LeakIX - Host 212.88.128.70

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5cf1cfb1ff

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33700,2484,00:07:39,1) /sbin/init
(root,0,0,00:00:05,2) [kthreadd]
(root,0,0,00:19:31,3) [ksoftirqd/0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,1-06:05:06,7) [rcu_sched]
(root,0,0,05:23:22,8) [rcuos/0]
(root,0,0,05:45:02,9) [rcuos/1]
(root,0,0,05:46:11,10) [rcuos/2]
(root,0,0,05:21:36,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:06:37,17) [migration/0]
(root,0,0,00:03:26,18) [watchdog/0]
(root,0,0,00:02:58,19) [watchdog/1]
(root,0,0,00:06:46,20) [migration/1]
(root,0,0,00:21:35,21) [ksoftirqd/1]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:02:52,24) [watchdog/2]
(root,0,0,00:06:45,25) [migration/2]
(root,0,0,00:22:41,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:02:57,29) [watchdog/3]
(root,0,0,00:06:46,30) [migration/3]
(root,0,0,00:21:17,31) [ksoftirqd/3]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:21,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:03:07,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:01:42,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,150) [kpsmoused]
(root,0,0,00:00:00,151) [mpt_poll_0]
(root,0,0,00:00:00,152) [mpt/0]
(root,0,0,00:00:00,155) [kworker/2:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:20:04,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,0,0,00:00:00,444) [rpciod]
(root,0,0,00:00:00,460) [nfsiod]
(root,23492,0,00:00:00,492) rpc.idmapd
(syslog,255956,188,01:25:39,499) rsyslogd
(root,0,0,00:00:00,512) [ttm_swap]
(root,89040,532,00:01:34,761) rpcbind
(statd,21612,1108,00:00:00,805) rpc.statd -L
(root,16236,164,00:00:00,816) upstart-file-bridge --daemon
(root,15404,540,00:00:00,819) upstart-socket-bridge --daemon
(root,123384,0,00:04:33,922) ypbind -no-dbus
(root,17316,12,00:00:00,941) /sbin/getty -8 38400 tty4
(root,17316,12,00:00:00,944) /sbin/getty -8 38400 tty5
(root,17316,12,00:00:00,953) /sbin/getty -8 38400 tty2
(root,17316,12,00:00:00,954) /sbin/getty -8 38400 tty3
(root,17316,12,00:00:00,956) /sbin/getty -8 38400 tty6
(root,23664,624,00:02:19,987) cron
(root,19320,1184,01:37:27,996) /usr/sbin/irqbalance
(root,4380,0,00:00:00,1015) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(daemon,19152,112,00:00:01,1065) atd
(root,375176,0,00:06:48,1068) /usr/sbin/automount
(nagios,23472,8,00:00:00,1146) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,89912,3100,08:33:08,1396) /usr/bin/vmtoolsd
(root,82644,16560,10:49:22,1503) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,371396,31392,05:50:08,1511) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,309568,227844,06:49:07,1513) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90612,17904,03:13:19,1516) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,266344,7148,04:11:12,1584) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,0,0,00:00:00,1665) [kauditd]
(root,0,0,00:03:29,3434) [kworker/0:0]
(postfix,27420,2864,00:00:00,7068) pickup -l -t unix -u -c
(bind,775908,314300,12-13:21:10,7145) /usr/sbin/named -u bind -S 16384
(root,19488,540,00:00:00,8724) upstart-udev-bridge --daemon
(root,51352,4,00:00:00,8727) /lib/systemd/systemd-udevd --daemon
(root,0,0,00:01:45,9831) [kworker/3:1]
(root,61392,1308,00:14:15,11512) /usr/sbin/sshd -D
(root,17316,12,00:00:00,11606) /sbin/getty -8 38400 tty1
(root,0,0,00:00:00,11867) [kworker/u8:0]
(root,0,0,00:00:00,12165) [kworker/u8:1]
(root,61392,5416,00:00:00,12490) sshd: [accepted]    
(sshd,61392,2956,00:00:00,12491) sshd: [net]         
(root,18032,2944,00:00:00,12528) /bin/bash /usr/bin/check_mk_agent
(root,15580,2192,00:00:00,12547) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10992,1388,00:00:00,12548) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /
(root,0,0,01:20:56,14167) [kworker/1:2]
(root,15008,636,00:01:05,14213) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,25356,796,00:01:08,14350) /usr/lib/postfix/master
(postfix,27608,96,00:00:35,14352) qmgr -l -t unix -u
(root,0,0,00:01:46,16328) [kworker/3:2]
(root,0,0,00:07:35,17656) [kworker/2:0]
(root,0,0,00:00:00,20266) [kworker/1:1]
(root,0,0,00:04:07,23191) [kworker/0:2]
(root,0,0,00:00:00,25504) [kworker/3:1H]
(root,0,0,00:00:00,25809) [kworker/0:1H]
(root,21916,1968,01:05:26,26550) /usr/sbin/chronyd -r
(root,0,0,00:00:00,28092) [kworker/2:1H]
(root,0,0,00:00:00,29171) [kworker/1:1H]

Found on 2024-12-22 00:58

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5c2f0e74dd

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33700,2348,00:07:38,1) /sbin/init
(root,0,0,00:00:05,2) [kthreadd]
(root,0,0,00:19:30,3) [ksoftirqd/0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,1-06:02:32,7) [rcu_sched]
(root,0,0,05:22:53,8) [rcuos/0]
(root,0,0,05:44:33,9) [rcuos/1]
(root,0,0,05:45:45,10) [rcuos/2]
(root,0,0,05:21:14,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:06:36,17) [migration/0]
(root,0,0,00:03:26,18) [watchdog/0]
(root,0,0,00:02:57,19) [watchdog/1]
(root,0,0,00:06:46,20) [migration/1]
(root,0,0,00:21:34,21) [ksoftirqd/1]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:02:52,24) [watchdog/2]
(root,0,0,00:06:45,25) [migration/2]
(root,0,0,00:22:39,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:02:57,29) [watchdog/3]
(root,0,0,00:06:45,30) [migration/3]
(root,0,0,00:21:16,31) [ksoftirqd/3]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:20,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:03:06,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:01:42,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,150) [kpsmoused]
(root,0,0,00:00:00,151) [mpt_poll_0]
(root,0,0,00:00:00,152) [mpt/0]
(root,0,0,00:00:00,155) [kworker/2:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:20:01,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,0,0,00:00:00,444) [rpciod]
(root,0,0,00:00:00,460) [nfsiod]
(root,23492,0,00:00:00,492) rpc.idmapd
(syslog,255956,196,01:25:25,499) rsyslogd
(root,0,0,00:00:00,512) [ttm_swap]
(root,89040,84,00:01:34,761) rpcbind
(statd,21612,308,00:00:00,805) rpc.statd -L
(root,16236,84,00:00:00,816) upstart-file-bridge --daemon
(root,15404,108,00:00:00,819) upstart-socket-bridge --daemon
(root,123384,132,00:04:32,922) ypbind -no-dbus
(root,17316,12,00:00:00,941) /sbin/getty -8 38400 tty4
(root,17316,12,00:00:00,944) /sbin/getty -8 38400 tty5
(root,17316,12,00:00:00,953) /sbin/getty -8 38400 tty2
(root,17316,12,00:00:00,954) /sbin/getty -8 38400 tty3
(root,17316,12,00:00:00,956) /sbin/getty -8 38400 tty6
(root,23664,580,00:02:18,987) cron
(root,19320,1216,01:37:13,996) /usr/sbin/irqbalance
(root,4380,0,00:00:00,1015) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(daemon,19152,0,00:00:01,1065) atd
(root,375176,24,00:06:47,1068) /usr/sbin/automount
(nagios,23472,24,00:00:00,1146) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,89912,3128,08:32:11,1396) /usr/bin/vmtoolsd
(root,82644,16344,10:47:40,1503) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,371396,31372,05:49:13,1511) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,309048,220428,06:48:00,1513) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90612,15036,03:12:49,1516) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,266344,7112,04:10:34,1584) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,0,0,00:00:00,1665) [kauditd]
(root,0,0,00:03:29,3434) [kworker/0:0]
(bind,775908,320324,12-11:35:49,7145) /usr/sbin/named -u bind -S 16384
(root,19488,56,00:00:00,8724) upstart-udev-bridge --daemon
(root,51352,4,00:00:00,8727) /lib/systemd/systemd-udevd --daemon
(root,0,0,00:01:45,9831) [kworker/3:1]
(root,61392,1108,00:14:11,11512) /usr/sbin/sshd -D
(root,17316,12,00:00:00,11606) /sbin/getty -8 38400 tty1
(root,0,0,01:20:52,14167) [kworker/1:2]
(root,15008,488,00:01:05,14213) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,25356,708,00:01:07,14350) /usr/lib/postfix/master
(postfix,27608,1036,00:00:35,14352) qmgr -l -t unix -u
(root,0,0,00:01:41,16328) [kworker/3:2]
(root,0,0,00:07:32,17656) [kworker/2:0]
(root,0,0,00:00:00,20266) [kworker/1:1]
(root,0,0,00:04:04,23191) [kworker/0:2]
(root,0,0,00:00:00,25504) [kworker/3:1H]
(root,0,0,00:00:00,25809) [kworker/0:1H]
(root,0,0,00:00:00,26488) [kworker/u8:1]
(root,21916,1964,01:05:18,26550) /usr/sbin/chronyd -r
(postfix,27420,2996,00:00:00,26872) pickup -l -t unix -u -c
(root,0,0,00:00:00,28092) [kworker/2:1H]
(root,0,0,00:00:00,29171) [kworker/1:1H]
(root,0,0,00:00:00,30152) [kworker/u8:0]
(root,0,0,00:00:00,30486) [kworker/u8:2]
(root,61392,5512,00:00:00,30849) sshd: [accepted]    
(sshd,61392,692,00:00:00,30850) sshd: [net]         
(root,63464,5768,00:00:00,30857) sshd: unknown [priv]
(sshd,61472,3028,00:00:00,30858) sshd: unknown [net] 
(root,18032,2988,00:00:00,31040) /bin/bash /usr/bin/check_mk_agent
(root,15580,2204,00:00:00,31059) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10996,1576,00:00:00,31060) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /

Found on 2024-12-20 00:23

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5c959d9392

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33700,2408,00:07:37,1) /sbin/init
(root,0,0,00:00:05,2) [kthreadd]
(root,0,0,00:19:28,3) [ksoftirqd/0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,1-05:59:36,7) [rcu_sched]
(root,0,0,05:22:20,8) [rcuos/0]
(root,0,0,05:44:00,9) [rcuos/1]
(root,0,0,05:45:18,10) [rcuos/2]
(root,0,0,05:20:47,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:06:36,17) [migration/0]
(root,0,0,00:03:25,18) [watchdog/0]
(root,0,0,00:02:57,19) [watchdog/1]
(root,0,0,00:06:46,20) [migration/1]
(root,0,0,00:21:32,21) [ksoftirqd/1]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:02:52,24) [watchdog/2]
(root,0,0,00:06:44,25) [migration/2]
(root,0,0,00:22:38,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:02:56,29) [watchdog/3]
(root,0,0,00:06:44,30) [migration/3]
(root,0,0,00:21:14,31) [ksoftirqd/3]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:20,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:03:05,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:01:41,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,150) [kpsmoused]
(root,0,0,00:00:00,151) [mpt_poll_0]
(root,0,0,00:00:00,152) [mpt/0]
(root,0,0,00:00:00,155) [kworker/2:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:19:58,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,0,0,00:00:00,444) [rpciod]
(root,0,0,00:00:00,460) [nfsiod]
(root,23492,0,00:00:00,492) rpc.idmapd
(syslog,255956,492,01:25:08,499) rsyslogd
(root,0,0,00:00:00,512) [ttm_swap]
(root,89040,508,00:01:34,761) rpcbind
(statd,21612,932,00:00:00,805) rpc.statd -L
(root,16236,72,00:00:00,816) upstart-file-bridge --daemon
(root,15404,128,00:00:00,819) upstart-socket-bridge --daemon
(root,123384,28,00:04:31,922) ypbind -no-dbus
(root,17316,12,00:00:00,941) /sbin/getty -8 38400 tty4
(root,17316,12,00:00:00,944) /sbin/getty -8 38400 tty5
(root,17316,12,00:00:00,953) /sbin/getty -8 38400 tty2
(root,17316,12,00:00:00,954) /sbin/getty -8 38400 tty3
(root,17316,12,00:00:00,956) /sbin/getty -8 38400 tty6
(root,23664,552,00:02:18,987) cron
(root,19320,1204,01:36:59,996) /usr/sbin/irqbalance
(root,4380,0,00:00:00,1015) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(daemon,19152,0,00:00:01,1065) atd
(root,375176,24,00:06:45,1068) /usr/sbin/automount
(nagios,23472,356,00:00:00,1146) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,89912,3052,08:31:15,1396) /usr/bin/vmtoolsd
(root,82644,16016,10:46:01,1503) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,371396,31028,05:48:19,1511) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,308268,225324,06:46:55,1513) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90612,17448,03:12:19,1516) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,266344,7192,04:10:00,1584) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,0,0,00:00:00,1665) [kauditd]
(root,0,0,00:03:29,3434) [kworker/0:0]
(bind,775908,321232,12-09:20:12,7145) /usr/sbin/named -u bind -S 16384
(root,19488,48,00:00:00,8724) upstart-udev-bridge --daemon
(root,51352,4,00:00:00,8727) /lib/systemd/systemd-udevd --daemon
(root,0,0,00:01:45,9831) [kworker/3:1]
(root,61392,1280,00:14:08,11512) /usr/sbin/sshd -D
(root,17316,12,00:00:00,11606) /sbin/getty -8 38400 tty1
(root,0,0,01:20:49,14167) [kworker/1:2]
(root,15008,176,00:01:05,14213) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,25356,716,00:01:07,14350) /usr/lib/postfix/master
(postfix,27608,1868,00:00:35,14352) qmgr -l -t unix -u
(root,0,0,00:01:36,16328) [kworker/3:2]
(root,0,0,00:07:29,17656) [kworker/2:0]
(root,0,0,00:00:00,20266) [kworker/1:1]
(postfix,27420,2972,00:00:00,22843) pickup -l -t unix -u -c
(root,0,0,00:04:01,23191) [kworker/0:2]
(root,0,0,00:00:00,24256) [kworker/u8:0]
(root,0,0,00:00:00,24810) [kworker/u8:2]
(root,0,0,00:00:00,25106) [kworker/u8:1]
(root,61392,5480,00:00:00,25128) sshd: [accepted]    
(root,61392,5476,00:00:00,25137) sshd: [accepted]    
(root,18032,3008,00:00:00,25184) /bin/bash /usr/bin/check_mk_agent
(root,15580,2188,00:00:00,25203) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10996,1540,00:00:00,25204) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /
(root,0,0,00:00:00,25504) [kworker/3:1H]
(root,0,0,00:00:00,25809) [kworker/0:1H]
(root,21916,1760,01:05:09,26550) /usr/sbin/chronyd -r
(root,0,0,00:00:00,28092) [kworker/2:1H]
(root,0,0,00:00:00,29171) [kworker/1:1H]

Found on 2024-12-18 01:34

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5cd6df39c4

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33700,2776,00:07:35,1) /sbin/init
(root,0,0,00:00:04,2) [kthreadd]
(root,0,0,00:19:26,3) [ksoftirqd/0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,1-05:56:15,7) [rcu_sched]
(root,0,0,05:21:45,8) [rcuos/0]
(root,0,0,05:43:25,9) [rcuos/1]
(root,0,0,05:44:45,10) [rcuos/2]
(root,0,0,05:20:17,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:06:35,17) [migration/0]
(root,0,0,00:03:25,18) [watchdog/0]
(root,0,0,00:02:56,19) [watchdog/1]
(root,0,0,00:06:45,20) [migration/1]
(root,0,0,00:21:30,21) [ksoftirqd/1]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:02:51,24) [watchdog/2]
(root,0,0,00:06:44,25) [migration/2]
(root,0,0,00:22:35,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:02:56,29) [watchdog/3]
(root,0,0,00:06:44,30) [migration/3]
(root,0,0,00:21:13,31) [ksoftirqd/3]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:20,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:03:05,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:01:41,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,150) [kpsmoused]
(root,0,0,00:00:00,151) [mpt_poll_0]
(root,0,0,00:00:00,152) [mpt/0]
(root,0,0,00:00:00,155) [kworker/2:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:19:55,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,63464,5672,00:00:00,308) sshd: root [priv]   
(sshd,61472,3056,00:00:00,309) sshd: root [net]    
(root,61392,5528,00:00:00,328) sshd: [accepted]    
(root,18032,3016,00:00:00,365) /bin/bash /usr/bin/check_mk_agent
(root,15580,2204,00:00:00,384) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10992,1332,00:00:00,385) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /
(root,0,0,00:00:00,444) [rpciod]
(root,0,0,00:00:00,460) [nfsiod]
(root,23492,0,00:00:00,492) rpc.idmapd
(syslog,255956,1012,01:24:47,499) rsyslogd
(root,0,0,00:00:00,512) [ttm_swap]
(root,89040,72,00:01:34,761) rpcbind
(statd,21612,1152,00:00:00,805) rpc.statd -L
(root,16236,908,00:00:00,816) upstart-file-bridge --daemon
(root,15404,224,00:00:00,819) upstart-socket-bridge --daemon
(root,123384,400,00:04:31,922) ypbind -no-dbus
(root,17316,12,00:00:00,941) /sbin/getty -8 38400 tty4
(root,17316,12,00:00:00,944) /sbin/getty -8 38400 tty5
(root,17316,12,00:00:00,953) /sbin/getty -8 38400 tty2
(root,17316,12,00:00:00,954) /sbin/getty -8 38400 tty3
(root,17316,12,00:00:00,956) /sbin/getty -8 38400 tty6
(root,23664,632,00:02:18,987) cron
(root,19320,1376,01:36:44,996) /usr/sbin/irqbalance
(root,4380,0,00:00:00,1015) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(daemon,19152,0,00:00:01,1065) atd
(root,375176,48,00:06:44,1068) /usr/sbin/automount
(nagios,23472,152,00:00:00,1146) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,89912,3076,08:30:16,1396) /usr/bin/vmtoolsd
(root,82644,16708,10:44:14,1503) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,371396,22720,05:47:21,1511) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,307748,223140,06:45:46,1513) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90612,17944,03:11:47,1516) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,266344,7152,04:09:18,1584) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,0,0,00:00:00,1665) [kauditd]
(root,0,0,00:03:29,3434) [kworker/0:0]
(bind,775908,308272,12-06:45:20,7145) /usr/sbin/named -u bind -S 16384
(root,19488,48,00:00:00,8724) upstart-udev-bridge --daemon
(root,51352,4,00:00:00,8727) /lib/systemd/systemd-udevd --daemon
(root,0,0,00:01:45,9831) [kworker/3:1]
(root,61392,1268,00:14:04,11512) /usr/sbin/sshd -D
(root,17316,12,00:00:00,11606) /sbin/getty -8 38400 tty1
(root,0,0,01:20:45,14167) [kworker/1:2]
(root,15008,352,00:01:05,14213) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,25356,972,00:01:06,14350) /usr/lib/postfix/master
(postfix,27608,108,00:00:35,14352) qmgr -l -t unix -u
(root,0,0,00:01:31,16328) [kworker/3:2]
(root,0,0,00:07:25,17656) [kworker/2:0]
(root,0,0,00:00:00,20266) [kworker/1:1]
(root,0,0,00:03:58,23191) [kworker/0:2]
(root,0,0,00:00:00,25504) [kworker/3:1H]
(root,0,0,00:00:00,25809) [kworker/0:1H]
(root,21916,2216,01:05:00,26550) /usr/sbin/chronyd -r
(root,0,0,00:00:00,28092) [kworker/2:1H]
(root,0,0,00:00:00,29171) [kworker/1:1H]
(root,0,0,00:00:00,31350) [kworker/u8:0]
(root,0,0,00:00:00,31678) [kworker/u8:1]
(postfix,27420,2864,00:00:00,31929) pickup -l -t unix -u -c
(root,0,0,00:00:00,32524) [kworker/u8:2]

Found on 2024-12-15 23:07

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5c572ac6a3

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33700,2468,00:07:34,1) /sbin/init
(root,0,0,00:00:04,2) [kthreadd]
(root,0,0,00:19:25,3) [ksoftirqd/0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,1-05:53:50,7) [rcu_sched]
(root,0,0,05:21:21,8) [rcuos/0]
(root,0,0,05:42:56,9) [rcuos/1]
(root,0,0,05:44:17,10) [rcuos/2]
(root,0,0,05:19:58,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:06:35,17) [migration/0]
(root,0,0,00:03:25,18) [watchdog/0]
(root,0,0,00:02:56,19) [watchdog/1]
(root,0,0,00:06:45,20) [migration/1]
(root,0,0,00:21:29,21) [ksoftirqd/1]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:02:51,24) [watchdog/2]
(root,0,0,00:06:43,25) [migration/2]
(root,0,0,00:22:34,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:02:56,29) [watchdog/3]
(root,0,0,00:06:43,30) [migration/3]
(root,0,0,00:21:12,31) [ksoftirqd/3]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:20,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:03:04,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:01:40,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,150) [kpsmoused]
(root,0,0,00:00:00,151) [mpt_poll_0]
(root,0,0,00:00:00,152) [mpt/0]
(root,0,0,00:00:00,155) [kworker/2:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:19:52,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,0,0,00:00:00,444) [rpciod]
(root,0,0,00:00:00,460) [nfsiod]
(root,23492,0,00:00:00,492) rpc.idmapd
(syslog,255956,196,01:24:35,499) rsyslogd
(root,0,0,00:00:00,512) [ttm_swap]
(root,89040,52,00:01:33,761) rpcbind
(statd,21612,1056,00:00:00,805) rpc.statd -L
(root,16236,664,00:00:00,816) upstart-file-bridge --daemon
(root,15404,52,00:00:00,819) upstart-socket-bridge --daemon
(root,123384,112,00:04:30,922) ypbind -no-dbus
(root,17316,12,00:00:00,941) /sbin/getty -8 38400 tty4
(root,17316,12,00:00:00,944) /sbin/getty -8 38400 tty5
(root,17316,12,00:00:00,953) /sbin/getty -8 38400 tty2
(root,17316,12,00:00:00,954) /sbin/getty -8 38400 tty3
(root,17316,12,00:00:00,956) /sbin/getty -8 38400 tty6
(root,23664,600,00:02:17,987) cron
(root,19320,1388,01:36:30,996) /usr/sbin/irqbalance
(root,4380,0,00:00:00,1015) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(daemon,19152,4,00:00:01,1065) atd
(root,375176,264,00:06:42,1068) /usr/sbin/automount
(nagios,23472,20,00:00:00,1146) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,89912,3120,08:29:19,1396) /usr/bin/vmtoolsd
(root,82644,16456,10:42:33,1503) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,371264,31668,05:46:27,1511) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,307228,145872,06:44:41,1513) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90612,9448,03:11:18,1516) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,266344,7132,04:08:44,1584) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,0,0,00:00:00,1665) [kauditd]
(root,0,0,00:03:29,3434) [kworker/0:0]
(bind,775908,317680,12-05:15:22,7145) /usr/sbin/named -u bind -S 16384
(root,19488,52,00:00:00,8724) upstart-udev-bridge --daemon
(root,51352,4,00:00:00,8727) /lib/systemd/systemd-udevd --daemon
(root,0,0,00:01:45,9831) [kworker/3:1]
(root,61392,1280,00:14:01,11512) /usr/sbin/sshd -D
(root,17316,12,00:00:00,11606) /sbin/getty -8 38400 tty1
(root,0,0,01:20:41,14167) [kworker/1:2]
(root,15008,612,00:01:05,14213) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,25356,668,00:01:06,14350) /usr/lib/postfix/master
(postfix,27608,1620,00:00:34,14352) qmgr -l -t unix -u
(root,0,0,00:01:27,16328) [kworker/3:2]
(root,0,0,00:07:22,17656) [kworker/2:0]
(root,0,0,00:00:00,20266) [kworker/1:1]
(postfix,27420,2860,00:00:00,22493) pickup -l -t unix -u -c
(root,0,0,00:03:55,23191) [kworker/0:2]
(root,0,0,00:00:00,24690) [kworker/u8:1]
(root,0,0,00:00:00,25299) [kworker/u8:0]
(root,0,0,00:00:00,25504) [kworker/3:1H]
(root,0,0,00:00:00,25614) [kworker/u8:2]
(root,18032,2944,00:00:00,25666) /bin/bash /usr/bin/check_mk_agent
(root,15580,2212,00:00:00,25685) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10996,1436,00:00:00,25686) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /
(root,0,0,00:00:00,25809) [kworker/0:1H]
(root,21916,1548,01:04:51,26550) /usr/sbin/chronyd -r
(root,0,0,00:00:00,28092) [kworker/2:1H]
(root,0,0,00:00:00,29171) [kworker/1:1H]

Found on 2024-12-13 23:16

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5c0210a1fc

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33700,2380,00:07:33,1) /sbin/init
(root,0,0,00:00:04,2) [kthreadd]
(root,0,0,00:19:23,3) [ksoftirqd/0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,1-05:50:39,7) [rcu_sched]
(root,0,0,05:20:44,8) [rcuos/0]
(root,0,0,05:42:24,9) [rcuos/1]
(root,0,0,05:43:48,10) [rcuos/2]
(root,0,0,05:19:30,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:06:34,17) [migration/0]
(root,0,0,00:03:24,18) [watchdog/0]
(root,0,0,00:02:56,19) [watchdog/1]
(root,0,0,00:06:44,20) [migration/1]
(root,0,0,00:21:27,21) [ksoftirqd/1]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:02:51,24) [watchdog/2]
(root,0,0,00:06:43,25) [migration/2]
(root,0,0,00:22:32,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:02:55,29) [watchdog/3]
(root,0,0,00:06:43,30) [migration/3]
(root,0,0,00:21:10,31) [ksoftirqd/3]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:20,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:03:03,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:01:40,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,150) [kpsmoused]
(root,0,0,00:00:00,151) [mpt_poll_0]
(root,0,0,00:00:00,152) [mpt/0]
(root,0,0,00:00:00,155) [kworker/2:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:19:49,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,0,0,00:00:00,444) [rpciod]
(root,0,0,00:00:00,460) [nfsiod]
(root,23492,0,00:00:00,492) rpc.idmapd
(syslog,255956,264,01:24:14,499) rsyslogd
(root,0,0,00:00:00,512) [ttm_swap]
(root,89040,220,00:01:33,761) rpcbind
(statd,21612,148,00:00:00,805) rpc.statd -L
(root,16236,868,00:00:00,816) upstart-file-bridge --daemon
(root,15404,116,00:00:00,819) upstart-socket-bridge --daemon
(root,123384,292,00:04:30,922) ypbind -no-dbus
(root,17316,12,00:00:00,941) /sbin/getty -8 38400 tty4
(root,17316,12,00:00:00,944) /sbin/getty -8 38400 tty5
(root,17316,12,00:00:00,953) /sbin/getty -8 38400 tty2
(root,17316,12,00:00:00,954) /sbin/getty -8 38400 tty3
(root,17316,12,00:00:00,956) /sbin/getty -8 38400 tty6
(root,23664,604,00:02:17,987) cron
(root,19320,1280,01:36:15,996) /usr/sbin/irqbalance
(root,4380,0,00:00:00,1015) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(daemon,19152,0,00:00:01,1065) atd
(root,375176,28,00:06:40,1068) /usr/sbin/automount
(nagios,23472,44,00:00:00,1146) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,89912,3076,08:28:21,1396) /usr/bin/vmtoolsd
(root,82644,16392,10:40:47,1503) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,371264,31532,05:45:30,1511) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,306452,225244,06:43:33,1513) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90612,9604,03:10:46,1516) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,266344,7128,04:08:06,1584) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,0,0,00:00:00,1665) [kauditd]
(root,0,0,00:03:29,3434) [kworker/0:0]
(postfix,27420,2984,00:00:00,4568) pickup -l -t unix -u -c
(bind,775908,314792,12-02:46:54,7145) /usr/sbin/named -u bind -S 16384
(root,0,0,00:00:00,7181) [kworker/u8:2]
(root,0,0,00:00:00,8061) [kworker/u8:0]
(root,61392,5528,00:00:00,8603) sshd: [accepted]    
(root,19488,36,00:00:00,8724) upstart-udev-bridge --daemon
(root,51352,4,00:00:00,8727) /lib/systemd/systemd-udevd --daemon
(root,18032,2980,00:00:00,8763) /bin/bash /usr/bin/check_mk_agent
(root,15580,2148,00:00:00,8782) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10996,1448,00:00:00,8783) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /
(root,0,0,00:01:45,9831) [kworker/3:1]
(root,61392,1284,00:13:57,11512) /usr/sbin/sshd -D
(root,17316,12,00:00:00,11606) /sbin/getty -8 38400 tty1
(root,0,0,01:20:36,14167) [kworker/1:2]
(root,15008,128,00:01:05,14213) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,25356,672,00:01:06,14350) /usr/lib/postfix/master
(postfix,27608,364,00:00:34,14352) qmgr -l -t unix -u
(root,0,0,00:01:22,16328) [kworker/3:2]
(root,0,0,00:07:18,17656) [kworker/2:0]
(root,0,0,00:00:00,20266) [kworker/1:1]
(root,0,0,00:03:52,23191) [kworker/0:2]
(root,0,0,00:00:00,25504) [kworker/3:1H]
(root,0,0,00:00:00,25809) [kworker/0:1H]
(root,21916,1868,01:04:42,26550) /usr/sbin/chronyd -r
(root,0,0,00:00:00,28092) [kworker/2:1H]
(root,0,0,00:00:00,29171) [kworker/1:1H]

Found on 2024-12-11 21:36

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5c0acfb7b9

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33700,1568,00:07:32,1) /sbin/init
(root,0,0,00:00:04,2) [kthreadd]
(root,0,0,00:19:21,3) [ksoftirqd/0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,1-05:47:49,7) [rcu_sched]
(root,0,0,05:20:16,8) [rcuos/0]
(root,0,0,05:41:55,9) [rcuos/1]
(root,0,0,05:43:19,10) [rcuos/2]
(root,0,0,05:19:03,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:06:34,17) [migration/0]
(root,0,0,00:03:24,18) [watchdog/0]
(root,0,0,00:02:55,19) [watchdog/1]
(root,0,0,00:06:43,20) [migration/1]
(root,0,0,00:21:25,21) [ksoftirqd/1]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:02:50,24) [watchdog/2]
(root,0,0,00:06:43,25) [migration/2]
(root,0,0,00:22:31,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:02:55,29) [watchdog/3]
(root,0,0,00:06:42,30) [migration/3]
(root,0,0,00:21:08,31) [ksoftirqd/3]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:20,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:03:03,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:01:39,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,150) [kpsmoused]
(root,0,0,00:00:00,151) [mpt_poll_0]
(root,0,0,00:00:00,152) [mpt/0]
(root,0,0,00:00:00,155) [kworker/2:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:19:46,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,0,0,00:00:00,444) [rpciod]
(root,0,0,00:00:00,460) [nfsiod]
(root,23492,0,00:00:00,492) rpc.idmapd
(syslog,255956,280,01:23:59,499) rsyslogd
(root,0,0,00:00:00,512) [ttm_swap]
(root,89040,72,00:01:33,761) rpcbind
(statd,21612,788,00:00:00,805) rpc.statd -L
(root,16236,84,00:00:00,816) upstart-file-bridge --daemon
(root,15404,340,00:00:00,819) upstart-socket-bridge --daemon
(root,123384,72,00:04:29,922) ypbind -no-dbus
(root,17316,12,00:00:00,941) /sbin/getty -8 38400 tty4
(root,17316,12,00:00:00,944) /sbin/getty -8 38400 tty5
(root,17316,12,00:00:00,953) /sbin/getty -8 38400 tty2
(root,17316,12,00:00:00,954) /sbin/getty -8 38400 tty3
(root,17316,12,00:00:00,956) /sbin/getty -8 38400 tty6
(root,23664,436,00:02:17,987) cron
(root,19320,852,01:36:01,996) /usr/sbin/irqbalance
(root,4380,0,00:00:00,1015) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(daemon,19152,0,00:00:01,1065) atd
(root,375176,12,00:06:39,1068) /usr/sbin/automount
(nagios,23472,44,00:00:00,1146) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,89912,2856,08:27:26,1396) /usr/bin/vmtoolsd
(root,82644,16284,10:39:08,1503) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,371264,31200,05:44:36,1511) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,305932,219560,06:42:28,1513) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90612,17436,03:10:17,1516) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,266344,7124,04:07:31,1584) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,0,0,00:00:00,1665) [kauditd]
(root,0,0,00:00:00,3363) [kworker/u8:2]
(root,0,0,00:03:29,3434) [kworker/0:0]
(root,0,0,00:00:00,3932) [kworker/u8:0]
(root,0,0,00:00:00,4216) [kworker/u8:1]
(root,63464,5692,00:00:00,4482) sshd: root [priv]   
(sshd,61472,3940,00:00:00,4483) sshd: root [net]    
(root,61392,5320,00:00:00,4484) sshd: [accepted]    
(sshd,61392,692,00:00:00,4485) sshd: [net]         
(root,61392,5324,00:00:00,4502) sshd: [accepted]    
(sshd,61392,2848,00:00:00,4503) sshd: [net]         
(root,18032,2932,00:00:00,4593) /bin/bash /usr/bin/check_mk_agent
(root,15580,2132,00:00:00,4612) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10992,1436,00:00:00,4613) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /
(bind,775908,318588,12-00:32:53,7145) /usr/sbin/named -u bind -S 16384
(root,19488,16,00:00:00,8724) upstart-udev-bridge --daemon
(root,51352,4,00:00:00,8727) /lib/systemd/systemd-udevd --daemon
(root,0,0,00:01:45,9831) [kworker/3:1]
(root,61392,892,00:13:54,11512) /usr/sbin/sshd -D
(root,17316,12,00:00:00,11606) /sbin/getty -8 38400 tty1
(root,0,0,01:20:33,14167) [kworker/1:2]
(root,15008,384,00:01:05,14213) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,25356,664,00:01:05,14350) /usr/lib/postfix/master
(postfix,27608,1768,00:00:34,14352) qmgr -l -t unix -u
(root,0,0,00:01:17,16328) [kworker/3:2]
(root,0,0,00:07:15,17656) [kworker/2:0]
(root,0,0,00:00:00,20266) [kworker/1:1]
(root,0,0,00:03:49,23191) [kworker/0:2]
(root,0,0,00:00:00,25504) [kworker/3:1H]
(root,0,0,00:00:00,25809) [kworker/0:1H]
(root,21916,1700,01:04:34,26550) /usr/sbin/chronyd -r
(root,0,0,00:00:00,28092) [kworker/2:1H]
(root,0,0,00:00:00,29171) [kworker/1:1H]
(postfix,27420,2884,00:00:00,32321) pickup -l -t unix -u -c

Found on 2024-12-09 23:08

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5c6c9e20a4

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33700,2596,00:07:31,1) /sbin/init
(root,0,0,00:00:04,2) [kthreadd]
(root,0,0,00:19:20,3) [ksoftirqd/0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,1-05:45:27,7) [rcu_sched]
(root,0,0,05:19:47,8) [rcuos/0]
(root,0,0,05:41:28,9) [rcuos/1]
(root,0,0,05:42:55,10) [rcuos/2]
(root,0,0,05:18:42,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:06:33,17) [migration/0]
(root,0,0,00:03:23,18) [watchdog/0]
(root,0,0,00:02:55,19) [watchdog/1]
(root,0,0,00:06:43,20) [migration/1]
(root,0,0,00:21:23,21) [ksoftirqd/1]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:02:50,24) [watchdog/2]
(root,0,0,00:06:42,25) [migration/2]
(root,0,0,00:22:29,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:02:55,29) [watchdog/3]
(root,0,0,00:06:42,30) [migration/3]
(root,0,0,00:21:07,31) [ksoftirqd/3]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:20,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:03:02,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:01:39,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,150) [kpsmoused]
(root,0,0,00:00:00,151) [mpt_poll_0]
(root,0,0,00:00:00,152) [mpt/0]
(root,0,0,00:00:00,155) [kworker/2:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:19:43,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,0,0,00:00:00,444) [rpciod]
(root,0,0,00:00:00,460) [nfsiod]
(root,23492,0,00:00:00,492) rpc.idmapd
(syslog,255956,304,01:23:42,499) rsyslogd
(root,0,0,00:00:00,512) [ttm_swap]
(root,89040,384,00:01:33,761) rpcbind
(statd,21612,912,00:00:00,805) rpc.statd -L
(root,16236,680,00:00:00,816) upstart-file-bridge --daemon
(root,15404,608,00:00:00,819) upstart-socket-bridge --daemon
(root,123384,76,00:04:28,922) ypbind -no-dbus
(root,17316,12,00:00:00,941) /sbin/getty -8 38400 tty4
(root,17316,12,00:00:00,944) /sbin/getty -8 38400 tty5
(root,17316,12,00:00:00,953) /sbin/getty -8 38400 tty2
(root,17316,12,00:00:00,954) /sbin/getty -8 38400 tty3
(root,17316,12,00:00:00,956) /sbin/getty -8 38400 tty6
(root,23664,572,00:02:16,987) cron
(root,19320,1140,01:35:48,996) /usr/sbin/irqbalance
(root,4380,0,00:00:00,1015) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(daemon,19152,0,00:00:01,1065) atd
(root,375176,44,00:06:37,1068) /usr/sbin/automount
(nagios,23472,280,00:00:00,1146) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,89912,2900,08:26:30,1396) /usr/bin/vmtoolsd
(root,82644,15776,10:37:28,1503) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,371264,30836,05:43:43,1511) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,305412,223844,06:41:24,1513) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90612,17336,03:09:47,1516) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,266344,5840,04:06:56,1584) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,0,0,00:00:00,1665) [kauditd]
(root,0,0,00:03:29,3434) [kworker/0:0]
(bind,775908,309840,11-22:50:32,7145) /usr/sbin/named -u bind -S 16384
(root,19488,612,00:00:00,8724) upstart-udev-bridge --daemon
(root,51352,4,00:00:00,8727) /lib/systemd/systemd-udevd --daemon
(root,0,0,00:01:45,9831) [kworker/3:1]
(root,61392,964,00:13:51,11512) /usr/sbin/sshd -D
(root,17316,12,00:00:00,11606) /sbin/getty -8 38400 tty1
(root,0,0,01:20:30,14167) [kworker/1:2]
(root,15008,464,00:01:05,14213) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,25356,636,00:01:05,14350) /usr/lib/postfix/master
(postfix,27608,280,00:00:34,14352) qmgr -l -t unix -u
(root,0,0,00:01:12,16328) [kworker/3:2]
(root,0,0,00:07:12,17656) [kworker/2:0]
(root,0,0,00:00:00,20266) [kworker/1:1]
(root,0,0,00:03:46,23191) [kworker/0:2]
(root,0,0,00:00:00,25504) [kworker/3:1H]
(root,0,0,00:00:00,25809) [kworker/0:1H]
(root,21916,1812,01:04:26,26550) /usr/sbin/chronyd -r
(postfix,27420,2860,00:00:00,26906) pickup -l -t unix -u -c
(root,0,0,00:00:00,28092) [kworker/2:1H]
(root,0,0,00:00:00,29171) [kworker/1:1H]
(root,0,0,00:00:00,29683) [kworker/u8:2]
(root,0,0,00:00:00,30539) [kworker/u8:0]
(root,63464,5596,00:00:00,31098) sshd: root [priv]   
(sshd,61472,2968,00:00:00,31099) sshd: root [net]    
(root,0,0,00:00:00,31114) [kworker/u8:1]
(root,18032,2984,00:00:00,31267) /bin/bash /usr/bin/check_mk_agent
(root,15580,2224,00:00:00,31286) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10996,1544,00:00:00,31287) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /

Found on 2024-12-08 00:34

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5c3ecefa7d

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33700,2316,00:07:29,1) /sbin/init
(root,0,0,00:00:04,2) [kthreadd]
(root,0,0,00:19:19,3) [ksoftirqd/0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,1-05:43:02,7) [rcu_sched]
(root,0,0,05:19:19,8) [rcuos/0]
(root,0,0,05:41:00,9) [rcuos/1]
(root,0,0,05:42:31,10) [rcuos/2]
(root,0,0,05:18:21,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:06:33,17) [migration/0]
(root,0,0,00:03:23,18) [watchdog/0]
(root,0,0,00:02:55,19) [watchdog/1]
(root,0,0,00:06:43,20) [migration/1]
(root,0,0,00:21:22,21) [ksoftirqd/1]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:02:50,24) [watchdog/2]
(root,0,0,00:06:42,25) [migration/2]
(root,0,0,00:22:28,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:02:54,29) [watchdog/3]
(root,0,0,00:06:41,30) [migration/3]
(root,0,0,00:21:06,31) [ksoftirqd/3]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:20,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:03:02,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:01:38,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,150) [kpsmoused]
(root,0,0,00:00:00,151) [mpt_poll_0]
(root,0,0,00:00:00,152) [mpt/0]
(root,0,0,00:00:00,155) [kworker/2:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:19:40,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,0,0,00:00:00,444) [rpciod]
(root,0,0,00:00:00,460) [nfsiod]
(root,23492,0,00:00:00,492) rpc.idmapd
(syslog,255956,168,01:23:23,499) rsyslogd
(root,0,0,00:00:00,512) [ttm_swap]
(root,89040,108,00:01:32,761) rpcbind
(statd,21612,404,00:00:00,805) rpc.statd -L
(root,16236,724,00:00:00,816) upstart-file-bridge --daemon
(root,15404,52,00:00:00,819) upstart-socket-bridge --daemon
(root,123384,456,00:04:28,922) ypbind -no-dbus
(root,17316,12,00:00:00,941) /sbin/getty -8 38400 tty4
(root,17316,12,00:00:00,944) /sbin/getty -8 38400 tty5
(root,17316,12,00:00:00,953) /sbin/getty -8 38400 tty2
(root,17316,12,00:00:00,954) /sbin/getty -8 38400 tty3
(root,17316,12,00:00:00,956) /sbin/getty -8 38400 tty6
(root,23664,456,00:02:16,987) cron
(root,19320,824,01:35:34,996) /usr/sbin/irqbalance
(root,4380,0,00:00:00,1015) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(daemon,19152,8,00:00:01,1065) atd
(root,375176,20,00:06:36,1068) /usr/sbin/automount
(nagios,23472,68,00:00:00,1146) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,89912,2900,08:25:33,1396) /usr/bin/vmtoolsd
(root,82644,15644,10:35:45,1503) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,371264,20648,05:42:47,1511) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,304636,223480,06:40:18,1513) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90612,16476,03:09:17,1516) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,266344,6732,04:06:18,1584) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,0,0,00:00:00,1665) [kauditd]
(root,0,0,00:03:29,3434) [kworker/0:0]
(bind,775908,314164,11-21:12:23,7145) /usr/sbin/named -u bind -S 16384
(root,19488,72,00:00:00,8724) upstart-udev-bridge --daemon
(root,51352,4,00:00:00,8727) /lib/systemd/systemd-udevd --daemon
(root,0,0,00:01:45,9831) [kworker/3:1]
(root,61392,892,00:13:47,11512) /usr/sbin/sshd -D
(root,17316,12,00:00:00,11606) /sbin/getty -8 38400 tty1
(root,0,0,01:20:27,14167) [kworker/1:2]
(postfix,27420,2996,00:00:00,14176) pickup -l -t unix -u -c
(root,15008,432,00:01:05,14213) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,25356,684,00:01:05,14350) /usr/lib/postfix/master
(postfix,27608,540,00:00:34,14352) qmgr -l -t unix -u
(root,0,0,00:01:07,16328) [kworker/3:2]
(root,0,0,00:00:00,17311) [kworker/u8:2]
(root,0,0,00:07:09,17656) [kworker/2:0]
(root,0,0,00:00:00,17861) [kworker/u8:1]
(root,63464,5732,00:00:00,18199) sshd: root [priv]   
(sshd,61472,3056,00:00:00,18200) sshd: root [net]    
(root,18032,2964,00:00:00,18377) /bin/bash /usr/bin/check_mk_agent
(root,15580,2148,00:00:00,18396) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10996,1436,00:00:00,18397) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /
(root,0,0,00:00:00,20266) [kworker/1:1]
(root,0,0,00:03:42,23191) [kworker/0:2]
(root,0,0,00:00:00,25504) [kworker/3:1H]
(root,0,0,00:00:00,25809) [kworker/0:1H]
(root,21916,1624,01:04:17,26550) /usr/sbin/chronyd -r
(root,0,0,00:00:00,28092) [kworker/2:1H]
(root,0,0,00:00:00,29171) [kworker/1:1H]

Found on 2024-12-06 00:08

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5c2392e07f

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33700,2036,00:07:28,1) /sbin/init
(root,0,0,00:00:04,2) [kthreadd]
(root,0,0,00:19:17,3) [ksoftirqd/0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,1-05:40:07,7) [rcu_sched]
(root,0,0,05:18:48,8) [rcuos/0]
(root,0,0,05:40:27,9) [rcuos/1]
(root,0,0,05:42:05,10) [rcuos/2]
(root,0,0,05:17:52,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:06:32,17) [migration/0]
(root,0,0,00:03:22,18) [watchdog/0]
(root,0,0,00:02:54,19) [watchdog/1]
(root,0,0,00:06:42,20) [migration/1]
(root,0,0,00:21:20,21) [ksoftirqd/1]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:02:49,24) [watchdog/2]
(root,0,0,00:06:41,25) [migration/2]
(root,0,0,00:22:27,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:02:54,29) [watchdog/3]
(root,0,0,00:06:41,30) [migration/3]
(root,0,0,00:21:05,31) [ksoftirqd/3]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:20,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:03:01,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:01:38,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,150) [kpsmoused]
(root,0,0,00:00:00,151) [mpt_poll_0]
(root,0,0,00:00:00,152) [mpt/0]
(root,0,0,00:00:00,155) [kworker/2:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:19:37,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,0,0,00:00:00,444) [rpciod]
(root,0,0,00:00:00,460) [nfsiod]
(root,23492,0,00:00:00,492) rpc.idmapd
(syslog,255956,168,01:23:05,499) rsyslogd
(root,0,0,00:00:00,512) [ttm_swap]
(root,89040,108,00:01:32,761) rpcbind
(statd,21612,712,00:00:00,805) rpc.statd -L
(root,16236,596,00:00:00,816) upstart-file-bridge --daemon
(root,15404,248,00:00:00,819) upstart-socket-bridge --daemon
(root,123384,44,00:04:27,922) ypbind -no-dbus
(root,17316,12,00:00:00,941) /sbin/getty -8 38400 tty4
(root,17316,12,00:00:00,944) /sbin/getty -8 38400 tty5
(root,17316,12,00:00:00,953) /sbin/getty -8 38400 tty2
(root,17316,12,00:00:00,954) /sbin/getty -8 38400 tty3
(root,17316,12,00:00:00,956) /sbin/getty -8 38400 tty6
(root,23664,392,00:02:16,987) cron
(root,19320,836,01:35:19,996) /usr/sbin/irqbalance
(root,4380,0,00:00:00,1015) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(daemon,19152,72,00:00:01,1065) atd
(root,375176,52,00:06:34,1068) /usr/sbin/automount
(nagios,23472,140,00:00:00,1146) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,89912,2884,08:24:36,1396) /usr/bin/vmtoolsd
(root,82644,16176,10:34:01,1503) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,371264,30560,05:41:51,1511) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,304116,222668,06:39:11,1513) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90612,16792,03:08:46,1516) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,266344,7156,04:05:44,1584) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,0,0,00:00:00,1665) [kauditd]
(root,0,0,00:03:29,3434) [kworker/0:0]
(postfix,27420,3016,00:00:00,6596) pickup -l -t unix -u -c
(bind,775908,315960,11-18:57:11,7145) /usr/sbin/named -u bind -S 16384
(root,0,0,00:00:00,8622) [kworker/u8:1]
(root,19488,0,00:00:00,8724) upstart-udev-bridge --daemon
(root,51352,4,00:00:00,8727) /lib/systemd/systemd-udevd --daemon
(root,0,0,00:00:00,9479) [kworker/u8:2]
(root,0,0,00:00:00,9785) [kworker/u8:0]
(root,0,0,00:01:45,9831) [kworker/3:1]
(root,18032,2984,00:00:00,10193) /bin/bash /usr/bin/check_mk_agent
(root,15580,2152,00:00:00,10212) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10996,1520,00:00:00,10213) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /
(root,61392,920,00:13:43,11512) /usr/sbin/sshd -D
(root,17316,12,00:00:00,11606) /sbin/getty -8 38400 tty1
(root,0,0,01:20:24,14167) [kworker/1:2]
(root,15008,324,00:01:05,14213) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,25356,588,00:01:04,14350) /usr/lib/postfix/master
(postfix,27608,1316,00:00:33,14352) qmgr -l -t unix -u
(root,0,0,00:01:02,16328) [kworker/3:2]
(root,0,0,00:07:05,17656) [kworker/2:0]
(root,0,0,00:00:00,20266) [kworker/1:1]
(root,0,0,00:03:38,23191) [kworker/0:2]
(root,0,0,00:00:00,25504) [kworker/3:1H]
(root,0,0,00:00:00,25809) [kworker/0:1H]
(root,21916,1276,01:04:08,26550) /usr/sbin/chronyd -r
(root,0,0,00:00:00,28092) [kworker/2:1H]
(root,0,0,00:00:00,29171) [kworker/1:1H]

Found on 2024-12-03 23:36

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5c01d401d3

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33700,1648,00:07:27,1) /sbin/init
(root,0,0,00:00:04,2) [kthreadd]
(root,0,0,00:19:15,3) [ksoftirqd/0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,1-05:37:00,7) [rcu_sched]
(root,0,0,05:18:15,8) [rcuos/0]
(root,0,0,05:39:53,9) [rcuos/1]
(root,0,0,05:41:30,10) [rcuos/2]
(root,0,0,05:17:28,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:06:32,17) [migration/0]
(root,0,0,00:03:22,18) [watchdog/0]
(root,0,0,00:02:54,19) [watchdog/1]
(root,0,0,00:06:42,20) [migration/1]
(root,0,0,00:21:18,21) [ksoftirqd/1]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:02:49,24) [watchdog/2]
(root,0,0,00:06:41,25) [migration/2]
(root,0,0,00:22:25,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:02:54,29) [watchdog/3]
(root,0,0,00:06:40,30) [migration/3]
(root,0,0,00:21:03,31) [ksoftirqd/3]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:20,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:03:01,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:01:37,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,150) [kpsmoused]
(root,0,0,00:00:00,151) [mpt_poll_0]
(root,0,0,00:00:00,152) [mpt/0]
(root,0,0,00:00:00,155) [kworker/2:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:19:33,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,0,0,00:00:00,444) [rpciod]
(root,0,0,00:00:00,460) [nfsiod]
(root,23492,0,00:00:00,492) rpc.idmapd
(syslog,255956,728,01:22:38,499) rsyslogd
(root,0,0,00:00:00,512) [ttm_swap]
(root,89040,108,00:01:32,761) rpcbind
(statd,21612,1096,00:00:00,805) rpc.statd -L
(root,16236,52,00:00:00,816) upstart-file-bridge --daemon
(root,15404,392,00:00:00,819) upstart-socket-bridge --daemon
(root,123384,504,00:04:27,922) ypbind -no-dbus
(root,17316,12,00:00:00,941) /sbin/getty -8 38400 tty4
(root,17316,12,00:00:00,944) /sbin/getty -8 38400 tty5
(root,17316,12,00:00:00,953) /sbin/getty -8 38400 tty2
(root,17316,12,00:00:00,954) /sbin/getty -8 38400 tty3
(root,17316,12,00:00:00,956) /sbin/getty -8 38400 tty6
(root,23664,624,00:02:15,987) cron
(root,19320,1220,01:35:05,996) /usr/sbin/irqbalance
(root,4380,0,00:00:00,1015) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(daemon,19152,0,00:00:01,1065) atd
(root,375176,56,00:06:33,1068) /usr/sbin/automount
(nagios,23472,56,00:00:00,1146) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,89912,3076,08:23:39,1396) /usr/bin/vmtoolsd
(root,82644,16576,10:32:20,1503) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,371264,27420,05:40:57,1511) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,303596,222584,06:38:05,1513) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90612,17792,03:08:16,1516) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,266344,7108,04:05:08,1584) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,0,0,00:00:00,1665) [kauditd]
(root,0,0,00:03:29,3434) [kworker/0:0]
(bind,775908,306192,11-16:29:20,7145) /usr/sbin/named -u bind -S 16384
(root,19488,744,00:00:00,8724) upstart-udev-bridge --daemon
(root,51352,4,00:00:00,8727) /lib/systemd/systemd-udevd --daemon
(root,0,0,00:01:45,9831) [kworker/3:1]
(root,61392,1240,00:13:40,11512) /usr/sbin/sshd -D
(root,17316,12,00:00:00,11606) /sbin/getty -8 38400 tty1
(root,0,0,01:20:20,14167) [kworker/1:2]
(root,15008,568,00:01:05,14213) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,25356,800,00:01:04,14350) /usr/lib/postfix/master
(postfix,27608,420,00:00:33,14352) qmgr -l -t unix -u
(root,0,0,00:00:57,16328) [kworker/3:2]
(root,0,0,00:07:02,17656) [kworker/2:0]
(root,0,0,00:00:00,20266) [kworker/1:1]
(root,0,0,00:03:35,23191) [kworker/0:2]
(root,0,0,00:00:00,25504) [kworker/3:1H]
(root,0,0,00:00:00,25809) [kworker/0:1H]
(root,21916,1940,01:03:59,26550) /usr/sbin/chronyd -r
(postfix,27420,3004,00:00:00,27354) pickup -l -t unix -u -c
(root,0,0,00:00:00,28092) [kworker/2:1H]
(root,0,0,00:00:00,29171) [kworker/1:1H]
(root,0,0,00:00:00,31077) [kworker/u8:0]
(root,0,0,00:00:00,31595) [kworker/u8:1]
(root,63464,5588,00:00:00,31928) sshd: root [priv]   
(sshd,61472,2860,00:00:00,31929) sshd: root [net]    
(root,0,0,00:00:00,31930) [kworker/u8:2]
(root,18032,2952,00:00:00,32345) /bin/bash /usr/bin/check_mk_agent
(root,15580,2108,00:00:00,32364) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10992,1512,00:00:00,32365) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /

Found on 2024-12-01 23:45

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5c3cad535a

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33700,1748,00:07:26,1) /sbin/init
(root,0,0,00:00:04,2) [kthreadd]
(root,0,0,00:19:14,3) [ksoftirqd/0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,1-05:34:39,7) [rcu_sched]
(root,0,0,05:17:49,8) [rcuos/0]
(root,0,0,05:39:27,9) [rcuos/1]
(root,0,0,05:41:05,10) [rcuos/2]
(root,0,0,05:17:04,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:06:31,17) [migration/0]
(root,0,0,00:03:22,18) [watchdog/0]
(root,0,0,00:02:54,19) [watchdog/1]
(root,0,0,00:06:41,20) [migration/1]
(root,0,0,00:21:17,21) [ksoftirqd/1]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:02:49,24) [watchdog/2]
(root,0,0,00:06:40,25) [migration/2]
(root,0,0,00:22:23,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:02:53,29) [watchdog/3]
(root,0,0,00:06:40,30) [migration/3]
(root,0,0,00:21:02,31) [ksoftirqd/3]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:20,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:03:00,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:01:37,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,150) [kpsmoused]
(root,0,0,00:00:00,151) [mpt_poll_0]
(root,0,0,00:00:00,152) [mpt/0]
(root,0,0,00:00:00,155) [kworker/2:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:19:30,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,0,0,00:00:00,444) [rpciod]
(root,0,0,00:00:00,460) [nfsiod]
(root,23492,0,00:00:00,492) rpc.idmapd
(syslog,255956,696,01:22:19,499) rsyslogd
(root,0,0,00:00:00,512) [ttm_swap]
(root,89040,100,00:01:32,761) rpcbind
(statd,21612,140,00:00:00,805) rpc.statd -L
(root,16236,432,00:00:00,816) upstart-file-bridge --daemon
(root,15404,32,00:00:00,819) upstart-socket-bridge --daemon
(root,123384,48,00:04:26,922) ypbind -no-dbus
(root,17316,12,00:00:00,941) /sbin/getty -8 38400 tty4
(root,17316,12,00:00:00,944) /sbin/getty -8 38400 tty5
(root,17316,12,00:00:00,953) /sbin/getty -8 38400 tty2
(root,17316,12,00:00:00,954) /sbin/getty -8 38400 tty3
(root,17316,12,00:00:00,956) /sbin/getty -8 38400 tty6
(root,23664,584,00:02:15,987) cron
(root,19320,1332,01:34:51,996) /usr/sbin/irqbalance
(root,4380,0,00:00:00,1015) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(daemon,19152,0,00:00:01,1065) atd
(root,375176,64,00:06:31,1068) /usr/sbin/automount
(nagios,23472,72,00:00:00,1146) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,89912,3112,08:22:40,1396) /usr/bin/vmtoolsd
(root,82644,16428,10:30:34,1503) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,371264,30736,05:40:00,1511) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,303072,221936,06:36:56,1513) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90612,10144,03:07:45,1516) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,266344,7088,04:04:31,1584) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,0,0,00:00:00,1665) [kauditd]
(root,0,0,00:03:29,3434) [kworker/0:0]
(bind,775908,319224,11-15:01:12,7145) /usr/sbin/named -u bind -S 16384
(root,19488,568,00:00:00,8724) upstart-udev-bridge --daemon
(root,51352,4,00:00:00,8727) /lib/systemd/systemd-udevd --daemon
(root,0,0,00:01:45,9831) [kworker/3:1]
(root,61392,1244,00:13:36,11512) /usr/sbin/sshd -D
(root,17316,12,00:00:00,11606) /sbin/getty -8 38400 tty1
(postfix,27420,2868,00:00:00,11849) pickup -l -t unix -u -c
(root,0,0,00:00:00,13220) [kworker/u8:2]
(root,0,0,01:20:17,14167) [kworker/1:2]
(root,15008,92,00:01:05,14213) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,25356,704,00:01:03,14350) /usr/lib/postfix/master
(postfix,27608,1696,00:00:33,14352) qmgr -l -t unix -u
(root,0,0,00:00:00,16290) [kworker/u8:1]
(root,0,0,00:00:52,16328) [kworker/3:2]
(root,0,0,00:00:00,16889) [kworker/u8:0]
(root,18032,2888,00:00:00,16938) /bin/bash /usr/bin/check_mk_agent
(root,15580,2140,00:00:00,16957) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10992,1480,00:00:00,16958) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /
(root,0,0,00:06:59,17656) [kworker/2:0]
(root,0,0,00:00:00,20266) [kworker/1:1]
(root,0,0,00:03:32,23191) [kworker/0:2]
(root,0,0,00:00:00,25504) [kworker/3:1H]
(root,0,0,00:00:00,25809) [kworker/0:1H]
(root,21916,1924,01:03:51,26550) /usr/sbin/chronyd -r
(root,0,0,00:00:00,28092) [kworker/2:1H]
(root,0,0,00:00:00,29171) [kworker/1:1H]

Found on 2024-11-29 21:53

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5c57318c27

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33700,2712,00:07:24,1) /sbin/init
(root,0,0,00:00:04,2) [kthreadd]
(root,0,0,00:19:12,3) [ksoftirqd/0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,1-05:31:24,7) [rcu_sched]
(root,0,0,05:17:13,8) [rcuos/0]
(root,0,0,05:38:54,9) [rcuos/1]
(root,0,0,05:40:34,10) [rcuos/2]
(root,0,0,05:16:34,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:06:31,17) [migration/0]
(root,0,0,00:03:21,18) [watchdog/0]
(root,0,0,00:02:53,19) [watchdog/1]
(root,0,0,00:06:41,20) [migration/1]
(root,0,0,00:21:15,21) [ksoftirqd/1]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:02:48,24) [watchdog/2]
(root,0,0,00:06:40,25) [migration/2]
(root,0,0,00:22:22,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:02:53,29) [watchdog/3]
(root,0,0,00:06:39,30) [migration/3]
(root,0,0,00:21:01,31) [ksoftirqd/3]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:20,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:02:59,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:01:36,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,150) [kpsmoused]
(root,0,0,00:00:00,151) [mpt_poll_0]
(root,0,0,00:00:00,152) [mpt/0]
(root,0,0,00:00:00,155) [kworker/2:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:19:27,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,0,0,00:00:00,444) [rpciod]
(root,0,0,00:00:00,460) [nfsiod]
(root,23492,0,00:00:00,492) rpc.idmapd
(syslog,255956,812,01:21:58,499) rsyslogd
(root,0,0,00:00:00,512) [ttm_swap]
(root,89040,104,00:01:32,761) rpcbind
(statd,21612,1160,00:00:00,805) rpc.statd -L
(root,16236,68,00:00:00,816) upstart-file-bridge --daemon
(root,15404,52,00:00:00,819) upstart-socket-bridge --daemon
(root,123384,20,00:04:25,922) ypbind -no-dbus
(root,17316,12,00:00:00,941) /sbin/getty -8 38400 tty4
(root,17316,12,00:00:00,944) /sbin/getty -8 38400 tty5
(root,17316,12,00:00:00,953) /sbin/getty -8 38400 tty2
(root,17316,12,00:00:00,954) /sbin/getty -8 38400 tty3
(root,17316,12,00:00:00,956) /sbin/getty -8 38400 tty6
(root,23664,620,00:02:15,987) cron
(root,19320,1408,01:34:37,996) /usr/sbin/irqbalance
(root,4380,0,00:00:00,1015) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(daemon,19152,0,00:00:01,1065) atd
(root,375176,36,00:06:29,1068) /usr/sbin/automount
(nagios,23472,0,00:00:00,1146) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,89912,3212,08:21:44,1396) /usr/bin/vmtoolsd
(root,82644,16712,10:28:52,1503) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,371264,29452,05:39:05,1511) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,302296,220524,06:35:52,1513) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90612,9588,03:07:14,1516) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,266344,7144,04:03:57,1584) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,0,0,00:00:00,1665) [kauditd]
(root,0,0,00:03:29,3434) [kworker/0:0]
(root,0,0,00:00:00,5627) [kworker/u8:0]
(bind,775908,319684,11-12:27:01,7145) /usr/sbin/named -u bind -S 16384
(root,0,0,00:00:00,7391) [kworker/u8:1]
(postfix,27420,2956,00:00:00,7712) pickup -l -t unix -u -c
(root,18032,2928,00:00:00,7754) /bin/bash /usr/bin/check_mk_agent
(root,15580,2112,00:00:00,7773) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10992,1564,00:00:00,7774) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /
(root,19488,472,00:00:00,8724) upstart-udev-bridge --daemon
(root,51352,4,00:00:00,8727) /lib/systemd/systemd-udevd --daemon
(root,0,0,00:01:45,9831) [kworker/3:1]
(root,61392,1296,00:13:33,11512) /usr/sbin/sshd -D
(root,17316,12,00:00:00,11606) /sbin/getty -8 38400 tty1
(root,0,0,01:20:14,14167) [kworker/1:2]
(root,15008,60,00:01:05,14213) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,25356,968,00:01:03,14350) /usr/lib/postfix/master
(postfix,27608,956,00:00:33,14352) qmgr -l -t unix -u
(root,0,0,00:00:47,16328) [kworker/3:2]
(root,0,0,00:06:56,17656) [kworker/2:0]
(root,0,0,00:00:00,20266) [kworker/1:1]
(root,0,0,00:03:28,23191) [kworker/0:2]
(root,0,0,00:00:00,25504) [kworker/3:1H]
(root,0,0,00:00:00,25809) [kworker/0:1H]
(root,21916,2040,01:03:42,26550) /usr/sbin/chronyd -r
(root,0,0,00:00:00,28092) [kworker/2:1H]
(root,0,0,00:00:00,29171) [kworker/1:1H]

Found on 2024-11-27 21:59

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5c26418571

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33700,2380,00:07:23,1) /sbin/init
(root,0,0,00:00:04,2) [kthreadd]
(root,0,0,00:19:10,3) [ksoftirqd/0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,1-05:28:18,7) [rcu_sched]
(root,0,0,05:16:41,8) [rcuos/0]
(root,0,0,05:38:22,9) [rcuos/1]
(root,0,0,05:40:05,10) [rcuos/2]
(root,0,0,05:16:05,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:06:30,17) [migration/0]
(root,0,0,00:03:21,18) [watchdog/0]
(root,0,0,00:02:53,19) [watchdog/1]
(root,0,0,00:06:40,20) [migration/1]
(root,0,0,00:21:13,21) [ksoftirqd/1]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:02:48,24) [watchdog/2]
(root,0,0,00:06:39,25) [migration/2]
(root,0,0,00:22:20,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:02:53,29) [watchdog/3]
(root,0,0,00:06:39,30) [migration/3]
(root,0,0,00:20:59,31) [ksoftirqd/3]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:20,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:02:59,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:01:36,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,150) [kpsmoused]
(root,0,0,00:00:00,151) [mpt_poll_0]
(root,0,0,00:00:00,152) [mpt/0]
(root,0,0,00:00:00,155) [kworker/2:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:19:24,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,0,0,00:00:00,444) [rpciod]
(root,0,0,00:00:00,460) [nfsiod]
(root,23492,0,00:00:00,492) rpc.idmapd
(syslog,255956,1136,01:21:35,499) rsyslogd
(root,0,0,00:00:00,512) [ttm_swap]
(root,89040,108,00:01:31,761) rpcbind
(statd,21612,896,00:00:00,805) rpc.statd -L
(root,16236,216,00:00:00,816) upstart-file-bridge --daemon
(root,15404,248,00:00:00,819) upstart-socket-bridge --daemon
(root,123384,500,00:04:25,922) ypbind -no-dbus
(root,17316,12,00:00:00,941) /sbin/getty -8 38400 tty4
(root,17316,12,00:00:00,944) /sbin/getty -8 38400 tty5
(root,17316,12,00:00:00,953) /sbin/getty -8 38400 tty2
(root,17316,12,00:00:00,954) /sbin/getty -8 38400 tty3
(root,17316,12,00:00:00,956) /sbin/getty -8 38400 tty6
(root,23664,500,00:02:14,987) cron
(root,19320,860,01:34:22,996) /usr/sbin/irqbalance
(root,4380,0,00:00:00,1015) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(daemon,19152,64,00:00:01,1065) atd
(root,375176,36,00:06:28,1068) /usr/sbin/automount
(nagios,23472,44,00:00:00,1146) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,89912,2980,08:20:49,1396) /usr/bin/vmtoolsd
(root,82644,16296,10:27:12,1503) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,371264,30980,05:38:11,1511) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,301776,220144,06:34:46,1513) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90612,17528,03:06:45,1516) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,266344,7360,04:03:23,1584) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,0,0,00:00:00,1665) [kauditd]
(root,0,0,00:00:00,1868) [kworker/u8:0]
(root,0,0,00:00:00,3276) [kworker/u8:2]
(root,0,0,00:03:29,3434) [kworker/0:0]
(root,0,0,00:00:00,3867) [kworker/u8:1]
(root,18032,2960,00:00:00,4026) /bin/bash /usr/bin/check_mk_agent
(root,15580,2112,00:00:00,4045) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10992,1468,00:00:00,4046) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /
(bind,775908,320692,11-09:56:10,7145) /usr/sbin/named -u bind -S 16384
(root,19488,188,00:00:00,8724) upstart-udev-bridge --daemon
(root,51352,4,00:00:00,8727) /lib/systemd/systemd-udevd --daemon
(root,0,0,00:01:45,9831) [kworker/3:1]
(root,61392,1184,00:13:30,11512) /usr/sbin/sshd -D
(root,17316,12,00:00:00,11606) /sbin/getty -8 38400 tty1
(root,0,0,01:20:11,14167) [kworker/1:2]
(root,15008,168,00:01:05,14213) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,25356,676,00:01:03,14350) /usr/lib/postfix/master
(postfix,27608,1460,00:00:32,14352) qmgr -l -t unix -u
(root,0,0,00:00:42,16328) [kworker/3:2]
(root,0,0,00:06:52,17656) [kworker/2:0]
(root,0,0,00:00:00,20266) [kworker/1:1]
(root,0,0,00:03:25,23191) [kworker/0:2]
(root,0,0,00:00:00,25504) [kworker/3:1H]
(root,0,0,00:00:00,25809) [kworker/0:1H]
(root,21916,1832,01:03:34,26550) /usr/sbin/chronyd -r
(root,0,0,00:00:00,28092) [kworker/2:1H]
(root,0,0,00:00:00,29171) [kworker/1:1H]
(postfix,27420,2984,00:00:00,30846) pickup -l -t unix -u -c

Found on 2024-11-25 23:23

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5c8f05265e

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33700,2024,00:07:22,1) /sbin/init
(root,0,0,00:00:04,2) [kthreadd]
(root,0,0,00:19:09,3) [ksoftirqd/0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,1-05:25:50,7) [rcu_sched]
(root,0,0,05:16:15,8) [rcuos/0]
(root,0,0,05:37:52,9) [rcuos/1]
(root,0,0,05:39:41,10) [rcuos/2]
(root,0,0,05:15:43,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:06:30,17) [migration/0]
(root,0,0,00:03:20,18) [watchdog/0]
(root,0,0,00:02:53,19) [watchdog/1]
(root,0,0,00:06:40,20) [migration/1]
(root,0,0,00:21:11,21) [ksoftirqd/1]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:02:48,24) [watchdog/2]
(root,0,0,00:06:39,25) [migration/2]
(root,0,0,00:22:18,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:02:52,29) [watchdog/3]
(root,0,0,00:06:38,30) [migration/3]
(root,0,0,00:20:57,31) [ksoftirqd/3]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:20,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:02:58,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:01:35,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,150) [kpsmoused]
(root,0,0,00:00:00,151) [mpt_poll_0]
(root,0,0,00:00:00,152) [mpt/0]
(root,0,0,00:00:00,155) [kworker/2:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:19:22,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,0,0,00:00:00,444) [rpciod]
(root,0,0,00:00:00,460) [nfsiod]
(root,23492,0,00:00:00,492) rpc.idmapd
(syslog,255956,236,01:21:24,499) rsyslogd
(root,0,0,00:00:00,512) [ttm_swap]
(root,89040,384,00:01:31,761) rpcbind
(statd,21612,960,00:00:00,805) rpc.statd -L
(root,16236,680,00:00:00,816) upstart-file-bridge --daemon
(root,15404,312,00:00:00,819) upstart-socket-bridge --daemon
(root,123384,164,00:04:24,922) ypbind -no-dbus
(root,17316,12,00:00:00,941) /sbin/getty -8 38400 tty4
(root,17316,12,00:00:00,944) /sbin/getty -8 38400 tty5
(root,17316,12,00:00:00,953) /sbin/getty -8 38400 tty2
(root,17316,12,00:00:00,954) /sbin/getty -8 38400 tty3
(root,17316,12,00:00:00,956) /sbin/getty -8 38400 tty6
(root,23664,572,00:02:14,987) cron
(root,19320,1008,01:34:09,996) /usr/sbin/irqbalance
(root,4380,0,00:00:00,1015) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(daemon,19152,0,00:00:01,1065) atd
(root,375176,36,00:06:26,1068) /usr/sbin/automount
(nagios,23472,336,00:00:00,1146) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,89912,2900,08:19:54,1396) /usr/bin/vmtoolsd
(root,82644,16192,10:25:33,1503) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,371132,30936,05:37:18,1511) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,301072,220000,06:33:43,1513) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90612,17592,03:06:15,1516) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,266344,6876,04:02:48,1584) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,0,0,00:00:00,1665) [kauditd]
(root,0,0,00:03:29,3434) [kworker/0:0]
(bind,775908,315292,11-08:07:07,7145) /usr/sbin/named -u bind -S 16384
(root,19488,56,00:00:00,8724) upstart-udev-bridge --daemon
(root,51352,4,00:00:00,8727) /lib/systemd/systemd-udevd --daemon
(root,0,0,00:01:45,9831) [kworker/3:1]
(root,61392,1176,00:13:27,11512) /usr/sbin/sshd -D
(root,17316,12,00:00:00,11606) /sbin/getty -8 38400 tty1
(root,0,0,01:20:07,14167) [kworker/1:2]
(root,15008,540,00:01:05,14213) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,25356,724,00:01:02,14350) /usr/lib/postfix/master
(postfix,27608,612,00:00:32,14352) qmgr -l -t unix -u
(root,0,0,00:00:38,16328) [kworker/3:2]
(root,0,0,00:06:49,17656) [kworker/2:0]
(root,0,0,00:00:00,20266) [kworker/1:1]
(root,0,0,00:03:23,23191) [kworker/0:2]
(root,0,0,00:00:00,25504) [kworker/3:1H]
(root,0,0,00:00:00,25809) [kworker/0:1H]
(root,21916,1796,01:03:25,26550) /usr/sbin/chronyd -r
(postfix,27420,2996,00:00:00,27023) pickup -l -t unix -u -c
(root,0,0,00:00:00,28092) [kworker/2:1H]
(root,0,0,00:00:00,28723) [kworker/u8:1]
(root,0,0,00:00:00,29171) [kworker/1:1H]
(root,0,0,00:00:00,30839) [kworker/u8:2]
(root,0,0,00:00:00,31155) [kworker/u8:0]
(root,61392,5440,00:00:00,31467) sshd: [accepted]    
(root,63464,5684,00:00:00,31468) sshd: [accepted]    
(sshd,61392,2816,00:00:00,31469) sshd: [net]         
(root,18032,2972,00:00:00,31621) /bin/bash /usr/bin/check_mk_agent
(root,15580,2128,00:00:00,31640) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10996,1456,00:00:00,31641) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /

Found on 2024-11-24 00:43

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5c329c7f36

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33700,1656,00:07:21,1) /sbin/init
(root,0,0,00:00:04,2) [kthreadd]
(root,0,0,00:19:08,3) [ksoftirqd/0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,1-05:23:20,7) [rcu_sched]
(root,0,0,05:15:48,8) [rcuos/0]
(root,0,0,05:37:24,9) [rcuos/1]
(root,0,0,05:39:14,10) [rcuos/2]
(root,0,0,05:15:21,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:06:29,17) [migration/0]
(root,0,0,00:03:20,18) [watchdog/0]
(root,0,0,00:02:52,19) [watchdog/1]
(root,0,0,00:06:39,20) [migration/1]
(root,0,0,00:21:10,21) [ksoftirqd/1]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:02:47,24) [watchdog/2]
(root,0,0,00:06:38,25) [migration/2]
(root,0,0,00:22:17,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:02:52,29) [watchdog/3]
(root,0,0,00:06:38,30) [migration/3]
(root,0,0,00:20:56,31) [ksoftirqd/3]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:20,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:02:57,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:01:35,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,150) [kpsmoused]
(root,0,0,00:00:00,151) [mpt_poll_0]
(root,0,0,00:00:00,152) [mpt/0]
(root,0,0,00:00:00,155) [kworker/2:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:19:19,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,0,0,00:00:00,444) [rpciod]
(root,0,0,00:00:00,460) [nfsiod]
(root,23492,0,00:00:00,492) rpc.idmapd
(syslog,255956,232,01:21:10,499) rsyslogd
(root,0,0,00:00:00,512) [ttm_swap]
(root,89040,88,00:01:31,761) rpcbind
(statd,21612,1244,00:00:00,805) rpc.statd -L
(root,16236,112,00:00:00,816) upstart-file-bridge --daemon
(root,15404,80,00:00:00,819) upstart-socket-bridge --daemon
(root,123384,4,00:04:23,922) ypbind -no-dbus
(root,17316,12,00:00:00,941) /sbin/getty -8 38400 tty4
(root,17316,12,00:00:00,944) /sbin/getty -8 38400 tty5
(root,17316,12,00:00:00,953) /sbin/getty -8 38400 tty2
(root,17316,12,00:00:00,954) /sbin/getty -8 38400 tty3
(root,17316,12,00:00:00,956) /sbin/getty -8 38400 tty6
(root,23664,612,00:02:14,987) cron
(root,19320,1488,01:33:55,996) /usr/sbin/irqbalance
(root,4380,0,00:00:00,1015) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(daemon,19152,0,00:00:01,1065) atd
(root,375176,40,00:06:25,1068) /usr/sbin/automount
(nagios,23472,136,00:00:00,1146) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,89912,3284,08:18:58,1396) /usr/bin/vmtoolsd
(root,82644,16644,10:23:51,1503) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,371132,25204,05:36:23,1511) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,300292,219588,06:32:39,1513) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90612,16308,03:05:45,1516) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,266344,7140,04:02:14,1584) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,0,0,00:00:00,1665) [kauditd]
(root,0,0,00:03:29,3434) [kworker/0:0]
(bind,775908,321912,11-06:24:35,7145) /usr/sbin/named -u bind -S 16384
(root,19488,20,00:00:00,8724) upstart-udev-bridge --daemon
(root,51352,4,00:00:00,8727) /lib/systemd/systemd-udevd --daemon
(root,0,0,00:01:45,9831) [kworker/3:1]
(root,61392,1368,00:13:24,11512) /usr/sbin/sshd -D
(root,17316,12,00:00:00,11606) /sbin/getty -8 38400 tty1
(root,0,0,01:20:03,14167) [kworker/1:2]
(root,15008,552,00:01:05,14213) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,25356,972,00:01:02,14350) /usr/lib/postfix/master
(postfix,27608,168,00:00:32,14352) qmgr -l -t unix -u
(root,0,0,00:00:33,16328) [kworker/3:2]
(root,0,0,00:06:46,17656) [kworker/2:0]
(postfix,27420,2968,00:00:00,20241) pickup -l -t unix -u -c
(root,0,0,00:00:00,20266) [kworker/1:1]
(root,0,0,00:03:20,23191) [kworker/0:2]
(root,0,0,00:00:00,24682) [kworker/u8:1]
(root,0,0,00:00:00,25254) [kworker/u8:0]
(root,0,0,00:00:00,25504) [kworker/3:1H]
(root,0,0,00:00:00,25518) [kworker/u8:2]
(root,63464,5736,00:00:00,25787) sshd: root [priv]   
(sshd,61472,3028,00:00:00,25788) sshd: root [net]    
(root,0,0,00:00:00,25809) [kworker/0:1H]
(root,18032,2952,00:00:00,25863) /bin/bash /usr/bin/check_mk_agent
(root,15580,2148,00:00:00,25882) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10996,1376,00:00:00,25883) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /
(root,21916,2084,01:03:17,26550) /usr/sbin/chronyd -r
(root,0,0,00:00:00,28092) [kworker/2:1H]
(root,0,0,00:00:00,29171) [kworker/1:1H]

Found on 2024-11-22 00:51

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5c35bf66fa

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33700,1448,00:07:20,1) /sbin/init
(root,0,0,00:00:04,2) [kthreadd]
(root,0,0,00:19:06,3) [ksoftirqd/0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,1-05:20:57,7) [rcu_sched]
(root,0,0,05:15:23,8) [rcuos/0]
(root,0,0,05:36:59,9) [rcuos/1]
(root,0,0,05:38:50,10) [rcuos/2]
(root,0,0,05:14:59,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:06:29,17) [migration/0]
(root,0,0,00:03:19,18) [watchdog/0]
(root,0,0,00:02:52,19) [watchdog/1]
(root,0,0,00:06:39,20) [migration/1]
(root,0,0,00:21:08,21) [ksoftirqd/1]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:02:47,24) [watchdog/2]
(root,0,0,00:06:38,25) [migration/2]
(root,0,0,00:22:15,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:02:52,29) [watchdog/3]
(root,0,0,00:06:38,30) [migration/3]
(root,0,0,00:20:55,31) [ksoftirqd/3]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:20,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:02:57,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:01:35,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,150) [kpsmoused]
(root,0,0,00:00:00,151) [mpt_poll_0]
(root,0,0,00:00:00,152) [mpt/0]
(root,0,0,00:00:00,155) [kworker/2:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:19:16,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,0,0,00:00:00,444) [rpciod]
(root,0,0,00:00:00,460) [nfsiod]
(root,23492,0,00:00:00,492) rpc.idmapd
(syslog,255956,216,01:20:59,499) rsyslogd
(root,0,0,00:00:00,512) [ttm_swap]
(root,89040,88,00:01:31,761) rpcbind
(statd,21612,864,00:00:00,805) rpc.statd -L
(root,16236,268,00:00:00,816) upstart-file-bridge --daemon
(root,15404,84,00:00:00,819) upstart-socket-bridge --daemon
(root,123384,12,00:04:23,922) ypbind -no-dbus
(root,17316,16,00:00:00,941) /sbin/getty -8 38400 tty4
(root,17316,16,00:00:00,944) /sbin/getty -8 38400 tty5
(root,17316,16,00:00:00,953) /sbin/getty -8 38400 tty2
(root,17316,16,00:00:00,954) /sbin/getty -8 38400 tty3
(root,17316,16,00:00:00,956) /sbin/getty -8 38400 tty6
(root,23664,444,00:02:13,987) cron
(root,19320,796,01:33:43,996) /usr/sbin/irqbalance
(root,4380,0,00:00:00,1015) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(daemon,19152,0,00:00:01,1065) atd
(root,375176,4,00:06:24,1068) /usr/sbin/automount
(nagios,23472,96,00:00:00,1146) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,89912,2836,08:18:12,1396) /usr/bin/vmtoolsd
(root,82644,15444,10:22:28,1503) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,371132,30948,05:35:38,1511) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,299772,149944,06:31:42,1513) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90612,8888,03:05:21,1516) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,266344,6632,04:01:48,1584) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,0,0,00:00:00,1665) [kauditd]
(root,0,0,00:03:29,3434) [kworker/0:0]
(bind,775908,323256,11-04:34:40,7145) /usr/sbin/named -u bind -S 16384
(root,19488,20,00:00:00,8724) upstart-udev-bridge --daemon
(root,51352,84,00:00:00,8727) /lib/systemd/systemd-udevd --daemon
(root,0,0,00:01:45,9831) [kworker/3:1]
(root,61392,1096,00:13:21,11512) /usr/sbin/sshd -D
(root,17316,16,00:00:00,11606) /sbin/getty -8 38400 tty1
(root,0,0,01:20:00,14167) [kworker/1:2]
(root,15008,416,00:01:05,14213) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,25356,604,00:01:02,14350) /usr/lib/postfix/master
(postfix,27608,1268,00:00:32,14352) qmgr -l -t unix -u
(root,0,0,00:00:29,16328) [kworker/3:2]
(postfix,27420,2984,00:00:00,16561) pickup -l -t unix -u -c
(root,0,0,00:06:44,17656) [kworker/2:0]
(root,0,0,00:00:00,18181) [kworker/u8:0]
(root,0,0,00:00:00,18439) [kworker/u8:2]
(root,0,0,00:00:00,18699) [kworker/u8:1]
(root,61392,5456,00:00:00,18702) sshd: [accepted]    
(root,18032,3004,00:00:00,19097) /bin/bash /usr/bin/check_mk_agent
(root,15580,2100,00:00:00,19116) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10996,1516,00:00:00,19117) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /
(root,0,0,00:00:00,20266) [kworker/1:1]
(root,0,0,00:03:17,23191) [kworker/0:2]
(root,0,0,00:00:00,25504) [kworker/3:1H]
(root,0,0,00:00:00,25809) [kworker/0:1H]
(root,21916,1256,01:03:09,26550) /usr/sbin/chronyd -r
(root,0,0,00:00:00,28092) [kworker/2:1H]
(root,0,0,00:00:00,29171) [kworker/1:1H]

Found on 2024-11-20 09:40

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5c6f43e239

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33700,2652,00:07:20,1) /sbin/init
(root,0,0,00:00:04,2) [kthreadd]
(root,0,0,00:19:06,3) [ksoftirqd/0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,1-05:20:24,7) [rcu_sched]
(root,0,0,05:15:18,8) [rcuos/0]
(root,0,0,05:36:54,9) [rcuos/1]
(root,0,0,05:38:43,10) [rcuos/2]
(root,0,0,05:14:54,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:06:29,17) [migration/0]
(root,0,0,00:03:19,18) [watchdog/0]
(root,0,0,00:02:52,19) [watchdog/1]
(root,0,0,00:06:39,20) [migration/1]
(root,0,0,00:21:08,21) [ksoftirqd/1]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:02:47,24) [watchdog/2]
(root,0,0,00:06:38,25) [migration/2]
(root,0,0,00:22:15,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:02:51,29) [watchdog/3]
(root,0,0,00:06:37,30) [migration/3]
(root,0,0,00:20:55,31) [ksoftirqd/3]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:20,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:02:57,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:01:34,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,150) [kpsmoused]
(root,0,0,00:00:00,151) [mpt_poll_0]
(root,0,0,00:00:00,152) [mpt/0]
(root,0,0,00:00:00,155) [kworker/2:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:19:16,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,0,0,00:00:00,444) [rpciod]
(root,0,0,00:00:00,460) [nfsiod]
(root,23492,0,00:00:00,492) rpc.idmapd
(syslog,255956,168,01:20:54,499) rsyslogd
(root,0,0,00:00:00,512) [ttm_swap]
(root,89040,88,00:01:31,761) rpcbind
(statd,21612,512,00:00:00,805) rpc.statd -L
(root,16236,24,00:00:00,816) upstart-file-bridge --daemon
(root,15404,580,00:00:00,819) upstart-socket-bridge --daemon
(root,123384,44,00:04:23,922) ypbind -no-dbus
(root,17316,16,00:00:00,941) /sbin/getty -8 38400 tty4
(root,17316,16,00:00:00,944) /sbin/getty -8 38400 tty5
(root,17316,16,00:00:00,953) /sbin/getty -8 38400 tty2
(root,17316,16,00:00:00,954) /sbin/getty -8 38400 tty3
(root,17316,16,00:00:00,956) /sbin/getty -8 38400 tty6
(root,23664,504,00:02:13,987) cron
(root,19320,1280,01:33:41,996) /usr/sbin/irqbalance
(root,4380,0,00:00:00,1015) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(daemon,19152,0,00:00:01,1065) atd
(root,375176,4,00:06:23,1068) /usr/sbin/automount
(nagios,23472,280,00:00:00,1146) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,89912,2952,08:18:01,1396) /usr/bin/vmtoolsd
(root,82644,16088,10:22:08,1503) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,371132,31140,05:35:28,1511) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,299772,141796,06:31:29,1513) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90612,17196,03:05:15,1516) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,266344,6628,04:01:42,1584) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,0,0,00:00:00,1665) [kauditd]
(root,0,0,00:03:29,3434) [kworker/0:0]
(bind,775908,320028,11-04:07:58,7145) /usr/sbin/named -u bind -S 16384
(root,19488,108,00:00:00,8724) upstart-udev-bridge --daemon
(root,51352,84,00:00:00,8727) /lib/systemd/systemd-udevd --daemon
(root,0,0,00:01:45,9831) [kworker/3:1]
(root,61392,1132,00:13:21,11512) /usr/sbin/sshd -D
(root,17316,16,00:00:00,11606) /sbin/getty -8 38400 tty1
(postfix,27420,2952,00:00:00,14061) pickup -l -t unix -u -c
(root,0,0,01:20:00,14167) [kworker/1:2]
(root,15008,672,00:01:05,14213) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,25356,808,00:01:02,14350) /usr/lib/postfix/master
(postfix,27608,916,00:00:32,14352) qmgr -l -t unix -u
(root,0,0,00:00:28,16328) [kworker/3:2]
(root,0,0,00:00:00,17344) [kworker/u8:0]
(root,0,0,00:06:43,17656) [kworker/2:0]
(root,0,0,00:00:00,17716) [kworker/u8:1]
(root,61392,5452,00:00:00,19293) sshd: [accepted]    
(sshd,61392,2820,00:00:00,19294) sshd: [net]         
(root,61392,5428,00:00:00,19295) sshd: [accepted]    
(sshd,61392,2820,00:00:00,19296) sshd: [net]         
(root,18032,2976,00:00:00,19355) /bin/bash /usr/bin/check_mk_agent
(root,15580,2120,00:00:00,19374) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10992,1440,00:00:00,19375) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /
(root,0,0,00:00:00,20266) [kworker/1:1]
(root,0,0,00:03:16,23191) [kworker/0:2]
(root,0,0,00:00:00,25504) [kworker/3:1H]
(root,0,0,00:00:00,25809) [kworker/0:1H]
(root,21916,1828,01:03:08,26550) /usr/sbin/chronyd -r
(root,0,0,00:00:00,28092) [kworker/2:1H]
(root,0,0,00:00:00,29171) [kworker/1:1H]

Found on 2024-11-20 00:23

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5cb9da3e97

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33700,2160,00:07:19,1) /sbin/init
(root,0,0,00:00:04,2) [kthreadd]
(root,0,0,00:19:05,3) [ksoftirqd/0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,1-05:17:39,7) [rcu_sched]
(root,0,0,05:14:48,8) [rcuos/0]
(root,0,0,05:36:23,9) [rcuos/1]
(root,0,0,05:38:16,10) [rcuos/2]
(root,0,0,05:14:29,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:06:28,17) [migration/0]
(root,0,0,00:03:19,18) [watchdog/0]
(root,0,0,00:02:52,19) [watchdog/1]
(root,0,0,00:06:38,20) [migration/1]
(root,0,0,00:21:06,21) [ksoftirqd/1]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:02:46,24) [watchdog/2]
(root,0,0,00:06:37,25) [migration/2]
(root,0,0,00:22:13,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:02:51,29) [watchdog/3]
(root,0,0,00:06:37,30) [migration/3]
(root,0,0,00:20:53,31) [ksoftirqd/3]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:19,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:02:56,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:01:34,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,150) [kpsmoused]
(root,0,0,00:00:00,151) [mpt_poll_0]
(root,0,0,00:00:00,152) [mpt/0]
(root,0,0,00:00:00,155) [kworker/2:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:19:12,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,0,0,00:00:00,444) [rpciod]
(root,0,0,00:00:00,460) [nfsiod]
(root,23492,0,00:00:00,492) rpc.idmapd
(syslog,255956,676,01:20:28,499) rsyslogd
(root,0,0,00:00:00,512) [ttm_swap]
(root,89040,452,00:01:30,761) rpcbind
(statd,21612,880,00:00:00,805) rpc.statd -L
(root,16236,92,00:00:00,816) upstart-file-bridge --daemon
(root,15404,540,00:00:00,819) upstart-socket-bridge --daemon
(root,123384,60,00:04:22,922) ypbind -no-dbus
(root,17316,16,00:00:00,941) /sbin/getty -8 38400 tty4
(root,17316,16,00:00:00,944) /sbin/getty -8 38400 tty5
(root,17316,16,00:00:00,953) /sbin/getty -8 38400 tty2
(root,17316,16,00:00:00,954) /sbin/getty -8 38400 tty3
(root,17316,16,00:00:00,956) /sbin/getty -8 38400 tty6
(root,23664,560,00:02:13,987) cron
(root,19320,812,01:33:26,996) /usr/sbin/irqbalance
(root,4380,0,00:00:00,1015) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(daemon,19152,32,00:00:01,1065) atd
(root,375176,0,00:06:22,1068) /usr/sbin/automount
(nagios,23472,144,00:00:00,1146) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,89912,2952,08:17:03,1396) /usr/bin/vmtoolsd
(root,82644,16552,10:20:25,1503) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,371132,31292,05:34:32,1511) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,299252,174104,06:30:22,1513) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90612,17264,03:04:44,1516) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,266344,7632,04:01:04,1584) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,0,0,00:00:00,1665) [kauditd]
(root,0,0,00:00:00,1933) [kworker/u8:1]
(root,0,0,00:00:00,2245) [kworker/u8:2]
(root,0,0,00:00:00,2526) [kworker/u8:0]
(root,18032,2952,00:00:00,2925) /bin/bash /usr/bin/check_mk_agent
(root,15580,2148,00:00:00,2944) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10996,1508,00:00:00,2945) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /
(root,0,0,00:03:29,3434) [kworker/0:0]
(bind,775908,309716,11-01:57:09,7145) /usr/sbin/named -u bind -S 16384
(root,19488,8,00:00:00,8724) upstart-udev-bridge --daemon
(root,51352,100,00:00:00,8727) /lib/systemd/systemd-udevd --daemon
(root,0,0,00:01:45,9831) [kworker/3:1]
(root,61392,1212,00:13:17,11512) /usr/sbin/sshd -D
(root,17316,16,00:00:00,11606) /sbin/getty -8 38400 tty1
(root,0,0,01:19:56,14167) [kworker/1:2]
(root,15008,452,00:01:05,14213) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,25356,624,00:01:01,14350) /usr/lib/postfix/master
(postfix,27608,360,00:00:32,14352) qmgr -l -t unix -u
(root,0,0,00:00:23,16328) [kworker/3:2]
(root,0,0,00:06:40,17656) [kworker/2:0]
(root,0,0,00:00:00,20266) [kworker/1:1]
(root,0,0,00:03:13,23191) [kworker/0:2]
(root,0,0,00:00:00,25504) [kworker/3:1H]
(root,0,0,00:00:00,25809) [kworker/0:1H]
(root,21916,1884,01:02:59,26550) /usr/sbin/chronyd -r
(root,0,0,00:00:00,28092) [kworker/2:1H]
(root,0,0,00:00:00,29171) [kworker/1:1H]
(postfix,27420,2992,00:00:00,32032) pickup -l -t unix -u -c

Found on 2024-11-17 23:31

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5ce3827152

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33700,2108,00:07:17,1) /sbin/init
(root,0,0,00:00:04,2) [kthreadd]
(root,0,0,00:19:04,3) [ksoftirqd/0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,1-05:15:45,7) [rcu_sched]
(root,0,0,05:14:25,8) [rcuos/0]
(root,0,0,05:36:03,9) [rcuos/1]
(root,0,0,05:37:54,10) [rcuos/2]
(root,0,0,05:14:10,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:06:28,17) [migration/0]
(root,0,0,00:03:18,18) [watchdog/0]
(root,0,0,00:02:51,19) [watchdog/1]
(root,0,0,00:06:38,20) [migration/1]
(root,0,0,00:21:05,21) [ksoftirqd/1]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:02:46,24) [watchdog/2]
(root,0,0,00:06:37,25) [migration/2]
(root,0,0,00:22:12,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:02:51,29) [watchdog/3]
(root,0,0,00:06:36,30) [migration/3]
(root,0,0,00:20:52,31) [ksoftirqd/3]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:19,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:02:56,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:01:33,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,150) [kpsmoused]
(root,0,0,00:00:00,151) [mpt_poll_0]
(root,0,0,00:00:00,152) [mpt/0]
(root,0,0,00:00:00,155) [kworker/2:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:19:10,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,0,0,00:00:00,444) [rpciod]
(root,0,0,00:00:00,460) [nfsiod]
(root,23492,0,00:00:00,492) rpc.idmapd
(syslog,255956,740,01:20:18,499) rsyslogd
(root,0,0,00:00:00,512) [ttm_swap]
(root,89040,76,00:01:30,761) rpcbind
(statd,21612,864,00:00:00,805) rpc.statd -L
(root,16236,232,00:00:00,816) upstart-file-bridge --daemon
(root,15404,12,00:00:00,819) upstart-socket-bridge --daemon
(root,123384,0,00:04:22,922) ypbind -no-dbus
(root,17316,16,00:00:00,941) /sbin/getty -8 38400 tty4
(root,17316,16,00:00:00,944) /sbin/getty -8 38400 tty5
(root,17316,16,00:00:00,953) /sbin/getty -8 38400 tty2
(root,17316,16,00:00:00,954) /sbin/getty -8 38400 tty3
(root,17316,16,00:00:00,956) /sbin/getty -8 38400 tty6
(root,23664,484,00:02:13,987) cron
(root,19320,980,01:33:14,996) /usr/sbin/irqbalance
(root,4380,0,00:00:00,1015) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(daemon,19152,88,00:00:01,1065) atd
(root,375176,28,00:06:20,1068) /usr/sbin/automount
(nagios,23472,4,00:00:00,1146) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,89912,3044,08:16:08,1396) /usr/bin/vmtoolsd
(root,82644,16164,10:18:46,1503) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,371132,31132,05:33:39,1511) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,298728,150348,06:29:19,1513) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90612,17356,03:04:15,1516) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,266344,6880,04:00:26,1584) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,0,0,00:00:00,1665) [kauditd]
(root,0,0,00:03:29,3434) [kworker/0:0]
(bind,775908,315740,11-00:48:50,7145) /usr/sbin/named -u bind -S 16384
(root,19488,0,00:00:00,8724) upstart-udev-bridge --daemon
(root,51352,100,00:00:00,8727) /lib/systemd/systemd-udevd --daemon
(root,0,0,00:01:45,9831) [kworker/3:1]
(root,61392,1120,00:13:13,11512) /usr/sbin/sshd -D
(root,17316,16,00:00:00,11606) /sbin/getty -8 38400 tty1
(root,0,0,01:19:52,14167) [kworker/1:2]
(root,15008,464,00:01:05,14213) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,25356,636,00:01:01,14350) /usr/lib/postfix/master
(postfix,27608,116,00:00:31,14352) qmgr -l -t unix -u
(root,0,0,00:00:18,16328) [kworker/3:2]
(root,0,0,00:06:37,17656) [kworker/2:0]
(root,0,0,00:00:00,20266) [kworker/1:1]
(postfix,27420,2948,00:00:00,22672) pickup -l -t unix -u -c
(root,0,0,00:03:10,23191) [kworker/0:2]
(root,0,0,00:00:00,25054) [kworker/u8:0]
(root,0,0,00:00:00,25376) [kworker/u8:1]
(root,0,0,00:00:00,25504) [kworker/3:1H]
(root,61392,5448,00:00:00,25675) sshd: [accepted]    
(root,0,0,00:00:00,25681) [kworker/u8:2]
(root,0,0,00:00:00,25809) [kworker/0:1H]
(root,18032,2944,00:00:00,25831) /bin/bash /usr/bin/check_mk_agent
(root,15580,2108,00:00:00,25850) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10992,1520,00:00:00,25851) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /
(root,21916,1396,01:02:51,26550) /usr/sbin/chronyd -r
(root,0,0,00:00:00,28092) [kworker/2:1H]
(root,0,0,00:00:00,29171) [kworker/1:1H]

Found on 2024-11-16 00:44

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5c3df5f4e3

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33700,2108,00:07:17,1) /sbin/init
(root,0,0,00:00:04,2) [kthreadd]
(root,0,0,00:19:04,3) [ksoftirqd/0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,1-05:15:43,7) [rcu_sched]
(root,0,0,05:14:25,8) [rcuos/0]
(root,0,0,05:36:03,9) [rcuos/1]
(root,0,0,05:37:54,10) [rcuos/2]
(root,0,0,05:14:09,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:06:28,17) [migration/0]
(root,0,0,00:03:18,18) [watchdog/0]
(root,0,0,00:02:51,19) [watchdog/1]
(root,0,0,00:06:38,20) [migration/1]
(root,0,0,00:21:05,21) [ksoftirqd/1]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:02:46,24) [watchdog/2]
(root,0,0,00:06:37,25) [migration/2]
(root,0,0,00:22:12,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:02:51,29) [watchdog/3]
(root,0,0,00:06:36,30) [migration/3]
(root,0,0,00:20:52,31) [ksoftirqd/3]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:19,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:02:56,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:01:33,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,150) [kpsmoused]
(root,0,0,00:00:00,151) [mpt_poll_0]
(root,0,0,00:00:00,152) [mpt/0]
(root,0,0,00:00:00,155) [kworker/2:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:19:10,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,0,0,00:00:00,444) [rpciod]
(root,0,0,00:00:00,460) [nfsiod]
(root,23492,0,00:00:00,492) rpc.idmapd
(syslog,255956,740,01:20:17,499) rsyslogd
(root,0,0,00:00:00,512) [ttm_swap]
(root,89040,76,00:01:30,761) rpcbind
(statd,21612,864,00:00:00,805) rpc.statd -L
(root,16236,232,00:00:00,816) upstart-file-bridge --daemon
(root,15404,12,00:00:00,819) upstart-socket-bridge --daemon
(root,123384,0,00:04:22,922) ypbind -no-dbus
(root,17316,16,00:00:00,941) /sbin/getty -8 38400 tty4
(root,17316,16,00:00:00,944) /sbin/getty -8 38400 tty5
(root,17316,16,00:00:00,953) /sbin/getty -8 38400 tty2
(root,17316,16,00:00:00,954) /sbin/getty -8 38400 tty3
(root,17316,16,00:00:00,956) /sbin/getty -8 38400 tty6
(root,23664,484,00:02:13,987) cron
(root,19320,980,01:33:14,996) /usr/sbin/irqbalance
(root,4380,0,00:00:00,1015) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(daemon,19152,88,00:00:01,1065) atd
(root,375176,28,00:06:20,1068) /usr/sbin/automount
(nagios,23472,4,00:00:00,1146) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,89912,3044,08:16:07,1396) /usr/bin/vmtoolsd
(root,82644,16164,10:18:44,1503) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,371132,31132,05:33:37,1511) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,298728,150300,06:29:18,1513) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90612,17356,03:04:14,1516) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,266344,6880,04:00:25,1584) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,0,0,00:00:00,1665) [kauditd]
(root,0,0,00:03:29,3434) [kworker/0:0]
(bind,775908,315732,11-00:47:27,7145) /usr/sbin/named -u bind -S 16384
(root,19488,0,00:00:00,8724) upstart-udev-bridge --daemon
(root,51352,100,00:00:00,8727) /lib/systemd/systemd-udevd --daemon
(root,0,0,00:01:45,9831) [kworker/3:1]
(root,61392,1120,00:13:12,11512) /usr/sbin/sshd -D
(root,17316,16,00:00:00,11606) /sbin/getty -8 38400 tty1
(root,0,0,01:19:52,14167) [kworker/1:2]
(root,15008,464,00:01:05,14213) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,25356,636,00:01:01,14350) /usr/lib/postfix/master
(postfix,27608,116,00:00:31,14352) qmgr -l -t unix -u
(root,0,0,00:00:18,16328) [kworker/3:2]
(postfix,27420,2960,00:00:00,16520) pickup -l -t unix -u -c
(root,0,0,00:06:37,17656) [kworker/2:0]
(root,0,0,00:00:00,20048) [kworker/u8:2]
(root,0,0,00:00:00,20266) [kworker/1:1]
(root,0,0,00:00:00,21194) [kworker/u8:0]
(root,0,0,00:00:00,21501) [kworker/u8:1]
(root,63464,5612,00:00:00,21533) sshd: [accepted]    
(sshd,61392,2832,00:00:00,21534) sshd: [net]         
(root,18032,2936,00:00:00,21632) /bin/bash /usr/bin/check_mk_agent
(root,15580,2132,00:00:00,21651) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10996,1420,00:00:00,21652) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /
(root,0,0,00:03:10,23191) [kworker/0:2]
(root,0,0,00:00:00,25504) [kworker/3:1H]
(root,0,0,00:00:00,25809) [kworker/0:1H]
(root,21916,1396,01:02:51,26550) /usr/sbin/chronyd -r
(root,0,0,00:00:00,28092) [kworker/2:1H]
(root,0,0,00:00:00,29171) [kworker/1:1H]

Found on 2024-11-15 23:43

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5cc06ad270

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33700,2040,00:07:16,1) /sbin/init
(root,0,0,00:00:04,2) [kthreadd]
(root,0,0,00:19:02,3) [ksoftirqd/0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,1-05:13:03,7) [rcu_sched]
(root,0,0,05:13:55,8) [rcuos/0]
(root,0,0,05:35:33,9) [rcuos/1]
(root,0,0,05:37:27,10) [rcuos/2]
(root,0,0,05:13:45,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:06:27,17) [migration/0]
(root,0,0,00:03:18,18) [watchdog/0]
(root,0,0,00:02:51,19) [watchdog/1]
(root,0,0,00:06:37,20) [migration/1]
(root,0,0,00:21:04,21) [ksoftirqd/1]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:02:46,24) [watchdog/2]
(root,0,0,00:06:36,25) [migration/2]
(root,0,0,00:22:11,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:02:50,29) [watchdog/3]
(root,0,0,00:06:36,30) [migration/3]
(root,0,0,00:20:51,31) [ksoftirqd/3]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:19,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:02:55,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:01:33,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,150) [kpsmoused]
(root,0,0,00:00:00,151) [mpt_poll_0]
(root,0,0,00:00:00,152) [mpt/0]
(root,0,0,00:00:00,155) [kworker/2:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:19:07,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,0,0,00:00:00,444) [rpciod]
(root,0,0,00:00:00,460) [nfsiod]
(root,23492,0,00:00:00,492) rpc.idmapd
(syslog,255956,956,01:19:59,499) rsyslogd
(root,0,0,00:00:00,512) [ttm_swap]
(root,89040,104,00:01:30,761) rpcbind
(statd,21612,476,00:00:00,805) rpc.statd -L
(root,16236,548,00:00:00,816) upstart-file-bridge --daemon
(root,15404,20,00:00:00,819) upstart-socket-bridge --daemon
(root,123384,32,00:04:21,922) ypbind -no-dbus
(root,17316,16,00:00:00,941) /sbin/getty -8 38400 tty4
(root,17316,16,00:00:00,944) /sbin/getty -8 38400 tty5
(root,17316,16,00:00:00,953) /sbin/getty -8 38400 tty2
(root,17316,16,00:00:00,954) /sbin/getty -8 38400 tty3
(root,17316,16,00:00:00,956) /sbin/getty -8 38400 tty6
(root,23664,372,00:02:12,987) cron
(root,19320,784,01:32:59,996) /usr/sbin/irqbalance
(root,4380,0,00:00:00,1015) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(daemon,19152,0,00:00:01,1065) atd
(root,375176,64,00:06:19,1068) /usr/sbin/automount
(nagios,23472,180,00:00:00,1146) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,89912,2688,08:15:10,1396) /usr/bin/vmtoolsd
(root,82644,16100,10:17:00,1503) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,371132,30972,05:32:42,1511) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,297952,216744,06:28:12,1513) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90612,8900,03:03:44,1516) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,266344,6588,03:59:48,1584) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,0,0,00:00:00,1665) [kauditd]
(root,0,0,00:03:29,3434) [kworker/0:0]
(postfix,27420,2996,00:00:00,4124) pickup -l -t unix -u -c
(root,0,0,00:00:00,6410) [kworker/u8:0]
(root,0,0,00:00:00,6953) [kworker/u8:2]
(bind,775908,309320,10-22:47:46,7145) /usr/sbin/named -u bind -S 16384
(root,0,0,00:00:00,7258) [kworker/u8:1]
(root,18032,2964,00:00:00,7669) /bin/bash /usr/bin/check_mk_agent
(root,15580,2108,00:00:00,7688) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10996,1544,00:00:00,7689) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /
(root,19488,420,00:00:00,8724) upstart-udev-bridge --daemon
(root,51352,100,00:00:00,8727) /lib/systemd/systemd-udevd --daemon
(root,0,0,00:01:45,9831) [kworker/3:1]
(root,61392,884,00:13:08,11512) /usr/sbin/sshd -D
(root,17316,16,00:00:00,11606) /sbin/getty -8 38400 tty1
(root,0,0,01:19:47,14167) [kworker/1:2]
(root,15008,372,00:01:05,14213) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,25356,584,00:01:00,14350) /usr/lib/postfix/master
(postfix,27608,112,00:00:31,14352) qmgr -l -t unix -u
(root,0,0,00:00:13,16328) [kworker/3:2]
(root,0,0,00:06:34,17656) [kworker/2:0]
(root,0,0,00:00:00,20266) [kworker/1:1]
(root,0,0,00:03:07,23191) [kworker/0:2]
(root,0,0,00:00:00,25504) [kworker/3:1H]
(root,0,0,00:00:00,25809) [kworker/0:1H]
(root,21916,1560,01:02:42,26550) /usr/sbin/chronyd -r
(root,0,0,00:00:00,28092) [kworker/2:1H]
(root,0,0,00:00:00,29171) [kworker/1:1H]

Found on 2024-11-13 22:57

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5cce87c4be

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33700,2096,00:07:14,1) /sbin/init
(root,0,0,00:00:04,2) [kthreadd]
(root,0,0,00:19:01,3) [ksoftirqd/0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,1-05:10:15,7) [rcu_sched]
(root,0,0,05:13:26,8) [rcuos/0]
(root,0,0,05:35:05,9) [rcuos/1]
(root,0,0,05:36:57,10) [rcuos/2]
(root,0,0,05:13:17,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:06:27,17) [migration/0]
(root,0,0,00:03:18,18) [watchdog/0]
(root,0,0,00:02:51,19) [watchdog/1]
(root,0,0,00:06:37,20) [migration/1]
(root,0,0,00:21:02,21) [ksoftirqd/1]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:02:45,24) [watchdog/2]
(root,0,0,00:06:36,25) [migration/2]
(root,0,0,00:22:09,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:02:50,29) [watchdog/3]
(root,0,0,00:06:35,30) [migration/3]
(root,0,0,00:20:49,31) [ksoftirqd/3]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:19,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:02:54,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:01:32,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,150) [kpsmoused]
(root,0,0,00:00:00,151) [mpt_poll_0]
(root,0,0,00:00:00,152) [mpt/0]
(root,0,0,00:00:00,155) [kworker/2:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:19:03,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,0,0,00:00:00,444) [rpciod]
(root,0,0,00:00:00,460) [nfsiod]
(root,23492,0,00:00:00,492) rpc.idmapd
(syslog,255956,260,01:19:33,499) rsyslogd
(root,0,0,00:00:00,512) [ttm_swap]
(root,89040,416,00:01:30,761) rpcbind
(statd,21612,436,00:00:00,805) rpc.statd -L
(root,16236,772,00:00:00,816) upstart-file-bridge --daemon
(root,15404,16,00:00:00,819) upstart-socket-bridge --daemon
(root,123384,508,00:04:20,922) ypbind -no-dbus
(root,17316,16,00:00:00,941) /sbin/getty -8 38400 tty4
(root,17316,16,00:00:00,944) /sbin/getty -8 38400 tty5
(root,17316,16,00:00:00,953) /sbin/getty -8 38400 tty2
(root,17316,16,00:00:00,954) /sbin/getty -8 38400 tty3
(root,17316,16,00:00:00,956) /sbin/getty -8 38400 tty6
(root,23664,532,00:02:12,987) cron
(root,19320,864,01:32:45,996) /usr/sbin/irqbalance
(root,4380,0,00:00:00,1015) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(daemon,19152,0,00:00:01,1065) atd
(root,375176,468,00:06:17,1068) /usr/sbin/automount
(nagios,23472,24,00:00:00,1146) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,89912,2920,08:14:13,1396) /usr/bin/vmtoolsd
(root,82644,16620,10:15:16,1503) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,371132,22572,05:31:46,1511) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,297428,164636,06:27:04,1513) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90612,9232,03:03:13,1516) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,266344,7636,03:59:10,1584) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,0,0,00:00:00,1665) [kauditd]
(root,0,0,00:03:29,3434) [kworker/0:0]
(bind,775908,309940,10-20:38:40,7145) /usr/sbin/named -u bind -S 16384
(root,19488,204,00:00:00,8724) upstart-udev-bridge --daemon
(root,51352,100,00:00:00,8727) /lib/systemd/systemd-udevd --daemon
(root,0,0,00:01:45,9831) [kworker/3:1]
(root,61392,1220,00:13:04,11512) /usr/sbin/sshd -D
(root,17316,16,00:00:00,11606) /sbin/getty -8 38400 tty1
(root,0,0,01:19:43,14167) [kworker/1:2]
(root,15008,380,00:01:05,14213) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,25356,644,00:01:00,14350) /usr/lib/postfix/master
(postfix,27608,484,00:00:31,14352) qmgr -l -t unix -u
(root,0,0,00:00:08,16328) [kworker/3:2]
(root,0,0,00:06:31,17656) [kworker/2:0]
(root,0,0,00:00:00,20266) [kworker/1:1]
(root,0,0,00:03:03,23191) [kworker/0:2]
(root,0,0,00:00:00,23769) [kworker/u8:2]
(postfix,27420,2984,00:00:00,23788) pickup -l -t unix -u -c
(root,0,0,00:00:00,25153) [kworker/u8:1]
(root,0,0,00:00:00,25460) [kworker/u8:0]
(root,0,0,00:00:00,25461) [kworker/u8:3]
(root,0,0,00:00:00,25504) [kworker/3:1H]
(root,18032,2976,00:00:00,25780) /bin/bash /usr/bin/check_mk_agent
(root,15580,2196,00:00:00,25799) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10992,1512,00:00:00,25800) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /
(root,0,0,00:00:00,25809) [kworker/0:1H]
(root,21916,1784,01:02:33,26550) /usr/sbin/chronyd -r
(root,0,0,00:00:00,28092) [kworker/2:1H]
(root,0,0,00:00:00,29171) [kworker/1:1H]

Found on 2024-11-11 22:06

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5cc0f2a408

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33700,2500,00:07:13,1) /sbin/init
(root,0,0,00:00:04,2) [kthreadd]
(root,0,0,00:18:59,3) [ksoftirqd/0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,1-05:07:59,7) [rcu_sched]
(root,0,0,05:13:03,8) [rcuos/0]
(root,0,0,05:34:40,9) [rcuos/1]
(root,0,0,05:36:32,10) [rcuos/2]
(root,0,0,05:12:52,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:06:26,17) [migration/0]
(root,0,0,00:03:17,18) [watchdog/0]
(root,0,0,00:02:50,19) [watchdog/1]
(root,0,0,00:06:36,20) [migration/1]
(root,0,0,00:21:01,21) [ksoftirqd/1]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:02:45,24) [watchdog/2]
(root,0,0,00:06:35,25) [migration/2]
(root,0,0,00:22:08,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:02:50,29) [watchdog/3]
(root,0,0,00:06:35,30) [migration/3]
(root,0,0,00:20:48,31) [ksoftirqd/3]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:19,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:02:54,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:01:32,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,150) [kpsmoused]
(root,0,0,00:00:00,151) [mpt_poll_0]
(root,0,0,00:00:00,152) [mpt/0]
(root,0,0,00:00:00,155) [kworker/2:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:19:00,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,0,0,00:00:00,444) [rpciod]
(root,0,0,00:00:00,460) [nfsiod]
(root,23492,24,00:00:00,492) rpc.idmapd
(syslog,255956,116,01:19:20,499) rsyslogd
(root,0,0,00:00:00,512) [ttm_swap]
(root,89040,188,00:01:29,761) rpcbind
(statd,21612,1100,00:00:00,805) rpc.statd -L
(root,16236,52,00:00:00,816) upstart-file-bridge --daemon
(root,15404,28,00:00:00,819) upstart-socket-bridge --daemon
(root,123384,96,00:04:20,922) ypbind -no-dbus
(root,17316,16,00:00:00,941) /sbin/getty -8 38400 tty4
(root,17316,16,00:00:00,944) /sbin/getty -8 38400 tty5
(root,17316,16,00:00:00,953) /sbin/getty -8 38400 tty2
(root,17316,16,00:00:00,954) /sbin/getty -8 38400 tty3
(root,17316,16,00:00:00,956) /sbin/getty -8 38400 tty6
(root,23664,624,00:02:12,987) cron
(root,19320,1220,01:32:32,996) /usr/sbin/irqbalance
(root,4380,0,00:00:00,1015) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(daemon,19152,0,00:00:01,1065) atd
(root,375176,116,00:06:15,1068) /usr/sbin/automount
(nagios,23472,76,00:00:00,1146) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,89912,3152,08:13:20,1396) /usr/bin/vmtoolsd
(root,82644,16440,10:13:38,1503) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,371132,30352,05:30:53,1511) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,296908,215476,06:26:03,1513) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90612,17876,03:02:44,1516) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,266344,7212,03:58:33,1584) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,0,0,00:00:00,1665) [kauditd]
(root,0,0,00:03:29,3434) [kworker/0:0]
(bind,775908,313336,10-19:03:02,7145) /usr/sbin/named -u bind -S 16384
(root,19488,76,00:00:00,8724) upstart-udev-bridge --daemon
(root,51352,152,00:00:00,8727) /lib/systemd/systemd-udevd --daemon
(root,0,0,00:01:45,9831) [kworker/3:1]
(root,61392,1320,00:13:00,11512) /usr/sbin/sshd -D
(root,17316,16,00:00:00,11606) /sbin/getty -8 38400 tty1
(root,0,0,01:19:40,14167) [kworker/1:2]
(root,15008,640,00:01:05,14213) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,25356,792,00:01:00,14350) /usr/lib/postfix/master
(postfix,27608,120,00:00:31,14352) qmgr -l -t unix -u
(root,0,0,00:00:03,16328) [kworker/3:2]
(postfix,27420,2988,00:00:00,16768) pickup -l -t unix -u -c
(root,0,0,00:06:27,17656) [kworker/2:0]
(root,0,0,00:00:00,19845) [kworker/u8:1]
(root,0,0,00:00:00,20266) [kworker/1:1]
(root,0,0,00:00:00,20859) [kworker/u8:2]
(root,61392,5532,00:00:00,21167) sshd: [accepted]    
(root,63464,5736,00:00:00,21172) sshd: root [priv]   
(sshd,61472,2856,00:00:00,21173) sshd: root [net]    
(root,0,0,00:00:00,21184) [kworker/u8:0]
(root,18032,2916,00:00:00,21464) /bin/bash /usr/bin/check_mk_agent
(root,15580,2200,00:00:00,21483) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10992,1564,00:00:00,21484) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /
(root,0,0,00:03:00,23191) [kworker/0:2]
(root,0,0,00:00:00,25504) [kworker/3:1H]
(root,0,0,00:00:00,25809) [kworker/0:1H]
(root,21916,1524,01:02:25,26550) /usr/sbin/chronyd -r
(root,0,0,00:00:00,28092) [kworker/2:1H]
(root,0,0,00:00:00,29171) [kworker/1:1H]

Found on 2024-11-10 00:05

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5c47aa8f89

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33700,2316,00:07:11,1) /sbin/init
(root,0,0,00:00:04,2) [kthreadd]
(root,0,0,00:18:58,3) [ksoftirqd/0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,1-05:05:29,7) [rcu_sched]
(root,0,0,05:12:33,8) [rcuos/0]
(root,0,0,05:34:12,9) [rcuos/1]
(root,0,0,05:36:03,10) [rcuos/2]
(root,0,0,05:12:27,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:06:26,17) [migration/0]
(root,0,0,00:03:17,18) [watchdog/0]
(root,0,0,00:02:50,19) [watchdog/1]
(root,0,0,00:06:36,20) [migration/1]
(root,0,0,00:20:59,21) [ksoftirqd/1]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:02:45,24) [watchdog/2]
(root,0,0,00:06:35,25) [migration/2]
(root,0,0,00:22:06,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:02:49,29) [watchdog/3]
(root,0,0,00:06:34,30) [migration/3]
(root,0,0,00:20:47,31) [ksoftirqd/3]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:19,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:02:53,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:01:31,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,150) [kpsmoused]
(root,0,0,00:00:00,151) [mpt_poll_0]
(root,0,0,00:00:00,152) [mpt/0]
(root,0,0,00:00:00,155) [kworker/2:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:18:57,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,0,0,00:00:00,444) [rpciod]
(root,0,0,00:00:00,460) [nfsiod]
(root,23492,0,00:00:00,492) rpc.idmapd
(syslog,255956,132,01:19:01,499) rsyslogd
(root,0,0,00:00:00,512) [ttm_swap]
(root,89040,192,00:01:29,761) rpcbind
(statd,21612,948,00:00:00,805) rpc.statd -L
(root,16236,56,00:00:00,816) upstart-file-bridge --daemon
(root,15404,36,00:00:00,819) upstart-socket-bridge --daemon
(root,123384,96,00:04:19,922) ypbind -no-dbus
(root,17316,16,00:00:00,941) /sbin/getty -8 38400 tty4
(root,17316,16,00:00:00,944) /sbin/getty -8 38400 tty5
(root,17316,16,00:00:00,953) /sbin/getty -8 38400 tty2
(root,17316,16,00:00:00,954) /sbin/getty -8 38400 tty3
(root,17316,16,00:00:00,956) /sbin/getty -8 38400 tty6
(root,23664,508,00:02:11,987) cron
(root,19320,1008,01:32:19,996) /usr/sbin/irqbalance
(root,4380,0,00:00:00,1015) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(daemon,19152,44,00:00:01,1065) atd
(root,375176,0,00:06:14,1068) /usr/sbin/automount
(nagios,23472,20,00:00:00,1146) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,89912,3432,08:12:20,1396) /usr/bin/vmtoolsd
(root,82644,16132,10:12:01,1503) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,371132,30948,05:30:01,1511) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,296132,211144,06:24:58,1513) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90612,17664,03:02:15,1516) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,266344,7004,03:57:53,1584) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,0,0,00:00:00,1665) [kauditd]
(root,0,0,00:03:29,3434) [kworker/0:0]
(postfix,27420,3040,00:00:00,5825) pickup -l -t unix -u -c
(root,0,0,00:03:11,6595) [kworker/3:0]
(bind,775908,316488,10-17:30:36,7145) /usr/sbin/named -u bind -S 16384
(root,0,0,00:00:00,7649) [kworker/u8:0]
(root,0,0,00:00:00,8225) [kworker/u8:2]
(root,0,0,00:00:00,8522) [kworker/u8:1]
(root,19488,80,00:00:00,8724) upstart-udev-bridge --daemon
(root,51352,8,00:00:00,8727) /lib/systemd/systemd-udevd --daemon
(root,18032,2968,00:00:00,8813) /bin/bash /usr/bin/check_mk_agent
(root,15580,2136,00:00:00,8832) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10996,1424,00:00:00,8833) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /
(root,0,0,00:01:45,9831) [kworker/3:1]
(root,61392,1152,00:12:55,11512) /usr/sbin/sshd -D
(root,17316,16,00:00:00,11606) /sbin/getty -8 38400 tty1
(root,0,0,01:19:37,14167) [kworker/1:2]
(root,15008,528,00:01:05,14213) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,25356,628,00:00:59,14350) /usr/lib/postfix/master
(postfix,27608,616,00:00:31,14352) qmgr -l -t unix -u
(root,0,0,00:06:23,17656) [kworker/2:0]
(root,0,0,00:00:00,20266) [kworker/1:1]
(root,0,0,00:02:57,23191) [kworker/0:2]
(root,0,0,00:00:00,25504) [kworker/3:1H]
(root,0,0,00:00:00,25809) [kworker/0:1H]
(root,21916,1868,01:02:17,26550) /usr/sbin/chronyd -r
(root,0,0,00:00:00,28092) [kworker/2:1H]
(root,0,0,00:00:00,29171) [kworker/1:1H]

Found on 2024-11-08 01:00

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5c3b2f2afc

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33700,2360,00:06:57,1) /sbin/init
(root,0,0,00:00:04,2) [kthreadd]
(root,0,0,00:18:03,3) [ksoftirqd/0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,1-03:46:30,7) [rcu_sched]
(root,0,0,04:57:40,8) [rcuos/0]
(root,0,0,05:18:27,9) [rcuos/1]
(root,0,0,05:20:44,10) [rcuos/2]
(root,0,0,04:58:03,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:06:14,17) [migration/0]
(root,0,0,00:03:06,18) [watchdog/0]
(root,0,0,00:02:41,19) [watchdog/1]
(root,0,0,00:06:24,20) [migration/1]
(root,0,0,00:20:00,21) [ksoftirqd/1]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:02:36,24) [watchdog/2]
(root,0,0,00:06:24,25) [migration/2]
(root,0,0,00:21:06,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:02:40,29) [watchdog/3]
(root,0,0,00:06:23,30) [migration/3]
(root,0,0,00:19:51,31) [ksoftirqd/3]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:18,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:02:39,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:01:22,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,150) [kpsmoused]
(root,0,0,00:00:00,151) [mpt_poll_0]
(root,0,0,00:00:00,152) [mpt/0]
(root,0,0,00:00:00,155) [kworker/2:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:17:53,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,0,0,00:00:00,346) [kworker/u8:0]
(root,0,0,00:00:00,444) [rpciod]
(root,0,0,00:00:00,460) [nfsiod]
(root,23492,0,00:00:00,492) rpc.idmapd
(syslog,255956,468,01:13:01,499) rsyslogd
(root,0,0,00:00:00,512) [ttm_swap]
(root,89040,64,00:01:24,761) rpcbind
(statd,21612,836,00:00:00,805) rpc.statd -L
(root,16236,48,00:00:00,816) upstart-file-bridge --daemon
(root,15404,488,00:00:00,819) upstart-socket-bridge --daemon
(root,0,0,00:00:00,873) [kworker/u8:2]
(root,123384,40,00:04:04,922) ypbind -no-dbus
(root,17316,52,00:00:00,941) /sbin/getty -8 38400 tty4
(root,17316,60,00:00:00,944) /sbin/getty -8 38400 tty5
(root,17316,52,00:00:00,953) /sbin/getty -8 38400 tty2
(root,17316,60,00:00:00,954) /sbin/getty -8 38400 tty3
(root,17316,60,00:00:00,956) /sbin/getty -8 38400 tty6
(root,23664,460,00:02:03,987) cron
(root,19320,812,01:27:29,996) /usr/sbin/irqbalance
(root,4380,0,00:00:00,1015) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(root,18032,2980,00:00:00,1038) /bin/bash /usr/bin/check_mk_agent
(root,15580,2092,00:00:00,1057) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10992,1580,00:00:00,1058) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /
(daemon,19152,92,00:00:01,1065) atd
(root,375176,0,00:05:39,1068) /usr/sbin/automount
(nagios,23472,48,00:00:00,1146) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,89912,2860,07:44:25,1396) /usr/bin/vmtoolsd
(root,82644,15988,09:37:01,1503) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,370736,30644,05:11:15,1511) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,282564,201076,06:02:00,1513) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90612,8736,02:51:51,1516) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,266344,6540,03:48:03,1584) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,0,0,00:00:00,1665) [kauditd]
(root,0,0,00:03:29,3434) [kworker/0:0]
(root,0,0,00:01:18,6595) [kworker/3:0]
(bind,775908,324548,8-23:13:25,7145) /usr/sbin/named -u bind -S 16384
(root,19488,736,00:00:00,8724) upstart-udev-bridge --daemon
(root,51352,76,00:00:00,8727) /lib/systemd/systemd-udevd --daemon
(root,0,0,00:01:45,9831) [kworker/3:1]
(root,61392,1140,00:12:18,11512) /usr/sbin/sshd -D
(root,17316,60,00:00:00,11606) /sbin/getty -8 38400 tty1
(root,0,0,01:18:25,14167) [kworker/1:2]
(root,15008,508,00:01:05,14213) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,25356,576,00:00:51,14350) /usr/lib/postfix/master
(postfix,27608,884,00:00:26,14352) qmgr -l -t unix -u
(root,0,0,00:05:05,17656) [kworker/2:0]
(root,0,0,00:00:00,20266) [kworker/1:1]
(root,0,0,00:01:38,23191) [kworker/0:2]
(root,0,0,00:00:00,25504) [kworker/3:1H]
(root,0,0,00:00:00,25809) [kworker/0:1H]
(root,21916,1388,00:58:44,26550) /usr/sbin/chronyd -r
(root,0,0,00:00:00,28092) [kworker/2:1H]
(root,0,0,00:00:00,29171) [kworker/1:1H]
(postfix,27420,3016,00:00:00,31278) pickup -l -t unix -u -c
(root,0,0,00:00:00,31788) [kworker/u8:1]

Found on 2024-09-25 20:12

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5c323443a0

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33700,2428,00:06:57,1) /sbin/init
(root,0,0,00:00:04,2) [kthreadd]
(root,0,0,00:17:59,3) [ksoftirqd/0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,1-03:40:45,7) [rcu_sched]
(root,0,0,04:56:36,8) [rcuos/0]
(root,0,0,05:17:20,9) [rcuos/1]
(root,0,0,05:19:46,10) [rcuos/2]
(root,0,0,04:57:02,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:06:14,17) [migration/0]
(root,0,0,00:03:05,18) [watchdog/0]
(root,0,0,00:02:40,19) [watchdog/1]
(root,0,0,00:06:24,20) [migration/1]
(root,0,0,00:19:56,21) [ksoftirqd/1]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:02:35,24) [watchdog/2]
(root,0,0,00:06:23,25) [migration/2]
(root,0,0,00:21:02,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:02:40,29) [watchdog/3]
(root,0,0,00:06:22,30) [migration/3]
(root,0,0,00:19:47,31) [ksoftirqd/3]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:18,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:02:39,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:01:22,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,150) [kpsmoused]
(root,0,0,00:00:00,151) [mpt_poll_0]
(root,0,0,00:00:00,152) [mpt/0]
(root,0,0,00:00:00,155) [kworker/2:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:17:50,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,0,0,00:00:00,444) [rpciod]
(root,0,0,00:00:00,460) [nfsiod]
(root,23492,0,00:00:00,492) rpc.idmapd
(syslog,255956,48,01:12:46,499) rsyslogd
(root,0,0,00:00:00,512) [ttm_swap]
(root,89040,452,00:01:24,761) rpcbind
(statd,21612,480,00:00:00,805) rpc.statd -L
(root,16236,92,00:00:00,816) upstart-file-bridge --daemon
(root,15404,656,00:00:00,819) upstart-socket-bridge --daemon
(root,123384,36,00:04:03,922) ypbind -no-dbus
(root,17316,52,00:00:00,941) /sbin/getty -8 38400 tty4
(root,17316,60,00:00:00,944) /sbin/getty -8 38400 tty5
(root,17316,52,00:00:00,953) /sbin/getty -8 38400 tty2
(root,17316,60,00:00:00,954) /sbin/getty -8 38400 tty3
(root,17316,60,00:00:00,956) /sbin/getty -8 38400 tty6
(root,23664,496,00:02:03,987) cron
(root,19320,816,01:27:10,996) /usr/sbin/irqbalance
(root,4380,0,00:00:00,1015) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(daemon,19152,0,00:00:01,1065) atd
(root,375176,0,00:05:37,1068) /usr/sbin/automount
(nagios,23472,348,00:00:00,1146) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,89912,2884,07:42:55,1396) /usr/bin/vmtoolsd
(root,82644,16132,09:35:10,1503) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,370736,30704,05:10:17,1511) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,281788,201784,06:00:52,1513) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90612,17208,02:51:18,1516) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,266344,7248,03:47:36,1584) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,0,0,00:00:00,1665) [kauditd]
(root,0,0,00:03:29,3434) [kworker/0:0]
(root,0,0,00:01:12,6595) [kworker/3:0]
(bind,775908,315224,8-20:24:21,7145) /usr/sbin/named -u bind -S 16384
(root,19488,604,00:00:00,8724) upstart-udev-bridge --daemon
(root,51352,76,00:00:00,8727) /lib/systemd/systemd-udevd --daemon
(root,0,0,00:01:45,9831) [kworker/3:1]
(root,61392,1032,00:12:17,11512) /usr/sbin/sshd -D
(root,17316,60,00:00:00,11606) /sbin/getty -8 38400 tty1
(root,0,0,01:18:22,14167) [kworker/1:2]
(root,15008,212,00:01:05,14213) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,25356,624,00:00:51,14350) /usr/lib/postfix/master
(postfix,27608,364,00:00:26,14352) qmgr -l -t unix -u
(root,0,0,00:00:00,14399) [kworker/u8:2]
(postfix,27420,3008,00:00:00,16726) pickup -l -t unix -u -c
(root,0,0,00:00:00,17486) [kworker/u8:0]
(root,0,0,00:05:01,17656) [kworker/2:0]
(root,18032,2968,00:00:00,18142) /bin/bash /usr/bin/check_mk_agent
(root,15580,2036,00:00:00,18161) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10996,1436,00:00:00,18162) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /
(root,0,0,00:00:00,20266) [kworker/1:1]
(root,0,0,00:01:34,23191) [kworker/0:2]
(root,0,0,00:00:00,25504) [kworker/3:1H]
(root,0,0,00:00:00,25809) [kworker/0:1H]
(root,21916,1760,00:58:32,26550) /usr/sbin/chronyd -r
(root,0,0,00:00:00,28092) [kworker/2:1H]
(root,0,0,00:00:00,29171) [kworker/1:1H]

Found on 2024-09-23 22:52

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5c770621cb

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33700,2236,00:06:56,1) /sbin/init
(root,0,0,00:00:04,2) [kthreadd]
(root,0,0,00:17:56,3) [ksoftirqd/0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,1-03:35:41,7) [rcu_sched]
(root,0,0,04:55:38,8) [rcuos/0]
(root,0,0,05:16:22,9) [rcuos/1]
(root,0,0,05:18:51,10) [rcuos/2]
(root,0,0,04:56:11,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:06:13,17) [migration/0]
(root,0,0,00:03:05,18) [watchdog/0]
(root,0,0,00:02:40,19) [watchdog/1]
(root,0,0,00:06:23,20) [migration/1]
(root,0,0,00:19:53,21) [ksoftirqd/1]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:02:35,24) [watchdog/2]
(root,0,0,00:06:22,25) [migration/2]
(root,0,0,00:20:59,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:02:39,29) [watchdog/3]
(root,0,0,00:06:21,30) [migration/3]
(root,0,0,00:19:44,31) [ksoftirqd/3]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:18,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:02:38,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:01:21,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,150) [kpsmoused]
(root,0,0,00:00:00,151) [mpt_poll_0]
(root,0,0,00:00:00,152) [mpt/0]
(root,0,0,00:00:00,155) [kworker/2:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:17:47,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,0,0,00:00:00,444) [rpciod]
(root,0,0,00:00:00,460) [nfsiod]
(root,23492,0,00:00:00,492) rpc.idmapd
(syslog,255956,72,01:12:37,499) rsyslogd
(root,0,0,00:00:00,512) [ttm_swap]
(root,89040,100,00:01:24,761) rpcbind
(statd,21612,1024,00:00:00,805) rpc.statd -L
(root,16236,176,00:00:00,816) upstart-file-bridge --daemon
(root,15404,712,00:00:00,819) upstart-socket-bridge --daemon
(root,123384,640,00:04:02,922) ypbind -no-dbus
(root,17316,52,00:00:00,941) /sbin/getty -8 38400 tty4
(root,17316,60,00:00:00,944) /sbin/getty -8 38400 tty5
(root,17316,52,00:00:00,953) /sbin/getty -8 38400 tty2
(root,17316,60,00:00:00,954) /sbin/getty -8 38400 tty3
(root,17316,60,00:00:00,956) /sbin/getty -8 38400 tty6
(root,23664,664,00:02:02,987) cron
(root,19320,1116,01:26:51,996) /usr/sbin/irqbalance
(root,4380,0,00:00:00,1015) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(daemon,19152,0,00:00:01,1065) atd
(root,375176,20,00:05:35,1068) /usr/sbin/automount
(nagios,23472,124,00:00:00,1146) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,89912,3396,07:41:13,1396) /usr/bin/vmtoolsd
(root,82644,16372,09:33:06,1503) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,370736,30112,05:09:12,1511) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,281268,201312,05:59:39,1513) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90612,17768,02:50:42,1516) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,266344,7084,03:47:05,1584) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,0,0,00:00:00,1665) [kauditd]
(root,0,0,00:03:29,3434) [kworker/0:0]
(root,0,0,00:01:05,6595) [kworker/3:0]
(bind,775908,320800,8-18:03:47,7145) /usr/sbin/named -u bind -S 16384
(root,19488,220,00:00:00,8724) upstart-udev-bridge --daemon
(root,51352,76,00:00:00,8727) /lib/systemd/systemd-udevd --daemon
(root,0,0,00:01:45,9831) [kworker/3:1]
(root,61392,1308,00:12:16,11512) /usr/sbin/sshd -D
(root,17316,60,00:00:00,11606) /sbin/getty -8 38400 tty1
(postfix,27420,2980,00:00:00,13104) pickup -l -t unix -u -c
(root,0,0,01:18:17,14167) [kworker/1:2]
(root,15008,552,00:01:05,14213) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,25356,696,00:00:50,14350) /usr/lib/postfix/master
(postfix,27608,444,00:00:25,14352) qmgr -l -t unix -u
(root,0,0,00:00:00,17593) [kworker/u8:0]
(root,0,0,00:04:56,17656) [kworker/2:0]
(root,0,0,00:00:00,17857) [kworker/u8:2]
(root,18032,2916,00:00:00,18385) /bin/bash /usr/bin/check_mk_agent
(root,15580,2052,00:00:00,18404) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10992,1476,00:00:00,18405) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /
(root,0,0,00:00:00,20266) [kworker/1:1]
(root,0,0,00:01:29,23191) [kworker/0:2]
(root,0,0,00:00:00,25504) [kworker/3:1H]
(root,0,0,00:00:00,25809) [kworker/0:1H]
(root,21916,1808,00:58:19,26550) /usr/sbin/chronyd -r
(root,0,0,00:00:00,28092) [kworker/2:1H]
(root,0,0,00:00:00,29171) [kworker/1:1H]

Found on 2024-09-21 20:25

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5c77c74754

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33700,2128,00:06:55,1) /sbin/init
(root,0,0,00:00:04,2) [kthreadd]
(root,0,0,00:17:52,3) [ksoftirqd/0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,1-03:27:35,7) [rcu_sched]
(root,0,0,04:54:08,8) [rcuos/0]
(root,0,0,05:14:44,9) [rcuos/1]
(root,0,0,05:17:19,10) [rcuos/2]
(root,0,0,04:54:44,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:06:12,17) [migration/0]
(root,0,0,00:03:04,18) [watchdog/0]
(root,0,0,00:02:39,19) [watchdog/1]
(root,0,0,00:06:22,20) [migration/1]
(root,0,0,00:19:48,21) [ksoftirqd/1]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:02:34,24) [watchdog/2]
(root,0,0,00:06:21,25) [migration/2]
(root,0,0,00:20:53,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:02:39,29) [watchdog/3]
(root,0,0,00:06:20,30) [migration/3]
(root,0,0,00:19:39,31) [ksoftirqd/3]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:17,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:02:37,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:01:20,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,150) [kpsmoused]
(root,0,0,00:00:00,151) [mpt_poll_0]
(root,0,0,00:00:00,152) [mpt/0]
(root,0,0,00:00:00,155) [kworker/2:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:17:41,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,0,0,00:00:00,444) [rpciod]
(root,0,0,00:00:00,460) [nfsiod]
(root,23492,0,00:00:00,492) rpc.idmapd
(syslog,255956,192,01:12:05,499) rsyslogd
(root,0,0,00:00:00,512) [ttm_swap]
(root,89040,64,00:01:23,761) rpcbind
(statd,21612,728,00:00:00,805) rpc.statd -L
(root,16236,88,00:00:00,816) upstart-file-bridge --daemon
(root,15404,464,00:00:00,819) upstart-socket-bridge --daemon
(root,123384,300,00:04:01,922) ypbind -no-dbus
(root,17316,60,00:00:00,941) /sbin/getty -8 38400 tty4
(root,17316,68,00:00:00,944) /sbin/getty -8 38400 tty5
(root,17316,60,00:00:00,953) /sbin/getty -8 38400 tty2
(root,17316,68,00:00:00,954) /sbin/getty -8 38400 tty3
(root,17316,68,00:00:00,956) /sbin/getty -8 38400 tty6
(root,23664,476,00:02:01,987) cron
(root,19320,740,01:26:20,996) /usr/sbin/irqbalance
(root,4380,0,00:00:00,1015) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(daemon,19152,32,00:00:01,1065) atd
(root,375176,40,00:05:32,1068) /usr/sbin/automount
(nagios,23472,228,00:00:00,1146) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,89912,3160,07:38:31,1396) /usr/bin/vmtoolsd
(root,82644,16176,09:29:40,1503) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,370736,30056,05:07:22,1511) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,280228,199924,05:57:26,1513) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90612,17096,02:49:41,1516) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,266344,6768,03:46:14,1584) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,0,0,00:00:00,1665) [kauditd]
(postfix,27420,2988,00:00:00,2632) pickup -l -t unix -u -c
(root,0,0,00:03:29,3434) [kworker/0:0]
(root,0,0,00:00:00,5433) [kworker/u8:1]
(root,0,0,00:00:00,5697) [kworker/u8:0]
(root,0,0,00:00:00,6216) [kworker/u8:2]
(root,0,0,00:00:53,6595) [kworker/3:0]
(root,18032,2936,00:00:00,6621) /bin/bash /usr/bin/check_mk_agent
(root,15580,2220,00:00:00,6640) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10996,1448,00:00:00,6641) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /
(bind,775908,317556,8-13:54:15,7145) /usr/sbin/named -u bind -S 16384
(root,19488,4,00:00:00,8724) upstart-udev-bridge --daemon
(root,51352,88,00:00:00,8727) /lib/systemd/systemd-udevd --daemon
(root,0,0,00:01:45,9831) [kworker/3:1]
(root,61392,860,00:12:13,11512) /usr/sbin/sshd -D
(root,17316,68,00:00:00,11606) /sbin/getty -8 38400 tty1
(root,0,0,01:18:10,14167) [kworker/1:2]
(root,15008,400,00:01:05,14213) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,25356,620,00:00:49,14350) /usr/lib/postfix/master
(postfix,27608,748,00:00:25,14352) qmgr -l -t unix -u
(root,0,0,00:04:47,17656) [kworker/2:0]
(root,0,0,00:00:00,20266) [kworker/1:1]
(root,0,0,00:01:21,23191) [kworker/0:2]
(root,0,0,00:00:00,25504) [kworker/3:1H]
(root,0,0,00:00:00,25809) [kworker/0:1H]
(root,21916,1644,00:57:57,26550) /usr/sbin/chronyd -r
(root,0,0,00:00:00,28092) [kworker/2:1H]
(root,0,0,00:00:00,29171) [kworker/1:1H]

Found on 2024-09-17 22:36

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5ce92b8e19

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33700,1852,00:06:55,1) /sbin/init
(root,0,0,00:00:04,2) [kthreadd]
(root,0,0,00:17:48,3) [ksoftirqd/0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,1-03:21:47,7) [rcu_sched]
(root,0,0,04:53:11,8) [rcuos/0]
(root,0,0,05:13:33,9) [rcuos/1]
(root,0,0,05:16:13,10) [rcuos/2]
(root,0,0,04:53:47,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:06:11,17) [migration/0]
(root,0,0,00:03:03,18) [watchdog/0]
(root,0,0,00:02:38,19) [watchdog/1]
(root,0,0,00:06:21,20) [migration/1]
(root,0,0,00:19:44,21) [ksoftirqd/1]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:02:33,24) [watchdog/2]
(root,0,0,00:06:21,25) [migration/2]
(root,0,0,00:20:49,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:02:38,29) [watchdog/3]
(root,0,0,00:06:20,30) [migration/3]
(root,0,0,00:19:36,31) [ksoftirqd/3]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:17,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:02:36,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:01:20,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,150) [kpsmoused]
(root,0,0,00:00:00,151) [mpt_poll_0]
(root,0,0,00:00:00,152) [mpt/0]
(root,0,0,00:00:00,155) [kworker/2:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:17:37,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,0,0,00:00:00,444) [rpciod]
(root,0,0,00:00:00,460) [nfsiod]
(root,23492,0,00:00:00,492) rpc.idmapd
(syslog,255956,400,01:11:40,499) rsyslogd
(root,0,0,00:00:00,512) [ttm_swap]
(root,89040,88,00:01:23,761) rpcbind
(statd,21612,752,00:00:00,805) rpc.statd -L
(root,16236,16,00:00:00,816) upstart-file-bridge --daemon
(root,15404,432,00:00:00,819) upstart-socket-bridge --daemon
(root,123384,64,00:04:00,922) ypbind -no-dbus
(root,17316,60,00:00:00,941) /sbin/getty -8 38400 tty4
(root,17316,68,00:00:00,944) /sbin/getty -8 38400 tty5
(root,17316,60,00:00:00,953) /sbin/getty -8 38400 tty2
(root,17316,68,00:00:00,954) /sbin/getty -8 38400 tty3
(root,17316,68,00:00:00,956) /sbin/getty -8 38400 tty6
(root,23664,428,00:02:01,987) cron
(root,19320,808,01:26:02,996) /usr/sbin/irqbalance
(root,4380,0,00:00:00,1015) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(daemon,19152,84,00:00:01,1065) atd
(root,375176,28,00:05:30,1068) /usr/sbin/automount
(nagios,23472,28,00:00:00,1146) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,89912,2848,07:36:57,1396) /usr/bin/vmtoolsd
(root,82644,16240,09:27:43,1503) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,370736,30376,05:06:21,1511) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,279452,198456,05:56:14,1513) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90612,17040,02:49:06,1516) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,266344,6964,03:45:47,1584) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,0,0,00:00:00,1665) [kauditd]
(root,0,0,00:03:29,3434) [kworker/0:0]
(root,0,0,00:00:47,6595) [kworker/3:0]
(bind,775908,308824,8-11:05:41,7145) /usr/sbin/named -u bind -S 16384
(root,19488,296,00:00:00,8724) upstart-udev-bridge --daemon
(root,51352,88,00:00:00,8727) /lib/systemd/systemd-udevd --daemon
(root,0,0,00:01:45,9831) [kworker/3:1]
(postfix,27420,2988,00:00:00,11137) pickup -l -t unix -u -c
(root,61392,860,00:12:12,11512) /usr/sbin/sshd -D
(root,17316,68,00:00:00,11606) /sbin/getty -8 38400 tty1
(root,0,0,01:18:06,14167) [kworker/1:2]
(root,15008,208,00:01:05,14213) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,25356,660,00:00:49,14350) /usr/lib/postfix/master
(postfix,27608,576,00:00:25,14352) qmgr -l -t unix -u
(root,0,0,00:00:00,14759) [kworker/u8:2]
(root,0,0,00:00:00,15100) [kworker/u8:0]
(root,18032,2992,00:00:00,17056) /bin/bash /usr/bin/check_mk_agent
(root,15580,2104,00:00:00,17075) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10992,1396,00:00:00,17076) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /
(root,0,0,00:04:43,17656) [kworker/2:0]
(root,0,0,00:00:00,20266) [kworker/1:1]
(root,0,0,00:01:17,23191) [kworker/0:2]
(root,0,0,00:00:00,25504) [kworker/3:1H]
(root,0,0,00:00:00,25809) [kworker/0:1H]
(root,21916,1668,00:57:45,26550) /usr/sbin/chronyd -r
(root,0,0,00:00:00,28092) [kworker/2:1H]
(root,0,0,00:00:00,29171) [kworker/1:1H]

Found on 2024-09-15 22:45

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5c926caf12

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33700,2004,00:06:54,1) /sbin/init
(root,0,0,00:00:04,2) [kthreadd]
(root,0,0,00:17:47,3) [ksoftirqd/0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,1-03:18:47,7) [rcu_sched]
(root,0,0,04:52:40,8) [rcuos/0]
(root,0,0,05:12:57,9) [rcuos/1]
(root,0,0,05:15:37,10) [rcuos/2]
(root,0,0,04:53:15,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:06:11,17) [migration/0]
(root,0,0,00:03:03,18) [watchdog/0]
(root,0,0,00:02:38,19) [watchdog/1]
(root,0,0,00:06:20,20) [migration/1]
(root,0,0,00:19:42,21) [ksoftirqd/1]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:02:33,24) [watchdog/2]
(root,0,0,00:06:20,25) [migration/2]
(root,0,0,00:20:47,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:02:38,29) [watchdog/3]
(root,0,0,00:06:19,30) [migration/3]
(root,0,0,00:19:34,31) [ksoftirqd/3]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:17,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:02:35,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:01:19,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,150) [kpsmoused]
(root,0,0,00:00:00,151) [mpt_poll_0]
(root,0,0,00:00:00,152) [mpt/0]
(root,0,0,00:00:00,155) [kworker/2:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:17:34,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,0,0,00:00:00,444) [rpciod]
(root,0,0,00:00:00,460) [nfsiod]
(root,23492,0,00:00:00,492) rpc.idmapd
(syslog,255956,200,01:11:28,499) rsyslogd
(root,0,0,00:00:00,512) [ttm_swap]
(root,89040,100,00:01:22,761) rpcbind
(statd,21612,732,00:00:00,805) rpc.statd -L
(root,16236,120,00:00:00,816) upstart-file-bridge --daemon
(root,15404,500,00:00:00,819) upstart-socket-bridge --daemon
(root,123384,64,00:03:59,922) ypbind -no-dbus
(root,17316,60,00:00:00,941) /sbin/getty -8 38400 tty4
(root,17316,68,00:00:00,944) /sbin/getty -8 38400 tty5
(root,17316,60,00:00:00,953) /sbin/getty -8 38400 tty2
(root,17316,68,00:00:00,954) /sbin/getty -8 38400 tty3
(root,17316,68,00:00:00,956) /sbin/getty -8 38400 tty6
(root,23664,396,00:02:01,987) cron
(root,19320,752,01:25:45,996) /usr/sbin/irqbalance
(root,4380,0,00:00:00,1015) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(daemon,19152,0,00:00:01,1065) atd
(root,375176,56,00:05:28,1068) /usr/sbin/automount
(nagios,23472,120,00:00:00,1146) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,89912,2800,07:35:25,1396) /usr/bin/vmtoolsd
(root,82644,15936,09:25:48,1503) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,370736,30104,05:05:20,1511) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,278932,198432,05:55:06,1513) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90612,17008,02:48:32,1516) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,266344,6228,03:45:16,1584) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,0,0,00:00:00,1665) [kauditd]
(root,0,0,00:03:29,3434) [kworker/0:0]
(root,0,0,00:00:40,6595) [kworker/3:0]
(bind,775908,320100,8-09:38:54,7145) /usr/sbin/named -u bind -S 16384
(root,19488,108,00:00:00,8724) upstart-udev-bridge --daemon
(root,51352,88,00:00:00,8727) /lib/systemd/systemd-udevd --daemon
(root,0,0,00:01:45,9831) [kworker/3:1]
(root,61392,980,00:12:10,11512) /usr/sbin/sshd -D
(root,17316,68,00:00:00,11606) /sbin/getty -8 38400 tty1
(root,0,0,01:18:02,14167) [kworker/1:2]
(root,15008,220,00:01:05,14213) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,25356,612,00:00:48,14350) /usr/lib/postfix/master
(postfix,27608,488,00:00:24,14352) qmgr -l -t unix -u
(postfix,27420,2960,00:00:00,15349) pickup -l -t unix -u -c
(root,0,0,00:00:00,15879) [kworker/u8:1]
(root,0,0,00:00:00,16141) [kworker/u8:2]
(root,0,0,00:04:38,17656) [kworker/2:0]
(root,18032,2956,00:00:00,18127) /bin/bash /usr/bin/check_mk_agent
(root,15580,2108,00:00:00,18146) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10996,1508,00:00:00,18147) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /
(root,0,0,00:00:00,20266) [kworker/1:1]
(root,0,0,00:01:14,23191) [kworker/0:2]
(root,0,0,00:00:00,25504) [kworker/3:1H]
(root,0,0,00:00:00,25809) [kworker/0:1H]
(root,21916,1508,00:57:33,26550) /usr/sbin/chronyd -r
(root,0,0,00:00:00,28092) [kworker/2:1H]
(root,0,0,00:00:00,29171) [kworker/1:1H]

Found on 2024-09-13 21:38

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5c06a7db13

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33700,1980,00:06:54,1) /sbin/init
(root,0,0,00:00:04,2) [kthreadd]
(root,0,0,00:17:45,3) [ksoftirqd/0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,1-03:14:36,7) [rcu_sched]
(root,0,0,04:51:57,8) [rcuos/0]
(root,0,0,05:12:09,9) [rcuos/1]
(root,0,0,05:14:53,10) [rcuos/2]
(root,0,0,04:52:29,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:06:10,17) [migration/0]
(root,0,0,00:03:02,18) [watchdog/0]
(root,0,0,00:02:37,19) [watchdog/1]
(root,0,0,00:06:20,20) [migration/1]
(root,0,0,00:19:39,21) [ksoftirqd/1]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:02:33,24) [watchdog/2]
(root,0,0,00:06:19,25) [migration/2]
(root,0,0,00:20:45,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:02:37,29) [watchdog/3]
(root,0,0,00:06:18,30) [migration/3]
(root,0,0,00:19:32,31) [ksoftirqd/3]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:17,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:02:35,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:01:19,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,150) [kpsmoused]
(root,0,0,00:00:00,151) [mpt_poll_0]
(root,0,0,00:00:00,152) [mpt/0]
(root,0,0,00:00:00,155) [kworker/2:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:17:31,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,0,0,00:00:00,444) [rpciod]
(root,0,0,00:00:00,460) [nfsiod]
(root,23492,0,00:00:00,492) rpc.idmapd
(syslog,255956,256,01:11:04,499) rsyslogd
(root,0,0,00:00:00,512) [ttm_swap]
(root,0,0,00:00:00,625) [kworker/u8:2]
(root,89040,404,00:01:22,761) rpcbind
(statd,21612,748,00:00:00,805) rpc.statd -L
(root,16236,464,00:00:00,816) upstart-file-bridge --daemon
(root,15404,508,00:00:00,819) upstart-socket-bridge --daemon
(root,123384,100,00:03:58,922) ypbind -no-dbus
(root,17316,60,00:00:00,941) /sbin/getty -8 38400 tty4
(root,17316,68,00:00:00,944) /sbin/getty -8 38400 tty5
(root,17316,60,00:00:00,953) /sbin/getty -8 38400 tty2
(root,17316,68,00:00:00,954) /sbin/getty -8 38400 tty3
(root,17316,68,00:00:00,956) /sbin/getty -8 38400 tty6
(root,23664,420,00:02:00,987) cron
(root,19320,780,01:25:28,996) /usr/sbin/irqbalance
(root,4380,0,00:00:00,1015) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(daemon,19152,0,00:00:01,1065) atd
(root,375176,60,00:05:26,1068) /usr/sbin/automount
(nagios,23472,244,00:00:00,1146) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,18032,2992,00:00:00,1316) /bin/bash /usr/bin/check_mk_agent
(root,15580,2108,00:00:00,1335) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10996,1436,00:00:00,1336) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /
(root,89912,3212,07:34:06,1396) /usr/bin/vmtoolsd
(root,82644,16044,09:24:06,1503) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,370736,29992,05:04:26,1511) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,278540,197440,05:53:58,1513) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90612,15552,02:48:02,1516) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,266344,6200,03:44:50,1584) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,0,0,00:00:00,1665) [kauditd]
(root,0,0,00:03:29,3434) [kworker/0:0]
(root,0,0,00:00:35,6595) [kworker/3:0]
(bind,775908,318956,8-07:21:49,7145) /usr/sbin/named -u bind -S 16384
(root,19488,8,00:00:00,8724) upstart-udev-bridge --daemon
(root,51352,88,00:00:00,8727) /lib/systemd/systemd-udevd --daemon
(root,0,0,00:01:45,9831) [kworker/3:1]
(root,61392,964,00:12:09,11512) /usr/sbin/sshd -D
(root,17316,68,00:00:00,11606) /sbin/getty -8 38400 tty1
(root,0,0,01:17:59,14167) [kworker/1:2]
(root,15008,340,00:01:05,14213) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,25356,604,00:00:48,14350) /usr/lib/postfix/master
(postfix,27608,524,00:00:24,14352) qmgr -l -t unix -u
(root,0,0,00:04:34,17656) [kworker/2:0]
(root,0,0,00:00:00,20266) [kworker/1:1]
(root,0,0,00:01:11,23191) [kworker/0:2]
(root,0,0,00:00:00,25504) [kworker/3:1H]
(root,0,0,00:00:00,25809) [kworker/0:1H]
(root,21916,1584,00:57:23,26550) /usr/sbin/chronyd -r
(root,0,0,00:00:00,28092) [kworker/2:1H]
(root,0,0,00:00:00,29171) [kworker/1:1H]
(postfix,27420,2972,00:00:00,29809) pickup -l -t unix -u -c
(root,0,0,00:00:00,32589) [kworker/u8:1]

Found on 2024-09-12 01:04

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5c00e7e18e

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33700,1980,00:06:54,1) /sbin/init
(root,0,0,00:00:04,2) [kthreadd]
(root,0,0,00:17:44,3) [ksoftirqd/0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,1-03:14:02,7) [rcu_sched]
(root,0,0,04:51:51,8) [rcuos/0]
(root,0,0,05:12:03,9) [rcuos/1]
(root,0,0,05:14:47,10) [rcuos/2]
(root,0,0,04:52:21,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:06:10,17) [migration/0]
(root,0,0,00:03:02,18) [watchdog/0]
(root,0,0,00:02:37,19) [watchdog/1]
(root,0,0,00:06:20,20) [migration/1]
(root,0,0,00:19:39,21) [ksoftirqd/1]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:02:33,24) [watchdog/2]
(root,0,0,00:06:19,25) [migration/2]
(root,0,0,00:20:44,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:02:37,29) [watchdog/3]
(root,0,0,00:06:18,30) [migration/3]
(root,0,0,00:19:31,31) [ksoftirqd/3]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:17,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:02:35,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:01:19,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,150) [kpsmoused]
(root,0,0,00:00:00,151) [mpt_poll_0]
(root,0,0,00:00:00,152) [mpt/0]
(root,0,0,00:00:00,155) [kworker/2:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:17:30,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,0,0,00:00:00,444) [rpciod]
(root,0,0,00:00:00,460) [nfsiod]
(root,23492,0,00:00:00,492) rpc.idmapd
(syslog,255956,256,01:11:01,499) rsyslogd
(root,0,0,00:00:00,512) [ttm_swap]
(root,89040,404,00:01:22,761) rpcbind
(statd,21612,480,00:00:00,805) rpc.statd -L
(root,16236,464,00:00:00,816) upstart-file-bridge --daemon
(root,15404,508,00:00:00,819) upstart-socket-bridge --daemon
(root,123384,100,00:03:58,922) ypbind -no-dbus
(root,17316,60,00:00:00,941) /sbin/getty -8 38400 tty4
(root,17316,68,00:00:00,944) /sbin/getty -8 38400 tty5
(root,17316,60,00:00:00,953) /sbin/getty -8 38400 tty2
(root,17316,68,00:00:00,954) /sbin/getty -8 38400 tty3
(root,17316,68,00:00:00,956) /sbin/getty -8 38400 tty6
(root,23664,420,00:02:00,987) cron
(root,19320,780,01:25:26,996) /usr/sbin/irqbalance
(root,4380,0,00:00:00,1015) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(daemon,19152,0,00:00:01,1065) atd
(root,375176,60,00:05:26,1068) /usr/sbin/automount
(nagios,23472,12,00:00:00,1146) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,89912,3212,07:33:51,1396) /usr/bin/vmtoolsd
(root,82644,16044,09:23:48,1503) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,370736,29836,05:04:17,1511) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,278408,150220,05:53:46,1513) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90612,15536,02:47:57,1516) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,266344,6196,03:44:45,1584) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,0,0,00:00:00,1665) [kauditd]
(root,0,0,00:03:29,3434) [kworker/0:0]
(root,0,0,00:00:34,6595) [kworker/3:0]
(bind,775908,318512,8-07:06:22,7145) /usr/sbin/named -u bind -S 16384
(root,0,0,00:00:00,7676) [kworker/u8:1]
(postfix,27420,2996,00:00:00,7929) pickup -l -t unix -u -c
(root,0,0,00:00:00,8458) [kworker/u8:2]
(root,19488,8,00:00:00,8724) upstart-udev-bridge --daemon
(root,51352,88,00:00:00,8727) /lib/systemd/systemd-udevd --daemon
(root,18032,2976,00:00:00,9079) /bin/bash /usr/bin/check_mk_agent
(root,15580,2032,00:00:00,9098) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10992,1508,00:00:00,9099) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /
(root,0,0,00:01:45,9831) [kworker/3:1]
(root,61392,964,00:12:09,11512) /usr/sbin/sshd -D
(root,17316,68,00:00:00,11606) /sbin/getty -8 38400 tty1
(root,0,0,01:17:58,14167) [kworker/1:2]
(root,15008,192,00:01:05,14213) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,25356,604,00:00:48,14350) /usr/lib/postfix/master
(postfix,27608,524,00:00:24,14352) qmgr -l -t unix -u
(root,0,0,00:04:33,17656) [kworker/2:0]
(root,0,0,00:00:00,20266) [kworker/1:1]
(root,0,0,00:01:10,23191) [kworker/0:2]
(root,0,0,00:00:00,25504) [kworker/3:1H]
(root,0,0,00:00:00,25809) [kworker/0:1H]
(root,21916,1344,00:57:21,26550) /usr/sbin/chronyd -r
(root,0,0,00:00:00,28092) [kworker/2:1H]
(root,0,0,00:00:00,29171) [kworker/1:1H]

Found on 2024-09-11 17:25

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5c007afab1

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33700,3232,00:01:51,1) /sbin/init
(root,0,0,00:00:01,2) [kthreadd]
(root,0,0,00:05:20,3) [ksoftirqd/0]
(root,0,0,00:00:00,4) [kworker/0:0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,08:31:07,7) [rcu_sched]
(root,0,0,01:27:49,8) [rcuos/0]
(root,0,0,01:36:03,9) [rcuos/1]
(root,0,0,01:38:58,10) [rcuos/2]
(root,0,0,01:33:24,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:02:04,17) [migration/0]
(root,0,0,00:00:57,18) [watchdog/0]
(root,0,0,00:00:48,19) [watchdog/1]
(root,0,0,00:02:07,20) [migration/1]
(root,0,0,00:05:55,21) [ksoftirqd/1]
(root,0,0,00:00:00,22) [kworker/1:0]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:00:47,24) [watchdog/2]
(root,0,0,00:02:06,25) [migration/2]
(root,0,0,00:06:16,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:00:48,29) [watchdog/3]
(root,0,0,00:02:05,30) [migration/3]
(root,0,0,00:06:00,31) [ksoftirqd/3]
(root,0,0,00:00:00,32) [kworker/3:0]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:05,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:00:46,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:00:18,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,150) [kpsmoused]
(root,0,0,00:00:00,151) [mpt_poll_0]
(root,0,0,00:00:00,152) [mpt/0]
(root,0,0,00:00:00,155) [kworker/2:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:05:01,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,19752,104,00:00:00,413) upstart-udev-bridge --daemon
(root,52072,1692,00:00:00,417) /lib/systemd/systemd-udevd --daemon
(root,0,0,00:00:00,444) [rpciod]
(root,0,0,00:00:00,460) [nfsiod]
(root,23492,920,00:00:00,492) rpc.idmapd
(syslog,255956,588,00:14:04,499) rsyslogd
(root,0,0,00:00:00,512) [ttm_swap]
(root,23504,2008,00:00:25,761) rpcbind
(statd,21612,1636,00:00:00,805) rpc.statd -L
(root,16236,332,00:00:00,816) upstart-file-bridge --daemon
(root,15404,108,00:00:00,819) upstart-socket-bridge --daemon
(root,123384,1424,00:01:13,922) ypbind -no-dbus
(root,17316,1476,00:00:00,941) /sbin/getty -8 38400 tty4
(root,17316,1476,00:00:00,944) /sbin/getty -8 38400 tty5
(root,17316,1436,00:00:00,953) /sbin/getty -8 38400 tty2
(root,17316,1500,00:00:00,954) /sbin/getty -8 38400 tty3
(root,17316,1468,00:00:00,956) /sbin/getty -8 38400 tty6
(root,15008,1740,00:01:13,977) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,23664,1796,00:00:37,987) cron
(root,19320,1684,00:27:06,996) /usr/sbin/irqbalance
(root,4380,1424,00:00:00,1015) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(bind,579044,301112,8-06:41:04,1054) /usr/sbin/named -u bind -S 16384
(daemon,19152,768,00:00:00,1065) atd
(root,375176,1556,00:01:37,1068) /usr/sbin/automount
(nagios,23472,1620,00:00:00,1146) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,25356,1980,00:00:38,1253) /usr/lib/postfix/master
(postfix,27604,2012,00:00:18,1258) qmgr -l -t unix -u
(root,89912,4344,02:18:40,1396) /usr/bin/vmtoolsd
(root,61392,2404,00:05:52,1426) /usr/sbin/sshd -D
(root,82256,16160,02:54:29,1503) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,367832,27144,01:35:16,1511) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,143732,70584,01:47:09,1513) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90356,19032,00:52:09,1516) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,266088,7436,00:56:15,1584) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,17316,1492,00:00:00,1639) /sbin/getty -8 38400 tty1
(root,0,0,00:00:00,1665) [kauditd]
(root,0,0,00:10:57,2647) [kworker/0:1]
(root,0,0,00:00:00,6414) [kworker/u8:0]
(root,0,0,00:00:00,8229) [kworker/u8:2]
(postfix,27420,3016,00:00:00,8475) pickup -l -t unix -u -c
(root,0,0,00:00:00,8876) [kworker/u8:1]
(root,18036,2924,00:00:00,10019) /bin/bash /usr/bin/check_mk_agent
(root,15580,2224,00:00:00,10038) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10992,1520,00:00:00,10039) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /
(root,0,0,00:15:27,13330) [kworker/2:1]
(root,0,0,00:15:42,14167) [kworker/1:2]
(root,0,0,00:00:00,25504) [kworker/3:1H]
(root,0,0,00:00:00,25809) [kworker/0:1H]
(root,0,0,00:16:49,25973) [kworker/3:1]
(root,21916,2476,00:12:33,26550) /usr/sbin/chronyd -r
(root,0,0,00:00:00,28092) [kworker/2:1H]
(root,0,0,00:00:00,29171) [kworker/1:1H]

Found on 2023-07-18 00:19

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5c75a9aa13

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33700,1536,00:01:05,1) /sbin/init
(root,0,0,00:00:00,2) [kthreadd]
(root,0,0,00:03:02,3) [ksoftirqd/0]
(root,0,0,00:00:00,4) [kworker/0:0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,04:52:21,7) [rcu_sched]
(root,0,0,00:49:25,8) [rcuos/0]
(root,0,0,00:54:23,9) [rcuos/1]
(root,0,0,00:56:58,10) [rcuos/2]
(root,0,0,00:54:13,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:01:11,17) [migration/0]
(root,0,0,00:00:33,18) [watchdog/0]
(root,0,0,00:00:27,19) [watchdog/1]
(root,0,0,00:01:13,20) [migration/1]
(root,0,0,00:03:20,21) [ksoftirqd/1]
(root,0,0,00:00:00,22) [kworker/1:0]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:00:27,24) [watchdog/2]
(root,0,0,00:01:12,25) [migration/2]
(root,0,0,00:03:34,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:00:27,29) [watchdog/3]
(root,0,0,00:01:12,30) [migration/3]
(root,0,0,00:03:27,31) [ksoftirqd/3]
(root,0,0,00:00:00,32) [kworker/3:0]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:02,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:00:26,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:00:10,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,150) [kpsmoused]
(root,0,0,00:00:00,151) [mpt_poll_0]
(root,0,0,00:00:00,152) [mpt/0]
(root,0,0,00:00:00,155) [kworker/2:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:02:50,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,0,0,00:05:09,196) [kworker/3:1]
(root,19752,1532,00:00:00,413) upstart-udev-bridge --daemon
(root,52072,1700,00:00:00,417) /lib/systemd/systemd-udevd --daemon
(root,0,0,00:00:00,444) [rpciod]
(root,0,0,00:00:00,460) [nfsiod]
(root,23492,1032,00:00:00,492) rpc.idmapd
(syslog,255956,1472,00:07:48,499) rsyslogd
(root,0,0,00:00:00,512) [ttm_swap]
(root,23504,1924,00:00:14,761) rpcbind
(statd,21612,1708,00:00:00,805) rpc.statd -L
(root,16236,120,00:00:00,816) upstart-file-bridge --daemon
(root,15404,108,00:00:00,819) upstart-socket-bridge --daemon
(root,123384,772,00:00:42,922) ypbind -no-dbus
(root,17316,1480,00:00:00,941) /sbin/getty -8 38400 tty4
(root,17316,1484,00:00:00,944) /sbin/getty -8 38400 tty5
(root,17316,1452,00:00:00,953) /sbin/getty -8 38400 tty2
(root,17316,1512,00:00:00,954) /sbin/getty -8 38400 tty3
(root,17316,1472,00:00:00,956) /sbin/getty -8 38400 tty6
(root,15008,1676,00:00:42,977) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,23664,1812,00:00:20,987) cron
(root,19320,1708,00:15:29,996) /usr/sbin/irqbalance
(root,4380,1424,00:00:00,1015) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(bind,579300,291620,4-18:54:18,1054) /usr/sbin/named -u bind -S 16384
(daemon,19152,12,00:00:00,1065) atd
(root,375176,764,00:00:57,1068) /usr/sbin/automount
(nagios,23472,1632,00:00:00,1146) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,25356,1840,00:00:21,1253) /usr/lib/postfix/master
(postfix,27604,1372,00:00:10,1258) qmgr -l -t unix -u
(root,89912,3328,01:19:40,1396) /usr/bin/vmtoolsd
(root,61392,2428,00:03:18,1426) /usr/sbin/sshd -D
(root,82256,16152,01:40:25,1503) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,367304,26328,00:54:52,1511) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,120796,48732,01:01:19,1513) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90356,19096,00:29:53,1516) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,266088,7448,00:32:04,1584) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,17316,1496,00:00:00,1639) /sbin/getty -8 38400 tty1
(root,0,0,00:00:00,1665) [kauditd]
(root,0,0,00:00:30,2647) [kworker/0:1]
(root,0,0,00:02:57,13330) [kworker/2:1]
(root,0,0,00:03:33,14167) [kworker/1:2]
(postfix,27420,2972,00:00:00,16127) pickup -l -t unix -u -c
(root,0,0,00:00:00,25080) [kworker/u8:2]
(root,0,0,00:00:00,25504) [kworker/3:1H]
(root,0,0,00:00:00,25809) [kworker/0:1H]
(root,21916,2560,00:03:10,26550) /usr/sbin/chronyd -r
(root,0,0,00:00:00,28092) [kworker/2:1H]
(root,0,0,00:00:00,28163) [kworker/u8:0]
(root,61392,5440,00:00:00,28755) sshd: [accepted]    
(root,18036,2964,00:00:00,28999) /bin/bash /usr/bin/check_mk_agent
(root,15580,2140,00:00:00,29018) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10996,1432,00:00:00,29019) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /
(root,0,0,00:00:00,29171) [kworker/1:1H]

Found on 2023-05-07 18:56

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5cf6273dee

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33700,1536,00:01:04,1) /sbin/init
(root,0,0,00:00:00,2) [kthreadd]
(root,0,0,00:02:58,3) [ksoftirqd/0]
(root,0,0,00:00:00,4) [kworker/0:0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,04:48:18,7) [rcu_sched]
(root,0,0,00:48:40,8) [rcuos/0]
(root,0,0,00:53:35,9) [rcuos/1]
(root,0,0,00:56:02,10) [rcuos/2]
(root,0,0,00:53:27,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:01:10,17) [migration/0]
(root,0,0,00:00:32,18) [watchdog/0]
(root,0,0,00:00:27,19) [watchdog/1]
(root,0,0,00:01:11,20) [migration/1]
(root,0,0,00:03:17,21) [ksoftirqd/1]
(root,0,0,00:00:00,22) [kworker/1:0]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:00:26,24) [watchdog/2]
(root,0,0,00:01:10,25) [migration/2]
(root,0,0,00:03:30,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:00:27,29) [watchdog/3]
(root,0,0,00:01:10,30) [migration/3]
(root,0,0,00:03:24,31) [ksoftirqd/3]
(root,0,0,00:00:00,32) [kworker/3:0]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:02,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:00:26,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:00:09,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,150) [kpsmoused]
(root,0,0,00:00:00,151) [mpt_poll_0]
(root,0,0,00:00:00,152) [mpt/0]
(root,0,0,00:00:00,155) [kworker/2:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:02:47,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,0,0,00:05:02,196) [kworker/3:1]
(root,19752,1532,00:00:00,413) upstart-udev-bridge --daemon
(root,52072,1700,00:00:00,417) /lib/systemd/systemd-udevd --daemon
(root,0,0,00:00:00,444) [rpciod]
(root,0,0,00:00:00,460) [nfsiod]
(root,23492,1032,00:00:00,492) rpc.idmapd
(syslog,255956,1476,00:07:39,499) rsyslogd
(root,0,0,00:00:00,512) [ttm_swap]
(root,23504,1920,00:00:14,761) rpcbind
(statd,21612,1708,00:00:00,805) rpc.statd -L
(root,16236,120,00:00:00,816) upstart-file-bridge --daemon
(root,15404,108,00:00:00,819) upstart-socket-bridge --daemon
(root,123384,772,00:00:41,922) ypbind -no-dbus
(root,17316,1480,00:00:00,941) /sbin/getty -8 38400 tty4
(root,17316,1484,00:00:00,944) /sbin/getty -8 38400 tty5
(root,17316,1452,00:00:00,953) /sbin/getty -8 38400 tty2
(root,17316,1512,00:00:00,954) /sbin/getty -8 38400 tty3
(root,17316,1472,00:00:00,956) /sbin/getty -8 38400 tty6
(root,15008,1676,00:00:41,977) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,23664,1812,00:00:20,987) cron
(root,19320,1708,00:15:15,996) /usr/sbin/irqbalance
(root,4380,1424,00:00:00,1015) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(bind,579300,292016,4-17:02:04,1054) /usr/sbin/named -u bind -S 16384
(daemon,19152,12,00:00:00,1065) atd
(root,375176,764,00:00:56,1068) /usr/sbin/automount
(nagios,23472,1580,00:00:00,1146) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,25356,1840,00:00:21,1253) /usr/lib/postfix/master
(postfix,27604,1400,00:00:10,1258) qmgr -l -t unix -u
(root,89912,3444,01:17:58,1396) /usr/bin/vmtoolsd
(root,61392,2428,00:03:15,1426) /usr/sbin/sshd -D
(root,82256,16156,01:38:32,1503) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,367304,26364,00:53:50,1511) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,119888,47816,00:59:59,1513) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90356,19088,00:29:19,1516) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,266088,7460,00:31:27,1584) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,17316,1496,00:00:00,1639) /sbin/getty -8 38400 tty1
(root,0,0,00:00:00,1665) [kauditd]
(root,0,0,00:00:25,2647) [kworker/0:1]
(root,0,0,00:00:00,3034) [kworker/u8:0]
(root,0,0,00:00:00,3899) [kworker/u8:2]
(root,18036,2984,00:00:00,5051) /bin/bash /usr/bin/check_mk_agent
(root,15580,2160,00:00:00,5070) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10996,1556,00:00:00,5071) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /
(root,0,0,00:02:53,13330) [kworker/2:1]
(root,0,0,00:03:28,14167) [kworker/1:2]
(root,0,0,00:00:00,25504) [kworker/3:1H]
(root,0,0,00:00:00,25809) [kworker/0:1H]
(root,21916,2444,00:02:55,26550) /usr/sbin/chronyd -r
(root,0,0,00:00:00,28092) [kworker/2:1H]
(root,0,0,00:00:00,29171) [kworker/1:1H]
(postfix,27420,2968,00:00:00,30848) pickup -l -t unix -u -c

Found on 2023-05-04 20:05

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5cd31884e2

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33700,2760,00:00:30,1) /sbin/init
(root,0,0,00:00:00,2) [kthreadd]
(root,0,0,00:01:13,3) [ksoftirqd/0]
(root,0,0,00:00:00,4) [kworker/0:0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,02:02:26,7) [rcu_sched]
(root,0,0,00:20:23,8) [rcuos/0]
(root,0,0,00:23:09,9) [rcuos/1]
(root,0,0,00:24:10,10) [rcuos/2]
(root,0,0,00:22:51,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:00:30,17) [migration/0]
(root,0,0,00:00:14,18) [watchdog/0]
(root,0,0,00:00:12,19) [watchdog/1]
(root,0,0,00:00:31,20) [migration/1]
(root,0,0,00:01:25,21) [ksoftirqd/1]
(root,0,0,00:00:00,22) [kworker/1:0]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:00:11,24) [watchdog/2]
(root,0,0,00:00:30,25) [migration/2]
(root,0,0,00:01:29,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:00:12,29) [watchdog/3]
(root,0,0,00:00:30,30) [migration/3]
(root,0,0,00:01:25,31) [ksoftirqd/3]
(root,0,0,00:00:00,32) [kworker/3:0]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:01,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:00:12,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:01:49,50) [kworker/0:1]
(root,0,0,00:00:04,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,150) [kpsmoused]
(root,0,0,00:00:00,151) [mpt_poll_0]
(root,0,0,00:00:00,152) [mpt/0]
(root,0,0,00:00:00,155) [kworker/2:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:01:16,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,0,0,00:02:20,196) [kworker/3:1]
(root,19752,1196,00:00:00,413) upstart-udev-bridge --daemon
(root,52072,1744,00:00:00,417) /lib/systemd/systemd-udevd --daemon
(root,0,0,00:00:00,444) [rpciod]
(root,0,0,00:00:00,460) [nfsiod]
(root,23492,960,00:00:00,492) rpc.idmapd
(syslog,255956,1664,00:03:22,499) rsyslogd
(root,0,0,00:00:00,512) [ttm_swap]
(root,23504,1972,00:00:06,761) rpcbind
(statd,21612,2092,00:00:00,805) rpc.statd -L
(root,16236,940,00:00:00,816) upstart-file-bridge --daemon
(root,15404,1020,00:00:00,819) upstart-socket-bridge --daemon
(root,123384,1376,00:00:18,922) ypbind -no-dbus
(root,17316,1516,00:00:00,941) /sbin/getty -8 38400 tty4
(root,17316,1484,00:00:00,944) /sbin/getty -8 38400 tty5
(root,17316,1500,00:00:00,953) /sbin/getty -8 38400 tty2
(root,17316,1548,00:00:00,954) /sbin/getty -8 38400 tty3
(root,17316,1480,00:00:00,956) /sbin/getty -8 38400 tty6
(root,15008,1712,00:00:18,977) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,23664,1860,00:00:09,987) cron
(root,19320,1724,00:06:43,996) /usr/sbin/irqbalance
(root,4380,1452,00:00:00,1015) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(bind,579044,288532,2-04:04:19,1054) /usr/sbin/named -u bind -S 16384
(daemon,19152,12,00:00:00,1065) atd
(root,375176,1984,00:00:26,1068) /usr/sbin/automount
(nagios,23472,1860,00:00:00,1146) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,25356,2032,00:00:09,1253) /usr/lib/postfix/master
(postfix,27604,1700,00:00:04,1258) qmgr -l -t unix -u
(ntp,31472,3056,00:07:58,1343) /usr/sbin/ntpd -p /var/run/ntpd.pid -g -u 107:114
(root,89912,3480,00:35:27,1396) /usr/bin/vmtoolsd
(root,61392,3256,00:01:26,1426) /usr/sbin/sshd -D
(root,82256,16840,00:44:14,1503) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,293176,24552,00:24:02,1511) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,104796,35492,00:27:26,1513) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90356,21156,00:13:04,1516) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,266088,8268,00:14:15,1584) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,17316,1532,00:00:00,1639) /sbin/getty -8 38400 tty1
(root,0,0,00:00:00,1665) [kauditd]
(root,0,0,00:01:04,13330) [kworker/2:1]
(root,0,0,00:01:41,14167) [kworker/1:2]
(postfix,27420,2904,00:00:00,25107) pickup -l -t unix -u -c
(root,0,0,00:00:00,25203) [kworker/u8:2]
(root,0,0,00:00:00,25504) [kworker/3:1H]
(root,0,0,00:00:00,25809) [kworker/0:1H]
(root,0,0,00:00:00,26025) [kworker/u8:0]
(root,63464,5604,00:00:00,27170) sshd: [accepted]    
(sshd,61392,2768,00:00:00,27171) sshd: [net]         
(root,18036,3024,00:00:00,27279) /bin/bash /usr/bin/check_mk_agent
(root,15580,2164,00:00:00,27298) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10996,1452,00:00:00,27299) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /
(root,0,0,00:00:00,28092) [kworker/2:1H]
(root,0,0,00:00:00,29171) [kworker/1:1H]

Found on 2023-03-18 21:10

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5c0afe1650

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33700,3332,00:00:20,1) /sbin/init
(root,0,0,00:00:00,2) [kthreadd]
(root,0,0,00:00:47,3) [ksoftirqd/0]
(root,0,0,00:00:00,4) [kworker/0:0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,01:19:46,7) [rcu_sched]
(root,0,0,00:13:19,8) [rcuos/0]
(root,0,0,00:15:21,9) [rcuos/1]
(root,0,0,00:15:46,10) [rcuos/2]
(root,0,0,00:14:54,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:00:19,17) [migration/0]
(root,0,0,00:00:09,18) [watchdog/0]
(root,0,0,00:00:08,19) [watchdog/1]
(root,0,0,00:00:20,20) [migration/1]
(root,0,0,00:00:54,21) [ksoftirqd/1]
(root,0,0,00:00:00,22) [kworker/1:0]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:00:07,24) [watchdog/2]
(root,0,0,00:00:19,25) [migration/2]
(root,0,0,00:00:56,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:00:08,29) [watchdog/3]
(root,0,0,00:00:20,30) [migration/3]
(root,0,0,00:00:54,31) [ksoftirqd/3]
(root,0,0,00:00:00,32) [kworker/3:0]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:00,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:00:08,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:01:12,50) [kworker/0:1]
(root,0,0,00:00:02,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,150) [kpsmoused]
(root,0,0,00:00:00,151) [mpt_poll_0]
(root,0,0,00:00:00,152) [mpt/0]
(root,0,0,00:00:00,155) [kworker/2:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:00:50,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,0,0,00:01:33,196) [kworker/3:1]
(root,19752,1532,00:00:00,413) upstart-udev-bridge --daemon
(root,52072,2076,00:00:00,417) /lib/systemd/systemd-udevd --daemon
(root,0,0,00:00:00,444) [rpciod]
(root,0,0,00:00:00,460) [nfsiod]
(root,23492,968,00:00:00,492) rpc.idmapd
(syslog,255956,1976,00:02:13,499) rsyslogd
(root,0,0,00:00:00,512) [ttm_swap]
(root,23504,2204,00:00:04,761) rpcbind
(statd,21556,1864,00:00:00,805) rpc.statd -L
(root,16236,1292,00:00:00,816) upstart-file-bridge --daemon
(root,15404,1372,00:00:00,819) upstart-socket-bridge --daemon
(root,123384,1444,00:00:12,922) ypbind -no-dbus
(root,17316,1760,00:00:00,941) /sbin/getty -8 38400 tty4
(root,17316,1724,00:00:00,944) /sbin/getty -8 38400 tty5
(root,17316,1748,00:00:00,953) /sbin/getty -8 38400 tty2
(root,17316,1748,00:00:00,954) /sbin/getty -8 38400 tty3
(root,17316,1720,00:00:00,956) /sbin/getty -8 38400 tty6
(root,15008,1972,00:00:12,977) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,23664,2220,00:00:06,987) cron
(root,19320,1728,00:04:18,996) /usr/sbin/irqbalance
(root,4380,1456,00:00:00,1015) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(bind,579044,280180,1-10:27:54,1054) /usr/sbin/named -u bind -S 16384
(daemon,19152,12,00:00:00,1065) atd
(root,375176,2256,00:00:18,1068) /usr/sbin/automount
(nagios,23472,2104,00:00:00,1146) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,25356,2644,00:00:06,1253) /usr/lib/postfix/master
(postfix,27604,2672,00:00:03,1258) qmgr -l -t unix -u
(ntp,31472,3384,00:05:17,1343) /usr/sbin/ntpd -p /var/run/ntpd.pid -g -u 107:114
(root,89912,3628,00:23:32,1396) /usr/bin/vmtoolsd
(root,61392,3764,00:00:58,1426) /usr/sbin/sshd -D
(root,82256,16860,00:28:55,1503) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,293044,24540,00:15:41,1511) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,100348,31076,00:18:07,1513) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90356,21272,00:08:32,1516) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,266088,8200,00:09:22,1584) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,17316,1776,00:00:00,1639) /sbin/getty -8 38400 tty1
(root,0,0,00:00:00,1665) [kauditd]
(root,0,0,00:00:00,5200) [kworker/u8:1]
(root,61392,5368,00:00:00,7744) sshd: [accepted]    
(sshd,61392,2824,00:00:00,7746) sshd: [net]         
(root,61392,5388,00:00:00,7747) sshd: [accepted]    
(sshd,61392,692,00:00:00,7750) sshd: [net]         
(root,63464,5700,00:00:00,7753) sshd: unknown [priv]
(sshd,61472,2844,00:00:00,7754) sshd: unknown [net] 
(root,63464,5636,00:00:00,7755) sshd: unknown [priv]
(sshd,61472,2952,00:00:00,7758) sshd: unknown [net] 
(root,61392,5436,00:00:00,8006) sshd: [accepted]    
(sshd,61392,2764,00:00:00,8007) sshd: [net]         
(root,18036,2992,00:00:00,8008) /bin/bash /usr/bin/check_mk_agent
(root,15580,2152,00:00:00,8027) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10996,1464,00:00:00,8028) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /
(root,0,0,00:00:32,13330) [kworker/2:1]
(root,0,0,00:01:09,14167) [kworker/1:2]
(root,0,0,00:00:00,25504) [kworker/3:1H]
(root,0,0,00:00:00,25809) [kworker/0:1H]
(root,0,0,00:00:00,28092) [kworker/2:1H]
(root,0,0,00:00:00,29171) [kworker/1:1H]
(postfix,27420,3024,00:00:00,32287) pickup -l -t unix -u -c
(root,0,0,00:00:00,32458) [kworker/u8:0]

Found on 2023-03-04 11:31

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5c24ba4cef

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33700,3420,00:00:13,1) /sbin/init
(root,0,0,00:00:00,2) [kthreadd]
(root,0,0,00:00:27,3) [ksoftirqd/0]
(root,0,0,00:00:00,4) [kworker/0:0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,00:46:51,7) [rcu_sched]
(root,0,0,00:07:53,8) [rcuos/0]
(root,0,0,00:08:51,9) [rcuos/1]
(root,0,0,00:09:05,10) [rcuos/2]
(root,0,0,00:08:42,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:00:11,17) [migration/0]
(root,0,0,00:00:05,18) [watchdog/0]
(root,0,0,00:00:04,19) [watchdog/1]
(root,0,0,00:00:11,20) [migration/1]
(root,0,0,00:00:31,21) [ksoftirqd/1]
(root,0,0,00:00:00,22) [kworker/1:0]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:00:04,24) [watchdog/2]
(root,0,0,00:00:11,25) [migration/2]
(root,0,0,00:00:32,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:00:04,29) [watchdog/3]
(root,0,0,00:00:11,30) [migration/3]
(root,0,0,00:00:31,31) [ksoftirqd/3]
(root,0,0,00:00:00,32) [kworker/3:0]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:00,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:00:05,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:00:39,50) [kworker/0:1]
(root,0,0,00:00:01,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,150) [kpsmoused]
(root,0,0,00:00:00,151) [mpt_poll_0]
(root,0,0,00:00:00,152) [mpt/0]
(root,0,0,00:00:00,155) [kworker/2:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:00:29,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,0,0,00:00:52,196) [kworker/3:1]
(root,19752,1696,00:00:00,413) upstart-udev-bridge --daemon
(root,52072,2140,00:00:00,417) /lib/systemd/systemd-udevd --daemon
(root,0,0,00:00:00,444) [rpciod]
(root,0,0,00:00:00,460) [nfsiod]
(root,23492,1080,00:00:00,492) rpc.idmapd
(syslog,255956,1768,00:01:17,499) rsyslogd
(root,0,0,00:00:00,512) [ttm_swap]
(root,23504,2236,00:00:02,761) rpcbind
(statd,21556,1876,00:00:00,805) rpc.statd -L
(root,16236,1292,00:00:00,816) upstart-file-bridge --daemon
(root,15404,1372,00:00:00,819) upstart-socket-bridge --daemon
(root,123384,1460,00:00:06,922) ypbind -no-dbus
(root,17316,1760,00:00:00,941) /sbin/getty -8 38400 tty4
(root,17316,1724,00:00:00,944) /sbin/getty -8 38400 tty5
(root,17316,1748,00:00:00,953) /sbin/getty -8 38400 tty2
(root,17316,1748,00:00:00,954) /sbin/getty -8 38400 tty3
(root,17316,1720,00:00:00,956) /sbin/getty -8 38400 tty6
(root,15008,1972,00:00:06,977) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,23664,2220,00:00:03,987) cron
(root,19320,1728,00:02:29,996) /usr/sbin/irqbalance
(root,4380,1456,00:00:00,1015) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(bind,579044,269652,19:45:50,1054) /usr/sbin/named -u bind -S 16384
(daemon,19152,12,00:00:00,1065) atd
(root,308612,2280,00:00:10,1068) /usr/sbin/automount
(nagios,23472,2124,00:00:00,1146) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,25356,2644,00:00:03,1253) /usr/lib/postfix/master
(postfix,27604,2520,00:00:01,1258) qmgr -l -t unix -u
(ntp,31472,3516,00:02:59,1343) /usr/sbin/ntpd -p /var/run/ntpd.pid -g -u 107:114
(root,89912,3752,00:13:15,1396) /usr/bin/vmtoolsd
(root,61392,3812,00:00:35,1426) /usr/sbin/sshd -D
(root,82256,16960,00:16:20,1503) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,292912,24668,00:08:49,1511) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,95572,26728,00:10:08,1513) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90356,21528,00:04:48,1516) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,266088,8812,00:05:22,1584) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,17316,1776,00:00:00,1639) /sbin/getty -8 38400 tty1
(root,0,0,00:00:00,1662) [nfsv4.0-svc]
(root,0,0,00:00:00,1665) [kauditd]
(root,0,0,00:00:08,13330) [kworker/2:1]
(postfix,27420,2984,00:00:00,14077) pickup -l -t unix -u -c
(root,0,0,00:00:40,14167) [kworker/1:2]
(root,0,0,00:00:00,18308) [kworker/u8:1]
(root,0,0,00:00:00,24440) [kworker/u8:2]
(root,0,0,00:00:00,25504) [kworker/3:1H]
(root,0,0,00:00:00,25737) [kworker/u8:0]
(root,0,0,00:00:00,25809) [kworker/0:1H]
(root,61392,5436,00:00:00,26259) sshd: [accepted]    
(root,18036,3028,00:00:00,26422) /bin/bash /usr/bin/check_mk_agent
(root,15580,2124,00:00:00,26445) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,18036,320,00:00:00,26446) /bin/bash /usr/bin/check_mk_agent
(root,0,0,00:00:00,28092) [kworker/2:1H]
(root,0,0,00:00:00,29171) [kworker/1:1H]

Found on 2023-02-17 17:00

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5c55d59086

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33700,3488,00:00:06,1) /sbin/init
(root,0,0,00:00:00,2) [kthreadd]
(root,0,0,00:00:11,3) [ksoftirqd/0]
(root,0,0,00:00:00,4) [kworker/0:0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,00:17:57,7) [rcu_sched]
(root,0,0,00:03:13,8) [rcuos/0]
(root,0,0,00:03:28,9) [rcuos/1]
(root,0,0,00:03:30,10) [rcuos/2]
(root,0,0,00:03:17,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:00:04,17) [migration/0]
(root,0,0,00:00:02,18) [watchdog/0]
(root,0,0,00:00:01,19) [watchdog/1]
(root,0,0,00:00:04,20) [migration/1]
(root,0,0,00:00:12,21) [ksoftirqd/1]
(root,0,0,00:00:00,22) [kworker/1:0]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:00:01,24) [watchdog/2]
(root,0,0,00:00:04,25) [migration/2]
(root,0,0,00:00:12,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:00:01,29) [watchdog/3]
(root,0,0,00:00:04,30) [migration/3]
(root,0,0,00:00:12,31) [ksoftirqd/3]
(root,0,0,00:00:00,32) [kworker/3:0]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:00,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:00:02,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:00:15,50) [kworker/0:1]
(root,0,0,00:00:00,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,150) [kpsmoused]
(root,0,0,00:00:00,151) [mpt_poll_0]
(root,0,0,00:00:00,152) [mpt/0]
(root,0,0,00:00:00,155) [kworker/2:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:00:12,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,0,0,00:00:23,196) [kworker/3:1]
(root,19752,1568,00:00:00,413) upstart-udev-bridge --daemon
(root,52072,2076,00:00:00,417) /lib/systemd/systemd-udevd --daemon
(root,0,0,00:00:00,444) [rpciod]
(root,0,0,00:00:00,460) [nfsiod]
(root,23492,0,00:00:00,492) rpc.idmapd
(syslog,255956,1864,00:00:33,499) rsyslogd
(root,0,0,00:00:00,512) [ttm_swap]
(root,23504,2196,00:00:00,761) rpcbind
(statd,21556,1876,00:00:00,805) rpc.statd -L
(root,16236,1292,00:00:00,816) upstart-file-bridge --daemon
(root,15404,1372,00:00:00,819) upstart-socket-bridge --daemon
(root,123384,1476,00:00:02,922) ypbind -no-dbus
(root,17316,1760,00:00:00,941) /sbin/getty -8 38400 tty4
(root,17316,1724,00:00:00,944) /sbin/getty -8 38400 tty5
(root,17316,1748,00:00:00,953) /sbin/getty -8 38400 tty2
(root,17316,1748,00:00:00,954) /sbin/getty -8 38400 tty3
(root,17316,1720,00:00:00,956) /sbin/getty -8 38400 tty6
(root,15008,1972,00:00:02,977) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,23664,2220,00:00:01,987) cron
(root,19320,1728,00:00:57,996) /usr/sbin/irqbalance
(root,4380,1456,00:00:00,1015) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(bind,579044,261588,08:19:57,1054) /usr/sbin/named -u bind -S 16384
(daemon,19152,12,00:00:00,1065) atd
(root,308612,2248,00:00:04,1068) /usr/sbin/automount
(nagios,23472,2168,00:00:00,1146) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,25356,2668,00:00:01,1253) /usr/lib/postfix/master
(postfix,27604,2640,00:00:00,1258) qmgr -l -t unix -u
(ntp,31472,3464,00:01:15,1343) /usr/sbin/ntpd -p /var/run/ntpd.pid -g -u 107:114
(root,89912,3764,00:05:39,1396) /usr/bin/vmtoolsd
(root,61392,3904,00:00:16,1426) /usr/sbin/sshd -D
(root,82256,16948,00:06:33,1503) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,292912,24432,00:03:29,1511) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,92532,24084,00:04:13,1513) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90356,21716,00:01:56,1516) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,266088,8912,00:02:19,1584) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,17316,1776,00:00:00,1639) /sbin/getty -8 38400 tty1
(root,0,0,00:00:00,1662) [nfsv4.0-svc]
(root,0,0,00:00:00,1665) [kauditd]
(root,0,0,00:00:17,14167) [kworker/1:2]
(root,0,0,00:00:13,17041) [kworker/2:0]
(postfix,27420,3072,00:00:00,22529) pickup -l -t unix -u -c
(root,0,0,00:00:00,25504) [kworker/3:1H]
(root,0,0,00:00:00,25809) [kworker/0:1H]
(root,0,0,00:00:00,28092) [kworker/2:1H]
(root,0,0,00:00:00,29145) [kworker/u8:0]
(root,0,0,00:00:00,29171) [kworker/1:1H]
(root,0,0,00:00:00,30943) [kworker/u8:1]
(root,0,0,00:00:00,32084) [kworker/u8:2]
(root,18036,2992,00:00:00,32489) /bin/bash /usr/bin/check_mk_agent
(root,15580,2152,00:00:00,32510) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10992,1432,00:00:00,32511) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /

Found on 2023-02-08 12:43

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5c5bab96cc

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33648,800,00:17:40,1) /sbin/init
(root,0,0,00:00:03,2) [kthreadd]
(root,0,0,00:23:13,3) [ksoftirqd/0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,2-03:25:30,7) [rcu_sched]
(root,0,0,10:40:30,8) [rcuos/0]
(root,0,0,11:10:31,9) [rcuos/1]
(root,0,0,11:32:15,10) [rcuos/2]
(root,0,0,11:46:21,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:12:50,17) [migration/0]
(root,0,0,00:04:14,18) [watchdog/0]
(root,0,0,00:03:39,19) [watchdog/1]
(root,0,0,00:13:18,20) [migration/1]
(root,0,0,00:25:59,21) [ksoftirqd/1]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:03:36,24) [watchdog/2]
(root,0,0,00:13:50,25) [migration/2]
(root,0,0,00:29:29,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:03:35,29) [watchdog/3]
(root,0,0,00:13:25,30) [migration/3]
(root,0,0,00:32:03,31) [ksoftirqd/3]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:22,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:07:55,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:18:29,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,149) [kpsmoused]
(root,0,0,00:00:00,150) [mpt_poll_0]
(root,0,0,00:00:00,154) [mpt/0]
(root,0,0,00:00:00,155) [kworker/0:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:31:51,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,19616,92,00:00:00,344) upstart-udev-bridge --daemon
(root,52152,4,00:00:00,364) /lib/systemd/systemd-udevd --daemon
(root,15288,0,00:00:00,399) upstart-file-bridge --daemon
(root,0,0,00:00:00,403) [rpciod]
(syslog,255956,240,05:37:08,407) rsyslogd
(root,0,0,00:00:00,412) [nfsiod]
(root,23492,0,00:00:00,435) rpc.idmapd
(root,0,0,00:00:00,448) [ttm_swap]
(root,23520,992,00:04:31,573) rpcbind
(root,15532,0,00:00:00,655) upstart-socket-bridge --daemon
(statd,21612,116,00:00:00,671) rpc.statd -L
(root,17316,12,00:00:00,865) /sbin/getty -8 38400 tty4
(root,17316,12,00:00:00,868) /sbin/getty -8 38400 tty5
(root,17316,12,00:00:00,873) /sbin/getty -8 38400 tty2
(root,17316,12,00:00:00,874) /sbin/getty -8 38400 tty3
(root,17316,12,00:00:00,876) /sbin/getty -8 38400 tty6
(root,23664,624,00:04:12,899) cron
(root,4380,0,00:00:00,977) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(root,123384,24,00:05:43,985) ypbind -no-dbus
(daemon,19152,0,00:00:02,1015) atd
(root,19320,804,01:51:16,1017) /usr/sbin/irqbalance
(root,375180,0,00:07:52,1020) /usr/sbin/automount
(nagios,23472,0,00:00:00,1138) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,25356,648,00:13:16,1335) /usr/lib/postfix/master
(postfix,27748,1136,00:09:38,1371) qmgr -l -t unix -u
(root,0,0,00:00:00,1435) [kauditd]
(ntp,31472,1740,02:40:45,1537) /usr/sbin/ntpd -p /var/run/ntpd.pid -g -u 107:114
(root,90004,2564,10:52:12,1561) /usr/bin/vmtoolsd
(root,82292,15012,12:51:01,1594) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,1263152,307744,17:49:52,1596) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,390612,57588,08:54:02,1597) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90176,7896,03:46:45,1599) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,0,0,00:01:53,1620) [kworker/3:2]
(root,405040,684,00:26:41,1653) /usr/sbin/r1soft/bin/cdp -s -c /usr/sbin/r1soft/conf/agent_config
(root,0,0,00:00:00,6238) [kworker/1:1H]
(root,0,0,00:00:00,6701) [kworker/u8:1]
(root,269940,5888,01:07:17,6743) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,15008,564,00:04:41,8829) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(postfix,27420,2992,00:00:00,9682) pickup -l -t unix -u -c
(root,0,0,00:00:00,10254) [kworker/u8:2]
(root,0,0,00:00:00,12577) [kworker/u8:0]
(postfix,27432,2916,00:00:00,13234) trivial-rewrite -n rewrite -t unix -u -c
(root,61392,5376,00:00:00,13401) sshd: [accepted]    
(root,18032,2968,00:00:00,13492) /bin/bash /usr/bin/check_mk_agent
(root,15580,2208,00:00:00,13511) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10992,1456,00:00:00,13512) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /
(root,0,0,00:00:00,14070) [kworker/3:1H]
(root,61392,1192,00:06:01,19375) /usr/sbin/sshd -D
(root,17316,12,00:00:00,19491) /sbin/getty -8 38400 tty1
(root,0,0,00:05:04,20016) [kworker/3:0]
(root,0,0,00:00:00,20102) [kworker/0:1H]
(root,0,0,00:28:16,22947) [kworker/0:0]
(root,0,0,00:00:50,25580) [kworker/2:1]
(root,0,0,00:01:44,26247) [kworker/1:2]
(root,222028,8,00:00:00,26525) /usr/bin/python3 /usr/lib/ubuntu-release-upgrader/check-new-release -q
(bind,775896,314080,30-19:49:54,26714) /usr/sbin/named -u bind -S 16384
(root,0,0,00:02:53,27141) [kworker/2:2]
(root,0,0,00:00:00,28402) [kworker/2:1H]
(root,0,0,00:06:33,30220) [kworker/1:0]

Found on 2023-01-25 03:07

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5cac1dc047

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33648,2508,00:17:37,1) /sbin/init
(root,0,0,00:00:03,2) [kthreadd]
(root,0,0,00:22:59,3) [ksoftirqd/0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,2-02:59:47,7) [rcu_sched]
(root,0,0,10:35:01,8) [rcuos/0]
(root,0,0,11:05:02,9) [rcuos/1]
(root,0,0,11:26:30,10) [rcuos/2]
(root,0,0,11:40:36,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:12:44,17) [migration/0]
(root,0,0,00:04:12,18) [watchdog/0]
(root,0,0,00:03:37,19) [watchdog/1]
(root,0,0,00:13:11,20) [migration/1]
(root,0,0,00:25:45,21) [ksoftirqd/1]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:03:34,24) [watchdog/2]
(root,0,0,00:13:43,25) [migration/2]
(root,0,0,00:29:13,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:03:33,29) [watchdog/3]
(root,0,0,00:13:18,30) [migration/3]
(root,0,0,00:31:46,31) [ksoftirqd/3]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:22,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:07:51,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:18:23,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,149) [kpsmoused]
(root,0,0,00:00:00,150) [mpt_poll_0]
(root,0,0,00:00:00,154) [mpt/0]
(root,0,0,00:00:00,155) [kworker/0:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:31:39,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,19616,572,00:00:00,344) upstart-udev-bridge --daemon
(root,52152,4,00:00:00,364) /lib/systemd/systemd-udevd --daemon
(root,15288,636,00:00:00,399) upstart-file-bridge --daemon
(root,0,0,00:00:00,403) [rpciod]
(syslog,255956,16,05:36:40,407) rsyslogd
(root,0,0,00:00:00,412) [nfsiod]
(root,23492,0,00:00:00,435) rpc.idmapd
(root,0,0,00:00:00,448) [ttm_swap]
(root,23520,1020,00:04:30,573) rpcbind
(root,15532,716,00:00:00,655) upstart-socket-bridge --daemon
(statd,21612,72,00:00:00,671) rpc.statd -L
(root,17316,12,00:00:00,865) /sbin/getty -8 38400 tty4
(root,17316,12,00:00:00,868) /sbin/getty -8 38400 tty5
(root,17316,12,00:00:00,873) /sbin/getty -8 38400 tty2
(root,17316,12,00:00:00,874) /sbin/getty -8 38400 tty3
(root,17316,12,00:00:00,876) /sbin/getty -8 38400 tty6
(root,23664,628,00:04:10,899) cron
(root,4380,0,00:00:00,977) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(root,123384,0,00:05:40,985) ypbind -no-dbus
(daemon,19152,0,00:00:02,1015) atd
(root,19320,904,01:50:24,1017) /usr/sbin/irqbalance
(root,375180,0,00:07:48,1020) /usr/sbin/automount
(nagios,23472,24,00:00:00,1138) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,25356,716,00:13:09,1335) /usr/lib/postfix/master
(postfix,27748,1808,00:09:33,1371) qmgr -l -t unix -u
(root,0,0,00:00:00,1435) [kauditd]
(ntp,31472,1692,02:39:38,1537) /usr/sbin/ntpd -p /var/run/ntpd.pid -g -u 107:114
(root,90004,2836,10:47:21,1561) /usr/bin/vmtoolsd
(root,82292,15172,12:44:43,1594) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,1263152,207052,17:45:45,1596) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,388928,166768,08:50:11,1597) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90176,8224,03:44:53,1599) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,0,0,00:01:53,1620) [kworker/3:2]
(root,405040,108,00:26:28,1653) /usr/sbin/r1soft/bin/cdp -s -c /usr/sbin/r1soft/conf/agent_config
(root,0,0,00:00:00,6238) [kworker/1:1H]
(root,269940,6120,01:05:27,6743) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,15008,568,00:04:38,8829) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,0,0,00:00:00,14070) [kworker/3:1H]
(root,61392,980,00:05:53,19375) /usr/sbin/sshd -D
(root,17316,12,00:00:00,19491) /sbin/getty -8 38400 tty1
(root,0,0,00:04:49,20016) [kworker/3:0]
(root,0,0,00:00:00,20102) [kworker/0:1H]
(root,0,0,00:28:03,22947) [kworker/0:0]
(root,0,0,00:00:50,25580) [kworker/2:1]
(root,0,0,00:01:44,26247) [kworker/1:2]
(root,222028,8,00:00:00,26525) /usr/bin/python3 /usr/lib/ubuntu-release-upgrader/check-new-release -q
(bind,775896,313632,30-12:38:06,26714) /usr/sbin/named -u bind -S 16384
(root,0,0,00:02:38,27141) [kworker/2:2]
(root,0,0,00:00:00,28105) [kworker/u8:2]
(root,0,0,00:00:00,28402) [kworker/2:1H]
(root,0,0,00:00:00,29157) [kworker/u8:0]
(root,0,0,00:06:15,30220) [kworker/1:0]
(postfix,27420,3040,00:00:00,30340) pickup -l -t unix -u -c
(root,18032,2984,00:00:00,30600) /bin/bash /usr/bin/check_mk_agent
(root,15580,2200,00:00:00,30619) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10996,1424,00:00:00,30620) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /

Found on 2023-01-19 13:02

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5c07098045

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33648,2216,00:17:20,1) /sbin/init
(root,0,0,00:00:03,2) [kthreadd]
(root,0,0,00:21:57,3) [ksoftirqd/0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,2-01:12:22,7) [rcu_sched]
(root,0,0,10:11:44,8) [rcuos/0]
(root,0,0,10:41:42,9) [rcuos/1]
(root,0,0,11:01:13,10) [rcuos/2]
(root,0,0,11:15:25,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:12:15,17) [migration/0]
(root,0,0,00:04:03,18) [watchdog/0]
(root,0,0,00:03:29,19) [watchdog/1]
(root,0,0,00:12:41,20) [migration/1]
(root,0,0,00:24:46,21) [ksoftirqd/1]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:03:26,24) [watchdog/2]
(root,0,0,00:13:13,25) [migration/2]
(root,0,0,00:28:04,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:03:25,29) [watchdog/3]
(root,0,0,00:12:49,30) [migration/3]
(root,0,0,00:30:33,31) [ksoftirqd/3]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:21,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:07:33,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:17:51,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,149) [kpsmoused]
(root,0,0,00:00:00,150) [mpt_poll_0]
(root,0,0,00:00:00,154) [mpt/0]
(root,0,0,00:00:00,155) [kworker/0:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:30:44,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,19616,464,00:00:00,344) upstart-udev-bridge --daemon
(root,52152,24,00:00:00,364) /lib/systemd/systemd-udevd --daemon
(root,15288,168,00:00:00,399) upstart-file-bridge --daemon
(root,0,0,00:00:00,403) [rpciod]
(syslog,255956,240,05:34:25,407) rsyslogd
(root,0,0,00:00:00,412) [nfsiod]
(root,23492,0,00:00:00,435) rpc.idmapd
(root,0,0,00:00:00,448) [ttm_swap]
(root,23520,992,00:04:27,573) rpcbind
(root,15532,264,00:00:00,655) upstart-socket-bridge --daemon
(statd,21612,8,00:00:00,671) rpc.statd -L
(root,0,0,00:00:00,718) [kworker/u8:1]
(root,17316,12,00:00:00,865) /sbin/getty -8 38400 tty4
(root,17316,12,00:00:00,868) /sbin/getty -8 38400 tty5
(root,17316,12,00:00:00,873) /sbin/getty -8 38400 tty2
(root,17316,12,00:00:00,874) /sbin/getty -8 38400 tty3
(root,17316,12,00:00:00,876) /sbin/getty -8 38400 tty6
(root,23664,616,00:04:01,899) cron
(root,4380,0,00:00:00,977) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(root,123384,0,00:05:28,985) ypbind -no-dbus
(daemon,19152,0,00:00:01,1015) atd
(root,19320,908,01:46:41,1017) /usr/sbin/irqbalance
(root,375180,60,00:07:34,1020) /usr/sbin/automount
(nagios,23472,0,00:00:00,1138) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,25356,688,00:12:38,1335) /usr/lib/postfix/master
(postfix,27748,1568,00:09:09,1371) qmgr -l -t unix -u
(root,0,0,00:00:00,1435) [kauditd]
(ntp,31472,1604,02:34:29,1537) /usr/sbin/ntpd -p /var/run/ntpd.pid -g -u 107:114
(root,90004,2172,10:25:21,1561) /usr/bin/vmtoolsd
(root,82292,14844,12:17:02,1594) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,1262888,240496,17:27:22,1596) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,380352,158708,08:32:11,1597) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90176,15100,03:36:42,1599) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,0,0,00:01:53,1620) [kworker/3:2]
(root,405040,4420,00:25:31,1653) /usr/sbin/r1soft/bin/cdp -s -c /usr/sbin/r1soft/conf/agent_config
(root,0,0,00:00:00,3956) [kworker/u8:2]
(root,0,0,00:00:00,6238) [kworker/1:1H]
(root,269940,5636,00:56:18,6743) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,0,0,00:00:00,6955) [kworker/u8:0]
(root,61392,5460,00:00:00,7354) sshd: [accepted]    
(root,18032,2924,00:00:00,7609) /bin/bash /usr/bin/check_mk_agent
(root,15580,2128,00:00:00,7628) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10992,1452,00:00:00,7629) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /
(root,15008,500,00:04:27,8829) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,0,0,00:00:00,14070) [kworker/3:1H]
(root,61392,1140,00:05:01,19375) /usr/sbin/sshd -D
(root,17316,12,00:00:00,19491) /sbin/getty -8 38400 tty1
(root,0,0,00:03:43,20016) [kworker/3:0]
(root,0,0,00:00:00,20102) [kworker/0:1H]
(root,0,0,00:27:00,22947) [kworker/0:0]
(root,0,0,00:00:50,25580) [kworker/2:1]
(root,0,0,00:01:44,26247) [kworker/1:2]
(root,222028,8,00:00:00,26525) /usr/bin/python3 /usr/lib/ubuntu-release-upgrader/check-new-release -q
(bind,775896,310840,29-04:26:14,26714) /usr/sbin/named -u bind -S 16384
(root,0,0,00:01:34,27141) [kworker/2:2]
(root,0,0,00:00:00,28402) [kworker/2:1H]
(root,0,0,00:04:52,30220) [kworker/1:0]
(postfix,27420,2980,00:00:00,30916) pickup -l -t unix -u -c

Found on 2022-12-21 12:32

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5c447d5d27

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33648,1228,00:17:11,1) /sbin/init
(root,0,0,00:00:03,2) [kthreadd]
(root,0,0,00:21:36,3) [ksoftirqd/0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,2-00:27:38,7) [rcu_sched]
(root,0,0,10:01:48,8) [rcuos/0]
(root,0,0,10:31:51,9) [rcuos/1]
(root,0,0,10:50:41,10) [rcuos/2]
(root,0,0,11:05:05,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:12:04,17) [migration/0]
(root,0,0,00:03:59,18) [watchdog/0]
(root,0,0,00:03:25,19) [watchdog/1]
(root,0,0,00:12:29,20) [migration/1]
(root,0,0,00:24:23,21) [ksoftirqd/1]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:03:23,24) [watchdog/2]
(root,0,0,00:13:01,25) [migration/2]
(root,0,0,00:27:38,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:03:22,29) [watchdog/3]
(root,0,0,00:12:37,30) [migration/3]
(root,0,0,00:30:06,31) [ksoftirqd/3]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:21,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:07:26,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:17:39,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,149) [kpsmoused]
(root,0,0,00:00:00,150) [mpt_poll_0]
(root,0,0,00:00:00,154) [mpt/0]
(root,0,0,00:00:00,155) [kworker/0:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:30:22,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,19616,64,00:00:00,344) upstart-udev-bridge --daemon
(root,52152,72,00:00:00,364) /lib/systemd/systemd-udevd --daemon
(root,15288,108,00:00:00,399) upstart-file-bridge --daemon
(root,0,0,00:00:00,403) [rpciod]
(syslog,255956,172,05:33:26,407) rsyslogd
(root,0,0,00:00:00,412) [nfsiod]
(root,23492,0,00:00:00,435) rpc.idmapd
(root,0,0,00:00:00,448) [ttm_swap]
(root,23520,860,00:04:25,573) rpcbind
(root,15532,0,00:00:00,655) upstart-socket-bridge --daemon
(statd,21612,8,00:00:00,671) rpc.statd -L
(root,17316,12,00:00:00,865) /sbin/getty -8 38400 tty4
(root,17316,12,00:00:00,868) /sbin/getty -8 38400 tty5
(root,17316,12,00:00:00,873) /sbin/getty -8 38400 tty2
(root,17316,12,00:00:00,874) /sbin/getty -8 38400 tty3
(root,17316,12,00:00:00,876) /sbin/getty -8 38400 tty6
(root,23664,336,00:03:57,899) cron
(root,4380,0,00:00:00,977) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(root,123384,136,00:05:23,985) ypbind -no-dbus
(daemon,19152,0,00:00:01,1015) atd
(root,19320,560,01:45:13,1017) /usr/sbin/irqbalance
(root,375180,0,00:07:29,1020) /usr/sbin/automount
(nagios,23472,0,00:00:00,1138) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,25356,672,00:12:25,1335) /usr/lib/postfix/master
(postfix,27748,608,00:08:59,1371) qmgr -l -t unix -u
(root,0,0,00:00:00,1435) [kauditd]
(ntp,31472,1556,02:32:11,1537) /usr/sbin/ntpd -p /var/run/ntpd.pid -g -u 107:114
(root,90004,2732,10:16:11,1561) /usr/bin/vmtoolsd
(root,82292,15056,12:06:28,1594) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,1262888,309904,17:20:40,1596) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,377108,75404,08:25:12,1597) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90176,15012,03:33:38,1599) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,0,0,00:01:53,1620) [kworker/3:2]
(root,405040,3632,00:25:08,1653) /usr/sbin/r1soft/bin/cdp -s -c /usr/sbin/r1soft/conf/agent_config
(root,0,0,00:00:00,6238) [kworker/1:1H]
(root,269940,5984,00:52:01,6743) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,0,0,00:00:00,8299) [kworker/u8:1]
(root,15008,404,00:04:22,8829) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,0,0,00:00:00,9716) [kworker/u8:2]
(postfix,27420,2940,00:00:00,12319) pickup -l -t unix -u -c
(root,0,0,00:00:00,14070) [kworker/3:1H]
(root,0,0,00:00:00,14284) [kworker/u8:0]
(postfix,27516,2980,00:00:00,14740) cleanup -z -t unix -u -c
(postfix,27432,2928,00:00:00,14741) trivial-rewrite -n rewrite -t unix -u -c
(postfix,27464,4060,00:00:00,14742) local -t unix
(postfix,42448,4200,00:00:00,14743) smtp -t unix -u -c
(postfix,27448,2900,00:00:00,14744) bounce -z -t unix -u -c
(postfix,27448,2876,00:00:00,14745) bounce -z -t unix -u -c
(root,18032,2940,00:00:00,14842) /bin/bash /usr/bin/check_mk_agent
(root,15580,2136,00:00:00,14861) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10996,1380,00:00:00,14862) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /
(root,61392,868,00:04:34,19375) /usr/sbin/sshd -D
(root,17316,12,00:00:00,19491) /sbin/getty -8 38400 tty1
(root,0,0,00:03:16,20016) [kworker/3:0]
(root,0,0,00:00:00,20102) [kworker/0:1H]
(root,0,0,00:26:35,22947) [kworker/0:0]
(root,0,0,00:00:50,25580) [kworker/2:1]
(root,0,0,00:01:44,26247) [kworker/1:2]
(root,222028,8,00:00:00,26525) /usr/bin/python3 /usr/lib/ubuntu-release-upgrader/check-new-release -q
(bind,775896,313188,28-14:27:51,26714) /usr/sbin/named -u bind -S 16384
(root,0,0,00:01:08,27141) [kworker/2:2]
(root,0,0,00:00:00,28402) [kworker/2:1H]
(root,0,0,00:04:18,30220) [kworker/1:0]

Found on 2022-12-10 02:12

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5c3004d33b

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33648,2260,00:16:56,1) /sbin/init
(root,0,0,00:00:03,2) [kthreadd]
(root,0,0,00:20:51,3) [ksoftirqd/0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,1-22:49:07,7) [rcu_sched]
(root,0,0,09:40:33,8) [rcuos/0]
(root,0,0,10:10:09,9) [rcuos/1]
(root,0,0,10:27:35,10) [rcuos/2]
(root,0,0,10:42:01,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:11:39,17) [migration/0]
(root,0,0,00:03:51,18) [watchdog/0]
(root,0,0,00:03:18,19) [watchdog/1]
(root,0,0,00:12:02,20) [migration/1]
(root,0,0,00:23:33,21) [ksoftirqd/1]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:03:16,24) [watchdog/2]
(root,0,0,00:12:35,25) [migration/2]
(root,0,0,00:26:43,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:03:15,29) [watchdog/3]
(root,0,0,00:12:10,30) [migration/3]
(root,0,0,00:29:06,31) [ksoftirqd/3]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:20,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:07:10,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:17:14,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,149) [kpsmoused]
(root,0,0,00:00:00,150) [mpt_poll_0]
(root,0,0,00:00:00,154) [mpt/0]
(root,0,0,00:00:00,155) [kworker/0:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:29:33,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,19616,4,00:00:00,344) upstart-udev-bridge --daemon
(root,52152,68,00:00:00,364) /lib/systemd/systemd-udevd --daemon
(root,15288,12,00:00:00,399) upstart-file-bridge --daemon
(root,0,0,00:00:00,403) [rpciod]
(syslog,255956,120,05:31:17,407) rsyslogd
(root,0,0,00:00:00,412) [nfsiod]
(root,23492,0,00:00:00,435) rpc.idmapd
(root,0,0,00:00:00,448) [ttm_swap]
(root,23520,916,00:04:22,573) rpcbind
(root,15532,92,00:00:00,655) upstart-socket-bridge --daemon
(statd,21612,8,00:00:00,671) rpc.statd -L
(root,17316,12,00:00:00,865) /sbin/getty -8 38400 tty4
(root,17316,12,00:00:00,868) /sbin/getty -8 38400 tty5
(root,17316,12,00:00:00,873) /sbin/getty -8 38400 tty2
(root,17316,12,00:00:00,874) /sbin/getty -8 38400 tty3
(root,17316,12,00:00:00,876) /sbin/getty -8 38400 tty6
(root,23664,532,00:03:49,899) cron
(root,4380,0,00:00:00,977) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(root,123384,80,00:05:12,985) ypbind -no-dbus
(daemon,19152,0,00:00:01,1015) atd
(root,19320,876,01:42:01,1017) /usr/sbin/irqbalance
(root,375180,256,00:07:14,1020) /usr/sbin/automount
(nagios,23472,0,00:00:00,1138) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,25356,660,00:11:56,1335) /usr/lib/postfix/master
(postfix,27748,556,00:08:38,1371) qmgr -l -t unix -u
(root,0,0,00:00:00,1435) [kauditd]
(ntp,31472,1344,02:27:18,1537) /usr/sbin/ntpd -p /var/run/ntpd.pid -g -u 107:114
(root,90004,2048,09:56:07,1561) /usr/bin/vmtoolsd
(root,82292,15372,11:43:12,1594) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,1262624,230512,17:05:46,1596) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,368548,142696,08:10:03,1597) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90176,16512,03:26:53,1599) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,0,0,00:01:53,1620) [kworker/3:2]
(root,405040,224,00:24:17,1653) /usr/sbin/r1soft/bin/cdp -s -c /usr/sbin/r1soft/conf/agent_config
(root,0,0,00:00:00,5444) [nfsv4.0-svc]
(root,0,0,00:00:00,6238) [kworker/1:1H]
(root,270196,6268,00:44:07,6743) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,15008,456,00:04:12,8829) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,0,0,00:00:00,14070) [kworker/3:1H]
(root,61392,664,00:03:51,19375) /usr/sbin/sshd -D
(root,17316,12,00:00:00,19491) /sbin/getty -8 38400 tty1
(root,0,0,00:02:17,20016) [kworker/3:0]
(root,0,0,00:00:00,20102) [kworker/0:1H]
(root,0,0,00:00:00,20788) [kworker/u8:0]
(root,0,0,00:25:39,22947) [kworker/0:0]
(postfix,27420,2896,00:00:00,23587) pickup -l -t unix -u -c
(root,0,0,00:00:00,24424) [kworker/u8:2]
(root,0,0,00:00:50,25580) [kworker/2:1]
(root,0,0,00:00:00,25818) [kworker/u8:1]
(root,18032,3008,00:00:00,26003) /bin/bash /usr/bin/check_mk_agent
(root,15580,2116,00:00:00,26027) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10996,1568,00:00:00,26028) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /
(root,0,0,00:01:44,26247) [kworker/1:2]
(root,222028,8,00:00:00,26525) /usr/bin/python3 /usr/lib/ubuntu-release-upgrader/check-new-release -q
(bind,775896,334072,27-07:12:39,26714) /usr/sbin/named -u bind -S 16384
(root,0,0,00:00:10,27141) [kworker/2:2]
(root,0,0,00:00:00,28402) [kworker/2:1H]
(root,0,0,00:03:05,30220) [kworker/1:0]

Found on 2022-11-14 22:23

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5caa6e0cb4

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33648,2396,00:16:52,1) /sbin/init
(root,0,0,00:00:03,2) [kthreadd]
(root,0,0,00:20:41,3) [ksoftirqd/0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,1-22:26:29,7) [rcu_sched]
(root,0,0,09:35:47,8) [rcuos/0]
(root,0,0,10:05:11,9) [rcuos/1]
(root,0,0,10:22:13,10) [rcuos/2]
(root,0,0,10:36:44,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:11:33,17) [migration/0]
(root,0,0,00:03:49,18) [watchdog/0]
(root,0,0,00:03:17,19) [watchdog/1]
(root,0,0,00:11:56,20) [migration/1]
(root,0,0,00:23:22,21) [ksoftirqd/1]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:03:14,24) [watchdog/2]
(root,0,0,00:12:29,25) [migration/2]
(root,0,0,00:26:31,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:03:13,29) [watchdog/3]
(root,0,0,00:12:04,30) [migration/3]
(root,0,0,00:28:53,31) [ksoftirqd/3]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:20,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:07:06,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:17:08,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,149) [kpsmoused]
(root,0,0,00:00:00,150) [mpt_poll_0]
(root,0,0,00:00:00,154) [mpt/0]
(root,0,0,00:00:00,155) [kworker/0:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:29:22,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,19616,432,00:00:00,344) upstart-udev-bridge --daemon
(root,52152,28,00:00:00,364) /lib/systemd/systemd-udevd --daemon
(root,15288,744,00:00:00,399) upstart-file-bridge --daemon
(root,0,0,00:00:00,403) [rpciod]
(syslog,255956,208,05:30:42,407) rsyslogd
(root,0,0,00:00:00,412) [nfsiod]
(root,23492,0,00:00:00,435) rpc.idmapd
(root,0,0,00:00:00,448) [ttm_swap]
(root,23520,1088,00:04:21,573) rpcbind
(root,15532,580,00:00:00,655) upstart-socket-bridge --daemon
(statd,21612,8,00:00:00,671) rpc.statd -L
(root,17316,12,00:00:00,865) /sbin/getty -8 38400 tty4
(root,17316,12,00:00:00,868) /sbin/getty -8 38400 tty5
(root,17316,12,00:00:00,873) /sbin/getty -8 38400 tty2
(root,17316,12,00:00:00,874) /sbin/getty -8 38400 tty3
(root,17316,12,00:00:00,876) /sbin/getty -8 38400 tty6
(root,23664,728,00:03:47,899) cron
(root,4380,0,00:00:00,977) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(root,123384,36,00:05:10,985) ypbind -no-dbus
(daemon,19152,172,00:00:01,1015) atd
(root,19320,1136,01:41:15,1017) /usr/sbin/irqbalance
(root,375180,884,00:07:11,1020) /usr/sbin/automount
(nagios,23472,328,00:00:00,1138) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,25356,932,00:11:49,1335) /usr/lib/postfix/master
(postfix,27748,180,00:08:33,1371) qmgr -l -t unix -u
(root,0,0,00:00:00,1435) [kauditd]
(ntp,31472,1616,02:26:09,1537) /usr/sbin/ntpd -p /var/run/ntpd.pid -g -u 107:114
(root,90004,2328,09:51:25,1561) /usr/bin/vmtoolsd
(root,82292,15160,11:37:47,1594) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,1262624,259568,17:02:20,1596) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,366864,145908,08:06:33,1597) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90176,7892,03:25:19,1599) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,0,0,00:01:53,1620) [kworker/3:2]
(root,405040,1364,00:24:06,1653) /usr/sbin/r1soft/bin/cdp -s -c /usr/sbin/r1soft/conf/agent_config
(root,0,0,00:00:00,5444) [nfsv4.0-svc]
(root,0,0,00:00:00,6238) [kworker/1:1H]
(root,269940,5748,00:42:10,6743) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,15008,556,00:04:10,8829) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,0,0,00:00:00,14070) [kworker/3:1H]
(root,0,0,00:00:00,17926) [kworker/u8:2]
(root,61392,772,00:03:41,19375) /usr/sbin/sshd -D
(root,17316,12,00:00:00,19491) /sbin/getty -8 38400 tty1
(root,0,0,00:00:00,19564) [kworker/u8:0]
(root,0,0,00:05:08,20012) [kworker/2:0]
(root,0,0,00:02:03,20016) [kworker/3:0]
(root,0,0,00:00:00,20102) [kworker/0:1H]
(postfix,27420,2996,00:00:00,20409) pickup -l -t unix -u -c
(root,0,0,00:00:00,21767) [kworker/u8:1]
(root,18032,2976,00:00:00,22275) /bin/bash /usr/bin/check_mk_agent
(root,15580,2132,00:00:00,22296) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10996,1468,00:00:00,22297) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /
(root,0,0,00:25:24,22947) [kworker/0:0]
(root,0,0,00:00:50,25580) [kworker/2:1]
(root,0,0,00:01:44,26247) [kworker/1:2]
(root,222028,8,00:00:00,26525) /usr/bin/python3 /usr/lib/ubuntu-release-upgrader/check-new-release -q
(bind,775896,328212,27-00:15:30,26714) /usr/sbin/named -u bind -S 16384
(root,0,0,00:00:00,28402) [kworker/2:1H]
(root,0,0,00:02:48,30220) [kworker/1:0]

Found on 2022-11-09 01:05

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5c2b306916

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33648,740,00:16:43,1) /sbin/init
(root,0,0,00:00:03,2) [kthreadd]
(root,0,0,00:20:13,3) [ksoftirqd/0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,1-21:15:44,7) [rcu_sched]
(root,0,0,09:20:39,8) [rcuos/0]
(root,0,0,09:49:51,9) [rcuos/1]
(root,0,0,10:05:37,10) [rcuos/2]
(root,0,0,10:20:12,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:11:14,17) [migration/0]
(root,0,0,00:03:44,18) [watchdog/0]
(root,0,0,00:03:11,19) [watchdog/1]
(root,0,0,00:11:36,20) [migration/1]
(root,0,0,00:22:51,21) [ksoftirqd/1]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:03:09,24) [watchdog/2]
(root,0,0,00:12:09,25) [migration/2]
(root,0,0,00:25:54,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:03:08,29) [watchdog/3]
(root,0,0,00:11:45,30) [migration/3]
(root,0,0,00:28:13,31) [ksoftirqd/3]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:19,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:06:55,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:16:50,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,149) [kpsmoused]
(root,0,0,00:00:00,150) [mpt_poll_0]
(root,0,0,00:00:00,154) [mpt/0]
(root,0,0,00:00:00,155) [kworker/0:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:28:47,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,19616,84,00:00:00,344) upstart-udev-bridge --daemon
(root,52152,0,00:00:00,364) /lib/systemd/systemd-udevd --daemon
(root,15288,0,00:00:00,399) upstart-file-bridge --daemon
(root,0,0,00:00:00,403) [rpciod]
(syslog,255956,44,05:29:17,407) rsyslogd
(root,0,0,00:00:00,412) [nfsiod]
(root,23492,0,00:00:00,435) rpc.idmapd
(root,0,0,00:00:00,448) [ttm_swap]
(root,23520,948,00:04:18,573) rpcbind
(root,15532,0,00:00:00,655) upstart-socket-bridge --daemon
(statd,21612,8,00:00:00,671) rpc.statd -L
(root,17316,12,00:00:00,865) /sbin/getty -8 38400 tty4
(root,17316,12,00:00:00,868) /sbin/getty -8 38400 tty5
(root,17316,12,00:00:00,873) /sbin/getty -8 38400 tty2
(root,17316,12,00:00:00,874) /sbin/getty -8 38400 tty3
(root,17316,12,00:00:00,876) /sbin/getty -8 38400 tty6
(root,23664,508,00:03:41,899) cron
(root,4380,0,00:00:00,977) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(root,123384,0,00:05:01,985) ypbind -no-dbus
(daemon,19152,0,00:00:01,1015) atd
(root,19320,948,01:38:45,1017) /usr/sbin/irqbalance
(root,375180,488,00:07:02,1020) /usr/sbin/automount
(nagios,23472,16,00:00:00,1138) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,25356,656,00:11:28,1335) /usr/lib/postfix/master
(postfix,27748,172,00:08:17,1371) qmgr -l -t unix -u
(root,0,0,00:00:00,1435) [kauditd]
(ntp,31472,1552,02:22:36,1537) /usr/sbin/ntpd -p /var/run/ntpd.pid -g -u 107:114
(root,90004,2236,09:36:31,1561) /usr/bin/vmtoolsd
(root,82292,15092,11:20:27,1594) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,1262492,274236,16:51:27,1596) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,361276,138152,07:55:14,1597) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90176,7832,03:20:18,1599) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,0,0,00:01:53,1620) [kworker/3:2]
(root,405040,100,00:23:29,1653) /usr/sbin/r1soft/bin/cdp -s -c /usr/sbin/r1soft/conf/agent_config
(root,0,0,00:00:00,6238) [kworker/1:1H]
(root,269940,5860,00:36:54,6743) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,15008,396,00:04:02,8829) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,0,0,00:00:00,14070) [kworker/3:1H]
(root,0,0,00:00:00,16806) [kworker/u8:0]
(postfix,27420,3028,00:00:00,16918) pickup -l -t unix -u -c
(root,61392,984,00:03:16,19375) /usr/sbin/sshd -D
(root,17316,12,00:00:00,19491) /sbin/getty -8 38400 tty1
(root,0,0,00:04:26,20012) [kworker/2:0]
(root,0,0,00:01:21,20016) [kworker/3:0]
(root,0,0,00:00:00,20102) [kworker/0:1H]
(root,0,0,00:24:42,22947) [kworker/0:0]
(root,0,0,00:00:50,25580) [kworker/2:1]
(root,0,0,00:01:44,26247) [kworker/1:2]
(root,222028,8,00:00:00,26525) /usr/bin/python3 /usr/lib/ubuntu-release-upgrader/check-new-release -q
(root,0,0,00:00:00,26603) [kworker/u8:1]
(bind,775896,297004,26-03:40:43,26714) /usr/sbin/named -u bind -S 16384
(postfix,27516,2992,00:00:00,27331) cleanup -z -t unix -u -c
(postfix,27432,3028,00:00:00,27332) trivial-rewrite -n rewrite -t unix -u -c
(postfix,27464,4148,00:00:00,27333) local -t unix
(postfix,42448,4156,00:00:00,27334) smtp -t unix -u -c
(postfix,27448,3064,00:00:00,27335) bounce -z -t unix -u -c
(postfix,27448,3016,00:00:00,27336) bounce -z -t unix -u -c
(root,63464,5596,00:00:00,27417) sshd: [accepted]    
(root,63464,5584,00:00:00,27418) sshd: [accepted]    
(root,63464,5388,00:00:00,27419) sshd: [accepted]    
(root,63464,5520,00:00:00,27420) sshd: [accepted]    
(sshd,61392,2796,00:00:00,27421) sshd: [net]         
(sshd,61392,2900,00:00:00,27422) sshd: [net]         
(root,63464,5564,00:00:00,27423) sshd: [accepted]    
(sshd,61392,2848,00:00:00,27424) sshd: [net]         
(root,63464,5584,00:00:00,27425) sshd: [accepted]    
(sshd,61392,2848,00:00:00,27426) sshd: [net]         
(sshd,61392,2852,00:00:00,27427) sshd: [net]         
(sshd,61392,2792,00:00:00,27428) sshd: [net]         
(root,63464,5568,00:00:00,27429) sshd: [accepted]    
(root,63464,5600,00:00:00,27430) sshd: [accepted]    
(root,63464,5608,00:00:00,27431) sshd: [accepted]    
(root,63464,5588,00:00:00,27432) sshd: [accepted]    
(sshd,61392,2800,00:00:00,27433) sshd: [net]         
(sshd,61392,2840,00:00:00,27434) sshd: [net]         
(sshd,61392,2908,00:00:00,27435) sshd: [net]         
(sshd,61392,2712,00:00:00,27436) sshd: [net]         
(root,63464,5532,00:00:00,27437) sshd: [accepted]    
(root,63464,5568,00:00:00,27438) sshd: [accepted]    
(sshd,61392,2848,00:00:00,27439) sshd: [net]         
(sshd,61392,2848,00:00:00,27440) sshd: [net]         
(root,63464,5516,00:00:00,27441) sshd: [accepted]    
(sshd,61392,2852,00:00:00,27442) sshd: [net]         
(root,63464,5408,00:00:00,27443) sshd: [accepted]    
(sshd,61392,2848,00:00:00,27444) sshd: [net]         
(root,63464,5608,00:00:00,27445) sshd: [accepted]    
(sshd,61392,2956,00:00:00,27446) sshd: [net]         
(root,0,0,00:00:00,27447) [kworker/u8:2]
(root,18032,2956,00:00:00,27792) /bin/bash /usr/bin/check_mk_agent
(root,15580,2136,00:00:00,27811) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10996,1572,00:00:00,27812) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /
(root,0,0,00:00:00,28402) [kworker/2:1H]
(root,0,0,00:01:53,30220) [kworker/1:0]

Found on 2022-10-21 03:10

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5c61f2e92b

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33648,2572,00:16:30,1) /sbin/init
(root,0,0,00:00:03,2) [kthreadd]
(root,0,0,00:19:33,3) [ksoftirqd/0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,1-19:41:44,7) [rcu_sched]
(root,0,0,09:00:27,8) [rcuos/0]
(root,0,0,09:29:12,9) [rcuos/1]
(root,0,0,09:43:15,10) [rcuos/2]
(root,0,0,09:57:50,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:10:50,17) [migration/0]
(root,0,0,00:03:36,18) [watchdog/0]
(root,0,0,00:03:05,19) [watchdog/1]
(root,0,0,00:11:09,20) [migration/1]
(root,0,0,00:22:06,21) [ksoftirqd/1]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:03:02,24) [watchdog/2]
(root,0,0,00:11:43,25) [migration/2]
(root,0,0,00:25:00,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:03:01,29) [watchdog/3]
(root,0,0,00:11:19,30) [migration/3]
(root,0,0,00:27:15,31) [ksoftirqd/3]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:19,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:06:40,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:16:26,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,149) [kpsmoused]
(root,0,0,00:00:00,150) [mpt_poll_0]
(root,0,0,00:00:00,154) [mpt/0]
(root,0,0,00:00:00,155) [kworker/0:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:28:00,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,19616,368,00:00:00,344) upstart-udev-bridge --daemon
(root,52152,84,00:00:00,364) /lib/systemd/systemd-udevd --daemon
(root,15288,840,00:00:00,399) upstart-file-bridge --daemon
(root,0,0,00:00:00,403) [rpciod]
(syslog,255956,140,05:27:14,407) rsyslogd
(root,0,0,00:00:00,412) [nfsiod]
(root,23492,0,00:00:00,435) rpc.idmapd
(root,0,0,00:00:00,448) [ttm_swap]
(root,23520,1160,00:04:13,573) rpcbind
(root,15532,480,00:00:00,655) upstart-socket-bridge --daemon
(statd,21612,140,00:00:00,671) rpc.statd -L
(root,0,0,00:00:00,801) [nfsv4.0-svc]
(root,17316,12,00:00:00,865) /sbin/getty -8 38400 tty4
(root,17316,12,00:00:00,868) /sbin/getty -8 38400 tty5
(root,17316,12,00:00:00,873) /sbin/getty -8 38400 tty2
(root,17316,12,00:00:00,874) /sbin/getty -8 38400 tty3
(root,17316,12,00:00:00,876) /sbin/getty -8 38400 tty6
(root,23664,668,00:03:33,899) cron
(root,4380,0,00:00:00,977) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(root,123384,444,00:04:51,985) ypbind -no-dbus
(daemon,19152,0,00:00:01,1015) atd
(root,19320,1112,01:35:31,1017) /usr/sbin/irqbalance
(root,375180,560,00:06:49,1020) /usr/sbin/automount
(nagios,23472,0,00:00:00,1138) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,25356,700,00:11:00,1335) /usr/lib/postfix/master
(postfix,27748,1940,00:07:56,1371) qmgr -l -t unix -u
(root,0,0,00:00:00,1435) [kauditd]
(ntp,31472,1828,02:17:55,1537) /usr/sbin/ntpd -p /var/run/ntpd.pid -g -u 107:114
(root,90004,3156,09:16:53,1561) /usr/bin/vmtoolsd
(root,82292,15976,10:57:43,1594) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,1262360,212104,16:37:06,1596) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,353224,42300,07:40:22,1597) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90176,8704,03:13:42,1599) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,0,0,00:01:53,1620) [kworker/3:2]
(root,405040,300,00:22:40,1653) /usr/sbin/r1soft/bin/cdp -s -c /usr/sbin/r1soft/conf/agent_config
(root,0,0,00:00:00,3083) [kworker/u8:2]
(postfix,27420,3032,00:00:00,5781) pickup -l -t unix -u -c
(root,0,0,00:00:00,6238) [kworker/1:1H]
(root,0,0,00:00:00,6467) [kworker/u8:1]
(root,269940,6564,00:29:33,6743) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(postfix,27516,3136,00:00:00,7323) cleanup -z -t unix -u -c
(postfix,27432,3032,00:00:00,7324) trivial-rewrite -n rewrite -t unix -u -c
(postfix,27464,4060,00:00:00,7325) local -t unix
(postfix,42448,4104,00:00:00,7326) smtp -t unix -u -c
(postfix,27448,3068,00:00:00,7327) bounce -z -t unix -u -c
(root,18032,3000,00:00:00,7786) /bin/bash /usr/bin/check_mk_agent
(root,15580,2156,00:00:00,7811) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10996,1400,00:00:00,7812) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /
(root,15008,568,00:03:52,8829) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,0,0,00:00:00,14070) [kworker/3:1H]
(root,61392,1212,00:02:37,19375) /usr/sbin/sshd -D
(root,17316,12,00:00:00,19491) /sbin/getty -8 38400 tty1
(root,0,0,00:03:29,20012) [kworker/2:0]
(root,0,0,00:00:24,20016) [kworker/3:0]
(root,0,0,00:00:00,20102) [kworker/0:1H]
(root,0,0,00:23:45,22947) [kworker/0:0]
(root,0,0,00:00:50,25580) [kworker/2:1]
(root,0,0,00:01:44,26247) [kworker/1:2]
(root,222028,8,00:00:00,26525) /usr/bin/python3 /usr/lib/ubuntu-release-upgrader/check-new-release -q
(bind,775896,311824,24-23:29:05,26714) /usr/sbin/named -u bind -S 16384
(root,0,0,00:00:00,28402) [kworker/2:1H]
(root,0,0,00:00:41,30220) [kworker/1:0]

Found on 2022-09-26 08:25

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5c0e931e6a

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33648,2456,00:16:24,1) /sbin/init
(root,0,0,00:00:03,2) [kthreadd]
(root,0,0,00:19:17,3) [ksoftirqd/0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,1-19:03:19,7) [rcu_sched]
(root,0,0,08:52:07,8) [rcuos/0]
(root,0,0,09:20:46,9) [rcuos/1]
(root,0,0,09:34:03,10) [rcuos/2]
(root,0,0,09:48:35,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:10:40,17) [migration/0]
(root,0,0,00:03:33,18) [watchdog/0]
(root,0,0,00:03:02,19) [watchdog/1]
(root,0,0,00:10:58,20) [migration/1]
(root,0,0,00:21:49,21) [ksoftirqd/1]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:02:59,24) [watchdog/2]
(root,0,0,00:11:31,25) [migration/2]
(root,0,0,00:24:40,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:02:58,29) [watchdog/3]
(root,0,0,00:11:08,30) [migration/3]
(root,0,0,00:26:53,31) [ksoftirqd/3]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:18,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:06:34,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:16:16,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,149) [kpsmoused]
(root,0,0,00:00:00,150) [mpt_poll_0]
(root,0,0,00:00:00,154) [mpt/0]
(root,0,0,00:00:00,155) [kworker/0:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:27:40,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,19616,348,00:00:00,344) upstart-udev-bridge --daemon
(root,52152,88,00:00:00,364) /lib/systemd/systemd-udevd --daemon
(root,15288,148,00:00:00,399) upstart-file-bridge --daemon
(root,0,0,00:00:00,403) [rpciod]
(syslog,255956,400,05:26:27,407) rsyslogd
(root,0,0,00:00:00,412) [nfsiod]
(root,23492,0,00:00:00,435) rpc.idmapd
(root,0,0,00:00:00,448) [ttm_swap]
(root,23520,1344,00:04:11,573) rpcbind
(root,15532,244,00:00:00,655) upstart-socket-bridge --daemon
(statd,21612,0,00:00:00,671) rpc.statd -L
(root,0,0,00:00:00,801) [nfsv4.0-svc]
(root,17316,12,00:00:00,865) /sbin/getty -8 38400 tty4
(root,17316,12,00:00:00,868) /sbin/getty -8 38400 tty5
(root,17316,12,00:00:00,873) /sbin/getty -8 38400 tty2
(root,17316,12,00:00:00,874) /sbin/getty -8 38400 tty3
(root,17316,12,00:00:00,876) /sbin/getty -8 38400 tty6
(root,23664,684,00:03:30,899) cron
(root,4380,0,00:00:00,977) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(root,123384,0,00:04:46,985) ypbind -no-dbus
(daemon,19152,40,00:00:01,1015) atd
(root,19320,1096,01:34:07,1017) /usr/sbin/irqbalance
(root,375180,140,00:06:42,1020) /usr/sbin/automount
(nagios,23472,0,00:00:00,1138) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,25356,848,00:10:48,1335) /usr/lib/postfix/master
(postfix,27748,1568,00:07:47,1371) qmgr -l -t unix -u
(root,0,0,00:00:00,1435) [kauditd]
(ntp,31472,1860,02:15:54,1537) /usr/sbin/ntpd -p /var/run/ntpd.pid -g -u 107:114
(root,90004,2384,09:08:28,1561) /usr/bin/vmtoolsd
(root,82292,14364,10:48:02,1594) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,1262228,311324,16:31:05,1596) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,350108,46096,07:34:07,1597) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90176,8244,03:10:53,1599) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,0,0,00:01:53,1620) [kworker/3:2]
(root,405040,108,00:22:20,1653) /usr/sbin/r1soft/bin/cdp -s -c /usr/sbin/r1soft/conf/agent_config
(root,0,0,00:00:00,6238) [kworker/1:1H]
(root,269940,6240,00:26:21,6743) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,15008,636,00:03:48,8829) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(postfix,27420,3056,00:00:00,11308) pickup -l -t unix -u -c
(root,0,0,00:00:23,12212) [kworker/3:1]
(root,0,0,00:00:00,14070) [kworker/3:1H]
(root,0,0,00:00:00,14584) [kworker/u8:1]
(root,0,0,00:00:00,18744) [kworker/u8:0]
(root,61392,1240,00:02:19,19375) /usr/sbin/sshd -D
(root,17316,12,00:00:00,19491) /sbin/getty -8 38400 tty1
(root,0,0,00:00:00,19927) [kworker/u8:2]
(root,0,0,00:03:05,20012) [kworker/2:0]
(root,0,0,00:00:00,20102) [kworker/0:1H]
(root,61392,5432,00:00:00,20513) sshd: [accepted]    
(postfix,27516,3108,00:00:00,20546) cleanup -z -t unix -u -c
(postfix,27432,2988,00:00:00,20547) trivial-rewrite -n rewrite -t unix -u -c
(postfix,27464,4196,00:00:00,20548) local -t unix
(postfix,42448,4220,00:00:00,20549) smtp -t unix -u -c
(postfix,27448,2924,00:00:00,20550) bounce -z -t unix -u -c
(postfix,27516,3124,00:00:00,20551) cleanup -z -t unix -u -c
(root,18032,2956,00:00:00,20808) /bin/bash /usr/bin/check_mk_agent
(root,15580,2128,00:00:00,20833) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10992,1392,00:00:00,20834) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /
(root,0,0,00:23:21,22947) [kworker/0:0]
(root,0,0,00:00:50,25580) [kworker/2:1]
(root,0,0,00:01:44,26247) [kworker/1:2]
(root,222028,8,00:00:00,26525) /usr/bin/python3 /usr/lib/ubuntu-release-upgrader/check-new-release -q
(bind,775896,332980,24-12:21:08,26714) /usr/sbin/named -u bind -S 16384
(root,0,0,00:00:00,28402) [kworker/2:1H]
(root,0,0,00:00:10,30220) [kworker/1:0]

Found on 2022-09-15 18:18

Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcb0928f4f1659cfab246bcfd994c2bfe5cc5861dfd

Found public CheckMk agent:
Version: 1.2.6p16
AgentOS: linux
AgentDirectory: /etc/check_mk
DataDirectory: /var/lib/check_mk_agent
SpoolDirectory: /var/lib/check_mk_agent/spool
PluginsDirectory: /usr/lib/check_mk_agent/plugins
LocalDirectory: /usr/lib/check_mk_agent/local
OnlyFrom: 

Found process list through CheckMk:
(root,33648,2684,00:16:21,1) /sbin/init
(root,0,0,00:00:03,2) [kthreadd]
(root,0,0,00:19:06,3) [ksoftirqd/0]
(root,0,0,00:00:00,5) [kworker/0:0H]
(root,0,0,1-18:39:47,7) [rcu_sched]
(root,0,0,08:47:01,8) [rcuos/0]
(root,0,0,09:15:37,9) [rcuos/1]
(root,0,0,09:28:24,10) [rcuos/2]
(root,0,0,09:43:00,11) [rcuos/3]
(root,0,0,00:00:00,12) [rcu_bh]
(root,0,0,00:00:00,13) [rcuob/0]
(root,0,0,00:00:00,14) [rcuob/1]
(root,0,0,00:00:00,15) [rcuob/2]
(root,0,0,00:00:00,16) [rcuob/3]
(root,0,0,00:10:33,17) [migration/0]
(root,0,0,00:03:31,18) [watchdog/0]
(root,0,0,00:03:00,19) [watchdog/1]
(root,0,0,00:10:51,20) [migration/1]
(root,0,0,00:21:37,21) [ksoftirqd/1]
(root,0,0,00:00:00,23) [kworker/1:0H]
(root,0,0,00:02:58,24) [watchdog/2]
(root,0,0,00:11:24,25) [migration/2]
(root,0,0,00:24:26,26) [ksoftirqd/2]
(root,0,0,00:00:00,28) [kworker/2:0H]
(root,0,0,00:02:57,29) [watchdog/3]
(root,0,0,00:11:01,30) [migration/3]
(root,0,0,00:26:38,31) [ksoftirqd/3]
(root,0,0,00:00:00,33) [kworker/3:0H]
(root,0,0,00:00:00,34) [khelper]
(root,0,0,00:00:00,35) [kdevtmpfs]
(root,0,0,00:00:00,36) [netns]
(root,0,0,00:00:18,37) [khungtaskd]
(root,0,0,00:00:00,38) [writeback]
(root,0,0,00:00:00,39) [ksmd]
(root,0,0,00:06:30,40) [khugepaged]
(root,0,0,00:00:00,41) [crypto]
(root,0,0,00:00:00,42) [kintegrityd]
(root,0,0,00:00:00,43) [bioset]
(root,0,0,00:00:00,44) [kblockd]
(root,0,0,00:00:00,45) [ata_sff]
(root,0,0,00:00:00,46) [khubd]
(root,0,0,00:00:00,47) [md]
(root,0,0,00:00:00,48) [devfreq_wq]
(root,0,0,00:16:10,53) [kswapd0]
(root,0,0,00:00:00,54) [vmstat]
(root,0,0,00:00:00,55) [fsnotify_mark]
(root,0,0,00:00:00,56) [ecryptfs-kthrea]
(root,0,0,00:00:00,68) [kthrotld]
(root,0,0,00:00:00,69) [acpi_thermal_pm]
(root,0,0,00:00:00,70) [scsi_eh_0]
(root,0,0,00:00:00,71) [scsi_tmf_0]
(root,0,0,00:00:00,72) [scsi_eh_1]
(root,0,0,00:00:00,73) [scsi_tmf_1]
(root,0,0,00:00:00,75) [ipv6_addrconf]
(root,0,0,00:00:00,95) [deferwq]
(root,0,0,00:00:00,96) [charger_manager]
(root,0,0,00:00:00,149) [kpsmoused]
(root,0,0,00:00:00,150) [mpt_poll_0]
(root,0,0,00:00:00,154) [mpt/0]
(root,0,0,00:00:00,155) [kworker/0:2]
(root,0,0,00:00:00,156) [scsi_eh_2]
(root,0,0,00:00:00,157) [scsi_tmf_2]
(root,0,0,00:27:28,168) [jbd2/sda2-8]
(root,0,0,00:00:00,169) [ext4-rsv-conver]
(root,19616,540,00:00:00,344) upstart-udev-bridge --daemon
(root,52152,108,00:00:00,364) /lib/systemd/systemd-udevd --daemon
(root,15288,820,00:00:00,399) upstart-file-bridge --daemon
(root,0,0,00:00:00,403) [rpciod]
(syslog,255956,180,05:25:55,407) rsyslogd
(root,0,0,00:00:00,412) [nfsiod]
(root,23492,0,00:00:00,435) rpc.idmapd
(root,0,0,00:00:00,448) [ttm_swap]
(root,23520,852,00:04:10,573) rpcbind
(root,15532,292,00:00:00,655) upstart-socket-bridge --daemon
(statd,21612,0,00:00:00,671) rpc.statd -L
(root,0,0,00:00:00,801) [nfsv4.0-svc]
(root,17316,12,00:00:00,865) /sbin/getty -8 38400 tty4
(root,17316,12,00:00:00,868) /sbin/getty -8 38400 tty5
(root,17316,12,00:00:00,873) /sbin/getty -8 38400 tty2
(root,17316,12,00:00:00,874) /sbin/getty -8 38400 tty3
(root,17316,12,00:00:00,876) /sbin/getty -8 38400 tty6
(root,23664,648,00:03:27,899) cron
(root,4380,0,00:00:00,977) acpid -c /etc/acpi/events -s /var/run/acpid.socket
(root,123384,396,00:04:43,985) ypbind -no-dbus
(daemon,19152,4,00:00:01,1015) atd
(root,19320,1160,01:33:16,1017) /usr/sbin/irqbalance
(root,375180,596,00:06:38,1020) /usr/sbin/automount
(nagios,23472,0,00:00:00,1138) /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
(root,25356,684,00:10:40,1335) /usr/lib/postfix/master
(postfix,27748,1344,00:07:41,1371) qmgr -l -t unix -u
(root,0,0,00:00:00,1435) [kauditd]
(ntp,31472,1860,02:14:44,1537) /usr/sbin/ntpd -p /var/run/ntpd.pid -g -u 107:114
(root,90004,3092,09:03:16,1561) /usr/bin/vmtoolsd
(root,82292,15788,10:42:04,1594) /usr/bin/python /usr/bin/landscape-client --daemon --pid-file /var/run/landscape/landscape-client.pid
(landsca+,1262228,249112,16:27:22,1596) /usr/bin/python /usr/bin/landscape-broker --ignore-sigint --quiet
(landsca+,347900,41424,07:30:06,1597) /usr/bin/python /usr/bin/landscape-monitor --ignore-sigint --quiet
(root,90176,17316,03:09:08,1599) /usr/bin/python /usr/bin/landscape-manager --ignore-sigint --quiet
(root,0,0,00:01:53,1620) [kworker/3:2]
(root,405040,116,00:22:07,1653) /usr/sbin/r1soft/bin/cdp -s -c /usr/sbin/r1soft/conf/agent_config
(root,0,0,00:00:00,1929) [kworker/u8:1]
(root,0,0,00:00:00,5720) [kworker/u8:0]
(postfix,27420,3004,00:00:00,5721) pickup -l -t unix -u -c
(root,0,0,00:01:30,5917) [kworker/1:1]
(root,0,0,00:00:00,6238) [kworker/1:1H]
(root,269940,6728,00:24:23,6743) /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid
(root,61392,5484,00:00:00,7221) sshd: [accepted]    
(postfix,27516,3088,00:00:00,7256) cleanup -z -t unix -u -c
(postfix,27432,2980,00:00:00,7257) trivial-rewrite -n rewrite -t unix -u -c
(postfix,27464,4068,00:00:00,7258) local -t unix
(postfix,42448,4292,00:00:00,7259) smtp -t unix -u -c
(postfix,27448,3048,00:00:00,7260) bounce -z -t unix -u -c
(root,18032,2976,00:00:00,7476) /bin/bash /usr/bin/check_mk_agent
(root,15580,2204,00:00:00,7501) ps ax -o user,vsz,rss,cputime,pid,command --columns 10000
(root,10996,1444,00:00:00,7502) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4,\5) /
(root,15008,596,00:03:45,8829) /usr/sbin/xinetd -dontfork -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6
(root,0,0,00:00:08,12212) [kworker/3:1]
(root,0,0,00:00:00,14070) [kworker/3:1H]
(root,61392,1172,00:02:08,19375) /usr/sbin/sshd -D
(root,17316,12,00:00:00,19491) /sbin/getty -8 38400 tty1
(root,0,0,00:02:50,20012) [kworker/2:0]
(root,0,0,00:00:00,20102) [kworker/0:1H]
(root,0,0,00:23:07,22947) [kworker/0:0]
(root,0,0,00:00:50,25580) [kworker/2:1]
(root,0,0,00:01:44,26247) [kworker/1:2]
(root,222028,8,00:00:00,26525) /usr/bin/python3 /usr/lib/ubuntu-release-upgrader/check-new-release -q
(bind,775896,304444,24-05:12:07,26714) /usr/sbin/named -u bind -S 16384
(root,0,0,00:00:00,28402) [kworker/2:1H]

Found on 2022-09-09 06:37

Host 212.88.128.70

Germany

CheckMK monitoring endpoint publicly available

Domain summary