.0) [kacpi_notify] (root,0,0,0.0) [kacpi_hotplug] (root,0,0,0.0) [ata_aux] (root,0,0,0.0) [ata_sff/0] (root,0,0,0.0) [ata_sff/1] (root,0,0,0.0) [ksuspend_usbd] (root,0,0,0.0) [khubd] (root,0,0,0.0) [kseriod] (root,0,0,0.0) [md/0] (root,0,0,0.0) [md/1] (root,0,0,0.0) [md_misc/0] (root,0,0,0.0) [md_misc/1] (root,0,0,0.0) [linkwatch] (root,0,0,0.0) [khungtaskd] (root,0,0,0.0) [lru-add-drain/0] (root,0,0,0.0) [lru-add-drain/1] (root,0,0,0.0) [kswapd0] (root,0,0,0.0) [ksmd] (root,0,0,0.0) [khugepaged] (root,0,0,0.0) [aio/0] (root,0,0,0.0) [aio/1] (root,0,0,0.0) [crypto/0] (root,0,0,0.0) [crypto/1] (root,0,0,0.0) [kthrotld/0] (root,0,0,0.0) [kthrotld/1] (root,0,0,0.0) [kpsmoused] (root,0,0,0.0) [usbhid_resumer] (root,0,0,0.0) [deferwq] (root,0,0,0.0) [kdmremove] (root,0,0,0.0) [kstriped] (root,0,0,0.0) [scsi_eh_0] (root,0,0,0.0) [scsi_eh_1] (root,0,0,0.0) [virtio-blk] (root,0,0,0.0) [scsi_eh_2] (root,0,0,0.0) [jbd2/vda1-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,10780,276,0.0) /sbin/udevd -d (root,0,0,0.0) [virtio-net] (root,0,0,0.0) [kauditd] (postgres,294352,10664,0.0) postgres: asterisk asterisk 127.0.0.1(35052) idle (root,0,0,0.0) [flush-252:0] (root,9116,492,0.0) /sbin/dhclient -H 10872 -1 -q -lf /var/lib/dhclient/dhclient-eth0.leases -pf /var/run/dhclient-eth0.pid eth0 (root,29764,684,0.0) auditd (root,252024,5596,0.0) /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 (root,18248,512,0.0) irqbalance --pid=/var/run/irqbalance.pid (root,10792,240,0.0) /sbin/udevd -d (dbus,21432,632,0.0) dbus-daemon --system (root,4076,472,0.0) /usr/sbin/acpid (postgres,288172,3340,0.0) /usr/bin/postmaster -p 5432 -D /var/lib/pgsql/data (postgres,179192,724,0.0) postgres: logger process (postgres,288456,57752,0.0) postgres: writer process (postgres,288316,964,0.0) postgres: wal writer process (postgres,288728,1328,0.0) postgres: autovacuum launcher process (postgres,179520,996,0.0) postgres: stats collector process (uucp,18168,1164,0.0) /usr/sbin/iaxmodem ttyIAX10 (uucp,68672,2152,0.0) /usr/sbin/faxgetty ttyIAX10 (uucp,18172,1208,0.0) /usr/sbin/iaxmodem ttyIAX8 (uucp,68752,2384,0.0) /usr/sbin/faxgetty ttyIAX8 (uucp,18164,1160,0.0) /usr/sbin/iaxmodem ttyIAX9 (uucp,68672,2152,0.0) /usr/sbin/faxgetty ttyIAX9 (uucp,18172,1172,0.0) /usr/sbin/iaxmodem ttyIAX4 (uucp,68672,2152,0.0) /usr/sbin/faxgetty ttyIAX4 (uucp,18168,1168,0.0) /usr/sbin/iaxmodem ttyIAX5 (uucp,68672,2148,0.0) /usr/sbin/faxgetty ttyIAX5 (uucp,18168,1164,0.0) /usr/sbin/iaxmodem ttyIAX6 (uucp,68672,2156,0.0) /usr/sbin/faxgetty ttyIAX6 (uucp,18168,1168,0.0) /usr/sbin/iaxmodem ttyIAX7 (root,81036,1256,0.0) /usr/libexec/postfix/master (uucp,68672,2148,0.0) /usr/sbin/faxgetty ttyIAX7 (postfix,81288,1496,0.0) qmgr -l -t fifo -u (uucp,18168,1168,0.0) /usr/sbin/iaxmodem ttyIAX1 (uucp,68672,2152,0.0) /usr/sbin/faxgetty ttyIAX1 (uucp,18168,1168,0.0) /usr/sbin/iaxmodem ttyIAX2 (uucp,68672,2156,0.0) /usr/sbin/faxgetty ttyIAX2 (uucp,18172,1180,0.0) /usr/sbin/iaxmodem ttyIAX3 (uucp,68672,2148,0.0) /usr/sbin/faxgetty ttyIAX3 (root,6732,400,0.0) /usr/sbin/gpm -m /dev/input/mice -t exps2 (root,116880,684,0.0) crond (root,21104,392,0.0) /usr/sbin/atd (uucp,165492,1260,0.0) /usr/sbin/faxq (uucp,66160,672,0.0) /usr/sbin/hfaxd -l 127.0.0.1 -i hylafax (root,3014264,120392,0.1) java -jar /var/lib/watchdog/watchdog.jar (root,108316,612,0.0) /bin/bash /usr/sbin/adminshell.sh (root,114552,596,0.0) dialog --msgbox ?You may now access the web-based interface by browsing to http://194.36.62.27 10 50 (root,4060,432,0.0) /sbin/mingetty /dev/tty2 (root,4060,432,0.0) /sbin/mingetty /dev/tty3 (root,10776,224,0.0) /sbin/udevd -d (root,4060,432,0.0) /sbin/mingetty /dev/tty4 (root,4060,432,0.0) /sbin/mingetty /dev/tty5 (root,4060,432,0.0) /sbin/mingetty /dev/tty6 (postgres,294552,10824,0.0) postgres: asterisk asterisk 127.0.0.1(40542) idle (tomcat,3824652,805872,0.3) /usr/lib/jvm/java/bin/java -Djavax.sql.DataSource.Factory=org.apache.commons.dbcp.BasicDataSourceFactory -Xmx1002M -XX:MaxDirectMemorySize=64M -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/home/starface/tomcat-jmv-dump.hprof -Dderby.storage.pageCacheSize=200 -XX:+UseParallelGC -Dorg.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH=true -Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true -Dorg.apache.tomcat.util.http.Parameters.MAX_COUNT=10000 -Djdk.tls.ephemeralDHKeySize=4096 -classpath :/usr/share/tomcat6/bin/bootstrap.jar:/usr/share/tomcat6/bin/tomcat-juli.jar:/usr/share/java/commons-daemon.jar -Dcatalina.base=/usr/share/tomcat6 -Dcatalina.home=/usr/share/tomcat6 -Djava.endorsed.dirs= -Djava.io.tmpdir=/var/cache/tomcat6/temp -Djava.util.logging.config.file=/usr/share/tomcat6/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager org.apache.catalina.startup.Bootstrap start (asterisk,1387344,118028,0.6) /usr/sbin/asterisk -n (postgres,289572,4436,0.0) postgres: asterisk asterisk ::1(44958) idle (postgres,289720,6144,0.0) postgres: asterisk asterisk 127.0.0.1(57180) idle (daemon,3058356,168004,0.1) /usr/lib/jvm/java/bin/java -Djdk.tls.ephemeralDHKeySize=4096 -DopenfireHome=/opt/openfire -Dopenfire.lib.dir=/opt/openfire/lib -classpath /opt/openfire/lib/startup.jar -jar /opt/openfire/lib/startup.jar (ntp,30740,2100,0.0) ntpd -u ntp:ntp -p /var/run/ntpd.pid -g (postfix,81116,3432,0.0) pickup -l -t fifo -u (postgres,290896,10156,0.0) postgres: asterisk asterisk 127.0.0.1(54032) idle (postgres,290348,8232,0.0) postgres: asterisk asterisk 127.0.0.1(54720) idle (postfix,81120,3480,0.0) showq -t unix -u (root,92544,2868,0.0) sudo /var/lib/tomcat6/webapps/localhost/starface/WEB-INF/system-scripts/check_mk_agent.sh (root,9240,1172,0.0) /bin/bash /var/lib/tomcat6/webapps/localhost/starface/WEB-INF/system-scripts/check_mk_agent.sh (root,13368,988,0.0) ps ax -o user,vsz,rss,pcpu,command --columns 10000 (root,8388,796,0.0) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4) / (postgres,294440,10636,0.0) postgres: asterisk asterisk 127.0.0.1(60728) idle
Found on 2022-12-05 20:29
-
Open service 194.36.62.27:80
2024-11-20 18:30
HTTP/1.1 302 Moved Temporarily Pragma: No-cache Cache-Control: no-cache Expires: Thu, 01 Jan 1970 01:00:00 CET Location: https://194.36.62.27/ Content-Length: 0 Date: Wed, 20 Nov 2024 18:30:24 GMT Connection: close Server:
Found 2024-11-20 by HttpPluginCreate report
-
Open service 194.36.62.27:80
2024-11-20 15:27
HTTP/1.1 302 Moved Temporarily Pragma: No-cache Cache-Control: no-cache Expires: Thu, 01 Jan 1970 01:00:00 CET Location: https://194.36.62.27/ Content-Length: 0 Date: Wed, 20 Nov 2024 15:27:00 GMT Connection: close Server:
Found 2024-11-20 by HttpPluginCreate report
Domain summary
No record