Apache 2.2.15
tcp/80
The server-status page (usually /server-status
) allows server administrators to find out how well their server is performing.
This is a HTML page that gives the current server statistics such as the server version, up time,cpu, ram, and information about requests made to the server.
This information can be very useful if the application is sent sensitive information as GET requests. If you monitor this page you might be able to find CSRF tokens, API keys, hidden paths, and other sensitive information being sent to the server.
https://medium.com/@ghostlulzhacks/apache-server-status-a70abed83f5a
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb310450903104509031a44503ff
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Tuesday, 30-Apr-2024 20:52:37 CEST Restart Time: Tuesday, 30-Apr-2024 04:29:04 CEST Parent Server Generation: 95 Server uptime: 16 hours 23 minutes 33 seconds Total accesses: 2994 - Total Traffic: 8.9 MB CPU Usage: u289.48 s12.09 cu0 cs0 - .511% CPU load .0507 requests/sec - 158 B/second - 3122 B/request 3 requests currently being processed, 2 idle workers .W..C.._.....C._................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-95-0/0/742. 6.02991900.00.002.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 1-95171750/98/884W 32.85000.00.232.41 64.23.218.208smtp110.ext.armada.itGET /server-status HTTP/1.1 2-95-0/0/480. 0.011145400.00.001.64 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 3-95-0/0/12. 0.011145300.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 4-9599231/130/134C 56.420230.00.320.32 64.23.218.208smtp110.ext.armada.itGET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 5-95-0/0/88. 29.141144700.00.000.23 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 6-95-0/0/81. 9.531145000.00.000.29 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 7-9599240/129/132_ 39.600110.00.360.36 64.23.218.208smtp110.ext.armada.itGET /server HTTP/1.1 8-95-0/0/86. 20.631144600.00.000.52 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 9-95-0/0/83. 25.761144900.00.000.27 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 10-95-0/0/5. 0.061145200.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 11-95-0/0/4. 0.041144400.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 12-95-0/0/2. 0.011144800.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 13-9599281/127/127C 38.031240.00.490.49 64.23.218.208smtp110.ext.armada.itGET /about HTTP/1.1 14-95-0/0/1. 0.001145900.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 15-9599300/129/129_ 43.460250.00.400.40 64.23.218.208smtp110.ext.armada.itGET /.vscode/sftp.json HTTP/1.1 16-95-0/0/1. 0.001145800.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 17-95-0/0/1. 0.001145700.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 18-95-0/0/1. 0.001145600.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 19-95-0/0/1. 0.001145500.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31045090310450903137d3b411
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Sunday, 28-Apr-2024 19:46:39 CEST Restart Time: Sunday, 28-Apr-2024 03:42:06 CEST Parent Server Generation: 93 Server uptime: 16 hours 4 minutes 33 seconds Total accesses: 2983 - Total Traffic: 8.5 MB CPU Usage: u666.02 s23.75 cu0 cs0 - 1.19% CPU load .0515 requests/sec - 154 B/second - 2988 B/request 5 requests currently being processed, 1 idle workers CCCCW_.......................................................... ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-93265651/1034/1034C 251.151920.42.822.82 159.65.18.197smtp110.ext.armada.itGET /server HTTP/1.1 1-93265661/1021/1021C 239.251150.03.093.09 159.65.18.197smtp110.ext.armada.itGET /about HTTP/1.1 2-9351361/925/925C 199.311150.02.602.60 159.65.18.197smtp110.ext.armada.itGET /.vscode/sftp.json HTTP/1.1 3-9320231/3/3C 0.060160.00.000.00 159.65.18.197smtp110.ext.armada.itGET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 4-9320300/0/0W 0.00000.00.000.00 159.65.18.197smtp110.ext.armada.itGET /server-status HTTP/1.1 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb310450903104509031f03192aa
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Wednesday, 24-Apr-2024 02:37:21 CEST Restart Time: Tuesday, 23-Apr-2024 03:15:12 CEST Parent Server Generation: 88 Server uptime: 23 hours 22 minutes 8 seconds Total accesses: 5437 - Total Traffic: 13.6 MB CPU Usage: u1421.53 s62.2 cu0 cs0 - 1.76% CPU load .0646 requests/sec - 168 B/second - 2614 B/request 5 requests currently being processed, 1 idle workers CWCCC_.......................................................... ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-88216301/1174/1174C 344.630150.02.862.86 164.92.244.132smtp110.ext.armada.itGET /about HTTP/1.1 1-88216310/1163/1163W 298.27000.03.193.19 164.92.244.132smtp110.ext.armada.itGET /server-status HTTP/1.1 2-88216671/1175/1175C 329.440200.02.932.93 164.92.244.132smtp110.ext.armada.itGET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 3-88280791/995/995C 274.181260.42.452.45 164.92.244.132smtp110.ext.armada.itGET /server HTTP/1.1 4-8888241/830/834C 237.121160.01.881.89 164.92.244.132smtp110.ext.armada.itGET /.vscode/sftp.json HTTP/1.1 5-8849180/0/94_ 0.05000.00.000.22 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 6-88-0/0/2. 0.043345700.00.000.01 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb310450903104509031d18d1868
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Thursday, 18-Apr-2024 20:19:14 CEST Restart Time: Thursday, 18-Apr-2024 03:14:04 CEST Parent Server Generation: 83 Server uptime: 17 hours 5 minutes 10 seconds Total accesses: 3256 - Total Traffic: 9.1 MB CPU Usage: u892.34 s34.85 cu0 cs0 - 1.51% CPU load .0529 requests/sec - 154 B/second - 2927 B/request 5 requests currently being processed, 0 idle workers CW.CC.C......................................................... ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-83228061/930/930C 264.120200.02.622.62 159.89.12.166smtp110.ext.armada.itGET /.vscode/sftp.json HTTP/1.1 1-83228070/971/971W 291.38000.02.622.62 159.89.12.166smtp110.ext.armada.itGET /server-status HTTP/1.1 2-83-0/0/919. 278.664500.00.002.73 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 3-83175731/425/425C 92.860180.01.121.12 159.89.12.166smtp110.ext.armada.itGET /about HTTP/1.1 4-83119091/5/5C 0.100150.00.010.01 159.89.12.166smtp110.ext.armada.itGET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 5-83-0/0/2. 0.034400.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 6-83119171/3/3C 0.04000.40.000.00 159.89.12.166smtp110.ext.armada.itGET /server HTTP/1.1 7-83-0/0/1. 0.004600.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb3104509031045090319834583c
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Wednesday, 10-Apr-2024 16:11:26 CEST Restart Time: Wednesday, 10-Apr-2024 03:12:02 CEST Parent Server Generation: 75 Server uptime: 12 hours 59 minutes 24 seconds Total accesses: 2246 - Total Traffic: 6.1 MB CPU Usage: u779.72 s33.22 cu0 cs0 - 1.74% CPU load .048 requests/sec - 135 B/second - 2828 B/request 5 requests currently being processed, 1 idle workers CCCCW_.......................................................... ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-75315931/860/860C 286.041160.02.232.23 96.126.110.181smtp110.ext.armada.itGET /about HTTP/1.1 1-75315941/859/859C 300.771150.02.352.35 96.126.110.181smtp110.ext.armada.itGET /.vscode/sftp.json HTTP/1.1 2-75197891/524/524C 226.07100.41.481.48 96.126.110.181smtp110.ext.armada.itGET /server HTTP/1.1 3-7535631/3/3C 0.060210.00.000.00 96.126.110.181smtp110.ext.armada.itGET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 4-7535660/0/0W 0.00000.00.000.00 96.126.110.181smtp110.ext.armada.itGET /server-status HTTP/1.1 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb310450903104509031353d7664
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Thursday, 21-Mar-2024 10:42:50 CET Restart Time: Thursday, 21-Mar-2024 03:13:01 CET Parent Server Generation: 55 Server uptime: 7 hours 29 minutes 48 seconds Total accesses: 2071 - Total Traffic: 5.2 MB CPU Usage: u366.04 s16.63 cu0 cs0 - 1.42% CPU load .0767 requests/sec - 202 B/second - 2644 B/request 5 requests currently being processed, 0 idle workers CCCCW........................................................... ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-55293851/490/490C 112.111260.01.241.24 46.101.111.185smtp110.ext.armada.itGET /about HTTP/1.1 1-55293861/559/559C 100.631290.01.751.75 46.101.111.185smtp110.ext.armada.itGET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 2-55294481/552/552C 113.041270.01.301.30 46.101.111.185smtp110.ext.armada.itGET /.vscode/sftp.json HTTP/1.1 3-5525091/470/470C 56.89110.40.940.94 46.101.111.185smtp110.ext.armada.itGET /server HTTP/1.1 4-55200520/0/0W 0.00000.00.000.00 46.101.111.185smtp110.ext.armada.itGET /server-status HTTP/1.1 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb3104509031045090319e163796
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Friday, 08-Mar-2024 05:20:19 CET Restart Time: Friday, 08-Mar-2024 03:08:01 CET Parent Server Generation: 42 Server uptime: 2 hours 12 minutes 17 seconds Total accesses: 482 - Total Traffic: 1.1 MB CPU Usage: u65.42 s2.7 cu0 cs0 - .858% CPU load .0607 requests/sec - 140 B/second - 2317 B/request 3 requests currently being processed, 2 idle workers ._..CC_W........................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-42-0/0/80. 0.078700.00.000.17 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 1-42204160/3/132_ 3.25000.00.000.32 139.59.231.238smtp110.ext.armada.itGET /server HTTP/1.1 2-42-0/0/73. 10.508900.00.000.14 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 3-42-0/0/58. 14.418800.00.000.16 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 4-42258621/56/56C 11.601240.00.120.12 139.59.231.238smtp110.ext.armada.itGET /about HTTP/1.1 5-42258631/69/69C 27.070210.00.130.13 139.59.231.238smtp110.ext.armada.itGET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 6-42204170/4/6_ 1.100180.00.010.02 139.59.231.238smtp110.ext.armada.itGET /.vscode/sftp.json HTTP/1.1 7-42194810/8/8W 0.12000.00.010.01 139.59.231.238smtp110.ext.armada.itGET /server-status HTTP/1.1 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb310450903104509031abda25b5
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Thursday, 07-Mar-2024 18:27:27 CET Restart Time: Thursday, 07-Mar-2024 03:37:01 CET Parent Server Generation: 41 Server uptime: 14 hours 50 minutes 26 seconds Total accesses: 2655 - Total Traffic: 7.4 MB CPU Usage: u787.77 s28.13 cu0 cs0 - 1.53% CPU load .0497 requests/sec - 145 B/second - 2932 B/request 5 requests currently being processed, 0 idle workers WCC.CC.......................................................... ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-41285420/693/693W 219.62000.01.881.88 162.243.184.251smtp110.ext.armada.itGET /server-status HTTP/1.1 1-41285431/701/701C 256.310280.02.002.00 162.243.184.251smtp110.ext.armada.itGET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 2-4118191/8/310C 3.511190.00.010.77 162.243.184.251smtp110.ext.armada.itGET /.vscode/sftp.json HTTP/1.1 3-41-0/0/403. 136.0470600.00.001.12 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 4-41204191/399/399C 133.91100.41.141.14 162.243.184.251smtp110.ext.armada.itGET /server HTTP/1.1 5-41304141/147/149C 66.511170.00.510.51 162.243.184.251smtp110.ext.armada.itGET /about HTTP/1.1 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb310450903104509031a190bfe4
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Wednesday, 06-Mar-2024 20:23:40 CET Restart Time: Wednesday, 06-Mar-2024 03:41:03 CET Parent Server Generation: 40 Server uptime: 16 hours 42 minutes 36 seconds Total accesses: 2970 - Total Traffic: 8.5 MB CPU Usage: u1042.01 s40.69 cu0 cs0 - 1.8% CPU load .0494 requests/sec - 147 B/second - 2983 B/request 4 requests currently being processed, 0 idle workers CCWC............................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-40222531/1021/1021C 402.661160.02.892.89 162.243.161.105smtp110.ext.armada.itGET /about HTTP/1.1 1-40222541/1023/1023C 374.971260.03.093.09 162.243.161.105smtp110.ext.armada.itGET /.vscode/sftp.json HTTP/1.1 2-40132340/923/923W 305.01000.02.472.47 162.243.161.105smtp110.ext.armada.itGET /server-status HTTP/1.1 3-4052771/3/3C 0.060170.00.000.00 162.243.161.105smtp110.ext.armada.itGET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31045090310450903179e5bf46
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Sunday, 03-Mar-2024 15:24:12 CET Restart Time: Sunday, 03-Mar-2024 03:45:02 CET Parent Server Generation: 37 Server uptime: 11 hours 39 minutes 10 seconds Total accesses: 1880 - Total Traffic: 5.0 MB CPU Usage: u542.95 s18.53 cu0 cs0 - 1.34% CPU load .0448 requests/sec - 124 B/second - 2770 B/request 4 requests currently being processed, 1 idle workers CCW_.C.......................................................... ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-37196511/556/556C 190.601220.01.461.46 64.227.126.135smtp110.ext.armada.itGET /about HTTP/1.1 1-37196521/554/554C 169.980270.01.401.40 64.227.126.135smtp110.ext.armada.itGET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 2-375820/482/482W 117.25000.01.301.30 64.227.126.135smtp110.ext.armada.itGET /server-status HTTP/1.1 3-3718370/158/158_ 55.06010.00.400.40 64.227.126.135smtp110.ext.armada.itGET /server HTTP/1.1 4-37-0/0/5. 0.111450700.00.000.02 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 5-37134571/125/125C 28.481260.00.380.38 64.227.126.135smtp110.ext.armada.itGET /.vscode/sftp.json HTTP/1.1 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb310450903104509031f5d1fcff
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Friday, 01-Mar-2024 09:04:41 CET Restart Time: Friday, 01-Mar-2024 03:12:01 CET Parent Server Generation: 35 Server uptime: 5 hours 52 minutes 39 seconds Total accesses: 1020 - Total Traffic: 2.6 MB CPU Usage: u270.62 s10.1 cu0 cs0 - 1.33% CPU load .0482 requests/sec - 131 B/second - 2719 B/request 3 requests currently being processed, 1 idle workers _WCC............................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-35281720/341/341_ 70.090250.00.890.89 146.190.64.200smtp110.ext.armada.itGET /.vscode/sftp.json HTTP/1.1 1-35281730/334/334W 126.48000.00.810.81 146.190.64.200smtp110.ext.armada.itGET /server-status HTTP/1.1 2-35284021/342/342C 84.091250.00.940.94 146.190.64.200smtp110.ext.armada.itGET /about HTTP/1.1 3-35242131/3/3C 0.060210.00.000.00 146.190.64.200smtp110.ext.armada.itGET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb310450903104509031cca42328
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Tuesday, 20-Feb-2024 04:26:06 CET Restart Time: Tuesday, 20-Feb-2024 03:44:01 CET Parent Server Generation: 25 Server uptime: 42 minutes 4 seconds Total accesses: 158 - Total Traffic: 301 kB CPU Usage: u37.13 s1.56 cu0 cs0 - 1.53% CPU load .0626 requests/sec - 122 B/second - 1950 B/request 4 requests currently being processed, 1 idle workers CCCW_........................................................... ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-2556731/79/79C 21.341180.00.160.16 162.243.161.105smtp110.ext.armada.itGET /about HTTP/1.1 1-2556741/76/76C 17.271260.00.140.14 162.243.161.105smtp110.ext.armada.itGET /.vscode/sftp.json HTTP/1.1 2-25178691/3/3C 0.080180.00.000.00 162.243.161.105smtp110.ext.armada.itGET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 3-25178720/0/0W 0.00000.00.000.00 162.243.161.105smtp110.ext.armada.itGET /server-status HTTP/1.1 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb3104509031045090314d5f1acd
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Thursday, 15-Feb-2024 19:52:49 CET Restart Time: Thursday, 15-Feb-2024 03:51:02 CET Parent Server Generation: 20 Server uptime: 16 hours 1 minute 47 seconds Total accesses: 2795 - Total Traffic: 7.8 MB CPU Usage: u747.76 s23.54 cu0 cs0 - 1.34% CPU load .0484 requests/sec - 141 B/second - 2915 B/request 4 requests currently being processed, 1 idle workers _CC.WC.......................................................... ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-20188590/808/808_ 194.450130.02.282.28 143.42.118.5smtp110.ext.armada.itGET /v2/_catalog HTTP/1.1 1-20188601/797/797C 262.251140.02.192.19 143.42.118.5smtp110.ext.armada.itGET /about HTTP/1.1 2-20283211/762/762C 205.660130.02.162.16 143.42.118.5smtp110.ext.armada.itGET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 3-20-0/0/10. 0.322033700.00.000.01 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 4-20326610/207/207W 57.49000.00.530.53 143.42.118.5smtp110.ext.armada.itGET /server-status HTTP/1.1 5-20326621/210/210C 51.131140.00.600.60 143.42.118.5smtp110.ext.armada.itGET /.vscode/sftp.json HTTP/1.1 6-20-0/0/1. 0.002033800.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb3104509031045090315aa1e452
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Wednesday, 14-Feb-2024 13:42:40 CET Restart Time: Wednesday, 14-Feb-2024 03:44:02 CET Parent Server Generation: 19 Server uptime: 9 hours 58 minutes 38 seconds Total accesses: 1904 - Total Traffic: 5.6 MB CPU Usage: u417.97 s13.97 cu0 cs0 - 1.2% CPU load .053 requests/sec - 163 B/second - 3091 B/request 4 requests currently being processed, 1 idle workers C_WCC........................................................... ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-1991601/530/530C 105.230140.01.551.55 207.154.240.169smtp110.ext.armada.itGET /about HTTP/1.1 1-1991610/497/497_ 122.130130.01.361.36 207.154.240.169smtp110.ext.armada.itGET /v2/_catalog HTTP/1.1 2-1968370/399/399W 89.14000.00.930.93 207.154.240.169smtp110.ext.armada.itGET /server-status HTTP/1.1 3-1971221/337/337C 82.560130.01.351.35 207.154.240.169smtp110.ext.armada.itGET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 4-1914841/141/141C 32.880140.00.420.42 207.154.240.169smtp110.ext.armada.itGET /.vscode/sftp.json HTTP/1.1 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31045090310450903172393db1
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Thursday, 01-Feb-2024 18:03:23 CET Restart Time: Thursday, 01-Feb-2024 04:19:01 CET Parent Server Generation: 6 Server uptime: 13 hours 44 minutes 21 seconds Total accesses: 2282 - Total Traffic: 6.1 MB CPU Usage: u611.35 s19.1 cu0 cs0 - 1.27% CPU load .0461 requests/sec - 129 B/second - 2812 B/request 4 requests currently being processed, 1 idle workers CC_CW........................................................... ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-666261/625/625C 198.980160.01.841.84 138.68.133.118smtp110.ext.armada.itGET /.vscode/sftp.json HTTP/1.1 1-666271/619/619C 149.550180.01.561.56 138.68.133.118smtp110.ext.armada.itGET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 2-6158330/575/575_ 147.790150.01.641.64 138.68.133.118smtp110.ext.armada.itGET /v2/_catalog HTTP/1.1 3-6141961/446/446C 130.840140.01.051.05 138.68.133.118smtp110.ext.armada.itGET /about HTTP/1.1 4-65150/15/15W 3.26000.00.030.03 138.68.133.118smtp110.ext.armada.itGET /server-status HTTP/1.1 5-6-0/0/2. 0.03123900.00.000.01 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb310450903104509031f2dbc6a9
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Saturday, 27-Jan-2024 13:49:22 CET Restart Time: Saturday, 27-Jan-2024 03:49:02 CET Parent Server Generation: 1 Server uptime: 10 hours 19 seconds Total accesses: 1840 - Total Traffic: 6.1 MB CPU Usage: u448.51 s14.39 cu0 cs0 - 1.29% CPU load .0511 requests/sec - 178 B/second - 3491 B/request 4 requests currently being processed, 1 idle workers WCCC_........................................................... ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-1180640/530/530W 128.51000.01.861.86 159.203.182.222smtp110.ext.armada.itGET /server-status HTTP/1.1 1-1180651/525/525C 111.531150.01.551.55 159.203.182.222smtp110.ext.armada.itGET /about HTTP/1.1 2-1210991/318/318C 101.580230.01.011.01 159.203.182.222smtp110.ext.armada.itGET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 3-1130831/229/229C 68.171150.00.860.86 159.203.182.222smtp110.ext.armada.itGET /.vscode/sftp.json HTTP/1.1 4-1130920/234/234_ 53.110180.00.850.85 159.203.182.222smtp110.ext.armada.itGET /v2/_catalog HTTP/1.1 5-1-0/0/3. 0.00527500.00.000.01 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 6-1-0/0/1. 0.002259600.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31045090310450903103c86ba0
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Wednesday, 17-Jan-2024 10:55:03 CET Restart Time: Wednesday, 17-Jan-2024 03:23:01 CET Parent Server Generation: 267 Server uptime: 7 hours 32 minutes 2 seconds Total accesses: 1371 - Total Traffic: 4.5 MB CPU Usage: u295.96 s9.26 cu0 cs0 - 1.13% CPU load .0505 requests/sec - 174 B/second - 3459 B/request 5 requests currently being processed, 1 idle workers CWCCW_.......................................................... ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-26772511/652/652C 143.541150.02.542.54 128.199.61.251smtp110.ext.armada.itGET /about HTTP/1.1 1-26772520/652/652W 150.10200.01.801.80 127.0.0.1smtp110.ext.armada.itGET /parser/ HTTP/1.1 2-267140131/64/64C 11.531150.00.180.18 128.199.61.251smtp110.ext.armada.itGET /.vscode/sftp.json HTTP/1.1 3-26714851/3/3C 0.050160.00.000.00 128.199.61.251smtp110.ext.armada.itGET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 4-26714870/0/0W 0.00000.00.000.00 128.199.61.251smtp110.ext.armada.itGET /server-status HTTP/1.1 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31045090310450903161490013
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Sunday, 07-Jan-2024 00:04:08 CET Restart Time: Saturday, 06-Jan-2024 03:18:01 CET Parent Server Generation: 256 Server uptime: 20 hours 46 minutes 6 seconds Total accesses: 4302 - Total Traffic: 10.6 MB CPU Usage: u328.12 s10.39 cu0 cs0 - .453% CPU load .0575 requests/sec - 147 B/second - 2572 B/request 4 requests currently being processed, 1 idle workers W_....C...CC.................................................... ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-256223830/194/889W 28.77000.00.512.07 139.144.150.205smtp110.ext.armada.itGET /server-status HTTP/1.1 1-256185590/42/757_ 12.770210.00.111.63 139.144.150.205smtp110.ext.armada.itGET /v2/_catalog HTTP/1.1 2-256-0/0/794. 0.02198200.00.001.66 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 3-256-0/0/534. 0.001656900.00.001.33 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 4-256-0/0/341. 46.761657100.00.000.87 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 5-256-0/0/232. 64.09339400.00.000.88 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 6-256260381/180/184C 50.580160.00.440.45 139.144.150.205smtp110.ext.armada.itGET /about HTTP/1.1 7-256-0/0/10. 0.001657300.00.000.06 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 8-256-0/0/4. 0.001657600.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 9-256-0/0/107. 37.421657000.00.000.35 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 10-256127191/278/278C 59.100140.00.840.84 139.144.150.205smtp110.ext.armada.itGET /.vscode/sftp.json HTTP/1.1 11-256260411/171/172C 39.000200.00.420.42 139.144.150.205smtp110.ext.armada.itGET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31045090310450903124280a1c
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Friday, 05-Jan-2024 15:47:59 CET Restart Time: Friday, 05-Jan-2024 03:47:01 CET Parent Server Generation: 255 Server uptime: 12 hours 57 seconds Total accesses: 2154 - Total Traffic: 6.9 MB CPU Usage: u469.59 s14.64 cu0 cs0 - 1.12% CPU load .0498 requests/sec - 168 B/second - 3382 B/request 4 requests currently being processed, 1 idle workers C.WC_C.......................................................... ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-255213241/606/606C 160.890150.01.961.96 161.35.27.144smtp110.ext.armada.itGET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 1-255-0/0/600. 158.7522800.00.001.63 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 2-25595020/4/467W 0.08000.00.011.63 161.35.27.144smtp110.ext.armada.itGET /server-status HTTP/1.1 3-255218391/220/220C 62.180140.00.960.96 161.35.27.144smtp110.ext.armada.itGET /about HTTP/1.1 4-255287200/41/42_ 4.220160.00.210.21 161.35.27.144smtp110.ext.armada.itGET /v2/_catalog HTTP/1.1 5-255218441/219/219C 98.110160.00.560.56 161.35.27.144smtp110.ext.armada.itGET /.vscode/sftp.json HTTP/1.1 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb310450903104509031964fdfb7
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Saturday, 23-Dec-2023 20:26:32 CET Restart Time: Saturday, 23-Dec-2023 03:30:01 CET Parent Server Generation: 242 Server uptime: 16 hours 56 minutes 31 seconds Total accesses: 2765 - Total Traffic: 7.8 MB CPU Usage: u700.3 s21.04 cu0 cs0 - 1.18% CPU load .0453 requests/sec - 134 B/second - 2975 B/request 4 requests currently being processed, 1 idle workers .WC..C_C........................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-242-0/0/827. 233.1463400.00.002.26 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 1-242232710/829/829W 199.96000.02.252.25 159.89.83.196smtp110.ext.armada.itGET /server-status HTTP/1.1 2-242168191/687/687C 175.741170.02.132.13 159.89.83.196smtp110.ext.armada.itGET /about HTTP/1.1 3-242-0/0/244. 66.4463200.00.000.74 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 4-242-0/0/152. 41.8763300.00.000.42 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 5-24299751/9/9C 3.580220.00.020.02 159.89.83.196smtp110.ext.armada.itGET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 6-24299780/9/9_ 0.490220.00.020.02 159.89.83.196smtp110.ext.armada.itGET /v2/_catalog HTTP/1.1 7-24299791/8/8C 0.121200.00.010.01 159.89.83.196smtp110.ext.armada.itGET /.vscode/sftp.json HTTP/1.1 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31045090310450903137d29dc3
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Thursday, 14-Dec-2023 19:36:02 CET Restart Time: Thursday, 14-Dec-2023 03:28:01 CET Parent Server Generation: 233 Server uptime: 16 hours 8 minutes Total accesses: 3125 - Total Traffic: 11.0 MB CPU Usage: u733.52 s23.48 cu0 cs0 - 1.3% CPU load .0538 requests/sec - 197 B/second - 3677 B/request 4 requests currently being processed, 1 idle workers C._WC.C......................................................... ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-23334541/818/818C 209.691200.02.552.55 104.236.193.132smtp110.ext.armada.itGET /.vscode/sftp.json HTTP/1.1 1-233-0/0/682. 130.981366100.00.002.50 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 2-233241700/694/694_ 198.090160.02.172.17 104.236.193.132smtp110.ext.armada.itGET /v2/_catalog HTTP/1.1 3-233194680/402/402W 80.10000.01.571.57 104.236.193.132smtp110.ext.armada.itGET /server-status HTTP/1.1 4-233198831/378/378C 98.950180.01.581.58 104.236.193.132smtp110.ext.armada.itGET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 5-233-0/0/11. 0.001366000.00.000.05 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 6-233161321/140/140C 39.191210.00.540.54 104.236.193.132smtp110.ext.armada.itGET /about HTTP/1.1 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb310450903104509031930818bd
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Monday, 11-Dec-2023 12:37:26 CET Restart Time: Monday, 11-Dec-2023 03:43:01 CET Parent Server Generation: 230 Server uptime: 8 hours 54 minutes 24 seconds Total accesses: 1593 - Total Traffic: 4.5 MB CPU Usage: u433.67 s13.83 cu0 cs0 - 1.4% CPU load .0497 requests/sec - 147 B/second - 2968 B/request 4 requests currently being processed, 1 idle workers C.CC_..W........................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-230267431/526/526C 129.051130.01.591.59 162.243.186.177smtp110.ext.armada.itGET /.vscode/sftp.json HTTP/1.1 1-230-0/0/515. 171.22157900.00.001.54 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 2-23085151/438/438C 122.410190.01.121.12 162.243.186.177smtp110.ext.armada.itGET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 3-23071351/18/23C 3.511130.00.040.05 162.243.186.177smtp110.ext.armada.itGET /about HTTP/1.1 4-23075370/17/20_ 1.260140.00.050.05 162.243.186.177smtp110.ext.armada.itGET /v2/_catalog HTTP/1.1 5-230-0/0/2. 0.02344100.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 6-230-0/0/2. 0.02344300.00.000.01 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 7-230311970/42/42W 10.02000.00.110.11 162.243.186.177smtp110.ext.armada.itGET /server-status HTTP/1.1 8-230-0/0/1. 0.00344400.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 9-230-0/0/24. 9.99165000.00.000.04 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb310450903104509031d1c3e075
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Thursday, 16-Nov-2023 18:28:21 CET Restart Time: Thursday, 16-Nov-2023 03:35:01 CET Parent Server Generation: 205 Server uptime: 14 hours 53 minutes 20 seconds Total accesses: 3193 - Total Traffic: 8.7 MB CPU Usage: u461.73 s15.45 cu0 cs0 - .89% CPU load .0596 requests/sec - 170 B/second - 2869 B/request 4 requests currently being processed, 1 idle workers CWC.C_.......................................................... ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-205257531/819/819C 211.170150.02.412.41 165.232.76.155smtp110.ext.armada.itGET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 1-205257540/769/769W 170.20000.02.092.09 165.232.76.155smtp110.ext.armada.itGET /server-status HTTP/1.1 2-205304591/46/739C 7.930150.00.052.16 165.232.76.155smtp110.ext.armada.itGET /.vscode/sftp.json HTTP/1.1 3-205-0/0/413. 0.03223600.00.001.05 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 4-205136751/380/380C 76.660160.00.940.94 165.232.76.155smtp110.ext.armada.itGET /about HTTP/1.1 5-205261080/68/70_ 11.170150.00.070.08 165.232.76.155smtp110.ext.armada.itGET /v2/_catalog HTTP/1.1 6-205-0/0/2. 0.02321400.00.000.01 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 7-205-0/0/1. 0.00321500.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb310450903104509031ca143aec
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Thursday, 09-Nov-2023 07:23:14 CET Restart Time: Thursday, 09-Nov-2023 03:51:15 CET Parent Server Generation: 198 Server uptime: 3 hours 31 minutes 58 seconds Total accesses: 619 - Total Traffic: 1.6 MB CPU Usage: u129.53 s4.06 cu0 cs0 - 1.05% CPU load .0487 requests/sec - 129 B/second - 2656 B/request 4 requests currently being processed, 0 idle workers CCWC............................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-198202801/176/176C 31.381160.00.410.41 104.236.193.132smtp110.ext.armada.itGET /.vscode/sftp.json HTTP/1.1 1-198202811/177/177C 28.531140.00.450.45 104.236.193.132smtp110.ext.armada.itGET /about HTTP/1.1 2-198287050/138/138W 43.85000.00.400.40 104.236.193.132smtp110.ext.armada.itGET /server-status HTTP/1.1 3-198287281/128/128C 29.830140.00.310.31 104.236.193.132smtp110.ext.armada.itGET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb310450903104509031d1692f35
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Sunday, 05-Nov-2023 21:42:48 CET Restart Time: Sunday, 05-Nov-2023 03:09:02 CET Parent Server Generation: 194 Server uptime: 18 hours 33 minutes 46 seconds Total accesses: 4388 - Total Traffic: 10.1 MB CPU Usage: u168.45 s6.28 cu0 cs0 - .261% CPU load .0657 requests/sec - 158 B/second - 2416 B/request 4 requests currently being processed, 1 idle workers _CCC....W....................................................... ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-19484950/14/926_ 0.250150.00.042.32 74.207.237.114smtp110.ext.armada.itGET /v2/_catalog HTTP/1.1 1-194238201/939/939C 154.870150.02.042.04 74.207.237.114smtp110.ext.armada.itGET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 2-19488851/9/855C 2.981170.00.022.10 74.207.237.114smtp110.ext.armada.itGET /about HTTP/1.1 3-19484991/14/504C 3.041140.00.020.99 74.207.237.114smtp110.ext.armada.itGET /.vscode/sftp.json HTTP/1.1 4-194-0/0/484. 9.1185500.00.000.95 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 5-194-0/0/289. 0.0876200.00.000.85 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 6-194-0/0/341. 3.5985400.00.000.79 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 7-194-0/0/7. 0.08253900.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 8-1944660/43/43W 0.73000.00.080.08 74.207.237.114smtp110.ext.armada.itGET /server-status HTTP/1.1 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb310450903104509031580c7a3f
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Thursday, 04-May-2023 13:47:37 CEST Restart Time: Thursday, 04-May-2023 04:33:02 CEST Parent Server Generation: 9 Server uptime: 9 hours 14 minutes 35 seconds Total accesses: 1562 - Total Traffic: 5.2 MB CPU Usage: u497.57 s17.46 cu0 cs0 - 1.55% CPU load .0469 requests/sec - 162 B/second - 3458 B/request 6 requests currently being processed, 0 idle workers CCCCCW.......................................................... ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-9255541/566/566C 192.711130.01.631.63 165.232.76.155smtp110.ext.armada.itGET /.git/config HTTP/1.1 1-9255551/570/570C 172.211140.01.911.91 165.232.76.155smtp110.ext.armada.itGET /info.php HTTP/1.1 2-983321/424/424C 150.081140.01.611.61 165.232.76.155smtp110.ext.armada.itGET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 3-9291251/1/1C 0.011190.00.000.00 165.232.76.155smtp110.ext.armada.itGET /telescope/requests HTTP/1.1 4-9291261/1/1C 0.020310.00.000.00 165.232.76.155smtp110.ext.armada.itGET /.env HTTP/1.1 5-9291270/0/0W 0.00000.00.000.00 165.232.76.155smtp110.ext.armada.itGET /server-status HTTP/1.1 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb310450903104509031a4b5d446
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Tuesday, 11-Apr-2023 03:07:19 CEST Restart Time: Monday, 10-Apr-2023 03:44:01 CEST Parent Server Generation: 521 Server uptime: 23 hours 23 minutes 18 seconds Total accesses: 4297 - Total Traffic: 10.3 MB CPU Usage: u495.24 s19.98 cu0 cs0 - .612% CPU load .051 requests/sec - 128 B/second - 2511 B/request 5 requests currently being processed, 0 idle workers .C.WWW.C........................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-521-0/0/812. 0.013005700.00.001.92 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 1-521229671/464/1163C 98.400160.01.202.90 45.55.193.222smtp110.ext.armada.itGET /info.php HTTP/1.1 2-521-0/0/606. 23.083005800.00.001.34 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 3-521129590/271/394W 84.78000.00.710.91 45.55.193.222smtp110.ext.armada.itGET /.DS_Store HTTP/1.1 4-521229140/483/483W 112.57000.01.141.14 45.55.193.222smtp110.ext.armada.itGET /.env HTTP/1.1 5-521129600/272/389W 102.33000.00.650.86 45.55.193.222smtp110.ext.armada.itGET /server-status HTTP/1.1 6-521-0/0/90. 21.413005900.00.000.25 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 7-521152221/360/360C 72.640150.00.960.96 45.55.193.222smtp110.ext.armada.itGET /.git/config HTTP/1.1 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31045090310450903125503a2b
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Saturday, 18-Mar-2023 06:59:48 CET Restart Time: Saturday, 18-Mar-2023 03:09:02 CET Parent Server Generation: 498 Server uptime: 3 hours 50 minutes 46 seconds Total accesses: 658 - Total Traffic: 2.0 MB CPU Usage: u184.34 s7.73 cu0 cs0 - 1.39% CPU load .0475 requests/sec - 149 B/second - 3152 B/request 10 requests currently being processed, 0 idle workers CCCCCCCWCC...................................................... ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-49847441/255/255C 55.230250.00.640.64 139.144.96.150smtp110.ext.armada.itGET /info.php HTTP/1.1 1-49847451/253/253C 83.500380.00.770.77 139.144.96.150smtp110.ext.armada.itGET /.DS_Store HTTP/1.1 2-498201391/142/142C 53.190356.00.560.56 139.144.96.150smtp110.ext.armada.itGET /?rest_route=/wp/v2/users/ HTTP/1.1 3-498146701/2/2C 0.051180.00.010.01 139.144.96.150smtp110.ext.armada.itGET /.vscode/sftp.json HTTP/1.1 4-498146711/2/2C 0.040240.00.000.00 139.144.96.150smtp110.ext.armada.itGET /api/search?folderIds=0 HTTP/1.1 5-498146721/1/1C 0.0207390.00.000.00 139.144.96.150smtp110.ext.armada.itGET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 6-498146731/1/1C 0.020360.00.000.00 139.144.96.150smtp110.ext.armada.itGET /telescope/requests HTTP/1.1 7-498146740/0/0W 0.00000.00.000.00 139.144.96.150smtp110.ext.armada.itGET /server-status HTTP/1.1 8-498146751/1/1C 0.010250.00.000.00 139.144.96.150smtp110.ext.armada.itGET /config.json HTTP/1.1 9-498146761/1/1C 0.010250.00.000.00 139.144.96.150smtp110.ext.armada.itGET /v2/_catalog HTTP/1.1 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb3104509031045090312d319f23
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Friday, 03-Mar-2023 07:32:51 CET Restart Time: Friday, 03-Mar-2023 03:32:02 CET Parent Server Generation: 483 Server uptime: 4 hours 49 seconds Total accesses: 724 - Total Traffic: 2.4 MB CPU Usage: u174.79 s7.58 cu0 cs0 - 1.26% CPU load .0501 requests/sec - 171 B/second - 3414 B/request 6 requests currently being processed, 0 idle workers CCW..CCC........................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-483205861/315/315C 81.660446.00.880.88 143.42.118.45smtp110.ext.armada.itGET / HTTP/1.1 1-483205871/319/319C 95.520210.01.081.08 143.42.118.45smtp110.ext.armada.itGET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 2-483259640/0/3W 0.06000.00.000.01 143.42.118.45smtp110.ext.armada.itGET /server-status HTTP/1.1 3-483-0/0/2. 0.02162800.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 4-483-0/0/3. 0.06162700.00.000.01 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 5-483215361/27/27C 0.720260.00.090.09 143.42.118.45smtp110.ext.armada.itGET /debug/default/view?panel=config HTTP/1.1 6-483215371/26/26C 3.960346.00.170.17 143.42.118.45smtp110.ext.armada.itGET /?rest_route=/wp/v2/users/ HTTP/1.1 7-483215381/27/27C 0.360320.00.130.13 143.42.118.45smtp110.ext.armada.itGET /.env HTTP/1.1 8-483-0/0/2. 0.01163000.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31045090310450903162659137
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Wednesday, 15-Feb-2023 14:36:00 CET Restart Time: Wednesday, 15-Feb-2023 03:51:01 CET Parent Server Generation: 467 Server uptime: 10 hours 44 minutes 59 seconds Total accesses: 2247 - Total Traffic: 8.8 MB CPU Usage: u378.93 s15.27 cu0 cs0 - 1.02% CPU load .0581 requests/sec - 239 B/second - 4129 B/request 8 requests currently being processed, 0 idle workers CCCWWCCC........................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-46791751/516/516C 176.781210.01.851.85 139.59.159.130smtp110.ext.armada.itGET /s/932323e2732313e2433313e253/_/;/META-INF/maven/com.atlass 1-46735681/2/455C 0.060220.00.011.66 139.59.159.130smtp110.ext.armada.itGET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 2-467298971/25/497C 4.851170.00.062.15 139.59.159.130smtp110.ext.armada.itGET /info.php HTTP/1.1 3-46735780/0/391W 131.32000.00.001.45 139.59.159.130smtp110.ext.armada.itGET /.vscode/sftp.json HTTP/1.1 4-46735790/0/233W 41.31000.00.001.22 139.59.159.130smtp110.ext.armada.itGET /server-status HTTP/1.1 5-467197981/106/106C 22.311360.00.380.38 139.59.159.130smtp110.ext.armada.itGET /telescope/requests HTTP/1.1 6-467298981/25/25C 8.781250.00.060.06 139.59.159.130smtp110.ext.armada.itGET /.git/config HTTP/1.1 7-467298991/24/24C 8.791460.00.070.07 139.59.159.130smtp110.ext.armada.itGET /.env HTTP/1.1 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb310450903104509031977e84b1
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Monday, 06-Feb-2023 05:01:20 CET Restart Time: Monday, 06-Feb-2023 04:40:02 CET Parent Server Generation: 458 Server uptime: 21 minutes 18 seconds Total accesses: 63 - Total Traffic: 177 kB CPU Usage: u17.23 s.76 cu0 cs0 - 1.41% CPU load .0493 requests/sec - 141 B/second - 2876 B/request 3 requests currently being processed, 0 idle workers CCW............................................................. ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-458280131/30/30C 7.781250.00.070.07 174.138.95.152smtp110.ext.armada.itGET /.git/config HTTP/1.1 1-458280141/30/30C 10.131170.00.100.10 174.138.95.152smtp110.ext.armada.itGET /.vscode/sftp.json HTTP/1.1 2-458314820/3/3W 0.08000.00.010.01 174.138.95.152smtp110.ext.armada.itGET /server-status HTTP/1.1 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb310450903104509031eb8b714d
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Saturday, 04-Feb-2023 06:46:48 CET Restart Time: Saturday, 04-Feb-2023 03:29:01 CET Parent Server Generation: 456 Server uptime: 3 hours 17 minutes 46 seconds Total accesses: 544 - Total Traffic: 1.5 MB CPU Usage: u199.29 s8.27 cu0 cs0 - 1.75% CPU load .0458 requests/sec - 132 B/second - 2891 B/request 3 requests currently being processed, 0 idle workers CWC............................................................. ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-456110131/200/200C 97.020180.00.540.54 134.209.207.188smtp110.ext.armada.itGET /info.php HTTP/1.1 1-456110140/200/200W 50.17000.00.580.58 134.209.207.188smtp110.ext.armada.itGET /server-status HTTP/1.1 2-456200641/144/144C 60.370240.00.370.37 134.209.207.188smtp110.ext.armada.itGET /.vscode/sftp.json HTTP/1.1 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31045090310450903156beb560
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Tuesday, 31-Jan-2023 05:56:53 CET Restart Time: Tuesday, 31-Jan-2023 03:19:01 CET Parent Server Generation: 452 Server uptime: 2 hours 37 minutes 51 seconds Total accesses: 440 - Total Traffic: 1.2 MB CPU Usage: u127.25 s5.55 cu0 cs0 - 1.4% CPU load .0465 requests/sec - 133 B/second - 2876 B/request 3 requests currently being processed, 0 idle workers WCC............................................................. ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-452193360/178/178W 50.54000.00.500.50 137.184.32.150smtp110.ext.armada.itGET /server-status HTTP/1.1 1-452193371/182/182C 42.250250.00.500.50 137.184.32.150smtp110.ext.armada.itGET /debug/default/view?panel=config HTTP/1.1 2-452301311/80/80C 40.010346.00.210.21 137.184.32.150smtp110.ext.armada.itGET /?rest_route=/wp/v2/users/ HTTP/1.1 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb3104509031045090314d4a8cba
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Sunday, 29-Jan-2023 13:35:23 CET Restart Time: Sunday, 29-Jan-2023 03:09:02 CET Parent Server Generation: 450 Server uptime: 10 hours 26 minutes 20 seconds Total accesses: 1734 - Total Traffic: 5.0 MB CPU Usage: u515.69 s20.62 cu0 cs0 - 1.43% CPU load .0461 requests/sec - 139 B/second - 3021 B/request 5 requests currently being processed, 0 idle workers C.C..CW.C....................................................... ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-450207401/427/427C 130.320170.00.950.95 185.3.94.183smtp110.ext.armada.itGET /s/932323e2732313e2433313e253/_/;/META-INF/maven/com.atlass 1-450-0/0/135. 58.913148700.00.000.42 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 2-45060441/287/287C 106.430190.00.990.99 185.3.94.183smtp110.ext.armada.itGET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 3-450-0/0/2. 0.013148900.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 4-450-0/0/3. 0.063148800.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 5-45060491/295/295C 89.920170.00.800.80 185.3.94.183smtp110.ext.armada.itGET /.vscode/sftp.json HTTP/1.1 6-45060500/292/292W 84.12000.00.970.97 185.3.94.183smtp110.ext.armada.itGET /server-status HTTP/1.1 7-450-0/0/2. 0.013149000.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 8-45060521/291/291C 66.530200.00.850.85 185.3.94.183smtp110.ext.armada.itGET /telescope/requests HTTP/1.1 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb310450903104509031e347fe23
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Friday, 27-Jan-2023 13:06:39 CET Restart Time: Friday, 27-Jan-2023 03:07:02 CET Parent Server Generation: 448 Server uptime: 9 hours 59 minutes 37 seconds Total accesses: 1948 - Total Traffic: 7.1 MB CPU Usage: u676.45 s27.16 cu0 cs0 - 1.96% CPU load .0541 requests/sec - 207 B/second - 3823 B/request 6 requests currently being processed, 0 idle workers CCCCCW.......................................................... ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-448231511/453/453C 142.430500.01.641.64 185.3.94.247smtp110.ext.armada.itGET /.env HTTP/1.1 1-448231521/450/450C 184.950510.01.411.41 185.3.94.247smtp110.ext.armada.itGET /.vscode/sftp.json HTTP/1.1 2-448287301/399/399C 156.180440.01.511.51 185.3.94.247smtp110.ext.armada.itGET /s/932323e2732313e2433313e253/_/;/META-INF/maven/com.atlass 3-448287641/393/393C 139.650180.01.501.50 185.3.94.247smtp110.ext.armada.itGET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 4-448290951/252/252C 80.360410.01.031.03 185.3.94.247smtp110.ext.armada.itGET /.git/config HTTP/1.1 5-448313930/1/1W 0.04000.00.010.01 185.3.94.247smtp110.ext.armada.itGET /server-status HTTP/1.1 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb310450903104509031e1e3fc0a
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Sunday, 22-Jan-2023 04:37:24 CET Restart Time: Sunday, 22-Jan-2023 03:49:03 CET Parent Server Generation: 443 Server uptime: 48 minutes 21 seconds Total accesses: 134 - Total Traffic: 381 kB CPU Usage: u62.46 s3.2 cu0 cs0 - 2.26% CPU load .0462 requests/sec - 134 B/second - 2911 B/request 2 requests currently being processed, 0 idle workers CW.............................................................. ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-443138691/67/67C 37.450280.00.240.24 164.92.224.29smtp110.ext.armada.itGET /.vscode/sftp.json HTTP/1.1 1-443138700/67/67W 28.21000.00.140.14 164.92.224.29smtp110.ext.armada.itGET /server-status HTTP/1.1 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb310450903104509031ca0f7fd8
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Friday, 02-Dec-2022 17:49:08 CET Restart Time: Friday, 02-Dec-2022 03:30:01 CET Parent Server Generation: 392 Server uptime: 14 hours 19 minutes 6 seconds Total accesses: 3193 - Total Traffic: 11.0 MB CPU Usage: u730.16 s31.16 cu0 cs0 - 1.48% CPU load .0619 requests/sec - 223 B/second - 3608 B/request 6 requests currently being processed, 0 idle workers CCC..CWC........................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-392182391/735/735C 168.880250.02.352.35 139.59.6.30smtp110.ext.armada.itPUT /api/v2/cmdb/system/admin/admin HTTP/1.1 1-392240761/278/479C 71.720356.01.051.73 139.59.6.30smtp110.ext.armada.itGET /?rest_route=/wp/v2/users/ HTTP/1.1 2-39217891/1/90C 0.020370.00.000.21 139.59.6.30smtp110.ext.armada.itGET /.git/config HTTP/1.1 3-392-0/0/89. 12.333946600.00.000.18 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 4-392-0/0/306. 75.962156700.00.000.81 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 5-392254311/495/495C 122.670200.01.901.90 139.59.6.30smtp110.ext.armada.itGET /debug/default/view?panel=config HTTP/1.1 6-392254380/496/496W 166.12000.02.032.03 139.59.6.30smtp110.ext.armada.itGET /server-status HTTP/1.1 7-392254391/503/503C 143.620190.01.781.78 139.59.6.30smtp110.ext.armada.itGET /telescope/requests HTTP/1.1 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31045090310450903140deca31
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Wednesday, 23-Nov-2022 18:00:31 CET Restart Time: Wednesday, 23-Nov-2022 03:11:01 CET Parent Server Generation: 383 Server uptime: 14 hours 49 minutes 30 seconds Total accesses: 3154 - Total Traffic: 10.3 MB CPU Usage: u549.12 s22.18 cu0 cs0 - 1.07% CPU load .0591 requests/sec - 201 B/second - 3413 B/request 6 requests currently being processed, 0 idle workers W..CCCCC........................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-383290490/0/562W 167.60000.00.001.44 172.104.249.218smtp110.ext.armada.itGET /server-status HTTP/1.1 1-383-0/0/216. 8.581275500.00.000.39 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 2-383-0/0/376. 0.021275600.00.001.03 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 3-383151821/160/505C 36.790310.01.022.20 172.104.249.218smtp110.ext.armada.itGET /s/932323e2732313e2433313e253/_/;/META-INF/maven/com.atlass 4-383261391/564/564C 161.070170.02.112.11 172.104.249.218smtp110.ext.armada.itGET /info.php HTTP/1.1 5-383151831/170/546C 59.660180.00.541.71 172.104.249.218smtp110.ext.armada.itGET /.git/config HTTP/1.1 6-38362391/194/194C 53.850490.00.770.77 172.104.249.218smtp110.ext.armada.itGET /.env HTTP/1.1 7-38362401/191/191C 83.730250.00.610.61 172.104.249.218smtp110.ext.armada.itGET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31045090310450903155962548
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Wednesday, 16-Nov-2022 15:15:45 CET Restart Time: Wednesday, 16-Nov-2022 03:21:02 CET Parent Server Generation: 376 Server uptime: 11 hours 54 minutes 43 seconds Total accesses: 2466 - Total Traffic: 9.2 MB CPU Usage: u338.29 s13.13 cu0 cs0 - .819% CPU load .0575 requests/sec - 225 B/second - 3915 B/request 5 requests currently being processed, 0 idle workers ....W.WW.WW..................................................... ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-376-0/0/376. 62.711773380.00.001.25 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 1-376-0/0/357. 0.17176600.00.001.61 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 2-376-0/0/72. 1.37177200.00.000.28 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 3-376-0/0/421. 188.78177000.00.001.31 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 4-376295340/22/166W 10.043600.00.140.62 127.0.0.1smtp110.ext.armada.itGET /parser2/ HTTP/1.1 5-376-0/0/144. 0.00177400.00.000.56 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 6-376295380/20/26W 0.44000.00.070.07 159.65.51.215smtp110.ext.armada.itGET /server-status HTTP/1.1 7-376295390/19/87W 10.31000.00.060.24 159.65.51.215smtp110.ext.armada.itGET / HTTP/1.1 8-376-0/0/5. 0.00177100.00.000.01 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 9-376295410/21/300W 5.58000.00.061.26 159.65.51.215smtp110.ext.armada.itGET /.git/config HTTP/1.1 10-376162180/165/167W 72.02000.00.780.78 159.65.51.215smtp110.ext.armada.itGET /?rest_route=/wp/v2/users/ HTTP/1.1 11-376-0/0/338. 0.00177500.00.001.22 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 12-376-0/0/1. 0.003987536630.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 13-376-0/0/1. 0.003987526640.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 14-376-0/0/1. 0.003987516680.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 15-376-0/0/2. 0.003986810760.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 16-376-0/0/1. 0.003987400.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 17-376-0/0/1. 0.0039873950.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb3104509031045090315c5431ae
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Saturday, 05-Nov-2022 03:22:54 CET Restart Time: Saturday, 05-Nov-2022 03:06:01 CET Parent Server Generation: 365 Server uptime: 16 minutes 53 seconds Total accesses: 53 - Total Traffic: 127 kB CPU Usage: u20.67 s.8 cu0 cs0 - 2.12% CPU load .0523 requests/sec - 128 B/second - 2453 B/request 6 requests currently being processed, 3 idle workers CC_CCCW__....................................................... ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-36562101/23/23C 18.820220.00.060.06 172.105.174.28smtp110.ext.armada.itGET /s/932323e2732313e2433313e253/_/;/META-INF/maven/com.atlass 1-36562111/25/25C 2.490350.00.060.06 172.105.174.28smtp110.ext.armada.itGET /.DS_Store HTTP/1.1 2-365101250/1/1_ 0.040470.00.000.00 172.105.174.28smtp110.ext.armada.itGET /.env HTTP/1.1 3-365101261/1/1C 0.021330.00.000.00 172.105.174.28smtp110.ext.armada.itGET /info.php HTTP/1.1 4-365101271/2/2C 0.060210.00.010.01 172.105.174.28smtp110.ext.armada.itGET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 5-365101341/1/1C 0.040476.00.010.01 172.105.174.28smtp110.ext.armada.itGET / HTTP/1.1 6-365101350/0/0W 0.00000.00.000.00 172.105.174.28smtp110.ext.armada.itGET /server-status HTTP/1.1 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb310450903104509031ce8b1357
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Wednesday, 02-Nov-2022 17:16:04 CET Restart Time: Wednesday, 02-Nov-2022 03:35:01 CET Parent Server Generation: 362 Server uptime: 13 hours 41 minutes 2 seconds Total accesses: 2469 - Total Traffic: 6.5 MB CPU Usage: u1096.45 s38.72 cu0 cs0 - 2.3% CPU load .0501 requests/sec - 138 B/second - 2757 B/request 5 requests currently being processed, 0 idle workers CCWCW........................................................... ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-362152171/639/639C 325.580210.01.661.66 164.92.143.142smtp110.ext.armada.itGET /s/932323e2732313e2433313e253/_/;/META-INF/maven/com.atlass 1-362152181/649/649C 300.720210.01.751.75 164.92.143.142smtp110.ext.armada.itGET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 2-362161590/629/629W 262.94000.01.611.61 164.92.143.142smtp110.ext.armada.itGET /server-status HTTP/1.1 3-36217301/551/551C 245.910200.01.481.48 164.92.143.142smtp110.ext.armada.itGET /.git/config HTTP/1.1 4-362176520/1/1W 0.02000.00.000.00 164.92.143.142smtp110.ext.armada.itGET / HTTP/1.1 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb3104509031045090316dffcb17
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Thursday, 13-Oct-2022 20:40:16 CEST Restart Time: Thursday, 13-Oct-2022 03:14:01 CEST Parent Server Generation: 342 Server uptime: 17 hours 26 minutes 15 seconds Total accesses: 3136 - Total Traffic: 8.1 MB CPU Usage: u1023.24 s40.77 cu0 cs0 - 1.69% CPU load .05 requests/sec - 135 B/second - 2713 B/request 3 requests currently being processed, 0 idle workers WCC............................................................. ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-34225550/1285/1285W 390.11000.03.353.35 45.56.70.216smtp110.ext.armada.itGET /server-status HTTP/1.1 1-34225561/1286/1286C 453.240270.03.213.21 45.56.70.216smtp110.ext.armada.itGET /.env HTTP/1.1 2-34255801/565/565C 220.660240.01.561.56 45.56.70.216smtp110.ext.armada.itGET /s/352e3133342e3132372e323239/_/;/META-INF/maven/com.atlass SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb3104509031045090317c9929a9
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Thursday, 29-Sep-2022 08:27:30 CEST Restart Time: Thursday, 29-Sep-2022 03:35:02 CEST Parent Server Generation: 328 Server uptime: 4 hours 52 minutes 28 seconds Total accesses: 2120 - Total Traffic: 4.3 MB CPU Usage: u174.2 s7.55 cu0 cs0 - 1.04% CPU load .121 requests/sec - 256 B/second - 2127 B/request 8 requests currently being processed, 0 idle workers CCCCCWCC........................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-32856531/37/454C 1.691250.00.090.85 207.154.199.221smtp110.ext.armada.itGET /info.php HTTP/1.1 1-32867961/32/384C 2.461280.00.070.51 207.154.199.221smtp110.ext.armada.itGET /s/352e3133342e3132372e323239/_/;/META-INF/maven/com.atlass 2-328120391/1/348C 0.031390.00.000.70 207.154.199.221smtp110.ext.armada.itGET /.env HTTP/1.1 3-328124751/154/164C 52.761220.00.540.66 207.154.199.221smtp110.ext.armada.itGET /telescope/requests HTTP/1.1 4-32864081/330/330C 58.641240.00.710.71 207.154.199.221smtp110.ext.armada.itGET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 5-328120420/0/304W 45.47000.00.000.49 207.154.199.221smtp110.ext.armada.itGET /server-status HTTP/1.1 6-328120431/1/4C 0.030370.00.000.00 207.154.199.221smtp110.ext.armada.itGET /api/search?folderIds=0 HTTP/1.1 7-328267451/81/81C 14.681280.00.210.21 207.154.199.221smtp110.ext.armada.itGET /.git/config HTTP/1.1 8-328-0/0/1. 0.00628600.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 9-328-0/0/48. 5.99224000.00.000.16 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 10-328-0/0/1. 0.00628500.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 11-328-0/0/1. 0.00628400.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31045090310450903173d1d715
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Thursday, 15-Sep-2022 07:35:51 CEST Restart Time: Thursday, 15-Sep-2022 03:20:06 CEST Parent Server Generation: 314 Server uptime: 4 hours 15 minutes 44 seconds Total accesses: 728 - Total Traffic: 1.9 MB CPU Usage: u138.06 s4.98 cu0 cs0 - .932% CPU load .0474 requests/sec - 128 B/second - 2697 B/request 6 requests currently being processed, 0 idle workers CCCCCW.......................................................... ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-3147441/298/298C 97.670160.00.820.82 165.22.210.184smtp110.ext.armada.itGET /.git/config HTTP/1.1 1-314149461/1/268C 0.020270.00.000.65 165.22.210.184smtp110.ext.armada.itGET /s/352e3133342e3132372e323239/_/;/META-INF/maven/com.atlass 2-314274651/84/84C 21.440160.00.210.21 165.22.210.184smtp110.ext.armada.itGET /info.php HTTP/1.1 3-31468791/25/25C 7.460220.00.060.06 165.22.210.184smtp110.ext.armada.itGET /telescope/requests HTTP/1.1 4-31468801/26/26C 11.890260.00.060.06 165.22.210.184smtp110.ext.armada.itGET /.env HTTP/1.1 5-31468810/27/27W 4.56000.00.070.07 165.22.210.184smtp110.ext.armada.itGET /server-status HTTP/1.1 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb3104509031045090319b91c6b5
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Friday, 10-Jun-2022 15:12:51 CEST Restart Time: Friday, 10-Jun-2022 03:27:02 CEST Parent Server Generation: 217 Server uptime: 11 hours 45 minutes 49 seconds Total accesses: 2065 - Total Traffic: 5.5 MB CPU Usage: u735.97 s30.9 cu0 cs0 - 1.81% CPU load .0488 requests/sec - 137 B/second - 2810 B/request 6 requests currently being processed, 0 idle workers CWCCCC.......................................................... ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-21725461/718/718C 274.720180.01.991.99 104.248.142.200smtp110.ext.armada.itGET /login.action HTTP/1.1 1-21725470/710/710W 237.60000.01.871.87 104.248.142.200smtp110.ext.armada.itGET /server-status HTTP/1.1 2-217152641/631/631C 254.430170.01.661.66 104.248.142.200smtp110.ext.armada.itGET /config.json HTTP/1.1 3-217269491/4/4C 0.101150.00.010.01 104.248.142.200smtp110.ext.armada.itGET /.git/config HTTP/1.1 4-217269731/1/1C 0.010220.00.000.00 104.248.142.200smtp110.ext.armada.itGET /info.php HTTP/1.1 5-217269741/1/1C 0.010220.00.000.00 104.248.142.200smtp110.ext.armada.itGET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31045090310450903105488ec1
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Friday, 10-Jun-2022 02:32:40 CEST Restart Time: Thursday, 09-Jun-2022 03:44:01 CEST Parent Server Generation: 216 Server uptime: 22 hours 48 minutes 38 seconds Total accesses: 4404 - Total Traffic: 11.8 MB CPU Usage: u409.48 s17.31 cu0 cs0 - .52% CPU load .0536 requests/sec - 150 B/second - 2806 B/request 6 requests currently being processed, 0 idle workers C..CC..CC..W.................................................... ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-216227801/1/794C 0.020280.00.002.34 194.233.167.79smtp110.ext.armada.itGET /.git/config HTTP/1.1 1-216-0/0/680. 18.86801100.00.001.89 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 2-216-0/0/579. 0.05800400.00.001.44 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 3-216278681/74/288C 27.110140.00.190.75 194.233.167.79smtp110.ext.armada.itGET /telescope/requests HTTP/1.1 4-216128321/213/489C 55.030230.00.621.33 194.233.167.79smtp110.ext.armada.itGET /.env HTTP/1.1 5-216-0/0/648. 210.89800500.00.001.74 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 6-216-0/0/279. 38.40800600.00.000.80 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 7-216278691/75/77C 28.030140.00.170.17 194.233.167.79smtp110.ext.armada.itGET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 8-216278831/78/309C 21.850220.00.220.79 194.233.167.79smtp110.ext.armada.itGET /s/352e3133342e3132372e323239/_/;/META-INF/maven/com.atlass 9-216-0/0/6. 0.03801200.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 10-216-0/0/6. 0.05800800.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 11-216278860/75/78W 26.35000.00.160.16 194.233.167.79smtp110.ext.armada.itGET /server-status HTTP/1.1 12-216-0/0/4. 0.02801600.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 13-216-0/0/4. 0.00801800.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 14-216-0/0/4. 0.03801500.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 15-216-0/0/143. 0.02801400.00.000.38 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 16-216-0/0/4. 0.01801300.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 17-216-0/0/4. 0.01800700.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 18-216-0/0/4. 0.01800300.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 19-216-0/0/4. 0.02801000.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb310450903104509031f6563d0c
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Tuesday, 07-Jun-2022 07:08:39 CEST Restart Time: Tuesday, 07-Jun-2022 03:22:01 CEST Parent Server Generation: 214 Server uptime: 3 hours 46 minutes 38 seconds Total accesses: 779 - Total Traffic: 1.9 MB CPU Usage: u163.2 s7.13 cu0 cs0 - 1.25% CPU load .0573 requests/sec - 144 B/second - 2514 B/request 5 requests currently being processed, 0 idle workers ..CC....C.W..C.................................................. ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-214-0/0/149. 26.56245400.00.000.38 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 1-214-0/0/98. 0.05246000.00.000.25 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 2-214174411/85/88C 18.800150.00.250.25 178.79.139.74smtp110.ext.armada.itGET /.git/config HTTP/1.1 3-21456111/30/81C 13.530140.00.050.19 178.79.139.74smtp110.ext.armada.itGET /s/dnc/_/;/META-INF/maven/com.atlassian.jira/jira-webapp-di 4-214-0/0/43. 0.03246300.00.000.09 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 5-214-0/0/104. 34.09246100.00.000.24 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 6-214-0/0/62. 13.13245800.00.000.13 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 7-214-0/0/63. 37.53245900.00.000.14 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 8-21456181/27/28C 8.550270.00.070.07 178.79.139.74smtp110.ext.armada.itGET /.env HTTP/1.1 9-214-0/0/3. 0.03245600.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 10-21456200/26/26W 9.49000.00.060.06 178.79.139.74smtp110.ext.armada.itGET /server-status HTTP/1.1 11-214-0/0/3. 0.03245700.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 12-214-0/0/2. 0.03246200.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 13-21456291/27/27C 8.460140.00.060.06 178.79.139.74smtp110.ext.armada.itGET /telescope/requests HTTP/1.1 14-214-0/0/2. 0.02245500.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31045090310450903199fb392e
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Monday, 30-May-2022 14:22:20 CEST Restart Time: Monday, 30-May-2022 03:17:01 CEST Parent Server Generation: 206 Server uptime: 11 hours 5 minutes 19 seconds Total accesses: 1592 - Total Traffic: 2.9 MB CPU Usage: u428.08 s16.9 cu0 cs0 - 1.11% CPU load .0399 requests/sec - 75 B/second - 1891 B/request 8 requests currently being processed, 0 idle workers CWCCCCCC........................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-206306191/1/143C 0.011220.00.000.38 159.223.215.103smtp110.ext.armada.itGET /.git/config HTTP/1.1 1-206306220/0/232W 117.95000.00.000.54 159.223.215.103smtp110.ext.armada.itGET /server-status HTTP/1.1 2-206117411/92/213C 68.351140.00.090.33 159.223.215.103smtp110.ext.armada.itGET /telescope/requests HTTP/1.1 3-206306231/1/195C 0.020290.00.000.39 159.223.215.103smtp110.ext.armada.itGET /config.json HTTP/1.1 4-206202941/144/182C 81.391180.00.200.25 159.223.215.103smtp110.ext.armada.itGET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 5-206202951/144/184C 70.561230.00.140.21 159.223.215.103smtp110.ext.armada.itGET /.env HTTP/1.1 6-206117431/89/217C 54.351150.00.100.33 159.223.215.103smtp110.ext.armada.itGET /s/lkx/_/;/META-INF/maven/com.atlassian.jira/jira-webapp-di 7-206117441/98/225C 52.351180.00.130.43 159.223.215.103smtp110.ext.armada.itGET /info.php HTTP/1.1 8-206-0/0/1. 0.003833200.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb310450903104509031283c5531
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Saturday, 28-May-2022 22:33:40 CEST Restart Time: Saturday, 28-May-2022 03:13:02 CEST Parent Server Generation: 204 Server uptime: 19 hours 20 minutes 38 seconds Total accesses: 3257 - Total Traffic: 3.3 MB CPU Usage: u967.58 s31.57 cu0 cs0 - 1.43% CPU load .0468 requests/sec - 50 B/second - 1078 B/request 5 requests currently being processed, 0 idle workers CWCCC........................................................... ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-20486501/763/763C 199.520286.00.920.92 142.93.248.39smtp110.ext.armada.itGET /?rest_route=/wp/v2/users/ HTTP/1.1 1-20486510/771/771W 242.64000.01.131.13 142.93.248.39smtp110.ext.armada.itGET /server-status HTTP/1.1 2-204167431/653/653C 231.390210.00.450.45 142.93.248.39smtp110.ext.armada.itGET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 3-204185911/533/533C 155.170250.00.430.43 142.93.248.39smtp110.ext.armada.itGET /.DS_Store HTTP/1.1 4-20430761/124/125C 62.850160.00.180.18 142.93.248.39smtp110.ext.armada.itGET /.git/config HTTP/1.1 5-204-0/0/412. 107.581841500.00.000.26 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: ee80c6706842d3ef6842d3ef6325bb316325bb31045090310450903184ebc01e
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Thursday, 26-May-2022 10:31:30 CEST Restart Time: Thursday, 26-May-2022 03:46:01 CEST Parent Server Generation: 202 Server uptime: 6 hours 45 minutes 28 seconds Total accesses: 1219 - Total Traffic: 3.9 MB CPU Usage: u273.06 s10.06 cu0 cs0 - 1.16% CPU load .0501 requests/sec - 169 B/second - 3380 B/request 6 requests currently being processed, 0 idle workers CCCCC.....W..................................................... ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-202240001/139/266C 42.780316.00.240.71 172.105.201.208smtp110.ext.armada.itGET /?rest_route=/wp/v2/users/ HTTP/1.1 1-202115951/87/197C 43.380250.00.130.63 172.105.201.208smtp110.ext.armada.itGET /s/lkx/_/;/META-INF/maven/com.atlassian.jira/jira-webapp-di 2-202298251/241/241C 84.320160.00.620.62 172.105.201.208smtp110.ext.armada.itGET /ecp/Current/exporttool/microsoft.exchange.ediscovery.expor 3-202158031/1/57C 0.010270.00.000.49 172.105.201.208smtp110.ext.armada.itGET /.git/config HTTP/1.1 4-202150621/188/188C 47.530390.00.620.62 172.105.201.208smtp110.ext.armada.itGET /.env HTTP/1.1 5-202-0/0/98. 11.76972600.00.000.33 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 6-202-0/0/19. 0.00972400.00.000.05 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 7-202-0/0/69. 14.39972500.00.000.37 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 8-202-0/0/2. 0.00972300.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 9-202-0/0/2. 0.00972200.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 10-202116020/79/79W 38.95000.00.110.11 172.105.201.208smtp110.ext.armada.itGET /server-status HTTP/1.1 11-202-0/0/1. 0.00972700.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
An open CheckMK agent is publicly available.
This could leak sensitive information such as :
https://docs.checkmk.com/latest/en/wato_monitoringagents.html
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbd51b336f6083b8906ad374733d13f17a23ca25cf
Found public CheckMk agent: Version: 1.2.4p1 AgentOS: linux PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local SpoolDirectory: /etc/check_mk/spool AgentDirectory: /etc/check_mk OnlyFrom: Found process list through CheckMk: (root,19232,1544,0.0) /sbin/init (root,0,0,0.0) [kthreadd] (root,0,0,0.0) [migration/0] (root,0,0,0.0) [ksoftirqd/0] (root,0,0,0.0) [stopper/0] (root,0,0,0.0) [watchdog/0] (root,0,0,0.0) [migration/1] (root,0,0,0.0) [stopper/1] (root,0,0,0.0) [ksoftirqd/1] (root,0,0,0.0) [watchdog/1] (root,0,0,0.0) [migration/2] (root,0,0,0.0) [stopper/2] (root,0,0,0.0) [ksoftirqd/2] (root,0,0,0.0) [watchdog/2] (root,0,0,0.0) [migration/3] (root,0,0,0.0) [stopper/3] (root,0,0,0.0) [ksoftirqd/3] (root,0,0,0.0) [watchdog/3] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events/2] (root,0,0,0.0) [events/3] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events/2] (root,0,0,0.0) [events/3] (root,0,0,0.0) [events_long/0] (root,0,0,0.0) [events_long/1] (root,0,0,0.0) [events_long/2] (root,0,0,0.0) [events_long/3] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [cgroup] (root,0,0,0.0) [khelper] (root,0,0,0.0) [netns] (root,0,0,0.0) [async/mgr] (root,0,0,0.0) [pm] (root,0,0,0.0) [sync_supers] (root,0,0,0.0) [bdi-default] (root,0,0,0.0) [kintegrityd/0] (root,0,0,0.0) [kintegrityd/1] (root,0,0,0.0) [kintegrityd/2] (root,0,0,0.0) [kintegrityd/3] (root,0,0,0.0) [kblockd/0] (root,0,0,0.0) [kblockd/1] (root,0,0,0.0) [kblockd/2] (root,0,0,0.0) [kblockd/3] (root,0,0,0.0) [kacpid] (root,0,0,0.0) [kacpi_notify] (root,0,0,0.0) [kacpi_hotplug] (root,0,0,0.0) [ata_aux] (root,0,0,0.0) [ata_sff/0] (root,0,0,0.0) [ata_sff/1] (root,0,0,0.0) [ata_sff/2] (root,0,0,0.0) [ata_sff/3] (root,0,0,0.0) [ksuspend_usbd] (root,0,0,0.0) [khubd] (root,0,0,0.0) [kseriod] (root,0,0,0.0) [md/0] (root,0,0,0.0) [md/1] (root,0,0,0.0) [md/2] (root,0,0,0.0) [md/3] (root,0,0,0.0) [md_misc/0] (root,0,0,0.0) [md_misc/1] (root,0,0,0.0) [md_misc/2] (root,0,0,0.0) [md_misc/3] (root,0,0,0.0) [linkwatch] (root,0,0,0.0) [khungtaskd] (root,0,0,0.0) [kswapd0] (root,0,0,0.0) [ksmd] (root,0,0,0.0) [khugepaged] (root,0,0,0.0) [aio/0] (root,0,0,0.0) [aio/1] (root,0,0,0.0) [aio/2] (root,0,0,0.0) [aio/3] (root,0,0,0.0) [crypto/0] (root,0,0,0.0) [crypto/1] (root,0,0,0.0) [crypto/2] (root,0,0,0.0) [crypto/3] (root,0,0,0.0) [kthrotld/0] (root,0,0,0.0) [kthrotld/1] (root,0,0,0.0) [kthrotld/2] (root,0,0,0.0) [kthrotld/3] (root,0,0,0.0) [pciehpd] (root,0,0,0.0) [kpsmoused] (root,0,0,0.0) [usbhid_resumer] (root,0,0,0.0) [deferwq] (root,0,0,0.0) [kdmremove] (root,0,0,0.0) [kstriped] (root,0,0,0.0) [scsi_eh_0] (root,0,0,0.0) [scsi_eh_1] (root,0,0,0.0) [scsi_eh_2] (root,0,0,0.0) [vmw_pvscsi_wq_2] (root,0,0,0.0) [kdmflush] (root,0,0,0.0) [kdmflush] (root,0,0,0.0) [flush-253:0] (root,0,0,0.0) [jbd2/dm-0-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,11140,1244,0.0) /sbin/udevd -d (root,0,0,0.0) [vmmemctl] (root,0,0,0.0) [jbd2/sda1-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,0,0,0.0) [kauditd] (root,37200,908,0.0) /usr/local/sbin/keepalived -D (root,39304,2044,0.0) /usr/local/sbin/keepalived -D (root,39304,1392,0.0) /usr/local/sbin/keepalived -D (root,93156,868,0.0) auditd (root,249856,6024,0.0) /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 (rpc,19048,976,0.0) rpcbind (root,200176,5568,0.0) /usr/sbin/snmpd -LS0-6d -Lf /dev/null -p /var/run/snmpd.pid (root,66224,1224,0.0) /usr/sbin/sshd (root,21716,1000,0.0) xinetd -stayalive -pidfile /var/run/xinetd.pid (ntp,30736,2152,0.0) ntpd -u ntp:ntp -p /var/run/ntpd.pid -g (root,108168,1556,0.0) /bin/sh /usr/bin/mysqld_safe --datadir=/var/lib/mysql --socket=/var/lib/mysql/mysql.sock --pid-file=/var/run/mysqld/mysqld.pid --basedir=/usr --user=mysql (mysql,3819608,768192,0.4) /usr/libexec/mysqld --basedir=/usr --datadir=/var/lib/mysql --user=mysql --log-error=/var/log/mysqld.log --pid-file=/var/run/mysqld/mysqld.pid --socket=/var/lib/mysql/mysql.sock (root,71216,2396,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,2380,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,2380,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,2380,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,2380,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (5008,182364,21088,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (nagios,41464,1364,0.0) nrpe -c /etc/nagios/nrpe.cfg -d (root,80868,3392,0.0) /usr/libexec/postfix/master (postfix,81304,3800,0.0) qmgr -l -t fifo -u (root,214684,7568,0.0) /usr/bin/vmtoolsd (root,31840,608,0.0) /usr/sbin/htcacheclean -d5 -n -i -p/var/cache/mod_proxy -l150M (root,319664,14088,0.0) /usr/sbin/httpd (root,116860,1216,0.0) crond (root,200236,124004,0.1) splunkd -p 8089 start (root,62884,8900,0.0) [splunkd pid=2619] splunkd -p 8089 start [process-runner] (root,198272,8120,0.0) /usr/bin/python -Es /usr/bin/fail2ban-server -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid -x -b (root,251188,29076,0.1) /usr/bin/monitorix -c /etc/monitorix/monitorix.conf -p /var/run/monitorix.pid (root,4064,584,0.0) /sbin/mingetty /dev/tty1 (root,4064,580,0.0) /sbin/mingetty /dev/tty2 (root,4064,580,0.0) /sbin/mingetty /dev/tty3 (root,4064,584,0.0) /sbin/mingetty /dev/tty4 (root,4064,584,0.0) /sbin/mingetty /dev/tty5 (root,4064,580,0.0) /sbin/mingetty /dev/tty6 (root,11136,1216,0.0) /sbin/udevd -d (root,11136,1216,0.0) /sbin/udevd -d (nobody,217028,21920,0.0) monitorix-httpd listening on 8080 (postfix,81664,4552,0.0) tlsmgr -l -t unix -u (postfix,80944,3428,0.0) anvil -l -t unix -u (5008,213444,23312,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,80952,3320,0.0) pickup -l -t fifo -u (apache,436188,31176,0.6) /usr/sbin/httpd (5008,213444,23324,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,97120,6584,0.1) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,81064,3392,0.0) showq -t unix -u (postfix,97112,6584,0.2) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (5008,213444,23272,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,97044,6500,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,97024,6500,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,80940,3316,0.0) spawn -z -n 127.0.0.1:2527 -t inet user=nobody argv=/etc/postfix/random.pl (postfix,81092,3528,0.0) cleanup -z -t unix -u (postfix,81440,4892,0.0) smtp -n rotate2 -t unix -u -o syslog_name=postfix-rotate2 -o smtp_helo_name=smtp111.ext.armada.it -o smtp_bind_address=5.134.127.226 (postfix,81440,4880,0.0) smtp -n rotate5 -t unix -u -o syslog_name=postfix-rotate5 -o smtp_helo_name=smtp114.ext.armada.it -o smtp_bind_address=5.134.127.229 (postfix,81440,4892,0.0) smtp -n rotate4 -t unix -u -o syslog_name=postfix-rotate4 -o smtp_helo_name=smtp113.ext.armada.it -o smtp_bind_address=5.134.127.228 (postfix,81440,4888,0.0) smtp -n rotate4 -t unix -u -o syslog_name=postfix-rotate4 -o smtp_helo_name=smtp113.ext.armada.it -o smtp_bind_address=5.134.127.228 (postfix,80988,3436,0.0) bounce -z -t unix -u (postfix,81440,4888,0.0) smtp -n rotate2 -t unix -u -o syslog_name=postfix-rotate2 -o smtp_helo_name=smtp111.ext.armada.it -o smtp_bind_address=5.134.127.226 (postfix,81440,4896,0.1) smtp -n rotate3 -t unix -u -o syslog_name=postfix-rotate3 -o smtp_helo_name=smtp112.ext.armada.it -o smtp_bind_address=5.134.127.227 (postfix,81440,4888,0.2) smtp -n rotate1 -t unix -u -o syslog_name=postfix-rotate1 -o smtp_helo_name=smtp110.ext.armada.it -o smtp_bind_address=5.134.127.225 (5008,213320,22824,0.1) /usr/bin/perl /usr/sbin/cbpolicyd (root,110232,1572,0.1) /bin/bash /usr/bin/check_mk_agent (root,110232,736,0.0) /bin/bash /usr/bin/check_mk_agent (root,110232,652,0.0) /bin/bash /usr/bin/check_mk_agent (root,830732,9064,1.8) python /usr/lib64/nagios/plugins/check_blacklist -w 1 -c 3 -h 5.134.127.110 (root,101288,4296,1.0) sshd: root [priv] (sshd,67568,1632,0.0) sshd: root [net] (postfix,80960,3380,0.0) trivial-rewrite -n rewrite -t unix -u (nobody,35692,4624,2.0) /usr/bin/perl -w /etc/postfix/random.pl (root,110232,1536,0.0) /bin/bash /usr/bin/check_mk_agent (root,13364,1008,0.0) ps ax -o user,vsz,rss,pcpu,command --columns 10000 (root,8392,828,0.0) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4) / (5008,213444,23336,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (apache,438864,33736,0.5) /usr/sbin/httpd (apache,438960,33904,0.5) /usr/sbin/httpd (5008,213444,23312,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (5008,213444,23300,0.0) /usr/bin/perl /usr/sbin/cbpolicyd
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbd51b336f6083b8906ad374733d13f17ae1d75fc1
Found public CheckMk agent: Version: 1.2.4p1 AgentOS: linux PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local SpoolDirectory: /etc/check_mk/spool AgentDirectory: /etc/check_mk OnlyFrom: Found process list through CheckMk: (root,19232,1544,0.0) /sbin/init (root,0,0,0.0) [kthreadd] (root,0,0,0.0) [migration/0] (root,0,0,0.0) [ksoftirqd/0] (root,0,0,0.0) [stopper/0] (root,0,0,0.0) [watchdog/0] (root,0,0,0.0) [migration/1] (root,0,0,0.0) [stopper/1] (root,0,0,0.0) [ksoftirqd/1] (root,0,0,0.0) [watchdog/1] (root,0,0,0.0) [migration/2] (root,0,0,0.0) [stopper/2] (root,0,0,0.0) [ksoftirqd/2] (root,0,0,0.0) [watchdog/2] (root,0,0,0.0) [migration/3] (root,0,0,0.0) [stopper/3] (root,0,0,0.0) [ksoftirqd/3] (root,0,0,0.0) [watchdog/3] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events/2] (root,0,0,0.0) [events/3] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events/2] (root,0,0,0.0) [events/3] (root,0,0,0.0) [events_long/0] (root,0,0,0.0) [events_long/1] (root,0,0,0.0) [events_long/2] (root,0,0,0.0) [events_long/3] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [cgroup] (root,0,0,0.0) [khelper] (root,0,0,0.0) [netns] (root,0,0,0.0) [async/mgr] (root,0,0,0.0) [pm] (root,0,0,0.0) [sync_supers] (root,0,0,0.0) [bdi-default] (root,0,0,0.0) [kintegrityd/0] (root,0,0,0.0) [kintegrityd/1] (root,0,0,0.0) [kintegrityd/2] (root,0,0,0.0) [kintegrityd/3] (root,0,0,0.0) [kblockd/0] (root,0,0,0.0) [kblockd/1] (root,0,0,0.0) [kblockd/2] (root,0,0,0.0) [kblockd/3] (root,0,0,0.0) [kacpid] (root,0,0,0.0) [kacpi_notify] (root,0,0,0.0) [kacpi_hotplug] (root,0,0,0.0) [ata_aux] (root,0,0,0.0) [ata_sff/0] (root,0,0,0.0) [ata_sff/1] (root,0,0,0.0) [ata_sff/2] (root,0,0,0.0) [ata_sff/3] (root,0,0,0.0) [ksuspend_usbd] (root,0,0,0.0) [khubd] (root,0,0,0.0) [kseriod] (root,0,0,0.0) [md/0] (root,0,0,0.0) [md/1] (root,0,0,0.0) [md/2] (root,0,0,0.0) [md/3] (root,0,0,0.0) [md_misc/0] (root,0,0,0.0) [md_misc/1] (root,0,0,0.0) [md_misc/2] (root,0,0,0.0) [md_misc/3] (root,0,0,0.0) [linkwatch] (root,0,0,0.0) [khungtaskd] (root,0,0,0.0) [kswapd0] (root,0,0,0.0) [ksmd] (root,0,0,0.0) [khugepaged] (root,0,0,0.0) [aio/0] (root,0,0,0.0) [aio/1] (root,0,0,0.0) [aio/2] (root,0,0,0.0) [aio/3] (root,0,0,0.0) [crypto/0] (root,0,0,0.0) [crypto/1] (root,0,0,0.0) [crypto/2] (root,0,0,0.0) [crypto/3] (root,0,0,0.0) [kthrotld/0] (root,0,0,0.0) [kthrotld/1] (root,0,0,0.0) [kthrotld/2] (root,0,0,0.0) [kthrotld/3] (root,0,0,0.0) [pciehpd] (root,0,0,0.0) [kpsmoused] (root,0,0,0.0) [usbhid_resumer] (root,0,0,0.0) [deferwq] (root,0,0,0.0) [kdmremove] (root,0,0,0.0) [kstriped] (root,0,0,0.0) [scsi_eh_0] (root,0,0,0.0) [scsi_eh_1] (root,0,0,0.0) [scsi_eh_2] (root,0,0,0.0) [vmw_pvscsi_wq_2] (root,0,0,0.0) [kdmflush] (root,0,0,0.0) [kdmflush] (root,0,0,0.0) [flush-253:0] (root,0,0,0.0) [jbd2/dm-0-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,11140,1244,0.0) /sbin/udevd -d (root,0,0,0.0) [vmmemctl] (root,0,0,0.0) [jbd2/sda1-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,0,0,0.0) [kauditd] (root,37200,908,0.0) /usr/local/sbin/keepalived -D (root,39304,2044,0.0) /usr/local/sbin/keepalived -D (root,39304,1392,0.0) /usr/local/sbin/keepalived -D (root,93156,868,0.0) auditd (root,249856,6028,0.0) /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 (rpc,19048,972,0.0) rpcbind (root,200176,5568,0.0) /usr/sbin/snmpd -LS0-6d -Lf /dev/null -p /var/run/snmpd.pid (root,66224,1224,0.0) /usr/sbin/sshd (root,21716,1000,0.0) xinetd -stayalive -pidfile /var/run/xinetd.pid (ntp,30736,2148,0.0) ntpd -u ntp:ntp -p /var/run/ntpd.pid -g (root,108168,1556,0.0) /bin/sh /usr/bin/mysqld_safe --datadir=/var/lib/mysql --socket=/var/lib/mysql/mysql.sock --pid-file=/var/run/mysqld/mysqld.pid --basedir=/usr --user=mysql (mysql,3819608,742436,0.4) /usr/libexec/mysqld --basedir=/usr --datadir=/var/lib/mysql --user=mysql --log-error=/var/log/mysqld.log --pid-file=/var/run/mysqld/mysqld.pid --socket=/var/lib/mysql/mysql.sock (root,71216,2396,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,2380,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,2380,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,2380,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,2380,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (5008,182364,21088,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (nagios,41464,1364,0.0) nrpe -c /etc/nagios/nrpe.cfg -d (root,80868,3392,0.0) /usr/libexec/postfix/master (postfix,81304,3800,0.0) qmgr -l -t fifo -u (root,214436,7276,0.0) /usr/bin/vmtoolsd (root,31840,608,0.0) /usr/sbin/htcacheclean -d5 -n -i -p/var/cache/mod_proxy -l150M (root,319400,13888,0.0) /usr/sbin/httpd (root,116860,1216,0.0) crond (root,200236,124004,0.1) splunkd -p 8089 start (root,62884,8900,0.0) [splunkd pid=2619] splunkd -p 8089 start [process-runner] (root,198272,8120,0.0) /usr/bin/python -Es /usr/bin/fail2ban-server -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid -x -b (root,251188,29076,0.1) /usr/bin/monitorix -c /etc/monitorix/monitorix.conf -p /var/run/monitorix.pid (root,4064,584,0.0) /sbin/mingetty /dev/tty1 (root,4064,580,0.0) /sbin/mingetty /dev/tty2 (root,4064,580,0.0) /sbin/mingetty /dev/tty3 (root,4064,584,0.0) /sbin/mingetty /dev/tty4 (root,4064,584,0.0) /sbin/mingetty /dev/tty5 (root,4064,580,0.0) /sbin/mingetty /dev/tty6 (root,11136,1216,0.0) /sbin/udevd -d (root,11136,1216,0.0) /sbin/udevd -d (nobody,217028,21920,0.0) monitorix-httpd listening on 8080 (postfix,81664,4552,0.0) tlsmgr -l -t unix -u (postfix,80944,3424,0.0) anvil -l -t unix -u (apache,432520,27500,0.1) /usr/sbin/httpd (apache,436920,31844,0.3) /usr/sbin/httpd (5008,213444,23344,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (5008,213440,23332,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,80952,3320,0.0) pickup -l -t fifo -u (postfix,97044,6492,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,97028,6560,0.0) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,80956,3372,0.0) showq -t unix -u (5008,213320,22824,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (root,67568,3160,0.0) sshd: [accepted] (sshd,67568,1396,0.0) sshd: [net] (postfix,97040,6504,0.0) smtpd -n submission -t inet -u -o stress= -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (root,110232,1568,0.0) /bin/bash /usr/bin/check_mk_agent (root,110232,732,0.0) /bin/bash /usr/bin/check_mk_agent (root,110232,648,0.0) /bin/bash /usr/bin/check_mk_agent (root,830732,11088,1.0) python /usr/lib64/nagios/plugins/check_blacklist -w 1 -c 3 -h 5.134.127.110 (root,110232,1532,0.0) /bin/bash /usr/bin/check_mk_agent (root,13368,1008,0.0) ps ax -o user,vsz,rss,pcpu,command --columns 10000 (root,8392,828,0.0) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4) / (5008,213444,23324,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (apache,442960,37936,0.2) /usr/sbin/httpd (5008,213440,23348,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (apache,430564,25572,0.2) /usr/sbin/httpd (apache,431184,26080,0.2) /usr/sbin/httpd
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbd51b336f6083b8906ad374733d13f17a10619609
Found public CheckMk agent: Version: 1.2.4p1 AgentOS: linux PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local SpoolDirectory: /etc/check_mk/spool AgentDirectory: /etc/check_mk OnlyFrom: Found process list through CheckMk: (root,19232,1048,0.0) /sbin/init (root,0,0,0.0) [kthreadd] (root,0,0,0.0) [migration/0] (root,0,0,0.0) [ksoftirqd/0] (root,0,0,0.0) [stopper/0] (root,0,0,0.0) [watchdog/0] (root,0,0,0.0) [migration/1] (root,0,0,0.0) [stopper/1] (root,0,0,0.0) [ksoftirqd/1] (root,0,0,0.0) [watchdog/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events_long/0] (root,0,0,0.0) [events_long/1] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [cgroup] (root,0,0,0.0) [khelper] (root,0,0,0.0) [netns] (root,0,0,0.0) [async/mgr] (root,0,0,0.0) [pm] (root,0,0,0.0) [sync_supers] (root,0,0,0.0) [bdi-default] (root,0,0,0.0) [kintegrityd/0] (root,0,0,0.0) [kintegrityd/1] (root,0,0,0.0) [kblockd/0] (root,0,0,0.0) [kblockd/1] (root,0,0,0.0) [kacpid] (root,0,0,0.0) [kacpi_notify] (root,0,0,0.0) [kacpi_hotplug] (root,0,0,0.0) [ata_aux] (root,0,0,0.0) [ata_sff/0] (root,0,0,0.0) [ata_sff/1] (root,0,0,0.0) [ksuspend_usbd] (root,0,0,0.0) [khubd] (root,0,0,0.0) [kseriod] (root,0,0,0.0) [md/0] (root,0,0,0.0) [md/1] (root,0,0,0.0) [md_misc/0] (root,0,0,0.0) [md_misc/1] (root,0,0,0.0) [linkwatch] (root,0,0,0.0) [khungtaskd] (root,0,0,0.0) [kswapd0] (root,0,0,0.0) [ksmd] (root,0,0,0.0) [khugepaged] (root,0,0,0.0) [aio/0] (root,0,0,0.0) [aio/1] (root,0,0,0.0) [crypto/0] (root,0,0,0.0) [crypto/1] (root,0,0,0.0) [kthrotld/0] (root,0,0,0.0) [kthrotld/1] (root,0,0,0.0) [pciehpd] (root,0,0,0.0) [kpsmoused] (root,0,0,0.0) [usbhid_resumer] (root,0,0,0.0) [deferwq] (root,0,0,0.0) [kdmremove] (root,0,0,0.0) [kstriped] (root,0,0,0.0) [scsi_eh_0] (root,0,0,0.0) [scsi_eh_1] (postfix,97204,6616,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (root,0,0,0.0) [scsi_eh_2] (root,0,0,0.0) [vmw_pvscsi_wq_2] (root,0,0,0.0) [kdmflush] (root,0,0,0.0) [kdmflush] (root,0,0,0.0) [jbd2/dm-0-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,10900,264,0.0) /sbin/udevd -d (root,81000,3460,0.0) /usr/libexec/postfix/master (postfix,84828,7336,0.0) qmgr -l -t fifo -u (postfix,82044,5020,0.0) tlsmgr -l -t unix -u (postfix,81048,3532,0.0) anvil -l -t unix -u (root,0,0,0.0) [vmmemctl] (postfix,97204,6628,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (root,0,0,0.0) [jbd2/sda1-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,0,0,0.0) [kauditd] (root,0,0,0.0) [flush-253:0] (root,37200,420,0.0) /usr/local/sbin/keepalived -D (root,39304,1380,0.0) /usr/local/sbin/keepalived -D (root,39304,832,0.0) /usr/local/sbin/keepalived -D (root,93156,732,0.0) auditd (root,249856,5700,0.0) /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 (rpc,19108,956,0.0) rpcbind (root,200180,1936,0.0) /usr/sbin/snmpd -LS0-6d -Lf /dev/null -p /var/run/snmpd.pid (root,66224,608,0.0) /usr/sbin/sshd (root,21716,744,0.0) xinetd -stayalive -pidfile /var/run/xinetd.pid (root,71216,1676,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1668,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (nagios,41464,744,0.0) nrpe -c /etc/nagios/nrpe.cfg -d (root,419344,42080,0.0) /usr/bin/vmtoolsd (root,31840,344,0.0) /usr/sbin/htcacheclean -d5 -n -i -p/var/cache/mod_proxy -l150M (root,116856,676,0.0) crond (root,216632,63804,0.1) splunkd -p 8089 start (root,62884,824,0.0) [splunkd pid=2622] splunkd -p 8089 start [process-runner] (root,198272,1040,0.0) /usr/bin/python -Es /usr/bin/fail2ban-server -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid -x -b (root,251276,14756,0.1) /usr/bin/monitorix -c /etc/monitorix/monitorix.conf -p /var/run/monitorix.pid (root,4064,484,0.0) /sbin/mingetty /dev/tty1 (root,4064,484,0.0) /sbin/mingetty /dev/tty2 (root,4064,484,0.0) /sbin/mingetty /dev/tty3 (root,4064,484,0.0) /sbin/mingetty /dev/tty4 (root,4064,484,0.0) /sbin/mingetty /dev/tty5 (root,4064,484,0.0) /sbin/mingetty /dev/tty6 (5008,213448,13772,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (nobody,217028,2076,0.0) monitorix-httpd listening on 8080 (5008,213448,13632,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,80940,3316,0.0) spawn -z -n 127.0.0.1:2527 -t inet user=nobody argv=/etc/postfix/random.pl (5008,213324,12452,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,97200,6676,0.0) smtpd -n submission -t inet -u -o stress= -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (5008,213324,12036,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (root,10896,204,0.0) /sbin/udevd -d (root,10896,176,0.0) /sbin/udevd -d (postfix,80960,3380,0.0) trivial-rewrite -n rewrite -t unix -u (nobody,35692,4620,0.0) /usr/bin/perl -w /etc/postfix/random.pl (postfix,97200,6632,0.0) smtpd -n submission -t inet -u -o stress= -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (5008,213324,12036,0.1) /usr/bin/perl /usr/sbin/cbpolicyd (root,110232,1572,0.2) /bin/bash /usr/bin/check_mk_agent (root,110232,736,0.0) /bin/bash /usr/bin/check_mk_agent (root,110232,652,0.0) /bin/bash /usr/bin/check_mk_agent (root,830736,7036,1.6) python /usr/lib64/nagios/plugins/check_blacklist -w 1 -c 3 -h 5.134.127.110 (root,69640,3360,0.0) sshd: [accepted] (sshd,67568,1560,0.0) sshd: [net] (root,67568,3220,0.0) sshd: [accepted] (sshd,67568,1516,0.0) sshd: [net] (root,67568,3164,0.0) sshd: [accepted] (sshd,67568,1404,0.0) sshd: [net] (root,110232,1536,0.0) /bin/bash /usr/bin/check_mk_agent (root,13368,1008,0.0) ps ax -o user,vsz,rss,pcpu,command --columns 10000 (root,8392,828,0.0) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4) / (apache,484836,46572,0.3) /usr/sbin/httpd (apache,481328,45192,0.2) /usr/sbin/httpd (apache,482432,46160,0.2) /usr/sbin/httpd (root,108168,676,0.0) /bin/sh /usr/bin/mysqld_safe --datadir=/var/lib/mysql --socket=/var/lib/mysql/mysql.sock --pid-file=/var/run/mysqld/mysqld.pid --basedir=/usr --user=mysql (mysql,4557440,2333412,1.2) /usr/libexec/mysqld --basedir=/usr --datadir=/var/lib/mysql --user=mysql --log-error=/var/log/mysqld.log --pid-file=/var/run/mysqld/mysqld.pid --socket=/var/lib/mysql/mysql.sock (apache,493572,55376,0.4) /usr/sbin/httpd (apache,497676,61528,0.4) /usr/sbin/httpd (5008,213440,13744,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (root,369336,32232,0.0) /usr/sbin/httpd (5008,182364,9220,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (5008,213452,13784,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,80952,3320,0.0) pickup -l -t fifo -u (postfix,81064,3392,0.0) showq -t unix -u (root,0,0,0.0) [migration/3] (root,0,0,0.0) [stopper/3] (root,0,0,0.0) [ksoftirqd/3] (root,0,0,0.0) [kthrotld/3] (root,0,0,0.0) [crypto/3] (root,0,0,0.0) [aio/3] (root,0,0,0.0) [md_misc/3] (root,0,0,0.0) [md/3] (root,0,0,0.0) [ata_sff/3] (root,0,0,0.0) [kblockd/3] (root,0,0,0.0) [kintegrityd/3] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_long/3] (root,0,0,0.0) [events/3] (root,0,0,0.0) [events/3] (root,0,0,0.0) [watchdog/3] (root,0,0,0.0) [migration/2] (root,0,0,0.0) [stopper/2] (root,0,0,0.0) [ksoftirqd/2] (root,0,0,0.0) [kthrotld/2] (root,0,0,0.0) [crypto/2] (root,0,0,0.0) [aio/2] (root,0,0,0.0) [md_misc/2] (root,0,0,0.0) [md/2] (root,0,0,0.0) [ata_sff/2] (root,0,0,0.0) [kblockd/2] (root,0,0,0.0) [kintegrityd/2] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_long/2] (root,0,0,0.0) [events/2] (root,0,0,0.0) [events/2] (root,0,0,0.0) [watchdog/2] (5008,213616,13840,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,97228,6724,0.0) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,97168,6672,0.0) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,97204,6668,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (opendkim,2132752,8380,0.1) /usr/sbin/opendkim -x /etc/opendkim.conf -P /var/run/opendkim/opendkim.pid
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbd51b336f6083b8906ad374733d13f17a85961af8
Found public CheckMk agent: Version: 1.2.4p1 AgentOS: linux PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local SpoolDirectory: /etc/check_mk/spool AgentDirectory: /etc/check_mk OnlyFrom: Found process list through CheckMk: (root,19232,1048,0.0) /sbin/init (root,0,0,0.0) [kthreadd] (root,0,0,0.0) [migration/0] (root,0,0,0.0) [ksoftirqd/0] (root,0,0,0.0) [stopper/0] (root,0,0,0.0) [watchdog/0] (root,0,0,0.0) [migration/1] (root,0,0,0.0) [stopper/1] (root,0,0,0.0) [ksoftirqd/1] (root,0,0,0.0) [watchdog/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events_long/0] (root,0,0,0.0) [events_long/1] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [cgroup] (root,0,0,0.0) [khelper] (root,0,0,0.0) [netns] (root,0,0,0.0) [async/mgr] (root,0,0,0.0) [pm] (root,0,0,0.0) [sync_supers] (root,0,0,0.0) [bdi-default] (root,0,0,0.0) [kintegrityd/0] (root,0,0,0.0) [kintegrityd/1] (root,0,0,0.0) [kblockd/0] (root,0,0,0.0) [kblockd/1] (root,0,0,0.0) [kacpid] (root,0,0,0.0) [kacpi_notify] (root,0,0,0.0) [kacpi_hotplug] (root,0,0,0.0) [ata_aux] (root,0,0,0.0) [ata_sff/0] (root,0,0,0.0) [ata_sff/1] (root,0,0,0.0) [ksuspend_usbd] (root,0,0,0.0) [khubd] (root,0,0,0.0) [kseriod] (root,0,0,0.0) [md/0] (root,0,0,0.0) [md/1] (root,0,0,0.0) [md_misc/0] (root,0,0,0.0) [md_misc/1] (root,0,0,0.0) [linkwatch] (root,0,0,0.0) [khungtaskd] (root,0,0,0.0) [kswapd0] (root,0,0,0.0) [ksmd] (root,0,0,0.0) [khugepaged] (root,0,0,0.0) [aio/0] (root,0,0,0.0) [aio/1] (root,0,0,0.0) [crypto/0] (root,0,0,0.0) [crypto/1] (root,0,0,0.0) [kthrotld/0] (root,0,0,0.0) [kthrotld/1] (root,0,0,0.0) [pciehpd] (root,0,0,0.0) [kpsmoused] (root,0,0,0.0) [usbhid_resumer] (root,0,0,0.0) [deferwq] (root,0,0,0.0) [kdmremove] (root,0,0,0.0) [kstriped] (root,0,0,0.0) [scsi_eh_0] (root,0,0,0.0) [scsi_eh_1] (root,0,0,0.0) [scsi_eh_2] (root,0,0,0.0) [vmw_pvscsi_wq_2] (5008,213448,13792,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (root,0,0,0.0) [kdmflush] (root,0,0,0.0) [kdmflush] (root,0,0,0.0) [jbd2/dm-0-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,10900,264,0.0) /sbin/udevd -d (root,80868,3440,0.0) /usr/libexec/postfix/master (postfix,82912,5392,0.0) qmgr -l -t fifo -u (postfix,82044,5020,0.0) tlsmgr -l -t unix -u (postfix,81048,3484,0.0) anvil -l -t unix -u (root,0,0,0.0) [vmmemctl] (root,0,0,0.0) [jbd2/sda1-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,0,0,0.0) [kauditd] (root,0,0,0.0) [flush-253:0] (root,37200,420,0.0) /usr/local/sbin/keepalived -D (root,39304,1388,0.0) /usr/local/sbin/keepalived -D (root,39304,832,0.0) /usr/local/sbin/keepalived -D (root,93156,732,0.0) auditd (root,249856,5636,0.0) /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 (rpc,19108,956,0.0) rpcbind (root,200180,1936,0.0) /usr/sbin/snmpd -LS0-6d -Lf /dev/null -p /var/run/snmpd.pid (root,66224,608,0.0) /usr/sbin/sshd (root,21716,744,0.0) xinetd -stayalive -pidfile /var/run/xinetd.pid (root,71216,1676,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1668,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (nagios,41464,744,0.0) nrpe -c /etc/nagios/nrpe.cfg -d (root,414256,36940,0.0) /usr/bin/vmtoolsd (root,31840,344,0.0) /usr/sbin/htcacheclean -d5 -n -i -p/var/cache/mod_proxy -l150M (root,116856,676,0.0) crond (root,216632,64384,0.1) splunkd -p 8089 start (root,62884,824,0.0) [splunkd pid=2622] splunkd -p 8089 start [process-runner] (root,198272,1040,0.0) /usr/bin/python -Es /usr/bin/fail2ban-server -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid -x -b (root,251276,14776,0.1) /usr/bin/monitorix -c /etc/monitorix/monitorix.conf -p /var/run/monitorix.pid (root,4064,484,0.0) /sbin/mingetty /dev/tty1 (root,4064,484,0.0) /sbin/mingetty /dev/tty2 (root,4064,484,0.0) /sbin/mingetty /dev/tty3 (root,4064,484,0.0) /sbin/mingetty /dev/tty4 (root,4064,484,0.0) /sbin/mingetty /dev/tty5 (root,4064,484,0.0) /sbin/mingetty /dev/tty6 (nobody,217028,2076,0.0) monitorix-httpd listening on 8080 (root,10896,204,0.0) /sbin/udevd -d (root,10896,176,0.0) /sbin/udevd -d (root,108168,676,0.0) /bin/sh /usr/bin/mysqld_safe --datadir=/var/lib/mysql --socket=/var/lib/mysql/mysql.sock --pid-file=/var/run/mysqld/mysqld.pid --basedir=/usr --user=mysql (mysql,4554580,2271636,1.2) /usr/libexec/mysqld --basedir=/usr --datadir=/var/lib/mysql --user=mysql --log-error=/var/log/mysqld.log --pid-file=/var/run/mysqld/mysqld.pid --socket=/var/lib/mysql/mysql.sock (5008,214000,14196,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (5008,213708,13992,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (5008,213452,13760,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,80940,3320,0.0) spawn -z -n 127.0.0.1:2527 -t inet user=nobody argv=/etc/postfix/random.pl (apache,477204,40996,0.4) /usr/sbin/httpd (root,366820,29716,0.0) /usr/sbin/httpd (5008,182364,9228,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,80952,3324,0.0) pickup -l -t fifo -u (5008,213452,13724,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (apache,482436,46364,0.6) /usr/sbin/httpd (postfix,81064,3396,0.0) showq -t unix -u (5008,213448,13692,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,97232,6972,0.2) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (5008,213452,13700,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,80960,3416,0.0) trivial-rewrite -n rewrite -t unix -u (nobody,35692,4624,0.0) /usr/bin/perl -w /etc/postfix/random.pl (postfix,97236,6916,0.1) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,97232,6708,0.1) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,97232,6716,0.1) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,97240,6784,0.2) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (5008,213448,13708,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (5008,213452,13680,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (root,0,0,0.0) [migration/3] (root,0,0,0.0) [stopper/3] (root,0,0,0.0) [ksoftirqd/3] (root,0,0,0.0) [kthrotld/3] (root,0,0,0.0) [crypto/3] (root,0,0,0.0) [aio/3] (root,0,0,0.0) [md_misc/3] (root,0,0,0.0) [md/3] (root,0,0,0.0) [ata_sff/3] (root,0,0,0.0) [kblockd/3] (root,0,0,0.0) [kintegrityd/3] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_long/3] (root,0,0,0.0) [events/3] (root,0,0,0.0) [events/3] (root,0,0,0.0) [watchdog/3] (root,0,0,0.0) [migration/2] (root,0,0,0.0) [stopper/2] (root,0,0,0.0) [ksoftirqd/2] (root,0,0,0.0) [kthrotld/2] (root,0,0,0.0) [crypto/2] (root,0,0,0.0) [aio/2] (root,0,0,0.0) [md_misc/2] (root,0,0,0.0) [md/2] (root,0,0,0.0) [ata_sff/2] (root,0,0,0.0) [kblockd/2] (root,0,0,0.0) [kintegrityd/2] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_long/2] (root,0,0,0.0) [events/2] (root,0,0,0.0) [events/2] (root,0,0,0.0) [watchdog/2] (postfix,97204,6720,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,81440,4904,0.1) smtp -n rotate3 -t unix -u -o syslog_name=postfix-rotate3 -o smtp_helo_name=smtp112.ext.armada.it -o smtp_bind_address=5.134.127.227 (postfix,81440,4916,0.0) smtp -n rotate2 -t unix -u -o syslog_name=postfix-rotate2 -o smtp_helo_name=smtp111.ext.armada.it -o smtp_bind_address=5.134.127.226 (postfix,81440,4924,0.0) smtp -n rotate4 -t unix -u -o syslog_name=postfix-rotate4 -o smtp_helo_name=smtp113.ext.armada.it -o smtp_bind_address=5.134.127.228 (postfix,81440,4900,0.1) smtp -n rotate4 -t unix -u -o syslog_name=postfix-rotate4 -o smtp_helo_name=smtp113.ext.armada.it -o smtp_bind_address=5.134.127.228 (postfix,81440,4900,0.0) smtp -n rotate4 -t unix -u -o syslog_name=postfix-rotate4 -o smtp_helo_name=smtp113.ext.armada.it -o smtp_bind_address=5.134.127.228 (postfix,81440,4900,0.0) smtp -n rotate5 -t unix -u -o syslog_name=postfix-rotate5 -o smtp_helo_name=smtp114.ext.armada.it -o smtp_bind_address=5.134.127.229 (postfix,81440,4896,0.1) smtp -n rotate2 -t unix -u -o syslog_name=postfix-rotate2 -o smtp_helo_name=smtp111.ext.armada.it -o smtp_bind_address=5.134.127.226 (postfix,81172,3652,0.2) cleanup -z -t unix -u (postfix,81172,3656,0.1) cleanup -z -t unix -u (postfix,97204,6704,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,81440,4896,0.1) smtp -n rotate5 -t unix -u -o syslog_name=postfix-rotate5 -o smtp_helo_name=smtp114.ext.armada.it -o smtp_bind_address=5.134.127.229 (postfix,81440,4904,0.0) smtp -n rotate3 -t unix -u -o syslog_name=postfix-rotate3 -o smtp_helo_name=smtp112.ext.armada.it -o smtp_bind_address=5.134.127.227 (5008,213324,12456,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,81440,4884,0.0) smtp -n rotate1 -t unix -u -o syslog_name=postfix-rotate1 -o smtp_helo_name=smtp110.ext.armada.it -o smtp_bind_address=5.134.127.225 (5008,213324,12040,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (root,110232,1568,0.1) /bin/bash /usr/bin/check_mk_agent (root,110232,732,0.0) /bin/bash /usr/bin/check_mk_agent (root,110232,648,0.0) /bin/bash /usr/bin/check_mk_agent (root,830732,11092,1.0) python /usr/lib64/nagios/plugins/check_blacklist -w 1 -c 3 -h 5.134.127.110 (root,101292,4296,1.5) sshd: root [priv] (sshd,67568,1632,0.0) sshd: root [net] (root,110232,1532,0.0) /bin/bash /usr/bin/check_mk_agent (root,13368,1012,0.0) ps ax -o user,vsz,rss,pcpu,command --columns 10000 (root,8392,832,0.0) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4) / (apache,485360,49356,0.7) /usr/sbin/httpd (apache,487596,51508,0.6) /usr/sbin/httpd (root,99976,4040,0.0) sshd: root@pts/0 (root,108428,2020,0.0) -bash (opendkim,756496,5932,0.0) /usr/sbin/opendkim -x /etc/opendkim.conf -P /var/run/opendkim/opendkim.pid
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbd51b336f6083b8906ad374733d13f17a17d86b34
Found public CheckMk agent: Version: 1.2.4p1 AgentOS: linux PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local SpoolDirectory: /etc/check_mk/spool AgentDirectory: /etc/check_mk OnlyFrom: Found process list through CheckMk: (root,19232,1048,0.0) /sbin/init (root,0,0,0.0) [kthreadd] (root,0,0,0.0) [migration/0] (root,0,0,0.0) [ksoftirqd/0] (root,0,0,0.0) [stopper/0] (root,0,0,0.0) [watchdog/0] (root,0,0,0.0) [migration/1] (root,0,0,0.0) [stopper/1] (root,0,0,0.0) [ksoftirqd/1] (root,0,0,0.0) [watchdog/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events_long/0] (root,0,0,0.0) [events_long/1] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [cgroup] (root,0,0,0.0) [khelper] (root,0,0,0.0) [netns] (root,0,0,0.0) [async/mgr] (root,0,0,0.0) [pm] (root,0,0,0.0) [sync_supers] (root,0,0,0.0) [bdi-default] (root,0,0,0.0) [kintegrityd/0] (root,0,0,0.0) [kintegrityd/1] (root,0,0,0.0) [kblockd/0] (root,0,0,0.0) [kblockd/1] (root,0,0,0.0) [kacpid] (root,0,0,0.0) [kacpi_notify] (root,0,0,0.0) [kacpi_hotplug] (root,0,0,0.0) [ata_aux] (root,0,0,0.0) [ata_sff/0] (root,0,0,0.0) [ata_sff/1] (root,0,0,0.0) [ksuspend_usbd] (root,0,0,0.0) [khubd] (root,0,0,0.0) [kseriod] (root,0,0,0.0) [md/0] (root,0,0,0.0) [md/1] (root,0,0,0.0) [md_misc/0] (root,0,0,0.0) [md_misc/1] (root,0,0,0.0) [linkwatch] (root,0,0,0.0) [khungtaskd] (root,0,0,0.0) [kswapd0] (root,0,0,0.0) [ksmd] (root,0,0,0.0) [khugepaged] (root,0,0,0.0) [aio/0] (root,0,0,0.0) [aio/1] (root,0,0,0.0) [crypto/0] (root,0,0,0.0) [crypto/1] (root,0,0,0.0) [kthrotld/0] (root,0,0,0.0) [kthrotld/1] (root,0,0,0.0) [pciehpd] (root,0,0,0.0) [kpsmoused] (root,0,0,0.0) [usbhid_resumer] (root,0,0,0.0) [deferwq] (root,0,0,0.0) [kdmremove] (root,0,0,0.0) [kstriped] (root,0,0,0.0) [scsi_eh_0] (root,0,0,0.0) [scsi_eh_1] (root,0,0,0.0) [scsi_eh_2] (root,0,0,0.0) [vmw_pvscsi_wq_2] (root,0,0,0.0) [kdmflush] (root,0,0,0.0) [kdmflush] (root,0,0,0.0) [jbd2/dm-0-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,10900,264,0.0) /sbin/udevd -d (root,80868,3432,0.0) /usr/libexec/postfix/master (postfix,81908,4404,0.0) qmgr -l -t fifo -u (postfix,81472,4448,0.0) tlsmgr -l -t unix -u (postfix,81048,3484,0.0) anvil -l -t unix -u (root,0,0,0.0) [vmmemctl] (postfix,97200,6680,0.0) smtpd -n submission -t inet -u -o stress= -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (root,0,0,0.0) [jbd2/sda1-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,0,0,0.0) [kauditd] (root,0,0,0.0) [flush-253:0] (5008,213324,12040,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,80960,3384,0.0) trivial-rewrite -n rewrite -t unix -u (postfix,80940,3316,0.0) spawn -z -n 127.0.0.1:2527 -t inet user=nobody argv=/etc/postfix/random.pl (nobody,35692,4620,0.0) /usr/bin/perl -w /etc/postfix/random.pl (postfix,81172,3648,0.0) cleanup -z -t unix -u (postfix,81440,4876,0.0) smtp -n rotate4 -t unix -u -o syslog_name=postfix-rotate4 -o smtp_helo_name=smtp113.ext.armada.it -o smtp_bind_address=5.134.127.228 (root,37200,420,0.0) /usr/local/sbin/keepalived -D (root,39304,1388,0.0) /usr/local/sbin/keepalived -D (root,39304,832,0.0) /usr/local/sbin/keepalived -D (5008,213324,12040,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,97200,6628,0.2) smtpd -n submission -t inet -u -o stress= -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (root,110232,1568,0.0) /bin/bash /usr/bin/check_mk_agent (apache,484764,46608,0.3) /usr/sbin/httpd (apache,481156,44836,0.2) /usr/sbin/httpd (apache,483392,45228,0.2) /usr/sbin/httpd (root,110232,732,0.0) /bin/bash /usr/bin/check_mk_agent (root,110232,648,0.0) /bin/bash /usr/bin/check_mk_agent (root,830728,9056,0.8) python /usr/lib64/nagios/plugins/check_blacklist -w 1 -c 3 -h 5.134.127.110 (root,101288,4312,1.0) sshd: root [priv] (sshd,67568,1660,0.0) sshd: root [net] (root,110232,1528,0.0) /bin/bash /usr/bin/check_mk_agent (root,13364,1004,0.0) ps ax -o user,vsz,rss,pcpu,command --columns 10000 (root,8392,832,0.0) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4) / (root,93156,732,0.0) auditd (root,249856,5616,0.0) /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 (rpc,19108,956,0.0) rpcbind (root,200180,1940,0.0) /usr/sbin/snmpd -LS0-6d -Lf /dev/null -p /var/run/snmpd.pid (root,66224,608,0.0) /usr/sbin/sshd (root,21716,744,0.0) xinetd -stayalive -pidfile /var/run/xinetd.pid (root,71216,1676,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1668,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (nagios,41464,744,0.0) nrpe -c /etc/nagios/nrpe.cfg -d (root,412148,34900,0.0) /usr/bin/vmtoolsd (root,31840,344,0.0) /usr/sbin/htcacheclean -d5 -n -i -p/var/cache/mod_proxy -l150M (root,116856,676,0.0) crond (root,216632,63920,0.1) splunkd -p 8089 start (root,62884,824,0.0) [splunkd pid=2622] splunkd -p 8089 start [process-runner] (root,198272,1040,0.0) /usr/bin/python -Es /usr/bin/fail2ban-server -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid -x -b (root,251276,14776,0.1) /usr/bin/monitorix -c /etc/monitorix/monitorix.conf -p /var/run/monitorix.pid (root,4064,484,0.0) /sbin/mingetty /dev/tty1 (root,4064,484,0.0) /sbin/mingetty /dev/tty2 (root,4064,484,0.0) /sbin/mingetty /dev/tty3 (root,4064,484,0.0) /sbin/mingetty /dev/tty4 (root,4064,484,0.0) /sbin/mingetty /dev/tty5 (root,4064,484,0.0) /sbin/mingetty /dev/tty6 (nobody,217028,2076,0.0) monitorix-httpd listening on 8080 (root,10896,204,0.0) /sbin/udevd -d (root,10896,176,0.0) /sbin/udevd -d (root,108168,676,0.0) /bin/sh /usr/bin/mysqld_safe --datadir=/var/lib/mysql --socket=/var/lib/mysql/mysql.sock --pid-file=/var/run/mysqld/mysqld.pid --basedir=/usr --user=mysql (mysql,4554580,2226592,1.2) /usr/libexec/mysqld --basedir=/usr --datadir=/var/lib/mysql --user=mysql --log-error=/var/log/mysqld.log --pid-file=/var/run/mysqld/mysqld.pid --socket=/var/lib/mysql/mysql.sock (apache,488584,50596,0.3) /usr/sbin/httpd (opendkim,1608468,7352,0.1) /usr/sbin/opendkim -x /etc/opendkim.conf -P /var/run/opendkim/opendkim.pid (5008,213584,13908,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (5008,213452,13760,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (apache,484132,47840,0.3) /usr/sbin/httpd (root,365748,28648,0.0) /usr/sbin/httpd (5008,182364,9228,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,97100,6672,0.0) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (5008,213452,13768,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,97100,6644,0.0) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (root,0,0,0.0) [migration/3] (root,0,0,0.0) [stopper/3] (root,0,0,0.0) [ksoftirqd/3] (root,0,0,0.0) [kthrotld/3] (root,0,0,0.0) [crypto/3] (root,0,0,0.0) [aio/3] (root,0,0,0.0) [md_misc/3] (root,0,0,0.0) [md/3] (root,0,0,0.0) [ata_sff/3] (root,0,0,0.0) [kblockd/3] (root,0,0,0.0) [kintegrityd/3] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_long/3] (root,0,0,0.0) [events/3] (root,0,0,0.0) [events/3] (root,0,0,0.0) [watchdog/3] (root,0,0,0.0) [migration/2] (root,0,0,0.0) [stopper/2] (root,0,0,0.0) [ksoftirqd/2] (root,0,0,0.0) [kthrotld/2] (root,0,0,0.0) [crypto/2] (root,0,0,0.0) [aio/2] (root,0,0,0.0) [md_misc/2] (root,0,0,0.0) [md/2] (root,0,0,0.0) [ata_sff/2] (root,0,0,0.0) [kblockd/2] (root,0,0,0.0) [kintegrityd/2] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_long/2] (root,0,0,0.0) [events/2] (root,0,0,0.0) [events/2] (root,0,0,0.0) [watchdog/2] (5008,213448,13788,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,80952,3324,0.0) pickup -l -t fifo -u (postfix,81064,3384,0.0) showq -t unix -u (postfix,97204,6620,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,97204,6624,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbd51b336f6083b8906ad374733d13f17a2905a910
Found public CheckMk agent: Version: 1.2.4p1 AgentOS: linux PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local SpoolDirectory: /etc/check_mk/spool AgentDirectory: /etc/check_mk OnlyFrom: Found process list through CheckMk: (root,19232,1048,0.0) /sbin/init (root,0,0,0.0) [kthreadd] (root,0,0,0.0) [migration/0] (root,0,0,0.0) [ksoftirqd/0] (root,0,0,0.0) [stopper/0] (root,0,0,0.0) [watchdog/0] (root,0,0,0.0) [migration/1] (root,0,0,0.0) [stopper/1] (root,0,0,0.0) [ksoftirqd/1] (root,0,0,0.0) [watchdog/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events_long/0] (root,0,0,0.0) [events_long/1] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [cgroup] (root,0,0,0.0) [khelper] (root,0,0,0.0) [netns] (root,0,0,0.0) [async/mgr] (root,0,0,0.0) [pm] (root,0,0,0.0) [sync_supers] (root,0,0,0.0) [bdi-default] (root,0,0,0.0) [kintegrityd/0] (root,0,0,0.0) [kintegrityd/1] (root,0,0,0.0) [kblockd/0] (root,0,0,0.0) [kblockd/1] (root,0,0,0.0) [kacpid] (root,0,0,0.0) [kacpi_notify] (root,0,0,0.0) [kacpi_hotplug] (root,0,0,0.0) [ata_aux] (root,0,0,0.0) [ata_sff/0] (root,0,0,0.0) [ata_sff/1] (root,0,0,0.0) [ksuspend_usbd] (root,0,0,0.0) [khubd] (root,0,0,0.0) [kseriod] (root,0,0,0.0) [md/0] (root,0,0,0.0) [md/1] (root,0,0,0.0) [md_misc/0] (root,0,0,0.0) [md_misc/1] (root,0,0,0.0) [linkwatch] (root,0,0,0.0) [khungtaskd] (root,0,0,0.0) [kswapd0] (root,0,0,0.0) [ksmd] (root,0,0,0.0) [khugepaged] (root,0,0,0.0) [aio/0] (root,0,0,0.0) [aio/1] (root,0,0,0.0) [crypto/0] (root,0,0,0.0) [crypto/1] (root,0,0,0.0) [kthrotld/0] (root,0,0,0.0) [kthrotld/1] (root,0,0,0.0) [pciehpd] (root,0,0,0.0) [kpsmoused] (root,0,0,0.0) [usbhid_resumer] (root,0,0,0.0) [deferwq] (root,0,0,0.0) [kdmremove] (root,0,0,0.0) [kstriped] (root,0,0,0.0) [scsi_eh_0] (root,0,0,0.0) [scsi_eh_1] (root,0,0,0.0) [scsi_eh_2] (root,0,0,0.0) [vmw_pvscsi_wq_2] (root,0,0,0.0) [kdmflush] (root,0,0,0.0) [kdmflush] (root,0,0,0.0) [jbd2/dm-0-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,10900,264,0.0) /sbin/udevd -d (root,80868,3432,0.0) /usr/libexec/postfix/master (postfix,81908,4404,0.0) qmgr -l -t fifo -u (postfix,81472,4448,0.0) tlsmgr -l -t unix -u (postfix,81048,3484,0.0) anvil -l -t unix -u (root,0,0,0.0) [vmmemctl] (root,0,0,0.0) [jbd2/sda1-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,0,0,0.0) [kauditd] (root,0,0,0.0) [flush-253:0] (root,37200,420,0.0) /usr/local/sbin/keepalived -D (root,39304,1388,0.0) /usr/local/sbin/keepalived -D (root,39304,832,0.0) /usr/local/sbin/keepalived -D (root,93156,732,0.0) auditd (root,249856,5600,0.0) /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 (rpc,19108,956,0.0) rpcbind (root,200180,1940,0.0) /usr/sbin/snmpd -LS0-6d -Lf /dev/null -p /var/run/snmpd.pid (root,66224,608,0.0) /usr/sbin/sshd (root,21716,744,0.0) xinetd -stayalive -pidfile /var/run/xinetd.pid (root,71216,1676,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1668,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (nagios,41464,744,0.0) nrpe -c /etc/nagios/nrpe.cfg -d (root,411280,34012,0.0) /usr/bin/vmtoolsd (root,31840,344,0.0) /usr/sbin/htcacheclean -d5 -n -i -p/var/cache/mod_proxy -l150M (root,116856,676,0.0) crond (root,216632,63884,0.1) splunkd -p 8089 start (root,62884,824,0.0) [splunkd pid=2622] splunkd -p 8089 start [process-runner] (root,198272,1040,0.0) /usr/bin/python -Es /usr/bin/fail2ban-server -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid -x -b (root,251276,14776,0.1) /usr/bin/monitorix -c /etc/monitorix/monitorix.conf -p /var/run/monitorix.pid (root,4064,484,0.0) /sbin/mingetty /dev/tty1 (root,4064,484,0.0) /sbin/mingetty /dev/tty2 (root,4064,484,0.0) /sbin/mingetty /dev/tty3 (root,4064,484,0.0) /sbin/mingetty /dev/tty4 (root,4064,484,0.0) /sbin/mingetty /dev/tty5 (root,4064,484,0.0) /sbin/mingetty /dev/tty6 (nobody,217028,2076,0.0) monitorix-httpd listening on 8080 (root,10896,204,0.0) /sbin/udevd -d (root,10896,176,0.0) /sbin/udevd -d (5008,213448,13780,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (root,108168,676,0.0) /bin/sh /usr/bin/mysqld_safe --datadir=/var/lib/mysql --socket=/var/lib/mysql/mysql.sock --pid-file=/var/run/mysqld/mysqld.pid --basedir=/usr --user=mysql (mysql,4554580,2215540,1.2) /usr/libexec/mysqld --basedir=/usr --datadir=/var/lib/mysql --user=mysql --log-error=/var/log/mysqld.log --pid-file=/var/run/mysqld/mysqld.pid --socket=/var/lib/mysql/mysql.sock (opendkim,1608468,7360,0.1) /usr/sbin/opendkim -x /etc/opendkim.conf -P /var/run/opendkim/opendkim.pid (5008,213448,13776,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (apache,479652,43344,0.3) /usr/sbin/httpd (apache,481360,43180,0.3) /usr/sbin/httpd (5008,213452,13720,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (root,365360,28256,0.0) /usr/sbin/httpd (apache,479836,43628,0.4) /usr/sbin/httpd (apache,479816,43560,0.3) /usr/sbin/httpd (5008,182364,9224,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (5008,213452,13792,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,80940,3316,0.0) spawn -z -n 127.0.0.1:2527 -t inet user=nobody argv=/etc/postfix/random.pl (5008,213448,13716,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,80952,3320,0.0) pickup -l -t fifo -u (postfix,81440,4920,0.0) smtp -n rotate3 -t unix -u -o syslog_name=postfix-rotate3 -o smtp_helo_name=smtp112.ext.armada.it -o smtp_bind_address=5.134.127.227 (root,0,0,0.0) [migration/3] (root,0,0,0.0) [stopper/3] (root,0,0,0.0) [ksoftirqd/3] (root,0,0,0.0) [kthrotld/3] (root,0,0,0.0) [crypto/3] (root,0,0,0.0) [aio/3] (root,0,0,0.0) [md_misc/3] (root,0,0,0.0) [md/3] (root,0,0,0.0) [ata_sff/3] (root,0,0,0.0) [kblockd/3] (root,0,0,0.0) [kintegrityd/3] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_long/3] (root,0,0,0.0) [events/3] (root,0,0,0.0) [events/3] (root,0,0,0.0) [watchdog/3] (root,0,0,0.0) [migration/2] (root,0,0,0.0) [stopper/2] (root,0,0,0.0) [ksoftirqd/2] (root,0,0,0.0) [kthrotld/2] (root,0,0,0.0) [crypto/2] (root,0,0,0.0) [aio/2] (root,0,0,0.0) [md_misc/2] (root,0,0,0.0) [md/2] (root,0,0,0.0) [ata_sff/2] (root,0,0,0.0) [kblockd/2] (root,0,0,0.0) [kintegrityd/2] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_long/2] (root,0,0,0.0) [events/2] (root,0,0,0.0) [events/2] (root,0,0,0.0) [watchdog/2] (postfix,81064,3400,0.0) showq -t unix -u (postfix,97204,6692,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,97204,6704,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,81440,4932,0.0) smtp -n rotate1 -t unix -u -o syslog_name=postfix-rotate1 -o smtp_helo_name=smtp110.ext.armada.it -o smtp_bind_address=5.134.127.225 (5008,213448,13820,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,81172,3652,0.0) cleanup -z -t unix -u (postfix,80960,3408,0.0) trivial-rewrite -n rewrite -t unix -u (nobody,35692,4620,0.0) /usr/bin/perl -w /etc/postfix/random.pl (postfix,81172,3652,0.1) cleanup -z -t unix -u (postfix,81440,4900,0.0) smtp -n rotate5 -t unix -u -o syslog_name=postfix-rotate5 -o smtp_helo_name=smtp114.ext.armada.it -o smtp_bind_address=5.134.127.229 (postfix,81440,4900,0.1) smtp -n rotate5 -t unix -u -o syslog_name=postfix-rotate5 -o smtp_helo_name=smtp114.ext.armada.it -o smtp_bind_address=5.134.127.229 (postfix,97168,6692,0.1) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,81440,4888,0.1) smtp -n rotate3 -t unix -u -o syslog_name=postfix-rotate3 -o smtp_helo_name=smtp112.ext.armada.it -o smtp_bind_address=5.134.127.227 (postfix,97236,6724,0.4) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,81440,4896,0.1) smtp -n rotate2 -t unix -u -o syslog_name=postfix-rotate2 -o smtp_helo_name=smtp111.ext.armada.it -o smtp_bind_address=5.134.127.226 (postfix,81440,4908,0.0) smtp -n rotate2 -t unix -u -o syslog_name=postfix-rotate2 -o smtp_helo_name=smtp111.ext.armada.it -o smtp_bind_address=5.134.127.226 (postfix,81440,4892,0.1) smtp -n rotate4 -t unix -u -o syslog_name=postfix-rotate4 -o smtp_helo_name=smtp113.ext.armada.it -o smtp_bind_address=5.134.127.228 (postfix,81440,4892,0.0) smtp -n rotate4 -t unix -u -o syslog_name=postfix-rotate4 -o smtp_helo_name=smtp113.ext.armada.it -o smtp_bind_address=5.134.127.228 (postfix,97204,6628,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,81440,4892,0.1) smtp -n rotate1 -t unix -u -o syslog_name=postfix-rotate1 -o smtp_helo_name=smtp110.ext.armada.it -o smtp_bind_address=5.134.127.225 (postfix,80940,3316,0.0) scache -l -t unix -u (postfix,97108,6656,0.6) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,97208,6664,0.0) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (5008,213448,13632,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (5008,213324,12452,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,81172,3648,0.2) cleanup -z -t unix -u (5008,213324,12036,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (5008,213324,12036,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,81440,4884,0.1) smtp -n rotate2 -t unix -u -o syslog_name=postfix-rotate2 -o smtp_helo_name=smtp111.ext.armada.it -o smtp_bind_address=5.134.127.226 (postfix,81440,4888,0.1) smtp -n rotate2 -t unix -u -o syslog_name=postfix-rotate2 -o smtp_helo_name=smtp111.ext.armada.it -o smtp_bind_address=5.134.127.226 (postfix,97200,6628,0.1) smtpd -n submission -t inet -u -o stress= -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (root,110232,1568,0.0) /bin/bash /usr/bin/check_mk_agent (root,110232,732,0.0) /bin/bash /usr/bin/check_mk_agent (root,110232,648,0.0) /bin/bash /usr/bin/check_mk_agent (root,830736,9068,1.6) python /usr/lib64/nagios/plugins/check_blacklist -w 1 -c 3 -h 5.134.127.110 (root,110232,1536,0.0) /bin/bash /usr/bin/check_mk_agent (root,13364,1004,0.0) ps ax -o user,vsz,rss,pcpu,command --columns 10000 (root,8392,832,0.0) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4) /
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbd51b336f6083b8906ad374733d13f17a77887dd1
Found public CheckMk agent: Version: 1.2.4p1 AgentOS: linux PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local SpoolDirectory: /etc/check_mk/spool AgentDirectory: /etc/check_mk OnlyFrom: Found process list through CheckMk: (root,19232,1048,0.0) /sbin/init (root,0,0,0.0) [kthreadd] (root,0,0,0.0) [migration/0] (root,0,0,0.0) [ksoftirqd/0] (root,0,0,0.0) [stopper/0] (root,0,0,0.0) [watchdog/0] (root,0,0,0.0) [migration/1] (root,0,0,0.0) [stopper/1] (root,0,0,0.0) [ksoftirqd/1] (root,0,0,0.0) [watchdog/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events_long/0] (root,0,0,0.0) [events_long/1] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [cgroup] (root,0,0,0.0) [khelper] (root,0,0,0.0) [netns] (root,0,0,0.0) [async/mgr] (root,0,0,0.0) [pm] (root,0,0,0.0) [sync_supers] (root,0,0,0.0) [bdi-default] (root,0,0,0.0) [kintegrityd/0] (root,0,0,0.0) [kintegrityd/1] (root,0,0,0.0) [kblockd/0] (root,0,0,0.0) [kblockd/1] (root,0,0,0.0) [kacpid] (root,0,0,0.0) [kacpi_notify] (root,0,0,0.0) [kacpi_hotplug] (root,0,0,0.0) [ata_aux] (root,0,0,0.0) [ata_sff/0] (root,0,0,0.0) [ata_sff/1] (root,0,0,0.0) [ksuspend_usbd] (root,0,0,0.0) [khubd] (root,0,0,0.0) [kseriod] (root,0,0,0.0) [md/0] (root,0,0,0.0) [md/1] (root,0,0,0.0) [md_misc/0] (root,0,0,0.0) [md_misc/1] (root,0,0,0.0) [linkwatch] (root,0,0,0.0) [khungtaskd] (root,0,0,0.0) [kswapd0] (root,0,0,0.0) [ksmd] (root,0,0,0.0) [khugepaged] (root,0,0,0.0) [aio/0] (root,0,0,0.0) [aio/1] (root,0,0,0.0) [crypto/0] (root,0,0,0.0) [crypto/1] (root,0,0,0.0) [kthrotld/0] (root,0,0,0.0) [kthrotld/1] (root,0,0,0.0) [pciehpd] (root,0,0,0.0) [kpsmoused] (root,0,0,0.0) [usbhid_resumer] (root,0,0,0.0) [deferwq] (root,0,0,0.0) [kdmremove] (root,0,0,0.0) [kstriped] (root,0,0,0.0) [scsi_eh_0] (root,0,0,0.0) [scsi_eh_1] (root,0,0,0.0) [scsi_eh_2] (root,0,0,0.0) [vmw_pvscsi_wq_2] (root,0,0,0.0) [kdmflush] (root,0,0,0.0) [kdmflush] (root,0,0,0.0) [jbd2/dm-0-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,10900,264,0.0) /sbin/udevd -d (root,80868,3432,0.0) /usr/libexec/postfix/master (postfix,81908,4404,0.0) qmgr -l -t fifo -u (postfix,81472,4448,0.0) tlsmgr -l -t unix -u (postfix,81048,3484,0.0) anvil -l -t unix -u (root,0,0,0.0) [vmmemctl] (root,0,0,0.0) [jbd2/sda1-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,0,0,0.0) [kauditd] (root,0,0,0.0) [flush-253:0] (apache,487524,49224,0.3) /usr/sbin/httpd (apache,482884,46656,0.3) /usr/sbin/httpd (root,37200,420,0.0) /usr/local/sbin/keepalived -D (root,39304,1388,0.0) /usr/local/sbin/keepalived -D (root,39304,832,0.0) /usr/local/sbin/keepalived -D (root,93156,732,0.0) auditd (root,249856,5604,0.0) /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 (rpc,19108,956,0.0) rpcbind (root,200180,1940,0.0) /usr/sbin/snmpd -LS0-6d -Lf /dev/null -p /var/run/snmpd.pid (root,66224,608,0.0) /usr/sbin/sshd (root,21716,744,0.0) xinetd -stayalive -pidfile /var/run/xinetd.pid (root,71216,1676,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1668,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (nagios,41464,744,0.0) nrpe -c /etc/nagios/nrpe.cfg -d (root,409172,31936,0.0) /usr/bin/vmtoolsd (root,31840,344,0.0) /usr/sbin/htcacheclean -d5 -n -i -p/var/cache/mod_proxy -l150M (root,116856,676,0.0) crond (root,216632,63928,0.1) splunkd -p 8089 start (root,62884,824,0.0) [splunkd pid=2622] splunkd -p 8089 start [process-runner] (root,198272,1040,0.0) /usr/bin/python -Es /usr/bin/fail2ban-server -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid -x -b (root,251276,14772,0.1) /usr/bin/monitorix -c /etc/monitorix/monitorix.conf -p /var/run/monitorix.pid (root,4064,484,0.0) /sbin/mingetty /dev/tty1 (root,4064,484,0.0) /sbin/mingetty /dev/tty2 (root,4064,484,0.0) /sbin/mingetty /dev/tty3 (root,4064,484,0.0) /sbin/mingetty /dev/tty4 (root,4064,484,0.0) /sbin/mingetty /dev/tty5 (root,4064,484,0.0) /sbin/mingetty /dev/tty6 (nobody,217028,2076,0.0) monitorix-httpd listening on 8080 (root,10896,204,0.0) /sbin/udevd -d (root,10896,176,0.0) /sbin/udevd -d (5008,213448,13736,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (apache,481816,45576,0.2) /usr/sbin/httpd (apache,482660,46372,0.2) /usr/sbin/httpd (apache,481516,45212,0.2) /usr/sbin/httpd (root,108168,676,0.0) /bin/sh /usr/bin/mysqld_safe --datadir=/var/lib/mysql --socket=/var/lib/mysql/mysql.sock --pid-file=/var/run/mysqld/mysqld.pid --basedir=/usr --user=mysql (mysql,4554580,2169644,1.2) /usr/libexec/mysqld --basedir=/usr --datadir=/var/lib/mysql --user=mysql --log-error=/var/log/mysqld.log --pid-file=/var/run/mysqld/mysqld.pid --socket=/var/lib/mysql/mysql.sock (opendkim,1608468,9264,0.1) /usr/sbin/opendkim -x /etc/opendkim.conf -P /var/run/opendkim/opendkim.pid (root,364292,27188,0.0) /usr/sbin/httpd (5008,182364,9228,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,80952,3324,0.0) pickup -l -t fifo -u (5008,213440,13676,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (5008,213448,13788,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (root,0,0,0.0) [migration/3] (root,0,0,0.0) [stopper/3] (root,0,0,0.0) [ksoftirqd/3] (root,0,0,0.0) [kthrotld/3] (root,0,0,0.0) [crypto/3] (root,0,0,0.0) [aio/3] (root,0,0,0.0) [md_misc/3] (root,0,0,0.0) [md/3] (root,0,0,0.0) [ata_sff/3] (root,0,0,0.0) [kblockd/3] (root,0,0,0.0) [kintegrityd/3] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_long/3] (root,0,0,0.0) [events/3] (root,0,0,0.0) [events/3] (root,0,0,0.0) [watchdog/3] (root,0,0,0.0) [migration/2] (root,0,0,0.0) [stopper/2] (root,0,0,0.0) [ksoftirqd/2] (root,0,0,0.0) [kthrotld/2] (root,0,0,0.0) [crypto/2] (root,0,0,0.0) [aio/2] (root,0,0,0.0) [md_misc/2] (root,0,0,0.0) [md/2] (root,0,0,0.0) [ata_sff/2] (root,0,0,0.0) [kblockd/2] (root,0,0,0.0) [kintegrityd/2] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_long/2] (root,0,0,0.0) [events/2] (root,0,0,0.0) [events/2] (root,0,0,0.0) [watchdog/2] (5008,213440,13744,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,81064,3384,0.0) showq -t unix -u (postfix,97052,6276,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,97200,6632,0.0) smtpd -n submission -t inet -u -o stress= -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,97104,6632,0.2) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,80940,3312,0.0) spawn -z -n 127.0.0.1:2527 -t inet user=nobody argv=/etc/postfix/random.pl (5008,213324,12040,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,81172,3656,0.0) cleanup -z -t unix -u (postfix,81440,4876,0.1) smtp -n rotate5 -t unix -u -o syslog_name=postfix-rotate5 -o smtp_helo_name=smtp114.ext.armada.it -o smtp_bind_address=5.134.127.229 (root,67568,3224,0.0) sshd: [accepted] (sshd,67568,1516,0.0) sshd: [net] (root,110232,1568,0.1) /bin/bash /usr/bin/check_mk_agent (root,110232,732,0.0) /bin/bash /usr/bin/check_mk_agent (root,110232,648,0.0) /bin/bash /usr/bin/check_mk_agent (root,830732,9060,0.8) python /usr/lib64/nagios/plugins/check_blacklist -w 1 -c 3 -h 5.134.127.110 (root,110232,1568,0.0) /bin/bash /usr/bin/check_mk_agent (root,110232,732,0.0) /bin/bash /usr/bin/check_mk_agent (root,110232,648,0.0) /bin/bash /usr/bin/check_mk_agent (root,830736,9064,1.0) python /usr/lib64/nagios/plugins/check_blacklist -w 1 -c 3 -h 5.134.127.110 (root,110232,1536,0.0) /bin/bash /usr/bin/check_mk_agent (root,13368,1008,0.0) ps ax -o user,vsz,rss,pcpu,command --columns 10000 (root,8392,832,0.0) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4) /
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbd51b336f6083b8906ad374733d13f17a6c716d13
Found public CheckMk agent: Version: 1.2.4p1 AgentOS: linux PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local SpoolDirectory: /etc/check_mk/spool AgentDirectory: /etc/check_mk OnlyFrom: Found process list through CheckMk: (root,19232,1048,0.0) /sbin/init (root,0,0,0.0) [kthreadd] (root,0,0,0.0) [migration/0] (root,0,0,0.0) [ksoftirqd/0] (root,0,0,0.0) [stopper/0] (root,0,0,0.0) [watchdog/0] (root,0,0,0.0) [migration/1] (root,0,0,0.0) [stopper/1] (root,0,0,0.0) [ksoftirqd/1] (root,0,0,0.0) [watchdog/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events_long/0] (root,0,0,0.0) [events_long/1] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [cgroup] (root,0,0,0.0) [khelper] (root,0,0,0.0) [netns] (root,0,0,0.0) [async/mgr] (root,0,0,0.0) [pm] (root,0,0,0.0) [sync_supers] (root,0,0,0.0) [bdi-default] (root,0,0,0.0) [kintegrityd/0] (root,0,0,0.0) [kintegrityd/1] (root,0,0,0.0) [kblockd/0] (root,0,0,0.0) [kblockd/1] (root,0,0,0.0) [kacpid] (root,0,0,0.0) [kacpi_notify] (root,0,0,0.0) [kacpi_hotplug] (root,0,0,0.0) [ata_aux] (root,0,0,0.0) [ata_sff/0] (root,0,0,0.0) [ata_sff/1] (root,0,0,0.0) [ksuspend_usbd] (root,0,0,0.0) [khubd] (root,0,0,0.0) [kseriod] (root,0,0,0.0) [md/0] (root,0,0,0.0) [md/1] (root,0,0,0.0) [md_misc/0] (root,0,0,0.0) [md_misc/1] (root,0,0,0.0) [linkwatch] (root,0,0,0.0) [khungtaskd] (root,0,0,0.0) [kswapd0] (root,0,0,0.0) [ksmd] (root,0,0,0.0) [khugepaged] (root,0,0,0.0) [aio/0] (root,0,0,0.0) [aio/1] (root,0,0,0.0) [crypto/0] (root,0,0,0.0) [crypto/1] (root,0,0,0.0) [kthrotld/0] (root,0,0,0.0) [kthrotld/1] (root,0,0,0.0) [pciehpd] (root,0,0,0.0) [kpsmoused] (root,0,0,0.0) [usbhid_resumer] (root,0,0,0.0) [deferwq] (root,0,0,0.0) [kdmremove] (root,0,0,0.0) [kstriped] (root,0,0,0.0) [scsi_eh_0] (root,0,0,0.0) [scsi_eh_1] (root,0,0,0.0) [scsi_eh_2] (root,0,0,0.0) [vmw_pvscsi_wq_2] (root,0,0,0.0) [kdmflush] (root,0,0,0.0) [kdmflush] (root,0,0,0.0) [jbd2/dm-0-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,10900,264,0.0) /sbin/udevd -d (root,80868,3432,0.0) /usr/libexec/postfix/master (postfix,81908,4404,0.0) qmgr -l -t fifo -u (postfix,81472,4448,0.0) tlsmgr -l -t unix -u (postfix,81048,3484,0.0) anvil -l -t unix -u (root,0,0,0.0) [vmmemctl] (root,0,0,0.0) [jbd2/sda1-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,0,0,0.0) [kauditd] (root,0,0,0.0) [flush-253:0] (root,37200,420,0.0) /usr/local/sbin/keepalived -D (root,39304,1388,0.0) /usr/local/sbin/keepalived -D (root,39304,832,0.0) /usr/local/sbin/keepalived -D (root,93156,732,0.0) auditd (root,249856,5592,0.0) /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 (rpc,19108,956,0.0) rpcbind (root,200180,1940,0.0) /usr/sbin/snmpd -LS0-6d -Lf /dev/null -p /var/run/snmpd.pid (root,66224,608,0.0) /usr/sbin/sshd (root,21716,744,0.0) xinetd -stayalive -pidfile /var/run/xinetd.pid (root,71216,1676,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1668,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (nagios,41464,744,0.0) nrpe -c /etc/nagios/nrpe.cfg -d (root,408304,31108,0.0) /usr/bin/vmtoolsd (root,31840,344,0.0) /usr/sbin/htcacheclean -d5 -n -i -p/var/cache/mod_proxy -l150M (root,116856,676,0.0) crond (root,216632,63944,0.1) splunkd -p 8089 start (root,62884,824,0.0) [splunkd pid=2622] splunkd -p 8089 start [process-runner] (root,198272,1040,0.0) /usr/bin/python -Es /usr/bin/fail2ban-server -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid -x -b (postfix,80952,3384,0.0) pickup -l -t fifo -u (postfix,81032,3392,0.0) showq -t unix -u (root,251276,14776,0.1) /usr/bin/monitorix -c /etc/monitorix/monitorix.conf -p /var/run/monitorix.pid (root,4064,484,0.0) /sbin/mingetty /dev/tty1 (root,4064,484,0.0) /sbin/mingetty /dev/tty2 (root,4064,484,0.0) /sbin/mingetty /dev/tty3 (root,4064,484,0.0) /sbin/mingetty /dev/tty4 (root,4064,484,0.0) /sbin/mingetty /dev/tty5 (root,4064,484,0.0) /sbin/mingetty /dev/tty6 (nobody,217028,2076,0.0) monitorix-httpd listening on 8080 (root,10896,204,0.0) /sbin/udevd -d (root,10896,176,0.0) /sbin/udevd -d (root,108168,676,0.0) /bin/sh /usr/bin/mysqld_safe --datadir=/var/lib/mysql --socket=/var/lib/mysql/mysql.sock --pid-file=/var/run/mysqld/mysqld.pid --basedir=/usr --user=mysql (mysql,4554580,2155168,1.2) /usr/libexec/mysqld --basedir=/usr --datadir=/var/lib/mysql --user=mysql --log-error=/var/log/mysqld.log --pid-file=/var/run/mysqld/mysqld.pid --socket=/var/lib/mysql/mysql.sock (5008,213440,13788,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (apache,479748,43612,0.5) /usr/sbin/httpd (apache,479092,42972,0.4) /usr/sbin/httpd (5008,213440,13740,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (apache,478676,42524,0.4) /usr/sbin/httpd (opendkim,1084180,6408,0.1) /usr/sbin/opendkim -x /etc/opendkim.conf -P /var/run/opendkim/opendkim.pid (apache,477176,39108,0.1) /usr/sbin/httpd (postfix,81176,3656,0.0) cleanup -z -t unix -u (postfix,80940,3312,0.0) spawn -z -n 127.0.0.1:2527 -t inet user=nobody argv=/etc/postfix/random.pl (5008,213440,13708,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,97204,6716,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,81176,3736,0.0) cleanup -z -t unix -u (postfix,97204,6704,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (5008,213440,13688,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (5008,213448,13632,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,97184,6676,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,97052,6360,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,97164,6688,0.3) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,81440,4912,0.0) smtp -n rotate2 -t unix -u -o syslog_name=postfix-rotate2 -o smtp_helo_name=smtp111.ext.armada.it -o smtp_bind_address=5.134.127.226 (postfix,81508,5024,0.1) smtp -n rotate1 -t unix -u -o syslog_name=postfix-rotate1 -o smtp_helo_name=smtp110.ext.armada.it -o smtp_bind_address=5.134.127.225 (postfix,81508,5032,0.1) smtp -n rotate5 -t unix -u -o syslog_name=postfix-rotate5 -o smtp_helo_name=smtp114.ext.armada.it -o smtp_bind_address=5.134.127.229 (postfix,81440,4896,0.0) smtp -n rotate2 -t unix -u -o syslog_name=postfix-rotate2 -o smtp_helo_name=smtp111.ext.armada.it -o smtp_bind_address=5.134.127.226 (postfix,81440,4892,0.0) smtp -n rotate1 -t unix -u -o syslog_name=postfix-rotate1 -o smtp_helo_name=smtp110.ext.armada.it -o smtp_bind_address=5.134.127.225 (5008,213448,13636,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,80960,3404,0.0) trivial-rewrite -n rewrite -t unix -u (nobody,35692,4624,0.0) /usr/bin/perl -w /etc/postfix/random.pl (postfix,81440,4892,0.0) smtp -n rotate3 -t unix -u -o syslog_name=postfix-rotate3 -o smtp_helo_name=smtp112.ext.armada.it -o smtp_bind_address=5.134.127.227 (postfix,81440,4896,0.0) smtp -n rotate3 -t unix -u -o syslog_name=postfix-rotate3 -o smtp_helo_name=smtp112.ext.armada.it -o smtp_bind_address=5.134.127.227 (postfix,97052,6356,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,81172,3652,0.0) cleanup -z -t unix -u (postfix,81440,4864,0.0) smtp -n rotate3 -t unix -u -o syslog_name=postfix-rotate3 -o smtp_helo_name=smtp112.ext.armada.it -o smtp_bind_address=5.134.127.227 (postfix,80940,3316,0.0) scache -l -t unix -u (postfix,97168,6664,0.0) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,97200,6632,0.0) smtpd -n submission -t inet -u -o stress= -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (5008,213324,12040,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,81440,4888,0.1) smtp -n rotate5 -t unix -u -o syslog_name=postfix-rotate5 -o smtp_helo_name=smtp114.ext.armada.it -o smtp_bind_address=5.134.127.229 (root,110232,1568,0.0) /bin/bash /usr/bin/check_mk_agent (root,110232,732,0.0) /bin/bash /usr/bin/check_mk_agent (root,110232,648,0.0) /bin/bash /usr/bin/check_mk_agent (root,830736,11092,1.2) python /usr/lib64/nagios/plugins/check_blacklist -w 1 -c 3 -h 5.134.127.110 (root,110232,1532,0.0) /bin/bash /usr/bin/check_mk_agent (root,13372,1012,0.0) ps ax -o user,vsz,rss,pcpu,command --columns 10000 (root,8392,832,0.0) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4) / (root,363904,26800,0.0) /usr/sbin/httpd (5008,182364,9228,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (5008,213440,13760,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (apache,477576,41444,0.4) /usr/sbin/httpd (root,0,0,0.0) [migration/3] (root,0,0,0.0) [stopper/3] (root,0,0,0.0) [ksoftirqd/3] (root,0,0,0.0) [kthrotld/3] (root,0,0,0.0) [crypto/3] (root,0,0,0.0) [aio/3] (root,0,0,0.0) [md_misc/3] (root,0,0,0.0) [md/3] (root,0,0,0.0) [ata_sff/3] (root,0,0,0.0) [kblockd/3] (root,0,0,0.0) [kintegrityd/3] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_long/3] (root,0,0,0.0) [events/3] (root,0,0,0.0) [events/3] (root,0,0,0.0) [watchdog/3] (root,0,0,0.0) [migration/2] (root,0,0,0.0) [stopper/2] (root,0,0,0.0) [ksoftirqd/2] (root,0,0,0.0) [kthrotld/2] (root,0,0,0.0) [crypto/2] (root,0,0,0.0) [aio/2] (root,0,0,0.0) [md_misc/2] (root,0,0,0.0) [md/2] (root,0,0,0.0) [ata_sff/2] (root,0,0,0.0) [kblockd/2] (root,0,0,0.0) [kintegrityd/2] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_long/2] (root,0,0,0.0) [events/2] (root,0,0,0.0) [events/2] (root,0,0,0.0) [watchdog/2] (5008,213440,13784,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (5008,213448,13756,0.0) /usr/bin/perl /usr/sbin/cbpolicyd
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbd51b336f6083b8906ad374733d13f17a53c0dcf7
Found public CheckMk agent: Version: 1.2.4p1 AgentOS: linux PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local SpoolDirectory: /etc/check_mk/spool AgentDirectory: /etc/check_mk OnlyFrom: Found process list through CheckMk: (root,19232,1048,0.0) /sbin/init (root,0,0,0.0) [kthreadd] (root,0,0,0.0) [migration/0] (root,0,0,0.0) [ksoftirqd/0] (root,0,0,0.0) [stopper/0] (root,0,0,0.0) [watchdog/0] (root,0,0,0.0) [migration/1] (root,0,0,0.0) [stopper/1] (root,0,0,0.0) [ksoftirqd/1] (root,0,0,0.0) [watchdog/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events_long/0] (root,0,0,0.0) [events_long/1] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [cgroup] (root,0,0,0.0) [khelper] (root,0,0,0.0) [netns] (root,0,0,0.0) [async/mgr] (root,0,0,0.0) [pm] (root,0,0,0.0) [sync_supers] (root,0,0,0.0) [bdi-default] (root,0,0,0.0) [kintegrityd/0] (root,0,0,0.0) [kintegrityd/1] (root,0,0,0.0) [kblockd/0] (root,0,0,0.0) [kblockd/1] (root,0,0,0.0) [kacpid] (root,0,0,0.0) [kacpi_notify] (root,0,0,0.0) [kacpi_hotplug] (root,0,0,0.0) [ata_aux] (root,0,0,0.0) [ata_sff/0] (root,0,0,0.0) [ata_sff/1] (root,0,0,0.0) [ksuspend_usbd] (root,0,0,0.0) [khubd] (root,0,0,0.0) [kseriod] (root,0,0,0.0) [md/0] (root,0,0,0.0) [md/1] (root,0,0,0.0) [md_misc/0] (root,0,0,0.0) [md_misc/1] (root,0,0,0.0) [linkwatch] (root,0,0,0.0) [khungtaskd] (root,0,0,0.0) [kswapd0] (root,0,0,0.0) [ksmd] (root,0,0,0.0) [khugepaged] (root,0,0,0.0) [aio/0] (root,0,0,0.0) [aio/1] (root,0,0,0.0) [crypto/0] (root,0,0,0.0) [crypto/1] (root,0,0,0.0) [kthrotld/0] (root,0,0,0.0) [kthrotld/1] (root,0,0,0.0) [pciehpd] (root,0,0,0.0) [kpsmoused] (root,0,0,0.0) [usbhid_resumer] (root,0,0,0.0) [deferwq] (root,0,0,0.0) [kdmremove] (root,0,0,0.0) [kstriped] (root,0,0,0.0) [scsi_eh_0] (root,0,0,0.0) [scsi_eh_1] (root,0,0,0.0) [scsi_eh_2] (root,0,0,0.0) [vmw_pvscsi_wq_2] (root,0,0,0.0) [kdmflush] (root,0,0,0.0) [kdmflush] (root,0,0,0.0) [jbd2/dm-0-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,10900,264,0.0) /sbin/udevd -d (root,80868,3432,0.0) /usr/libexec/postfix/master (postfix,81908,4404,0.0) qmgr -l -t fifo -u (postfix,81472,4448,0.0) tlsmgr -l -t unix -u (postfix,81048,3484,0.0) anvil -l -t unix -u (root,0,0,0.0) [vmmemctl] (root,0,0,0.0) [jbd2/sda1-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,0,0,0.0) [kauditd] (root,0,0,0.0) [flush-253:0] (root,37200,420,0.0) /usr/local/sbin/keepalived -D (root,39304,1388,0.0) /usr/local/sbin/keepalived -D (root,39304,832,0.0) /usr/local/sbin/keepalived -D (root,93156,732,0.0) auditd (root,249856,5604,0.0) /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 (rpc,19108,956,0.0) rpcbind (root,200180,1940,0.0) /usr/sbin/snmpd -LS0-6d -Lf /dev/null -p /var/run/snmpd.pid (root,66224,608,0.0) /usr/sbin/sshd (root,21716,744,0.0) xinetd -stayalive -pidfile /var/run/xinetd.pid (5008,213856,14088,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,80940,3316,0.0) spawn -z -n 127.0.0.1:2527 -t inet user=nobody argv=/etc/postfix/random.pl (root,71216,1676,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1668,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (nagios,41464,744,0.0) nrpe -c /etc/nagios/nrpe.cfg -d (root,406932,29628,0.0) /usr/bin/vmtoolsd (root,31840,344,0.0) /usr/sbin/htcacheclean -d5 -n -i -p/var/cache/mod_proxy -l150M (root,116856,676,0.0) crond (root,216632,63636,0.1) splunkd -p 8089 start (root,62884,824,0.0) [splunkd pid=2622] splunkd -p 8089 start [process-runner] (root,198272,1040,0.0) /usr/bin/python -Es /usr/bin/fail2ban-server -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid -x -b (root,251276,14772,0.1) /usr/bin/monitorix -c /etc/monitorix/monitorix.conf -p /var/run/monitorix.pid (root,4064,484,0.0) /sbin/mingetty /dev/tty1 (root,4064,484,0.0) /sbin/mingetty /dev/tty2 (root,4064,484,0.0) /sbin/mingetty /dev/tty3 (root,4064,484,0.0) /sbin/mingetty /dev/tty4 (root,4064,484,0.0) /sbin/mingetty /dev/tty5 (root,4064,484,0.0) /sbin/mingetty /dev/tty6 (nobody,217028,2076,0.0) monitorix-httpd listening on 8080 (root,10896,204,0.0) /sbin/udevd -d (root,10896,176,0.0) /sbin/udevd -d (5008,213448,13676,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,97168,6732,0.0) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,81032,3388,0.0) showq -t unix -u (postfix,97168,6720,0.0) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (root,108168,676,0.0) /bin/sh /usr/bin/mysqld_safe --datadir=/var/lib/mysql --socket=/var/lib/mysql/mysql.sock --pid-file=/var/run/mysqld/mysqld.pid --basedir=/usr --user=mysql (mysql,4554580,2124920,1.2) /usr/libexec/mysqld --basedir=/usr --datadir=/var/lib/mysql --user=mysql --log-error=/var/log/mysqld.log --pid-file=/var/run/mysqld/mysqld.pid --socket=/var/lib/mysql/mysql.sock (5008,213840,14104,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (5008,213448,13676,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,97052,6360,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,81172,3652,0.0) cleanup -z -t unix -u (postfix,81440,4892,0.0) smtp -n rotate4 -t unix -u -o syslog_name=postfix-rotate4 -o smtp_helo_name=smtp113.ext.armada.it -o smtp_bind_address=5.134.127.228 (postfix,81440,4888,0.0) smtp -n rotate5 -t unix -u -o syslog_name=postfix-rotate5 -o smtp_helo_name=smtp114.ext.armada.it -o smtp_bind_address=5.134.127.229 (postfix,81440,4888,0.0) smtp -n rotate5 -t unix -u -o syslog_name=postfix-rotate5 -o smtp_helo_name=smtp114.ext.armada.it -o smtp_bind_address=5.134.127.229 (postfix,81440,4904,0.0) smtp -n rotate2 -t unix -u -o syslog_name=postfix-rotate2 -o smtp_helo_name=smtp111.ext.armada.it -o smtp_bind_address=5.134.127.226 (5008,213448,13640,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,97052,6356,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,80928,3320,0.0) proxymap -t unix -u (postfix,97052,6356,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,80960,3400,0.0) trivial-rewrite -n rewrite -t unix -u (nobody,35692,4624,0.0) /usr/bin/perl -w /etc/postfix/random.pl (5008,213324,12228,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,81172,3652,0.0) cleanup -z -t unix -u (postfix,81172,3656,0.0) cleanup -z -t unix -u (postfix,81440,4860,0.0) smtp -n rotate5 -t unix -u -o syslog_name=postfix-rotate5 -o smtp_helo_name=smtp114.ext.armada.it -o smtp_bind_address=5.134.127.229 (postfix,97052,6356,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (5008,213324,12456,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,97200,6668,0.0) smtpd -n submission -t inet -u -o stress= -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (5008,213324,12040,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,80988,3432,0.0) bounce -z -t unix -u (postfix,81440,4880,0.0) smtp -n rotate1 -t unix -u -o syslog_name=postfix-rotate1 -o smtp_helo_name=smtp110.ext.armada.it -o smtp_bind_address=5.134.127.225 (postfix,81440,4880,0.0) smtp -n rotate1 -t unix -u -o syslog_name=postfix-rotate1 -o smtp_helo_name=smtp110.ext.armada.it -o smtp_bind_address=5.134.127.225 (5008,213324,12040,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (root,66224,3096,0.0) sshd: [accepted] (root,66224,3100,0.0) sshd: [accepted] (root,66224,3096,0.0) sshd: [accepted] (root,66224,3100,0.0) sshd: [accepted] (postfix,97200,6628,0.5) smtpd -n submission -t inet -u -o stress= -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (root,110232,1572,0.2) /bin/bash /usr/bin/check_mk_agent (root,110232,736,0.0) /bin/bash /usr/bin/check_mk_agent (root,110232,652,0.0) /bin/bash /usr/bin/check_mk_agent (root,830728,9056,1.2) python /usr/lib64/nagios/plugins/check_blacklist -w 1 -c 3 -h 5.134.127.110 (root,101288,4300,1.0) sshd: root [priv] (sshd,67568,1632,0.0) sshd: root [net] (postfix,97200,6632,1.0) smtpd -n submission -t inet -u -o stress= -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (root,67568,3220,0.0) sshd: [accepted] (sshd,67568,1520,0.0) sshd: [net] (root,66224,3096,0.0) sshd: [accepted] (root,110232,1536,0.0) /bin/bash /usr/bin/check_mk_agent (root,13364,1008,0.0) ps ax -o user,vsz,rss,pcpu,command --columns 10000 (root,8392,828,0.0) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4) / (opendkim,1094424,6684,0.1) /usr/sbin/opendkim -x /etc/opendkim.conf -P /var/run/opendkim/opendkim.pid (5008,213580,13868,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (apache,488776,52744,0.5) /usr/sbin/httpd (apache,493708,57752,0.6) /usr/sbin/httpd (root,363128,26024,0.0) /usr/sbin/httpd (5008,182364,9228,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (root,99976,4024,0.0) sshd: root@pts/0 (root,108432,1988,0.0) -bash (root,0,0,0.0) [migration/3] (root,0,0,0.0) [stopper/3] (root,0,0,0.0) [ksoftirqd/3] (root,0,0,0.0) [kthrotld/3] (root,0,0,0.0) [crypto/3] (root,0,0,0.0) [aio/3] (root,0,0,0.0) [md_misc/3] (root,0,0,0.0) [md/3] (root,0,0,0.0) [ata_sff/3] (root,0,0,0.0) [kblockd/3] (root,0,0,0.0) [kintegrityd/3] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_long/3] (root,0,0,0.0) [events/3] (root,0,0,0.0) [events/3] (root,0,0,0.0) [watchdog/3] (root,0,0,0.0) [migration/2] (root,0,0,0.0) [stopper/2] (root,0,0,0.0) [ksoftirqd/2] (root,0,0,0.0) [kthrotld/2] (root,0,0,0.0) [crypto/2] (root,0,0,0.0) [aio/2] (root,0,0,0.0) [md_misc/2] (root,0,0,0.0) [md/2] (root,0,0,0.0) [ata_sff/2] (root,0,0,0.0) [kblockd/2] (root,0,0,0.0) [kintegrityd/2] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_long/2] (root,0,0,0.0) [events/2] (root,0,0,0.0) [events/2] (root,0,0,0.0) [watchdog/2] (postfix,80952,3324,0.0) pickup -l -t fifo -u (apache,478924,42804,0.4) /usr/sbin/httpd (apache,479448,43280,0.3) /usr/sbin/httpd (apache,480476,42356,0.4) /usr/sbin/httpd (5008,213452,13720,0.0) /usr/bin/perl /usr/sbin/cbpolicyd
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbd51b336f6083b8906ad374733d13f17a637f65a7
Found public CheckMk agent: Version: 1.2.4p1 AgentOS: linux PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local SpoolDirectory: /etc/check_mk/spool AgentDirectory: /etc/check_mk OnlyFrom: Found process list through CheckMk: (root,19232,1048,0.0) /sbin/init (root,0,0,0.0) [kthreadd] (root,0,0,0.0) [migration/0] (root,0,0,0.0) [ksoftirqd/0] (root,0,0,0.0) [stopper/0] (root,0,0,0.0) [watchdog/0] (root,0,0,0.0) [migration/1] (root,0,0,0.0) [stopper/1] (root,0,0,0.0) [ksoftirqd/1] (root,0,0,0.0) [watchdog/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events_long/0] (root,0,0,0.0) [events_long/1] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [cgroup] (root,0,0,0.0) [khelper] (root,0,0,0.0) [netns] (root,0,0,0.0) [async/mgr] (root,0,0,0.0) [pm] (root,0,0,0.0) [sync_supers] (root,0,0,0.0) [bdi-default] (root,0,0,0.0) [kintegrityd/0] (root,0,0,0.0) [kintegrityd/1] (root,0,0,0.0) [kblockd/0] (root,0,0,0.0) [kblockd/1] (root,0,0,0.0) [kacpid] (root,0,0,0.0) [kacpi_notify] (root,0,0,0.0) [kacpi_hotplug] (root,0,0,0.0) [ata_aux] (root,0,0,0.0) [ata_sff/0] (root,0,0,0.0) [ata_sff/1] (root,0,0,0.0) [ksuspend_usbd] (root,0,0,0.0) [khubd] (root,0,0,0.0) [kseriod] (root,0,0,0.0) [md/0] (root,0,0,0.0) [md/1] (root,0,0,0.0) [md_misc/0] (root,0,0,0.0) [md_misc/1] (root,0,0,0.0) [linkwatch] (root,0,0,0.0) [khungtaskd] (root,0,0,0.0) [kswapd0] (root,0,0,0.0) [ksmd] (root,0,0,0.0) [khugepaged] (root,0,0,0.0) [aio/0] (root,0,0,0.0) [aio/1] (root,0,0,0.0) [crypto/0] (root,0,0,0.0) [crypto/1] (root,0,0,0.0) [kthrotld/0] (root,0,0,0.0) [kthrotld/1] (root,0,0,0.0) [pciehpd] (root,0,0,0.0) [kpsmoused] (root,0,0,0.0) [usbhid_resumer] (root,0,0,0.0) [deferwq] (root,0,0,0.0) [kdmremove] (root,0,0,0.0) [kstriped] (root,0,0,0.0) [scsi_eh_0] (root,0,0,0.0) [scsi_eh_1] (root,0,0,0.0) [scsi_eh_2] (root,0,0,0.0) [vmw_pvscsi_wq_2] (root,0,0,0.0) [kdmflush] (root,0,0,0.0) [kdmflush] (postfix,81440,4892,0.0) smtp -n rotate2 -t unix -u -o syslog_name=postfix-rotate2 -o smtp_helo_name=smtp111.ext.armada.it -o smtp_bind_address=5.134.127.226 (postfix,81440,4884,0.0) smtp -n rotate2 -t unix -u -o syslog_name=postfix-rotate2 -o smtp_helo_name=smtp111.ext.armada.it -o smtp_bind_address=5.134.127.226 (root,0,0,0.0) [jbd2/dm-0-8] (root,0,0,0.0) [ext4-dio-unwrit] (postfix,80940,3320,0.0) scache -l -t unix -u (root,10900,264,0.0) /sbin/udevd -d (root,80868,3408,0.0) /usr/libexec/postfix/master (postfix,81476,3972,0.0) qmgr -l -t fifo -u (postfix,81472,4444,0.0) tlsmgr -l -t unix -u (postfix,80944,3412,0.0) anvil -l -t unix -u (5008,213324,12040,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,97052,6296,0.1) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,80928,3324,0.0) proxymap -t unix -u (postfix,97052,6296,0.1) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (root,0,0,0.0) [vmmemctl] (root,110232,1568,0.0) /bin/bash /usr/bin/check_mk_agent (root,110232,732,0.0) /bin/bash /usr/bin/check_mk_agent (root,110232,648,0.0) /bin/bash /usr/bin/check_mk_agent (root,830732,11088,1.0) python /usr/lib64/nagios/plugins/check_blacklist -w 1 -c 3 -h 5.134.127.110 (root,101288,4292,0.6) sshd: root [priv] (sshd,67568,1656,0.0) sshd: root [net] (root,110232,1536,0.0) /bin/bash /usr/bin/check_mk_agent (root,13368,1008,0.0) ps ax -o user,vsz,rss,pcpu,command --columns 10000 (root,8388,812,0.0) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4) / (root,0,0,0.0) [jbd2/sda1-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,0,0,0.0) [kauditd] (root,0,0,0.0) [flush-253:0] (root,37200,420,0.0) /usr/local/sbin/keepalived -D (root,39304,1388,0.0) /usr/local/sbin/keepalived -D (root,39304,832,0.0) /usr/local/sbin/keepalived -D (root,93156,732,0.0) auditd (root,249856,5616,0.0) /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 (rpc,19108,956,0.0) rpcbind (root,200180,1940,0.0) /usr/sbin/snmpd -LS0-6d -Lf /dev/null -p /var/run/snmpd.pid (root,66224,608,0.0) /usr/sbin/sshd (root,21716,744,0.0) xinetd -stayalive -pidfile /var/run/xinetd.pid (root,71216,1676,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1668,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (nagios,41464,744,0.0) nrpe -c /etc/nagios/nrpe.cfg -d (root,404452,27256,0.0) /usr/bin/vmtoolsd (root,31840,344,0.0) /usr/sbin/htcacheclean -d5 -n -i -p/var/cache/mod_proxy -l150M (root,116856,676,0.0) crond (root,216632,63876,0.1) splunkd -p 8089 start (root,62884,824,0.0) [splunkd pid=2622] splunkd -p 8089 start [process-runner] (root,198272,1040,0.0) /usr/bin/python -Es /usr/bin/fail2ban-server -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid -x -b (root,251276,14772,0.1) /usr/bin/monitorix -c /etc/monitorix/monitorix.conf -p /var/run/monitorix.pid (5008,213736,13932,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (root,4064,484,0.0) /sbin/mingetty /dev/tty1 (root,4064,484,0.0) /sbin/mingetty /dev/tty2 (root,4064,484,0.0) /sbin/mingetty /dev/tty3 (root,4064,484,0.0) /sbin/mingetty /dev/tty4 (root,4064,484,0.0) /sbin/mingetty /dev/tty5 (root,4064,484,0.0) /sbin/mingetty /dev/tty6 (nobody,217028,2076,0.0) monitorix-httpd listening on 8080 (root,10896,204,0.0) /sbin/udevd -d (root,10896,176,0.0) /sbin/udevd -d (apache,480400,42484,0.4) /usr/sbin/httpd (apache,479592,41628,0.3) /usr/sbin/httpd (5008,213992,14260,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (root,108168,676,0.0) /bin/sh /usr/bin/mysqld_safe --datadir=/var/lib/mysql --socket=/var/lib/mysql/mysql.sock --pid-file=/var/run/mysqld/mysqld.pid --basedir=/usr --user=mysql (mysql,4554580,2059200,1.2) /usr/libexec/mysqld --basedir=/usr --datadir=/var/lib/mysql --user=mysql --log-error=/var/log/mysqld.log --pid-file=/var/run/mysqld/mysqld.pid --socket=/var/lib/mysql/mysql.sock (opendkim,494356,5416,0.0) /usr/sbin/opendkim -x /etc/opendkim.conf -P /var/run/opendkim/opendkim.pid (5008,213448,13764,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,80940,3320,0.0) spawn -z -n 127.0.0.1:2527 -t inet user=nobody argv=/etc/postfix/random.pl (root,361960,24860,0.0) /usr/sbin/httpd (5008,182364,9228,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (root,99976,4044,0.0) sshd: root@pts/0 (root,108432,2028,0.0) -bash (5008,213448,13720,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (apache,482632,44644,0.5) /usr/sbin/httpd (apache,480544,44544,0.6) /usr/sbin/httpd (5008,213868,14132,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,80952,3324,0.0) pickup -l -t fifo -u (postfix,81032,3388,0.0) showq -t unix -u (5008,213852,14108,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (root,0,0,0.0) [migration/3] (root,0,0,0.0) [stopper/3] (root,0,0,0.0) [ksoftirqd/3] (root,0,0,0.0) [kthrotld/3] (root,0,0,0.0) [crypto/3] (root,0,0,0.0) [aio/3] (root,0,0,0.0) [md_misc/3] (root,0,0,0.0) [md/3] (root,0,0,0.0) [ata_sff/3] (root,0,0,0.0) [kblockd/3] (root,0,0,0.0) [kintegrityd/3] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_long/3] (root,0,0,0.0) [events/3] (root,0,0,0.0) [events/3] (root,0,0,0.0) [watchdog/3] (root,0,0,0.0) [migration/2] (root,0,0,0.0) [stopper/2] (root,0,0,0.0) [ksoftirqd/2] (root,0,0,0.0) [kthrotld/2] (root,0,0,0.0) [crypto/2] (root,0,0,0.0) [aio/2] (root,0,0,0.0) [md_misc/2] (root,0,0,0.0) [md/2] (root,0,0,0.0) [ata_sff/2] (root,0,0,0.0) [kblockd/2] (root,0,0,0.0) [kintegrityd/2] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_long/2] (root,0,0,0.0) [events/2] (root,0,0,0.0) [events/2] (root,0,0,0.0) [watchdog/2] (postfix,97208,6704,0.0) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (apache,472488,36136,0.6) /usr/sbin/httpd (postfix,97240,6696,0.0) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,97240,6732,0.0) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (5008,213440,13672,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,97196,6704,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,81172,3656,0.0) cleanup -z -t unix -u (5008,213324,12456,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,81440,4896,0.0) smtp -n rotate3 -t unix -u -o syslog_name=postfix-rotate3 -o smtp_helo_name=smtp112.ext.armada.it -o smtp_bind_address=5.134.127.227 (postfix,81440,4908,0.0) smtp -n rotate3 -t unix -u -o syslog_name=postfix-rotate3 -o smtp_helo_name=smtp112.ext.armada.it -o smtp_bind_address=5.134.127.227 (postfix,81440,4896,0.0) smtp -n rotate1 -t unix -u -o syslog_name=postfix-rotate1 -o smtp_helo_name=smtp110.ext.armada.it -o smtp_bind_address=5.134.127.225 (postfix,81440,4884,0.0) smtp -n rotate1 -t unix -u -o syslog_name=postfix-rotate1 -o smtp_helo_name=smtp110.ext.armada.it -o smtp_bind_address=5.134.127.225 (postfix,81440,4884,0.0) smtp -n rotate4 -t unix -u -o syslog_name=postfix-rotate4 -o smtp_helo_name=smtp113.ext.armada.it -o smtp_bind_address=5.134.127.228 (postfix,81440,4896,0.0) smtp -n rotate3 -t unix -u -o syslog_name=postfix-rotate3 -o smtp_helo_name=smtp112.ext.armada.it -o smtp_bind_address=5.134.127.227 (postfix,81440,4896,0.0) smtp -n rotate3 -t unix -u -o syslog_name=postfix-rotate3 -o smtp_helo_name=smtp112.ext.armada.it -o smtp_bind_address=5.134.127.227 (postfix,81440,4908,0.0) smtp -n rotate1 -t unix -u -o syslog_name=postfix-rotate1 -o smtp_helo_name=smtp110.ext.armada.it -o smtp_bind_address=5.134.127.225 (postfix,81440,4884,0.0) smtp -n rotate3 -t unix -u -o syslog_name=postfix-rotate3 -o smtp_helo_name=smtp112.ext.armada.it -o smtp_bind_address=5.134.127.227
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbd51b336f6083b8906ad374733d13f17a3045df68
Found public CheckMk agent: Version: 1.2.4p1 AgentOS: linux PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local SpoolDirectory: /etc/check_mk/spool AgentDirectory: /etc/check_mk OnlyFrom: Found process list through CheckMk: (root,19232,1048,0.0) /sbin/init (root,0,0,0.0) [kthreadd] (root,0,0,0.0) [migration/0] (root,0,0,0.0) [ksoftirqd/0] (root,0,0,0.0) [stopper/0] (root,0,0,0.0) [watchdog/0] (root,0,0,0.0) [migration/1] (root,0,0,0.0) [stopper/1] (root,0,0,0.0) [ksoftirqd/1] (root,0,0,0.0) [watchdog/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events_long/0] (root,0,0,0.0) [events_long/1] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [cgroup] (root,0,0,0.0) [khelper] (root,0,0,0.0) [netns] (root,0,0,0.0) [async/mgr] (root,0,0,0.0) [pm] (root,0,0,0.0) [sync_supers] (root,0,0,0.0) [bdi-default] (root,0,0,0.0) [kintegrityd/0] (root,0,0,0.0) [kintegrityd/1] (root,0,0,0.0) [kblockd/0] (root,0,0,0.0) [kblockd/1] (root,0,0,0.0) [kacpid] (root,0,0,0.0) [kacpi_notify] (root,0,0,0.0) [kacpi_hotplug] (root,0,0,0.0) [ata_aux] (root,0,0,0.0) [ata_sff/0] (root,0,0,0.0) [ata_sff/1] (root,0,0,0.0) [ksuspend_usbd] (root,0,0,0.0) [khubd] (root,0,0,0.0) [kseriod] (root,0,0,0.0) [md/0] (root,0,0,0.0) [md/1] (root,0,0,0.0) [md_misc/0] (root,0,0,0.0) [md_misc/1] (root,0,0,0.0) [linkwatch] (root,0,0,0.0) [khungtaskd] (root,0,0,0.0) [kswapd0] (root,0,0,0.0) [ksmd] (root,0,0,0.0) [khugepaged] (root,0,0,0.0) [aio/0] (root,0,0,0.0) [aio/1] (root,0,0,0.0) [crypto/0] (root,0,0,0.0) [crypto/1] (root,0,0,0.0) [kthrotld/0] (root,0,0,0.0) [kthrotld/1] (root,0,0,0.0) [pciehpd] (root,0,0,0.0) [kpsmoused] (root,0,0,0.0) [usbhid_resumer] (root,0,0,0.0) [deferwq] (root,0,0,0.0) [kdmremove] (root,0,0,0.0) [kstriped] (root,0,0,0.0) [scsi_eh_0] (root,0,0,0.0) [scsi_eh_1] (root,0,0,0.0) [scsi_eh_2] (root,0,0,0.0) [vmw_pvscsi_wq_2] (root,0,0,0.0) [kdmflush] (root,0,0,0.0) [kdmflush] (root,0,0,0.0) [jbd2/dm-0-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,10900,264,0.0) /sbin/udevd -d (root,0,0,0.0) [vmmemctl] (root,0,0,0.0) [jbd2/sda1-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,0,0,0.0) [kauditd] (5008,213448,13748,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (root,0,0,0.0) [flush-253:0] (root,37200,420,0.0) /usr/local/sbin/keepalived -D (root,39304,1332,0.0) /usr/local/sbin/keepalived -D (root,39304,784,0.0) /usr/local/sbin/keepalived -D (root,93156,732,0.0) auditd (root,249856,5616,0.0) /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 (rpc,19108,940,0.0) rpcbind (root,200180,1908,0.0) /usr/sbin/snmpd -LS0-6d -Lf /dev/null -p /var/run/snmpd.pid (root,66224,608,0.0) /usr/sbin/sshd (root,21716,744,0.0) xinetd -stayalive -pidfile /var/run/xinetd.pid (root,71216,1676,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,85816,1808,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (nagios,41464,744,0.0) nrpe -c /etc/nagios/nrpe.cfg -d (postfix,80940,3320,0.0) spawn -z -n 127.0.0.1:2527 -t inet user=nobody argv=/etc/postfix/random.pl (root,399736,22532,0.0) /usr/bin/vmtoolsd (root,31840,344,0.0) /usr/sbin/htcacheclean -d5 -n -i -p/var/cache/mod_proxy -l150M (root,116856,676,0.0) crond (root,216632,62824,0.1) splunkd -p 8089 start (root,62884,824,0.0) [splunkd pid=2622] splunkd -p 8089 start [process-runner] (root,198272,1040,0.0) /usr/bin/python -Es /usr/bin/fail2ban-server -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid -x -b (5008,213444,13796,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (root,251276,14748,0.1) /usr/bin/monitorix -c /etc/monitorix/monitorix.conf -p /var/run/monitorix.pid (root,4064,484,0.0) /sbin/mingetty /dev/tty1 (root,4064,484,0.0) /sbin/mingetty /dev/tty2 (root,4064,484,0.0) /sbin/mingetty /dev/tty3 (root,4064,484,0.0) /sbin/mingetty /dev/tty4 (root,4064,484,0.0) /sbin/mingetty /dev/tty5 (root,4064,484,0.0) /sbin/mingetty /dev/tty6 (nobody,217028,2076,0.0) monitorix-httpd listening on 8080 (root,10896,204,0.0) /sbin/udevd -d (root,10896,176,0.0) /sbin/udevd -d (5008,213448,13720,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (apache,473852,37692,0.5) /usr/sbin/httpd (opendkim,2224968,4876,0.1) /usr/sbin/opendkim -x /etc/opendkim.conf -P /var/run/opendkim/opendkim.pid (root,108168,676,0.0) /bin/sh /usr/bin/mysqld_safe --datadir=/var/lib/mysql --socket=/var/lib/mysql/mysql.sock --pid-file=/var/run/mysqld/mysqld.pid --basedir=/usr --user=mysql (mysql,4554580,1949256,1.2) /usr/libexec/mysqld --basedir=/usr --datadir=/var/lib/mysql --user=mysql --log-error=/var/log/mysqld.log --pid-file=/var/run/mysqld/mysqld.pid --socket=/var/lib/mysql/mysql.sock (5008,213444,13676,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,81176,3656,0.0) cleanup -z -t unix -u (postfix,97208,6628,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,97052,6344,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,97052,6344,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,97208,6624,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,97052,6352,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,80952,3324,0.0) pickup -l -t fifo -u (postfix,81444,4896,0.0) smtp -n rotate3 -t unix -u -o syslog_name=postfix-rotate3 -o smtp_helo_name=smtp112.ext.armada.it -o smtp_bind_address=5.134.127.227 (postfix,97052,6344,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,97236,6744,0.2) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,81440,4896,0.0) smtp -n rotate1 -t unix -u -o syslog_name=postfix-rotate1 -o smtp_helo_name=smtp110.ext.armada.it -o smtp_bind_address=5.134.127.225 (5008,213440,13704,0.1) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,97052,6300,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,97052,6304,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,81440,4884,0.2) smtp -n rotate5 -t unix -u -o syslog_name=postfix-rotate5 -o smtp_helo_name=smtp114.ext.armada.it -o smtp_bind_address=5.134.127.229 (postfix,97168,6692,0.5) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,80956,3376,0.0) showq -t unix -u (postfix,97052,6300,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,97052,6300,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,97052,6304,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,81440,4884,0.0) smtp -n rotate1 -t unix -u -o syslog_name=postfix-rotate1 -o smtp_helo_name=smtp110.ext.armada.it -o smtp_bind_address=5.134.127.225 (root,359628,22524,0.0) /usr/sbin/httpd (5008,182364,9224,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,81440,4884,0.0) smtp -n rotate2 -t unix -u -o syslog_name=postfix-rotate2 -o smtp_helo_name=smtp111.ext.armada.it -o smtp_bind_address=5.134.127.226 (postfix,81440,4880,0.1) smtp -n rotate2 -t unix -u -o syslog_name=postfix-rotate2 -o smtp_helo_name=smtp111.ext.armada.it -o smtp_bind_address=5.134.127.226 (postfix,81440,4884,0.0) smtp -n rotate4 -t unix -u -o syslog_name=postfix-rotate4 -o smtp_helo_name=smtp113.ext.armada.it -o smtp_bind_address=5.134.127.228 (postfix,81444,4884,0.0) smtp -n rotate2 -t unix -u -o syslog_name=postfix-rotate2 -o smtp_helo_name=smtp111.ext.armada.it -o smtp_bind_address=5.134.127.226 (postfix,81440,4892,0.0) smtp -n rotate3 -t unix -u -o syslog_name=postfix-rotate3 -o smtp_helo_name=smtp112.ext.armada.it -o smtp_bind_address=5.134.127.227 (postfix,81440,4880,0.0) smtp -n rotate4 -t unix -u -o syslog_name=postfix-rotate4 -o smtp_helo_name=smtp113.ext.armada.it -o smtp_bind_address=5.134.127.228 (postfix,81444,4876,0.0) smtp -n rotate5 -t unix -u -o syslog_name=postfix-rotate5 -o smtp_helo_name=smtp114.ext.armada.it -o smtp_bind_address=5.134.127.229 (postfix,81440,4884,0.0) smtp -n rotate5 -t unix -u -o syslog_name=postfix-rotate5 -o smtp_helo_name=smtp114.ext.armada.it -o smtp_bind_address=5.134.127.229 (postfix,81444,4884,0.0) smtp -n rotate4 -t unix -u -o syslog_name=postfix-rotate4 -o smtp_helo_name=smtp113.ext.armada.it -o smtp_bind_address=5.134.127.228 (postfix,80960,3376,0.0) discard -z -n defer -t unix -u (apache,476012,39968,0.7) /usr/sbin/httpd (postfix,80960,3320,0.0) discard -z -n defer -t unix -u (postfix,97052,6296,0.2) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,80928,3324,0.0) proxymap -t unix -u (postfix,97052,6300,0.2) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (root,110232,1572,0.1) /bin/bash /usr/bin/check_mk_agent (root,110232,736,0.0) /bin/bash /usr/bin/check_mk_agent (root,110232,652,0.0) /bin/bash /usr/bin/check_mk_agent (root,830732,11088,1.4) python /usr/lib64/nagios/plugins/check_blacklist -w 1 -c 3 -h 5.134.127.110 (5008,213324,12036,0.3) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,80960,3372,0.0) trivial-rewrite -n rewrite -t unix -u (nobody,35692,4624,1.0) /usr/bin/perl -w /etc/postfix/random.pl (root,110232,1532,0.0) /bin/bash /usr/bin/check_mk_agent (root,13368,1016,0.0) ps ax -o user,vsz,rss,pcpu,command --columns 10000 (root,8392,832,0.0) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4) / (root,80996,2376,0.0) /usr/libexec/postfix/master (postfix,83016,4096,0.0) qmgr -l -t fifo -u (postfix,82044,3592,0.0) tlsmgr -l -t unix -u (postfix,81668,2572,0.0) anvil -l -t unix -u (5008,213448,13772,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (root,0,0,0.0) [migration/3] (root,0,0,0.0) [stopper/3] (root,0,0,0.0) [ksoftirqd/3] (root,0,0,0.0) [kthrotld/3] (root,0,0,0.0) [crypto/3] (root,0,0,0.0) [aio/3] (root,0,0,0.0) [md_misc/3] (root,0,0,0.0) [md/3] (root,0,0,0.0) [ata_sff/3] (root,0,0,0.0) [kblockd/3] (root,0,0,0.0) [kintegrityd/3] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_long/3] (root,0,0,0.0) [events/3] (root,0,0,0.0) [events/3] (root,0,0,0.0) [watchdog/3] (root,0,0,0.0) [migration/2] (root,0,0,0.0) [stopper/2] (root,0,0,0.0) [ksoftirqd/2] (root,0,0,0.0) [kthrotld/2] (root,0,0,0.0) [crypto/2] (root,0,0,0.0) [aio/2] (root,0,0,0.0) [md_misc/2] (root,0,0,0.0) [md/2] (root,0,0,0.0) [ata_sff/2] (root,0,0,0.0) [kblockd/2] (root,0,0,0.0) [kintegrityd/2] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_long/2] (root,0,0,0.0) [events/2] (root,0,0,0.0) [events/2] (root,0,0,0.0) [watchdog/2] (5008,213452,13740,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (apache,474108,38108,0.6) /usr/sbin/httpd (apache,477104,41056,0.8) /usr/sbin/httpd
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbd51b336f6083b8906ad374733d13f17a359e6dc3
Found public CheckMk agent: Version: 1.2.4p1 AgentOS: linux PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local SpoolDirectory: /etc/check_mk/spool AgentDirectory: /etc/check_mk OnlyFrom: Found process list through CheckMk: (root,19232,1048,0.0) /sbin/init (root,0,0,0.0) [kthreadd] (root,0,0,0.0) [migration/0] (root,0,0,0.0) [ksoftirqd/0] (root,0,0,0.0) [stopper/0] (root,0,0,0.0) [watchdog/0] (root,0,0,0.0) [migration/1] (root,0,0,0.0) [stopper/1] (root,0,0,0.0) [ksoftirqd/1] (root,0,0,0.0) [watchdog/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events_long/0] (root,0,0,0.0) [events_long/1] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [cgroup] (root,0,0,0.0) [khelper] (root,0,0,0.0) [netns] (root,0,0,0.0) [async/mgr] (root,0,0,0.0) [pm] (root,0,0,0.0) [sync_supers] (root,0,0,0.0) [bdi-default] (root,0,0,0.0) [kintegrityd/0] (root,0,0,0.0) [kintegrityd/1] (root,0,0,0.0) [kblockd/0] (root,0,0,0.0) [kblockd/1] (root,0,0,0.0) [kacpid] (root,0,0,0.0) [kacpi_notify] (root,0,0,0.0) [kacpi_hotplug] (root,0,0,0.0) [ata_aux] (root,0,0,0.0) [ata_sff/0] (root,0,0,0.0) [ata_sff/1] (root,0,0,0.0) [ksuspend_usbd] (root,0,0,0.0) [khubd] (root,0,0,0.0) [kseriod] (root,0,0,0.0) [md/0] (root,0,0,0.0) [md/1] (root,0,0,0.0) [md_misc/0] (root,0,0,0.0) [md_misc/1] (root,0,0,0.0) [linkwatch] (root,0,0,0.0) [khungtaskd] (root,0,0,0.0) [kswapd0] (root,0,0,0.0) [ksmd] (root,0,0,0.0) [khugepaged] (root,0,0,0.0) [aio/0] (root,0,0,0.0) [aio/1] (root,0,0,0.0) [crypto/0] (root,0,0,0.0) [crypto/1] (root,0,0,0.0) [kthrotld/0] (root,0,0,0.0) [kthrotld/1] (root,0,0,0.0) [pciehpd] (root,0,0,0.0) [kpsmoused] (root,0,0,0.0) [usbhid_resumer] (root,0,0,0.0) [deferwq] (root,0,0,0.0) [kdmremove] (root,0,0,0.0) [kstriped] (root,0,0,0.0) [scsi_eh_0] (root,0,0,0.0) [scsi_eh_1] (root,0,0,0.0) [scsi_eh_2] (root,0,0,0.0) [vmw_pvscsi_wq_2] (root,0,0,0.0) [kdmflush] (root,0,0,0.0) [kdmflush] (root,0,0,0.0) [jbd2/dm-0-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,10900,264,0.0) /sbin/udevd -d (root,0,0,0.0) [vmmemctl] (postfix,81440,4952,0.0) smtp -n rotate1 -t unix -u -o syslog_name=postfix-rotate1 -o smtp_helo_name=smtp110.ext.armada.it -o smtp_bind_address=5.134.127.225 (root,0,0,0.0) [jbd2/sda1-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,0,0,0.0) [kauditd] (5008,213448,13680,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (root,0,0,0.0) [flush-253:0] (root,37200,420,0.0) /usr/local/sbin/keepalived -D (root,39304,1332,0.0) /usr/local/sbin/keepalived -D (root,39304,784,0.0) /usr/local/sbin/keepalived -D (root,93156,732,0.0) auditd (root,249856,5548,0.0) /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 (rpc,19108,924,0.0) rpcbind (root,200180,1908,0.0) /usr/sbin/snmpd -LS0-6d -Lf /dev/null -p /var/run/snmpd.pid (root,66224,608,0.0) /usr/sbin/sshd (root,21716,744,0.0) xinetd -stayalive -pidfile /var/run/xinetd.pid (postfix,81444,4912,0.0) smtp -n rotate3 -t unix -u -o syslog_name=postfix-rotate3 -o smtp_helo_name=smtp112.ext.armada.it -o smtp_bind_address=5.134.127.227 (postfix,81440,4928,0.0) smtp -n rotate5 -t unix -u -o syslog_name=postfix-rotate5 -o smtp_helo_name=smtp114.ext.armada.it -o smtp_bind_address=5.134.127.229 (root,71216,1676,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,85816,1808,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (postfix,81508,5056,0.0) smtp -n rotate1 -t unix -u -o syslog_name=postfix-rotate1 -o smtp_helo_name=smtp110.ext.armada.it -o smtp_bind_address=5.134.127.225 (nagios,41464,744,0.0) nrpe -c /etc/nagios/nrpe.cfg -d (postfix,81448,4936,0.0) smtp -n rotate3 -t unix -u -o syslog_name=postfix-rotate3 -o smtp_helo_name=smtp112.ext.armada.it -o smtp_bind_address=5.134.127.227 (root,395768,18556,0.0) /usr/bin/vmtoolsd (root,31840,344,0.0) /usr/sbin/htcacheclean -d5 -n -i -p/var/cache/mod_proxy -l150M (root,116856,676,0.0) crond (root,216632,61956,0.1) splunkd -p 8089 start (root,62884,824,0.0) [splunkd pid=2622] splunkd -p 8089 start [process-runner] (root,198272,1040,0.0) /usr/bin/python -Es /usr/bin/fail2ban-server -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid -x -b (root,251276,14756,0.1) /usr/bin/monitorix -c /etc/monitorix/monitorix.conf -p /var/run/monitorix.pid (root,4064,484,0.0) /sbin/mingetty /dev/tty1 (root,4064,484,0.0) /sbin/mingetty /dev/tty2 (root,4064,484,0.0) /sbin/mingetty /dev/tty3 (root,4064,484,0.0) /sbin/mingetty /dev/tty4 (root,4064,484,0.0) /sbin/mingetty /dev/tty5 (root,4064,484,0.0) /sbin/mingetty /dev/tty6 (postfix,81508,5032,0.0) smtp -n rotate3 -t unix -u -o syslog_name=postfix-rotate3 -o smtp_helo_name=smtp112.ext.armada.it -o smtp_bind_address=5.134.127.227 (nobody,217028,2076,0.0) monitorix-httpd listening on 8080 (postfix,80956,3384,0.0) showq -t unix -u (postfix,81176,3660,0.0) cleanup -z -t unix -u (postfix,81440,4908,0.0) smtp -n rotate4 -t unix -u -o syslog_name=postfix-rotate4 -o smtp_helo_name=smtp113.ext.armada.it -o smtp_bind_address=5.134.127.228 (postfix,81440,4916,0.0) smtp -n rotate2 -t unix -u -o syslog_name=postfix-rotate2 -o smtp_helo_name=smtp111.ext.armada.it -o smtp_bind_address=5.134.127.226 (postfix,81444,4900,0.0) smtp -n rotate2 -t unix -u -o syslog_name=postfix-rotate2 -o smtp_helo_name=smtp111.ext.armada.it -o smtp_bind_address=5.134.127.226 (postfix,81440,4904,0.0) smtp -n rotate2 -t unix -u -o syslog_name=postfix-rotate2 -o smtp_helo_name=smtp111.ext.armada.it -o smtp_bind_address=5.134.127.226 (5008,213448,13768,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,97208,6664,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,81176,3660,0.1) cleanup -z -t unix -u (postfix,81176,3656,0.0) cleanup -z -t unix -u (5008,213448,13676,0.1) /usr/bin/perl /usr/sbin/cbpolicyd (5008,213580,13784,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (root,10896,204,0.0) /sbin/udevd -d (root,10896,176,0.0) /sbin/udevd -d (5008,213452,13708,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,97240,6740,0.2) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,97232,6740,0.4) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,81176,3656,0.0) cleanup -z -t unix -u (postfix,81444,4908,0.0) smtp -n rotate4 -t unix -u -o syslog_name=postfix-rotate4 -o smtp_helo_name=smtp113.ext.armada.it -o smtp_bind_address=5.134.127.228 (postfix,81440,4924,0.0) smtp -n rotate4 -t unix -u -o syslog_name=postfix-rotate4 -o smtp_helo_name=smtp113.ext.armada.it -o smtp_bind_address=5.134.127.228 (postfix,97236,6760,0.3) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,97228,6732,0.3) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,80960,3424,0.0) trivial-rewrite -n rewrite -t unix -u (postfix,80940,3320,0.0) spawn -z -n 127.0.0.1:2527 -t inet user=nobody argv=/etc/postfix/random.pl (nobody,35692,4624,0.0) /usr/bin/perl -w /etc/postfix/random.pl (postfix,81440,4904,0.0) smtp -n rotate5 -t unix -u -o syslog_name=postfix-rotate5 -o smtp_helo_name=smtp114.ext.armada.it -o smtp_bind_address=5.134.127.229 (postfix,97216,6608,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (5008,213448,13628,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,81444,4904,0.0) smtp -n rotate1 -t unix -u -o syslog_name=postfix-rotate1 -o smtp_helo_name=smtp110.ext.armada.it -o smtp_bind_address=5.134.127.225 (postfix,97236,6644,0.2) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (root,67568,3164,0.0) sshd: [accepted] (sshd,67568,1404,0.0) sshd: [net] (opendkim,2143016,4872,0.1) /usr/sbin/opendkim -x /etc/opendkim.conf -P /var/run/opendkim/opendkim.pid (5008,213324,12028,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,80988,3440,0.0) bounce -z -t unix -u (postfix,80940,3320,0.0) spawn -z -n 127.0.0.1:2527 -t inet user=nobody argv=/etc/postfix/random.pl (postfix,80960,3372,0.0) discard -z -n defer -t unix -u (root,101288,4300,0.4) sshd: root [priv] (sshd,67568,1632,0.0) sshd: root [net] (root,110232,1568,0.1) /bin/bash /usr/bin/check_mk_agent (root,110232,732,0.0) /bin/bash /usr/bin/check_mk_agent (root,110232,648,0.0) /bin/bash /usr/bin/check_mk_agent (root,830732,9060,1.1) python /usr/lib64/nagios/plugins/check_blacklist -w 1 -c 3 -h 5.134.127.110 (root,101288,4296,2.5) sshd: root [priv] (sshd,67568,1632,0.0) sshd: root [net] (root,67568,3160,0.0) sshd: [accepted] (sshd,67568,1400,0.0) sshd: [net] (root,110232,1532,0.0) /bin/bash /usr/bin/check_mk_agent (root,13368,1012,1.0) ps ax -o user,vsz,rss,pcpu,command --columns 10000 (root,8392,828,0.0) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4) / (root,108168,676,0.0) /bin/sh /usr/bin/mysqld_safe --datadir=/var/lib/mysql --socket=/var/lib/mysql/mysql.sock --pid-file=/var/run/mysqld/mysqld.pid --basedir=/usr --user=mysql (mysql,4554580,1863196,1.2) /usr/libexec/mysqld --basedir=/usr --datadir=/var/lib/mysql --user=mysql --log-error=/var/log/mysqld.log --pid-file=/var/run/mysqld/mysqld.pid --socket=/var/lib/mysql/mysql.sock (apache,470540,34392,0.5) /usr/sbin/httpd (apache,469156,32976,0.4) /usr/sbin/httpd (5008,213440,13732,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,80952,3388,0.0) pickup -l -t fifo -u (root,357684,20580,0.0) /usr/sbin/httpd (apache,471672,35436,0.4) /usr/sbin/httpd (apache,474884,38648,0.6) /usr/sbin/httpd (5008,182364,9216,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (5008,213452,13716,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (root,80996,2376,0.0) /usr/libexec/postfix/master (postfix,83016,4096,0.0) qmgr -l -t fifo -u (postfix,82044,3592,0.0) tlsmgr -l -t unix -u (postfix,81668,2572,0.0) anvil -l -t unix -u (apache,472624,36524,0.5) /usr/sbin/httpd (root,0,0,0.0) [migration/3] (root,0,0,0.0) [stopper/3] (root,0,0,0.0) [ksoftirqd/3] (root,0,0,0.0) [kthrotld/3] (root,0,0,0.0) [crypto/3] (root,0,0,0.0) [aio/3] (root,0,0,0.0) [md_misc/3] (root,0,0,0.0) [md/3] (root,0,0,0.0) [ata_sff/3] (root,0,0,0.0) [kblockd/3] (root,0,0,0.0) [kintegrityd/3] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_long/3] (root,0,0,0.0) [events/3] (root,0,0,0.0) [events/3] (root,0,0,0.0) [watchdog/3] (root,0,0,0.0) [migration/2] (root,0,0,0.0) [stopper/2] (root,0,0,0.0) [ksoftirqd/2] (root,0,0,0.0) [kthrotld/2] (root,0,0,0.0) [crypto/2] (root,0,0,0.0) [aio/2] (root,0,0,0.0) [md_misc/2] (root,0,0,0.0) [md/2] (root,0,0,0.0) [ata_sff/2] (root,0,0,0.0) [kblockd/2] (root,0,0,0.0) [kintegrityd/2] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_long/2] (root,0,0,0.0) [events/2] (root,0,0,0.0) [events/2] (root,0,0,0.0) [watchdog/2] (5008,213448,13772,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (5008,213448,13692,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (5008,213596,13792,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,97208,6716,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbd51b336f6083b8906ad374733d13f17a3f7f1c72
Found public CheckMk agent: Version: 1.2.4p1 AgentOS: linux PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local SpoolDirectory: /etc/check_mk/spool AgentDirectory: /etc/check_mk OnlyFrom: Found process list through CheckMk: (root,19232,1048,0.0) /sbin/init (root,0,0,0.0) [kthreadd] (root,0,0,0.0) [migration/0] (root,0,0,0.0) [ksoftirqd/0] (root,0,0,0.0) [stopper/0] (root,0,0,0.0) [watchdog/0] (root,0,0,0.0) [migration/1] (root,0,0,0.0) [stopper/1] (root,0,0,0.0) [ksoftirqd/1] (root,0,0,0.0) [watchdog/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events_long/0] (root,0,0,0.0) [events_long/1] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [cgroup] (root,0,0,0.0) [khelper] (root,0,0,0.0) [netns] (root,0,0,0.0) [async/mgr] (root,0,0,0.0) [pm] (root,0,0,0.0) [sync_supers] (root,0,0,0.0) [bdi-default] (root,0,0,0.0) [kintegrityd/0] (root,0,0,0.0) [kintegrityd/1] (root,0,0,0.0) [kblockd/0] (root,0,0,0.0) [kblockd/1] (root,0,0,0.0) [kacpid] (root,0,0,0.0) [kacpi_notify] (root,0,0,0.0) [kacpi_hotplug] (root,0,0,0.0) [ata_aux] (root,0,0,0.0) [ata_sff/0] (root,0,0,0.0) [ata_sff/1] (root,0,0,0.0) [ksuspend_usbd] (root,0,0,0.0) [khubd] (root,0,0,0.0) [kseriod] (root,0,0,0.0) [md/0] (root,0,0,0.0) [md/1] (root,0,0,0.0) [md_misc/0] (root,0,0,0.0) [md_misc/1] (root,0,0,0.0) [linkwatch] (root,0,0,0.0) [khungtaskd] (root,0,0,0.0) [kswapd0] (root,0,0,0.0) [ksmd] (root,0,0,0.0) [khugepaged] (root,0,0,0.0) [aio/0] (root,0,0,0.0) [aio/1] (root,0,0,0.0) [crypto/0] (root,0,0,0.0) [crypto/1] (root,0,0,0.0) [kthrotld/0] (root,0,0,0.0) [kthrotld/1] (root,0,0,0.0) [pciehpd] (root,0,0,0.0) [kpsmoused] (root,0,0,0.0) [usbhid_resumer] (root,0,0,0.0) [deferwq] (root,0,0,0.0) [kdmremove] (root,0,0,0.0) [kstriped] (root,0,0,0.0) [scsi_eh_0] (root,0,0,0.0) [scsi_eh_1] (5008,213448,13632,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (root,0,0,0.0) [scsi_eh_2] (root,0,0,0.0) [vmw_pvscsi_wq_2] (root,0,0,0.0) [kdmflush] (root,0,0,0.0) [kdmflush] (root,0,0,0.0) [jbd2/dm-0-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,10900,264,0.0) /sbin/udevd -d (postfix,80956,3340,0.0) showq -t unix -u (postfix,81440,4888,0.0) smtp -n rotate3 -t unix -u -o syslog_name=postfix-rotate3 -o smtp_helo_name=smtp112.ext.armada.it -o smtp_bind_address=5.134.127.227 (root,0,0,0.0) [vmmemctl] (postfix,81440,4892,0.0) smtp -n rotate5 -t unix -u -o syslog_name=postfix-rotate5 -o smtp_helo_name=smtp114.ext.armada.it -o smtp_bind_address=5.134.127.229 (postfix,81440,4892,0.0) smtp -n rotate2 -t unix -u -o syslog_name=postfix-rotate2 -o smtp_helo_name=smtp111.ext.armada.it -o smtp_bind_address=5.134.127.226 (postfix,81440,4888,0.0) smtp -n rotate1 -t unix -u -o syslog_name=postfix-rotate1 -o smtp_helo_name=smtp110.ext.armada.it -o smtp_bind_address=5.134.127.225 (postfix,81440,4888,0.0) smtp -n rotate1 -t unix -u -o syslog_name=postfix-rotate1 -o smtp_helo_name=smtp110.ext.armada.it -o smtp_bind_address=5.134.127.225 (postfix,97232,6668,0.4) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,81440,4888,0.0) smtp -n rotate4 -t unix -u -o syslog_name=postfix-rotate4 -o smtp_helo_name=smtp113.ext.armada.it -o smtp_bind_address=5.134.127.228 (postfix,81440,4880,0.0) smtp -n rotate2 -t unix -u -o syslog_name=postfix-rotate2 -o smtp_helo_name=smtp111.ext.armada.it -o smtp_bind_address=5.134.127.226 (root,0,0,0.0) [jbd2/sda1-8] (root,0,0,0.0) [ext4-dio-unwrit] (postfix,81440,4876,0.0) smtp -n rotate2 -t unix -u -o syslog_name=postfix-rotate2 -o smtp_helo_name=smtp111.ext.armada.it -o smtp_bind_address=5.134.127.226 (5008,213324,12188,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (root,0,0,0.0) [kauditd] (root,0,0,0.0) [flush-253:0] (postfix,80960,3380,0.0) trivial-rewrite -n rewrite -t unix -u (nobody,35692,4624,0.0) /usr/bin/perl -w /etc/postfix/random.pl (postfix,81440,4880,0.0) smtp -n rotate5 -t unix -u -o syslog_name=postfix-rotate5 -o smtp_helo_name=smtp114.ext.armada.it -o smtp_bind_address=5.134.127.229 (5008,213324,12000,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (root,37200,420,0.0) /usr/local/sbin/keepalived -D (root,39304,1332,0.0) /usr/local/sbin/keepalived -D (root,39304,784,0.0) /usr/local/sbin/keepalived -D (postfix,81440,4884,0.0) smtp -n rotate4 -t unix -u -o syslog_name=postfix-rotate4 -o smtp_helo_name=smtp113.ext.armada.it -o smtp_bind_address=5.134.127.228 (postfix,81440,4880,0.0) smtp -n rotate4 -t unix -u -o syslog_name=postfix-rotate4 -o smtp_helo_name=smtp113.ext.armada.it -o smtp_bind_address=5.134.127.228 (root,110232,1568,0.1) /bin/bash /usr/bin/check_mk_agent (root,110232,732,0.0) /bin/bash /usr/bin/check_mk_agent (root,110232,648,0.0) /bin/bash /usr/bin/check_mk_agent (root,830732,11088,1.2) python /usr/lib64/nagios/plugins/check_blacklist -w 1 -c 3 -h 5.134.127.110 (root,67568,3244,0.0) sshd: [accepted] (sshd,67568,1572,0.0) sshd: [net] (root,67568,3204,0.0) sshd: [accepted] (sshd,67568,1444,0.0) sshd: [net] (root,110232,1536,0.0) /bin/bash /usr/bin/check_mk_agent (root,13368,1012,0.0) ps ax -o user,vsz,rss,pcpu,command --columns 10000 (root,8392,832,0.0) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4) / (root,93156,732,0.0) auditd (root,249856,5612,0.0) /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 (rpc,19108,884,0.0) rpcbind (root,200180,1904,0.0) /usr/sbin/snmpd -LS0-6d -Lf /dev/null -p /var/run/snmpd.pid (root,66224,608,0.0) /usr/sbin/sshd (root,21716,744,0.0) xinetd -stayalive -pidfile /var/run/xinetd.pid (root,71216,1676,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (nagios,41464,744,0.0) nrpe -c /etc/nagios/nrpe.cfg -d (root,392048,14740,0.0) /usr/bin/vmtoolsd (root,31840,344,0.0) /usr/sbin/htcacheclean -d5 -n -i -p/var/cache/mod_proxy -l150M (root,116856,676,0.0) crond (root,214584,60016,0.1) splunkd -p 8089 start (root,62884,824,0.0) [splunkd pid=2622] splunkd -p 8089 start [process-runner] (root,198272,1040,0.0) /usr/bin/python -Es /usr/bin/fail2ban-server -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid -x -b (root,251276,14752,0.1) /usr/bin/monitorix -c /etc/monitorix/monitorix.conf -p /var/run/monitorix.pid (root,4064,484,0.0) /sbin/mingetty /dev/tty1 (root,4064,484,0.0) /sbin/mingetty /dev/tty2 (root,4064,484,0.0) /sbin/mingetty /dev/tty3 (root,4064,484,0.0) /sbin/mingetty /dev/tty4 (root,4064,484,0.0) /sbin/mingetty /dev/tty5 (root,4064,484,0.0) /sbin/mingetty /dev/tty6 (nobody,217028,2076,0.0) monitorix-httpd listening on 8080 (root,10896,204,0.0) /sbin/udevd -d (root,10896,176,0.0) /sbin/udevd -d (apache,468712,32436,0.2) /usr/sbin/httpd (apache,469240,32928,0.2) /usr/sbin/httpd (opendkim,2132772,4700,0.1) /usr/sbin/opendkim -x /etc/opendkim.conf -P /var/run/opendkim/opendkim.pid (5008,213452,13728,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (root,108168,676,0.0) /bin/sh /usr/bin/mysqld_safe --datadir=/var/lib/mysql --socket=/var/lib/mysql/mysql.sock --pid-file=/var/run/mysqld/mysqld.pid --basedir=/usr --user=mysql (5008,213448,13744,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (mysql,4554580,1777108,1.2) /usr/libexec/mysqld --basedir=/usr --datadir=/var/lib/mysql --user=mysql --log-error=/var/log/mysqld.log --pid-file=/var/run/mysqld/mysqld.pid --socket=/var/lib/mysql/mysql.sock (apache,468788,32420,0.2) /usr/sbin/httpd (apache,468992,32676,0.2) /usr/sbin/httpd (apache,468144,31868,0.2) /usr/sbin/httpd (5008,213440,13640,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (root,355844,18740,0.0) /usr/sbin/httpd (5008,182364,9184,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (root,80996,2376,0.0) /usr/libexec/postfix/master (postfix,83016,3964,0.0) qmgr -l -t fifo -u (postfix,82044,3476,0.0) tlsmgr -l -t unix -u (postfix,81668,2432,0.0) anvil -l -t unix -u (root,0,0,0.0) [migration/3] (root,0,0,0.0) [stopper/3] (root,0,0,0.0) [ksoftirqd/3] (root,0,0,0.0) [kthrotld/3] (root,0,0,0.0) [crypto/3] (root,0,0,0.0) [aio/3] (root,0,0,0.0) [md_misc/3] (root,0,0,0.0) [md/3] (root,0,0,0.0) [ata_sff/3] (root,0,0,0.0) [kblockd/3] (root,0,0,0.0) [kintegrityd/3] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_long/3] (root,0,0,0.0) [events/3] (root,0,0,0.0) [events/3] (root,0,0,0.0) [watchdog/3] (root,0,0,0.0) [migration/2] (root,0,0,0.0) [stopper/2] (root,0,0,0.0) [ksoftirqd/2] (root,0,0,0.0) [kthrotld/2] (root,0,0,0.0) [crypto/2] (root,0,0,0.0) [aio/2] (root,0,0,0.0) [md_misc/2] (root,0,0,0.0) [md/2] (root,0,0,0.0) [ata_sff/2] (root,0,0,0.0) [kblockd/2] (root,0,0,0.0) [kintegrityd/2] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_long/2] (root,0,0,0.0) [events/2] (root,0,0,0.0) [events/2] (root,0,0,0.0) [watchdog/2] (postfix,80952,3324,0.0) pickup -l -t fifo -u (postfix,97228,6676,0.0) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,97212,6660,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,80940,3320,0.0) spawn -z -n 127.0.0.1:2527 -t inet user=nobody argv=/etc/postfix/random.pl (postfix,81176,3652,0.0) cleanup -z -t unix -u (5008,213448,13664,0.0) /usr/bin/perl /usr/sbin/cbpolicyd
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbd51b336f6083b8906ad374733d13f17ab0b73963
Found public CheckMk agent: Version: 1.2.4p1 AgentOS: linux PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local SpoolDirectory: /etc/check_mk/spool AgentDirectory: /etc/check_mk OnlyFrom: Found process list through CheckMk: (root,19232,1048,0.0) /sbin/init (root,0,0,0.0) [kthreadd] (root,0,0,0.0) [migration/0] (root,0,0,0.0) [ksoftirqd/0] (root,0,0,0.0) [stopper/0] (root,0,0,0.0) [watchdog/0] (root,0,0,0.0) [migration/1] (root,0,0,0.0) [stopper/1] (root,0,0,0.0) [ksoftirqd/1] (root,0,0,0.0) [watchdog/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events_long/0] (root,0,0,0.0) [events_long/1] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [cgroup] (root,0,0,0.0) [khelper] (root,0,0,0.0) [netns] (root,0,0,0.0) [async/mgr] (root,0,0,0.0) [pm] (root,0,0,0.0) [sync_supers] (root,0,0,0.0) [bdi-default] (root,0,0,0.0) [kintegrityd/0] (root,0,0,0.0) [kintegrityd/1] (root,0,0,0.0) [kblockd/0] (root,0,0,0.0) [kblockd/1] (root,0,0,0.0) [kacpid] (root,0,0,0.0) [kacpi_notify] (root,0,0,0.0) [kacpi_hotplug] (root,0,0,0.0) [ata_aux] (root,0,0,0.0) [ata_sff/0] (root,0,0,0.0) [ata_sff/1] (root,0,0,0.0) [ksuspend_usbd] (root,0,0,0.0) [khubd] (root,0,0,0.0) [kseriod] (root,0,0,0.0) [md/0] (root,0,0,0.0) [md/1] (root,0,0,0.0) [md_misc/0] (root,0,0,0.0) [md_misc/1] (root,0,0,0.0) [linkwatch] (root,0,0,0.0) [khungtaskd] (root,0,0,0.0) [kswapd0] (root,0,0,0.0) [ksmd] (root,0,0,0.0) [khugepaged] (root,0,0,0.0) [aio/0] (root,0,0,0.0) [aio/1] (root,0,0,0.0) [crypto/0] (root,0,0,0.0) [crypto/1] (root,0,0,0.0) [kthrotld/0] (root,0,0,0.0) [kthrotld/1] (root,0,0,0.0) [pciehpd] (root,0,0,0.0) [kpsmoused] (root,0,0,0.0) [usbhid_resumer] (root,0,0,0.0) [deferwq] (root,0,0,0.0) [kdmremove] (root,0,0,0.0) [kstriped] (root,0,0,0.0) [scsi_eh_0] (root,0,0,0.0) [scsi_eh_1] (root,0,0,0.0) [scsi_eh_2] (root,0,0,0.0) [vmw_pvscsi_wq_2] (root,0,0,0.0) [kdmflush] (root,0,0,0.0) [kdmflush] (root,0,0,0.0) [jbd2/dm-0-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,10900,264,0.0) /sbin/udevd -d (root,0,0,0.0) [vmmemctl] (root,0,0,0.0) [jbd2/sda1-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,0,0,0.0) [kauditd] (root,0,0,0.0) [flush-253:0] (root,37200,420,0.0) /usr/local/sbin/keepalived -D (root,39304,1332,0.0) /usr/local/sbin/keepalived -D (root,39304,784,0.0) /usr/local/sbin/keepalived -D (root,93156,732,0.0) auditd (root,249856,5612,0.0) /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 (rpc,19108,884,0.0) rpcbind (root,200180,1904,0.0) /usr/sbin/snmpd -LS0-6d -Lf /dev/null -p /var/run/snmpd.pid (root,66224,608,0.0) /usr/sbin/sshd (root,21716,744,0.0) xinetd -stayalive -pidfile /var/run/xinetd.pid (root,71216,1676,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (5008,213452,13688,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (nagios,41464,744,0.0) nrpe -c /etc/nagios/nrpe.cfg -d (root,391676,14352,0.0) /usr/bin/vmtoolsd (root,31840,344,0.0) /usr/sbin/htcacheclean -d5 -n -i -p/var/cache/mod_proxy -l150M (root,116856,676,0.0) crond (root,214584,60016,0.1) splunkd -p 8089 start (root,62884,824,0.0) [splunkd pid=2622] splunkd -p 8089 start [process-runner] (root,198272,1040,0.0) /usr/bin/python -Es /usr/bin/fail2ban-server -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid -x -b (root,251276,14752,0.1) /usr/bin/monitorix -c /etc/monitorix/monitorix.conf -p /var/run/monitorix.pid (root,4064,484,0.0) /sbin/mingetty /dev/tty1 (root,4064,484,0.0) /sbin/mingetty /dev/tty2 (root,4064,484,0.0) /sbin/mingetty /dev/tty3 (root,4064,484,0.0) /sbin/mingetty /dev/tty4 (root,4064,484,0.0) /sbin/mingetty /dev/tty5 (root,4064,484,0.0) /sbin/mingetty /dev/tty6 (nobody,217028,2076,0.0) monitorix-httpd listening on 8080 (root,10896,204,0.0) /sbin/udevd -d (root,10896,176,0.0) /sbin/udevd -d (5008,213448,13680,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,81440,4940,0.0) smtp -n rotate1 -t unix -u -o syslog_name=postfix-rotate1 -o smtp_helo_name=smtp110.ext.armada.it -o smtp_bind_address=5.134.127.225 (postfix,81508,5060,0.0) smtp -n rotate5 -t unix -u -o syslog_name=postfix-rotate5 -o smtp_helo_name=smtp114.ext.armada.it -o smtp_bind_address=5.134.127.229 (postfix,81512,5052,0.0) smtp -n rotate2 -t unix -u -o syslog_name=postfix-rotate2 -o smtp_helo_name=smtp111.ext.armada.it -o smtp_bind_address=5.134.127.226 (opendkim,2132772,4700,0.1) /usr/sbin/opendkim -x /etc/opendkim.conf -P /var/run/opendkim/opendkim.pid (postfix,81512,5060,0.0) smtp -n rotate4 -t unix -u -o syslog_name=postfix-rotate4 -o smtp_helo_name=smtp113.ext.armada.it -o smtp_bind_address=5.134.127.228 (postfix,81440,4940,0.0) smtp -n rotate3 -t unix -u -o syslog_name=postfix-rotate3 -o smtp_helo_name=smtp112.ext.armada.it -o smtp_bind_address=5.134.127.227 (postfix,81504,5044,0.0) smtp -n rotate5 -t unix -u -o syslog_name=postfix-rotate5 -o smtp_helo_name=smtp114.ext.armada.it -o smtp_bind_address=5.134.127.229 (postfix,81440,4936,0.0) smtp -n rotate2 -t unix -u -o syslog_name=postfix-rotate2 -o smtp_helo_name=smtp111.ext.armada.it -o smtp_bind_address=5.134.127.226 (postfix,80960,3432,0.0) trivial-rewrite -n rewrite -t unix -u (nobody,35692,4624,0.0) /usr/bin/perl -w /etc/postfix/random.pl (postfix,81440,4928,0.0) smtp -n rotate3 -t unix -u -o syslog_name=postfix-rotate3 -o smtp_helo_name=smtp112.ext.armada.it -o smtp_bind_address=5.134.127.227 (postfix,81512,5060,0.0) smtp -n rotate1 -t unix -u -o syslog_name=postfix-rotate1 -o smtp_helo_name=smtp110.ext.armada.it -o smtp_bind_address=5.134.127.225 (postfix,81440,4940,0.0) smtp -n rotate1 -t unix -u -o syslog_name=postfix-rotate1 -o smtp_helo_name=smtp110.ext.armada.it -o smtp_bind_address=5.134.127.225 (postfix,81440,4932,0.0) smtp -n rotate4 -t unix -u -o syslog_name=postfix-rotate4 -o smtp_helo_name=smtp113.ext.armada.it -o smtp_bind_address=5.134.127.228 (postfix,81448,4948,0.0) smtp -n rotate2 -t unix -u -o syslog_name=postfix-rotate2 -o smtp_helo_name=smtp111.ext.armada.it -o smtp_bind_address=5.134.127.226 (postfix,81512,5064,0.0) smtp -n rotate1 -t unix -u -o syslog_name=postfix-rotate1 -o smtp_helo_name=smtp110.ext.armada.it -o smtp_bind_address=5.134.127.225 (postfix,81444,4940,0.0) smtp -n rotate4 -t unix -u -o syslog_name=postfix-rotate4 -o smtp_helo_name=smtp113.ext.armada.it -o smtp_bind_address=5.134.127.228 (postfix,81516,5056,0.0) smtp -n rotate4 -t unix -u -o syslog_name=postfix-rotate4 -o smtp_helo_name=smtp113.ext.armada.it -o smtp_bind_address=5.134.127.228 (postfix,81508,5048,0.0) smtp -n rotate3 -t unix -u -o syslog_name=postfix-rotate3 -o smtp_helo_name=smtp112.ext.armada.it -o smtp_bind_address=5.134.127.227 (postfix,81512,5052,0.0) smtp -n rotate3 -t unix -u -o syslog_name=postfix-rotate3 -o smtp_helo_name=smtp112.ext.armada.it -o smtp_bind_address=5.134.127.227 (postfix,81512,5064,0.0) smtp -n rotate2 -t unix -u -o syslog_name=postfix-rotate2 -o smtp_helo_name=smtp111.ext.armada.it -o smtp_bind_address=5.134.127.226 (postfix,81440,4932,0.0) smtp -n rotate5 -t unix -u -o syslog_name=postfix-rotate5 -o smtp_helo_name=smtp114.ext.armada.it -o smtp_bind_address=5.134.127.229 (postfix,81504,5032,0.0) smtp -n rotate5 -t unix -u -o syslog_name=postfix-rotate5 -o smtp_helo_name=smtp114.ext.armada.it -o smtp_bind_address=5.134.127.229 (apache,470612,34576,0.4) /usr/sbin/httpd (apache,473708,37540,0.5) /usr/sbin/httpd (root,108168,676,0.0) /bin/sh /usr/bin/mysqld_safe --datadir=/var/lib/mysql --socket=/var/lib/mysql/mysql.sock --pid-file=/var/run/mysqld/mysqld.pid --basedir=/usr --user=mysql (5008,213448,13720,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (mysql,4554580,1768572,1.2) /usr/libexec/mysqld --basedir=/usr --datadir=/var/lib/mysql --user=mysql --log-error=/var/log/mysqld.log --pid-file=/var/run/mysqld/mysqld.pid --socket=/var/lib/mysql/mysql.sock (postfix,81440,4944,0.0) smtp -n rotate2 -t unix -u -o syslog_name=postfix-rotate2 -o smtp_helo_name=smtp111.ext.armada.it -o smtp_bind_address=5.134.127.226 (postfix,97208,6712,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (5008,213440,13692,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (5008,213448,13688,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,81444,4920,0.0) smtp -n rotate3 -t unix -u -o syslog_name=postfix-rotate3 -o smtp_helo_name=smtp112.ext.armada.it -o smtp_bind_address=5.134.127.227 (5008,213452,13652,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,97236,6964,0.2) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (apache,471492,35300,0.4) /usr/sbin/httpd (postfix,97052,6348,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,80952,3332,0.0) pickup -l -t fifo -u (postfix,81176,3656,0.0) cleanup -z -t unix -u (postfix,81176,3660,0.0) cleanup -z -t unix -u (postfix,80960,3372,0.0) discard -z -n defer -t unix -u (5008,213324,12412,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,97236,6916,0.2) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,97236,6952,0.2) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,97240,6712,0.2) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,97232,6668,0.2) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (5008,213448,13596,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,97200,6684,0.0) smtpd -n submission -t inet -u -o stress= -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (5008,213324,12184,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,80988,3440,0.0) bounce -z -t unix -u (5008,213324,11996,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (root,110232,1564,0.1) /bin/bash /usr/bin/check_mk_agent (root,98636,3776,0.0) sshd: unknown [priv] (root,110232,728,0.0) /bin/bash /usr/bin/check_mk_agent (root,110232,644,0.0) /bin/bash /usr/bin/check_mk_agent (root,830732,9060,1.0) python /usr/lib64/nagios/plugins/check_blacklist -w 1 -c 3 -h 5.134.127.110 (root,67568,3240,0.0) sshd: [accepted] (sshd,67568,1560,0.0) sshd: [net] (sshd,67568,1752,0.0) sshd: unknown [net] (root,67568,3164,0.0) sshd: [accepted] (sshd,67568,1408,0.0) sshd: [net] (root,110232,1536,0.0) /bin/bash /usr/bin/check_mk_agent (root,13364,1012,1.0) ps ax -o user,vsz,rss,pcpu,command --columns 10000 (root,8392,828,0.0) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4) / (5008,213452,13728,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (5008,213452,13748,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (5008,213452,13716,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (root,355648,18544,0.0) /usr/sbin/httpd (5008,182364,9180,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (root,80996,2376,0.0) /usr/libexec/postfix/master (postfix,83016,3964,0.0) qmgr -l -t fifo -u (postfix,82044,3476,0.0) tlsmgr -l -t unix -u (postfix,81668,2432,0.0) anvil -l -t unix -u (root,0,0,0.0) [migration/3] (root,0,0,0.0) [stopper/3] (root,0,0,0.0) [ksoftirqd/3] (root,0,0,0.0) [kthrotld/3] (root,0,0,0.0) [crypto/3] (root,0,0,0.0) [aio/3] (root,0,0,0.0) [md_misc/3] (root,0,0,0.0) [md/3] (root,0,0,0.0) [ata_sff/3] (root,0,0,0.0) [kblockd/3] (root,0,0,0.0) [kintegrityd/3] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_long/3] (root,0,0,0.0) [events/3] (root,0,0,0.0) [events/3] (root,0,0,0.0) [watchdog/3] (root,0,0,0.0) [migration/2] (root,0,0,0.0) [stopper/2] (root,0,0,0.0) [ksoftirqd/2] (root,0,0,0.0) [kthrotld/2] (root,0,0,0.0) [crypto/2] (root,0,0,0.0) [aio/2] (root,0,0,0.0) [md_misc/2] (root,0,0,0.0) [md/2] (root,0,0,0.0) [ata_sff/2] (root,0,0,0.0) [kblockd/2] (root,0,0,0.0) [kintegrityd/2] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_long/2] (root,0,0,0.0) [events/2] (root,0,0,0.0) [events/2] (root,0,0,0.0) [watchdog/2] (postfix,80940,3320,0.0) spawn -z -n 127.0.0.1:2527 -t inet user=nobody argv=/etc/postfix/random.pl (postfix,80956,3376,0.0) showq -t unix -u
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbd51b336f6083b8906ad374733d13f17accbc1e54
Found public CheckMk agent: Version: 1.2.4p1 AgentOS: linux PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local SpoolDirectory: /etc/check_mk/spool AgentDirectory: /etc/check_mk OnlyFrom: Found process list through CheckMk: (root,19232,1048,0.0) /sbin/init (root,0,0,0.0) [kthreadd] (root,0,0,0.0) [migration/0] (root,0,0,0.0) [ksoftirqd/0] (root,0,0,0.0) [stopper/0] (root,0,0,0.0) [watchdog/0] (root,0,0,0.0) [migration/1] (root,0,0,0.0) [stopper/1] (root,0,0,0.0) [ksoftirqd/1] (root,0,0,0.0) [watchdog/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events_long/0] (root,0,0,0.0) [events_long/1] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [cgroup] (root,0,0,0.0) [khelper] (root,0,0,0.0) [netns] (root,0,0,0.0) [async/mgr] (root,0,0,0.0) [pm] (root,0,0,0.0) [sync_supers] (root,0,0,0.0) [bdi-default] (root,0,0,0.0) [kintegrityd/0] (root,0,0,0.0) [kintegrityd/1] (root,0,0,0.0) [kblockd/0] (root,0,0,0.0) [kblockd/1] (root,0,0,0.0) [kacpid] (root,0,0,0.0) [kacpi_notify] (root,0,0,0.0) [kacpi_hotplug] (root,0,0,0.0) [ata_aux] (root,0,0,0.0) [ata_sff/0] (root,0,0,0.0) [ata_sff/1] (root,0,0,0.0) [ksuspend_usbd] (root,0,0,0.0) [khubd] (root,0,0,0.0) [kseriod] (root,0,0,0.0) [md/0] (root,0,0,0.0) [md/1] (root,0,0,0.0) [md_misc/0] (root,0,0,0.0) [md_misc/1] (root,0,0,0.0) [linkwatch] (root,0,0,0.0) [khungtaskd] (root,0,0,0.0) [kswapd0] (root,0,0,0.0) [ksmd] (root,0,0,0.0) [khugepaged] (root,0,0,0.0) [aio/0] (root,0,0,0.0) [aio/1] (root,0,0,0.0) [crypto/0] (root,0,0,0.0) [crypto/1] (root,0,0,0.0) [kthrotld/0] (root,0,0,0.0) [kthrotld/1] (root,0,0,0.0) [pciehpd] (root,0,0,0.0) [kpsmoused] (root,0,0,0.0) [usbhid_resumer] (root,0,0,0.0) [deferwq] (root,0,0,0.0) [kdmremove] (root,0,0,0.0) [kstriped] (root,0,0,0.0) [scsi_eh_0] (root,0,0,0.0) [scsi_eh_1] (root,0,0,0.0) [scsi_eh_2] (root,0,0,0.0) [vmw_pvscsi_wq_2] (root,0,0,0.0) [kdmflush] (root,0,0,0.0) [kdmflush] (root,0,0,0.0) [jbd2/dm-0-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,10900,264,0.0) /sbin/udevd -d (root,0,0,0.0) [vmmemctl] (root,0,0,0.0) [jbd2/sda1-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,0,0,0.0) [kauditd] (root,0,0,0.0) [flush-253:0] (root,37200,420,0.0) /usr/local/sbin/keepalived -D (root,39304,1332,0.0) /usr/local/sbin/keepalived -D (root,39304,784,0.0) /usr/local/sbin/keepalived -D (postfix,80956,3380,0.0) showq -t unix -u (root,93156,732,0.0) auditd (root,249856,5556,0.0) /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 (rpc,19108,868,0.0) rpcbind (root,200180,1904,0.0) /usr/sbin/snmpd -LS0-6d -Lf /dev/null -p /var/run/snmpd.pid (root,66224,608,0.0) /usr/sbin/sshd (root,21716,744,0.0) xinetd -stayalive -pidfile /var/run/xinetd.pid (root,71216,1676,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (nagios,41464,744,0.0) nrpe -c /etc/nagios/nrpe.cfg -d (root,387708,10448,0.0) /usr/bin/vmtoolsd (root,31840,344,0.0) /usr/sbin/htcacheclean -d5 -n -i -p/var/cache/mod_proxy -l150M (5008,213572,13656,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (root,116856,676,0.0) crond (root,214584,59572,0.1) splunkd -p 8089 start (root,62884,824,0.0) [splunkd pid=2622] splunkd -p 8089 start [process-runner] (root,198272,1040,0.0) /usr/bin/python -Es /usr/bin/fail2ban-server -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid -x -b (root,251276,14672,0.1) /usr/bin/monitorix -c /etc/monitorix/monitorix.conf -p /var/run/monitorix.pid (root,4064,484,0.0) /sbin/mingetty /dev/tty1 (root,4064,484,0.0) /sbin/mingetty /dev/tty2 (root,4064,484,0.0) /sbin/mingetty /dev/tty3 (root,4064,484,0.0) /sbin/mingetty /dev/tty4 (root,4064,484,0.0) /sbin/mingetty /dev/tty5 (root,4064,484,0.0) /sbin/mingetty /dev/tty6 (nobody,217028,2076,0.0) monitorix-httpd listening on 8080 (5008,213448,13656,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (root,10896,204,0.0) /sbin/udevd -d (root,10896,176,0.0) /sbin/udevd -d (5008,213452,13676,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (opendkim,2132772,4664,0.1) /usr/sbin/opendkim -x /etc/opendkim.conf -P /var/run/opendkim/opendkim.pid (root,108168,676,0.0) /bin/sh /usr/bin/mysqld_safe --datadir=/var/lib/mysql --socket=/var/lib/mysql/mysql.sock --pid-file=/var/run/mysqld/mysqld.pid --basedir=/usr --user=mysql (mysql,4554580,1644576,1.2) /usr/libexec/mysqld --basedir=/usr --datadir=/var/lib/mysql --user=mysql --log-error=/var/log/mysqld.log --pid-file=/var/run/mysqld/mysqld.pid --socket=/var/lib/mysql/mysql.sock (postfix,80940,3316,0.0) spawn -z -n 127.0.0.1:2527 -t inet user=nobody argv=/etc/postfix/random.pl (postfix,80952,3324,0.0) pickup -l -t fifo -u (5008,213448,13584,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,97240,6716,0.1) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (5008,213584,13740,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (apache,476080,39956,0.6) /usr/sbin/httpd (apache,473648,37560,0.6) /usr/sbin/httpd (postfix,97208,6708,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,81444,4900,0.0) smtp -n rotate3 -t unix -u -o syslog_name=postfix-rotate3 -o smtp_helo_name=smtp112.ext.armada.it -o smtp_bind_address=5.134.127.227 (5008,213448,13544,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,81444,4924,0.0) smtp -n rotate1 -t unix -u -o syslog_name=postfix-rotate1 -o smtp_helo_name=smtp110.ext.armada.it -o smtp_bind_address=5.134.127.225 (postfix,81440,4892,0.0) smtp -n rotate5 -t unix -u -o syslog_name=postfix-rotate5 -o smtp_helo_name=smtp114.ext.armada.it -o smtp_bind_address=5.134.127.229 (apache,456344,17788,0.0) /usr/sbin/httpd (apache,456080,17564,0.0) /usr/sbin/httpd (apache,464100,27672,0.7) /usr/sbin/httpd (postfix,81176,3656,0.0) cleanup -z -t unix -u (postfix,80960,3396,0.0) trivial-rewrite -n rewrite -t unix -u (nobody,35692,4624,0.0) /usr/bin/perl -w /etc/postfix/random.pl (postfix,81176,3652,0.1) cleanup -z -t unix -u (postfix,81440,4884,0.0) smtp -n rotate2 -t unix -u -o syslog_name=postfix-rotate2 -o smtp_helo_name=smtp111.ext.armada.it -o smtp_bind_address=5.134.127.226 (postfix,81444,4900,0.1) smtp -n rotate4 -t unix -u -o syslog_name=postfix-rotate4 -o smtp_helo_name=smtp113.ext.armada.it -o smtp_bind_address=5.134.127.228 (postfix,81444,4900,0.1) smtp -n rotate3 -t unix -u -o syslog_name=postfix-rotate3 -o smtp_helo_name=smtp112.ext.armada.it -o smtp_bind_address=5.134.127.227 (postfix,97208,6712,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (root,353708,16604,0.0) /usr/sbin/httpd (5008,213324,11880,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (5008,182364,9032,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (5008,213324,12312,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,81444,4904,0.0) smtp -n rotate2 -t unix -u -o syslog_name=postfix-rotate2 -o smtp_helo_name=smtp111.ext.armada.it -o smtp_bind_address=5.134.127.226 (postfix,80960,3372,0.0) discard -z -n defer -t unix -u (postfix,81440,4888,0.0) smtp -n rotate1 -t unix -u -o syslog_name=postfix-rotate1 -o smtp_helo_name=smtp110.ext.armada.it -o smtp_bind_address=5.134.127.225 (root,67568,3160,0.0) sshd: [accepted] (sshd,67568,1400,0.0) sshd: [net] (5008,213324,11880,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,81440,4884,0.0) smtp -n rotate5 -t unix -u -o syslog_name=postfix-rotate5 -o smtp_helo_name=smtp114.ext.armada.it -o smtp_bind_address=5.134.127.229 (root,101428,4428,0.8) sshd: root [priv] (sshd,67568,1660,0.0) sshd: root [net] (root,110232,1572,0.3) /bin/bash /usr/bin/check_mk_agent (root,110232,736,0.0) /bin/bash /usr/bin/check_mk_agent (root,110232,652,0.0) /bin/bash /usr/bin/check_mk_agent (root,830732,11088,2.0) python /usr/lib64/nagios/plugins/check_blacklist -w 1 -c 3 -h 5.134.127.110 (root,101288,4312,0.8) sshd: root [priv] (sshd,67568,1648,0.0) sshd: root [net] (root,101288,4292,1.2) sshd: root [priv] (root,101288,4296,1.2) sshd: root [priv] (sshd,67568,1660,0.0) sshd: root [net] (sshd,67568,1648,0.0) sshd: root [net] (root,101288,4288,1.2) sshd: root [priv] (sshd,67568,1648,0.0) sshd: root [net] (root,67568,3200,0.0) sshd: [accepted] (root,101292,4288,3.5) sshd: root [priv] (sshd,67568,1648,0.0) sshd: root [net] (sshd,67568,1444,0.0) sshd: [net] (root,110232,1536,0.0) /bin/bash /usr/bin/check_mk_agent (root,13364,1008,1.0) ps ax -o user,vsz,rss,pcpu,command --columns 10000 (root,8392,828,0.0) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4) / (root,81000,2340,0.0) /usr/libexec/postfix/master (postfix,83016,3716,0.0) qmgr -l -t fifo -u (postfix,82044,3256,0.0) tlsmgr -l -t unix -u (postfix,81668,2404,0.0) anvil -l -t unix -u (root,0,0,0.0) [migration/3] (root,0,0,0.0) [stopper/3] (root,0,0,0.0) [ksoftirqd/3] (root,0,0,0.0) [kthrotld/3] (root,0,0,0.0) [crypto/3] (root,0,0,0.0) [aio/3] (root,0,0,0.0) [md_misc/3] (root,0,0,0.0) [md/3] (root,0,0,0.0) [ata_sff/3] (root,0,0,0.0) [kblockd/3] (root,0,0,0.0) [kintegrityd/3] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_long/3] (root,0,0,0.0) [events/3] (root,0,0,0.0) [events/3] (root,0,0,0.0) [watchdog/3] (root,0,0,0.0) [migration/2] (root,0,0,0.0) [stopper/2] (root,0,0,0.0) [ksoftirqd/2] (root,0,0,0.0) [kthrotld/2] (root,0,0,0.0) [crypto/2] (root,0,0,0.0) [aio/2] (root,0,0,0.0) [md_misc/2] (root,0,0,0.0) [md/2] (root,0,0,0.0) [ata_sff/2] (root,0,0,0.0) [kblockd/2] (root,0,0,0.0) [kintegrityd/2] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_long/2] (root,0,0,0.0) [events/2] (root,0,0,0.0) [events/2] (root,0,0,0.0) [watchdog/2] (5008,213452,13680,0.0) /usr/bin/perl /usr/sbin/cbpolicyd
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbd51b336f6083b8906ad374733d13f17ac92bc344
Found public CheckMk agent: Version: 1.2.4p1 AgentOS: linux PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local SpoolDirectory: /etc/check_mk/spool AgentDirectory: /etc/check_mk OnlyFrom: Found process list through CheckMk: (root,19232,1036,0.0) /sbin/init (root,0,0,0.0) [kthreadd] (root,0,0,0.0) [migration/0] (root,0,0,0.0) [ksoftirqd/0] (root,0,0,0.0) [stopper/0] (root,0,0,0.0) [watchdog/0] (root,0,0,0.0) [migration/1] (root,0,0,0.0) [stopper/1] (root,0,0,0.0) [ksoftirqd/1] (root,0,0,0.0) [watchdog/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events_long/0] (root,0,0,0.0) [events_long/1] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [cgroup] (root,0,0,0.0) [khelper] (root,0,0,0.0) [netns] (root,0,0,0.0) [async/mgr] (root,0,0,0.0) [pm] (root,0,0,0.0) [sync_supers] (root,0,0,0.0) [bdi-default] (root,0,0,0.0) [kintegrityd/0] (root,0,0,0.0) [kintegrityd/1] (root,0,0,0.0) [kblockd/0] (root,0,0,0.0) [kblockd/1] (root,0,0,0.0) [kacpid] (root,0,0,0.0) [kacpi_notify] (root,0,0,0.0) [kacpi_hotplug] (root,0,0,0.0) [ata_aux] (root,0,0,0.0) [ata_sff/0] (root,0,0,0.0) [ata_sff/1] (root,0,0,0.0) [ksuspend_usbd] (root,0,0,0.0) [khubd] (root,0,0,0.0) [kseriod] (root,0,0,0.0) [md/0] (root,0,0,0.0) [md/1] (root,0,0,0.0) [md_misc/0] (root,0,0,0.0) [md_misc/1] (root,0,0,0.0) [linkwatch] (root,0,0,0.0) [khungtaskd] (root,0,0,0.0) [kswapd0] (root,0,0,0.0) [ksmd] (root,0,0,0.0) [khugepaged] (root,0,0,0.0) [aio/0] (root,0,0,0.0) [aio/1] (root,0,0,0.0) [crypto/0] (root,0,0,0.0) [crypto/1] (root,0,0,0.0) [kthrotld/0] (root,0,0,0.0) [kthrotld/1] (root,0,0,0.0) [pciehpd] (root,0,0,0.0) [kpsmoused] (root,0,0,0.0) [usbhid_resumer] (root,0,0,0.0) [deferwq] (root,0,0,0.0) [kdmremove] (root,0,0,0.0) [kstriped] (root,0,0,0.0) [scsi_eh_0] (root,0,0,0.0) [scsi_eh_1] (root,0,0,0.0) [scsi_eh_2] (root,0,0,0.0) [vmw_pvscsi_wq_2] (root,0,0,0.0) [kdmflush] (root,0,0,0.0) [kdmflush] (root,0,0,0.0) [jbd2/dm-0-8] (root,0,0,0.0) [ext4-dio-unwrit] (postfix,81440,4900,0.0) smtp -n rotate2 -t unix -u -o syslog_name=postfix-rotate2 -o smtp_helo_name=smtp111.ext.armada.it -o smtp_bind_address=5.134.127.226 (root,10900,264,0.0) /sbin/udevd -d (root,0,0,0.0) [vmmemctl] (postfix,81440,4896,0.0) smtp -n rotate1 -t unix -u -o syslog_name=postfix-rotate1 -o smtp_helo_name=smtp110.ext.armada.it -o smtp_bind_address=5.134.127.225 (root,0,0,0.0) [jbd2/sda1-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,0,0,0.0) [kauditd] (postfix,97204,6680,0.0) smtpd -n submission -t inet -u -o stress= -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,97052,6300,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (root,0,0,0.0) [flush-253:0] (root,37200,420,0.0) /usr/local/sbin/keepalived -D (root,39304,1332,0.0) /usr/local/sbin/keepalived -D (root,39304,784,0.0) /usr/local/sbin/keepalived -D (postfix,81444,4892,0.0) smtp -n rotate4 -t unix -u -o syslog_name=postfix-rotate4 -o smtp_helo_name=smtp113.ext.armada.it -o smtp_bind_address=5.134.127.228 (postfix,80988,3436,0.0) bounce -z -t unix -u (5008,213324,11344,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (root,98636,3776,0.0) sshd: unknown [priv] (sshd,67568,1752,0.0) sshd: unknown [net] (root,110232,1568,0.1) /bin/bash /usr/bin/check_mk_agent (root,110232,732,0.0) /bin/bash /usr/bin/check_mk_agent (root,110232,648,0.0) /bin/bash /usr/bin/check_mk_agent (root,830736,17220,2.2) python /usr/lib64/nagios/plugins/check_blacklist -w 1 -c 3 -h 5.134.127.110 (postfix,80960,3380,0.0) trivial-rewrite -n rewrite -t unix -u (nobody,35692,4624,1.0) /usr/bin/perl -w /etc/postfix/random.pl (root,110232,1536,0.0) /bin/bash /usr/bin/check_mk_agent (root,13368,1012,0.0) ps ax -o user,vsz,rss,pcpu,command --columns 10000 (root,8392,828,0.0) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4) / (root,93156,732,0.0) auditd (root,249856,5568,0.0) /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 (rpc,19108,868,0.0) rpcbind (root,200180,1892,0.0) /usr/sbin/snmpd -LS0-6d -Lf /dev/null -p /var/run/snmpd.pid (root,66224,608,0.0) /usr/sbin/sshd (root,21716,744,0.0) xinetd -stayalive -pidfile /var/run/xinetd.pid (5008,213620,13176,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (root,71216,1676,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (nagios,41464,744,0.0) nrpe -c /etc/nagios/nrpe.cfg -d (root,385104,7824,0.0) /usr/bin/vmtoolsd (root,31840,344,0.0) /usr/sbin/htcacheclean -d5 -n -i -p/var/cache/mod_proxy -l150M (root,116856,676,0.0) crond (postfix,80940,3356,0.0) spawn -z -n 127.0.0.1:2527 -t inet user=nobody argv=/etc/postfix/random.pl (root,214584,57796,0.1) splunkd -p 8089 start (root,62884,824,0.0) [splunkd pid=2622] splunkd -p 8089 start [process-runner] (root,198272,1040,0.0) /usr/bin/python -Es /usr/bin/fail2ban-server -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid -x -b (root,251276,13816,0.1) /usr/bin/monitorix -c /etc/monitorix/monitorix.conf -p /var/run/monitorix.pid (root,4064,484,0.0) /sbin/mingetty /dev/tty1 (root,4064,484,0.0) /sbin/mingetty /dev/tty2 (root,4064,484,0.0) /sbin/mingetty /dev/tty3 (root,4064,484,0.0) /sbin/mingetty /dev/tty4 (root,4064,484,0.0) /sbin/mingetty /dev/tty5 (root,4064,484,0.0) /sbin/mingetty /dev/tty6 (nobody,217028,2076,0.0) monitorix-httpd listening on 8080 (5008,213452,13068,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (root,10896,204,0.0) /sbin/udevd -d (root,10896,176,0.0) /sbin/udevd -d (opendkim,2132772,4576,0.1) /usr/sbin/opendkim -x /etc/opendkim.conf -P /var/run/opendkim/opendkim.pid (root,108168,676,0.0) /bin/sh /usr/bin/mysqld_safe --datadir=/var/lib/mysql --socket=/var/lib/mysql/mysql.sock --pid-file=/var/run/mysqld/mysqld.pid --basedir=/usr --user=mysql (mysql,4554580,1626868,1.2) /usr/libexec/mysqld --basedir=/usr --datadir=/var/lib/mysql --user=mysql --log-error=/var/log/mysqld.log --pid-file=/var/run/mysqld/mysqld.pid --socket=/var/lib/mysql/mysql.sock (apache,469396,33212,0.6) /usr/sbin/httpd (apache,473656,37516,0.7) /usr/sbin/httpd (apache,465852,29680,0.7) /usr/sbin/httpd (5008,213452,13040,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (5008,213448,13164,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (root,352448,14688,0.0) /usr/sbin/httpd (5008,182364,8376,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (root,81000,2352,0.0) /usr/libexec/postfix/master (postfix,83016,3692,0.0) qmgr -l -t fifo -u (postfix,82044,3164,0.0) tlsmgr -l -t unix -u (postfix,81668,2360,0.0) anvil -l -t unix -u (postfix,80956,3380,0.0) showq -t unix -u (postfix,80952,3324,0.0) pickup -l -t fifo -u (root,0,0,0.0) [migration/3] (root,0,0,0.0) [stopper/3] (root,0,0,0.0) [ksoftirqd/3] (root,0,0,0.0) [kthrotld/3] (root,0,0,0.0) [crypto/3] (root,0,0,0.0) [aio/3] (root,0,0,0.0) [md_misc/3] (root,0,0,0.0) [md/3] (root,0,0,0.0) [ata_sff/3] (root,0,0,0.0) [kblockd/3] (root,0,0,0.0) [kintegrityd/3] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_long/3] (root,0,0,0.0) [events/3] (root,0,0,0.0) [events/3] (root,0,0,0.0) [watchdog/3] (root,0,0,0.0) [migration/2] (root,0,0,0.0) [stopper/2] (root,0,0,0.0) [ksoftirqd/2] (root,0,0,0.0) [kthrotld/2] (root,0,0,0.0) [crypto/2] (root,0,0,0.0) [aio/2] (root,0,0,0.0) [md_misc/2] (root,0,0,0.0) [md/2] (root,0,0,0.0) [ata_sff/2] (root,0,0,0.0) [kblockd/2] (root,0,0,0.0) [kintegrityd/2] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_long/2] (root,0,0,0.0) [events/2] (root,0,0,0.0) [events/2] (root,0,0,0.0) [watchdog/2] (5008,213448,13128,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (5008,213448,13148,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,97236,6748,0.1) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,97240,6752,0.1) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,97232,6768,0.1) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (5008,213324,11808,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,81176,3656,0.0) cleanup -z -t unix -u (postfix,97208,6680,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,81440,4892,0.0) smtp -n rotate3 -t unix -u -o syslog_name=postfix-rotate3 -o smtp_helo_name=smtp112.ext.armada.it -o smtp_bind_address=5.134.127.227 (postfix,81440,4896,0.0) smtp -n rotate4 -t unix -u -o syslog_name=postfix-rotate4 -o smtp_helo_name=smtp113.ext.armada.it -o smtp_bind_address=5.134.127.228 (postfix,81444,4892,0.0) smtp -n rotate3 -t unix -u -o syslog_name=postfix-rotate3 -o smtp_helo_name=smtp112.ext.armada.it -o smtp_bind_address=5.134.127.227 (apache,464660,28512,0.7) /usr/sbin/httpd (postfix,81444,4920,0.0) smtp -n rotate5 -t unix -u -o syslog_name=postfix-rotate5 -o smtp_helo_name=smtp114.ext.armada.it -o smtp_bind_address=5.134.127.229 (postfix,81440,4892,0.0) smtp -n rotate2 -t unix -u -o syslog_name=postfix-rotate2 -o smtp_helo_name=smtp111.ext.armada.it -o smtp_bind_address=5.134.127.226 (postfix,81440,4880,0.0) smtp -n rotate5 -t unix -u -o syslog_name=postfix-rotate5 -o smtp_helo_name=smtp114.ext.armada.it -o smtp_bind_address=5.134.127.229
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbd51b336f6083b8906ad374733d13f17aea42374a
Found public CheckMk agent: Version: 1.2.4p1 AgentOS: linux PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local SpoolDirectory: /etc/check_mk/spool AgentDirectory: /etc/check_mk OnlyFrom: Found process list through CheckMk: (root,19232,1052,0.0) /sbin/init (root,0,0,0.0) [kthreadd] (root,0,0,0.0) [migration/0] (root,0,0,0.0) [ksoftirqd/0] (root,0,0,0.0) [stopper/0] (root,0,0,0.0) [watchdog/0] (root,0,0,0.0) [migration/1] (root,0,0,0.0) [stopper/1] (root,0,0,0.0) [ksoftirqd/1] (root,0,0,0.0) [watchdog/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events_long/0] (root,0,0,0.0) [events_long/1] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [cgroup] (root,0,0,0.0) [khelper] (root,0,0,0.0) [netns] (root,0,0,0.0) [async/mgr] (root,0,0,0.0) [pm] (root,0,0,0.0) [sync_supers] (root,0,0,0.0) [bdi-default] (root,0,0,0.0) [kintegrityd/0] (root,0,0,0.0) [kintegrityd/1] (root,0,0,0.0) [kblockd/0] (root,0,0,0.0) [kblockd/1] (root,0,0,0.0) [kacpid] (root,0,0,0.0) [kacpi_notify] (root,0,0,0.0) [kacpi_hotplug] (root,0,0,0.0) [ata_aux] (root,0,0,0.0) [ata_sff/0] (root,0,0,0.0) [ata_sff/1] (root,0,0,0.0) [ksuspend_usbd] (root,0,0,0.0) [khubd] (root,0,0,0.0) [kseriod] (root,0,0,0.0) [md/0] (root,0,0,0.0) [md/1] (root,0,0,0.0) [md_misc/0] (root,0,0,0.0) [md_misc/1] (root,0,0,0.0) [linkwatch] (root,0,0,0.0) [khungtaskd] (root,0,0,0.0) [kswapd0] (root,0,0,0.0) [ksmd] (root,0,0,0.0) [khugepaged] (root,0,0,0.0) [aio/0] (root,0,0,0.0) [aio/1] (root,0,0,0.0) [crypto/0] (root,0,0,0.0) [crypto/1] (root,0,0,0.0) [kthrotld/0] (root,0,0,0.0) [kthrotld/1] (root,0,0,0.0) [pciehpd] (root,0,0,0.0) [kpsmoused] (root,0,0,0.0) [usbhid_resumer] (root,0,0,0.0) [deferwq] (root,0,0,0.0) [kdmremove] (root,0,0,0.0) [kstriped] (root,0,0,0.0) [scsi_eh_0] (root,0,0,0.0) [scsi_eh_1] (root,0,0,0.0) [scsi_eh_2] (root,0,0,0.0) [vmw_pvscsi_wq_2] (root,0,0,0.0) [kdmflush] (root,0,0,0.0) [kdmflush] (root,0,0,0.0) [jbd2/dm-0-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,10900,264,0.0) /sbin/udevd -d (root,0,0,0.0) [vmmemctl] (root,0,0,0.0) [jbd2/sda1-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,0,0,0.0) [kauditd] (root,0,0,0.0) [flush-253:0] (root,37200,420,0.0) /usr/local/sbin/keepalived -D (root,39304,1332,0.0) /usr/local/sbin/keepalived -D (root,39304,784,0.0) /usr/local/sbin/keepalived -D (root,93156,732,0.0) auditd (root,249856,5596,0.0) /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 (rpc,19108,940,0.0) rpcbind (root,200180,1908,0.0) /usr/sbin/snmpd -LS0-6d -Lf /dev/null -p /var/run/snmpd.pid (root,66224,616,0.0) /usr/sbin/sshd (root,21716,744,0.0) xinetd -stayalive -pidfile /var/run/xinetd.pid (root,71216,1676,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,85816,1808,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,85816,1808,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (nagios,41464,744,0.0) nrpe -c /etc/nagios/nrpe.cfg -d (root,383492,12124,0.0) /usr/bin/vmtoolsd (root,31840,344,0.0) /usr/sbin/htcacheclean -d5 -n -i -p/var/cache/mod_proxy -l150M (root,116856,676,0.0) crond (root,214584,59344,0.1) splunkd -p 8089 start (root,62884,824,0.0) [splunkd pid=2622] splunkd -p 8089 start [process-runner] (root,198272,1040,0.0) /usr/bin/python -Es /usr/bin/fail2ban-server -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid -x -b (root,251276,14688,0.1) /usr/bin/monitorix -c /etc/monitorix/monitorix.conf -p /var/run/monitorix.pid (root,4064,484,0.0) /sbin/mingetty /dev/tty1 (root,4064,484,0.0) /sbin/mingetty /dev/tty2 (root,4064,484,0.0) /sbin/mingetty /dev/tty3 (root,4064,484,0.0) /sbin/mingetty /dev/tty4 (root,4064,484,0.0) /sbin/mingetty /dev/tty5 (root,4064,484,0.0) /sbin/mingetty /dev/tty6 (nobody,217028,2084,0.0) monitorix-httpd listening on 8080 (root,10896,208,0.0) /sbin/udevd -d (root,10896,180,0.0) /sbin/udevd -d (5008,213452,13736,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (opendkim,2153260,5364,0.1) /usr/sbin/opendkim -x /etc/opendkim.conf -P /var/run/opendkim/opendkim.pid (5008,213440,13636,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (root,108168,708,0.0) /bin/sh /usr/bin/mysqld_safe --datadir=/var/lib/mysql --socket=/var/lib/mysql/mysql.sock --pid-file=/var/run/mysqld/mysqld.pid --basedir=/usr --user=mysql (mysql,4554580,2334064,1.2) /usr/libexec/mysqld --basedir=/usr --datadir=/var/lib/mysql --user=mysql --log-error=/var/log/mysqld.log --pid-file=/var/run/mysqld/mysqld.pid --socket=/var/lib/mysql/mysql.sock (5008,213448,13716,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (apache,461896,31804,0.1) /usr/sbin/httpd (apache,462028,32000,0.3) /usr/sbin/httpd (root,351672,20988,0.0) /usr/sbin/httpd (postfix,80952,3328,0.0) pickup -l -t fifo -u (5008,182364,9168,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (apache,461900,31864,0.4) /usr/sbin/httpd (apache,454044,22200,0.0) /usr/sbin/httpd (apache,462008,31892,0.2) /usr/sbin/httpd (root,81000,2404,0.0) /usr/libexec/postfix/master (postfix,83016,4304,0.0) qmgr -l -t fifo -u (postfix,82044,3672,0.0) tlsmgr -l -t unix -u (postfix,81668,2504,0.0) anvil -l -t unix -u (postfix,97208,6660,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,97208,6684,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,97208,6660,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,80956,3380,0.0) showq -t unix -u (postfix,97052,6348,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (5008,213452,13628,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (5008,213324,12412,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (5008,213324,11992,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,97208,6620,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (5008,213448,13588,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,80960,3388,0.0) trivial-rewrite -n rewrite -t unix -u (postfix,80940,3320,0.0) spawn -z -n 127.0.0.1:2527 -t inet user=nobody argv=/etc/postfix/random.pl (nobody,35692,4624,0.0) /usr/bin/perl -w /etc/postfix/random.pl (5008,213324,12180,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,81176,3660,0.0) cleanup -z -t unix -u (postfix,81440,4836,0.0) smtp -n rotate2 -t unix -u -o syslog_name=postfix-rotate2 -o smtp_helo_name=smtp111.ext.armada.it -o smtp_bind_address=5.134.127.226 (5008,213324,11992,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,81444,4872,0.0) smtp -n rotate2 -t unix -u -o syslog_name=postfix-rotate2 -o smtp_helo_name=smtp111.ext.armada.it -o smtp_bind_address=5.134.127.226 (postfix,81440,4876,0.0) smtp -n rotate5 -t unix -u -o syslog_name=postfix-rotate5 -o smtp_helo_name=smtp114.ext.armada.it -o smtp_bind_address=5.134.127.229 (postfix,81444,4876,0.0) smtp -n rotate2 -t unix -u -o syslog_name=postfix-rotate2 -o smtp_helo_name=smtp111.ext.armada.it -o smtp_bind_address=5.134.127.226 (postfix,80960,3372,0.0) discard -z -n defer -t unix -u (postfix,81444,4868,0.1) smtp -n rotate5 -t unix -u -o syslog_name=postfix-rotate5 -o smtp_helo_name=smtp114.ext.armada.it -o smtp_bind_address=5.134.127.229 (postfix,81440,4864,0.1) smtp -n rotate3 -t unix -u -o syslog_name=postfix-rotate3 -o smtp_helo_name=smtp112.ext.armada.it -o smtp_bind_address=5.134.127.227 (postfix,81444,4876,0.1) smtp -n rotate3 -t unix -u -o syslog_name=postfix-rotate3 -o smtp_helo_name=smtp112.ext.armada.it -o smtp_bind_address=5.134.127.227 (postfix,80988,3432,0.0) bounce -z -t unix -u (postfix,81440,4876,0.1) smtp -n rotate4 -t unix -u -o syslog_name=postfix-rotate4 -o smtp_helo_name=smtp113.ext.armada.it -o smtp_bind_address=5.134.127.228 (postfix,81288,4236,0.0) smtp -n rotate1 -t unix -u -o syslog_name=postfix-rotate1 -o smtp_helo_name=smtp110.ext.armada.it -o smtp_bind_address=5.134.127.225 (root,110232,1572,0.3) /bin/bash /usr/bin/check_mk_agent (root,110232,736,0.0) /bin/bash /usr/bin/check_mk_agent (root,110232,652,0.0) /bin/bash /usr/bin/check_mk_agent (root,830736,13132,1.5) python /usr/lib64/nagios/plugins/check_blacklist -w 1 -c 3 -h 5.134.127.110 (root,98636,3776,0.3) sshd: unknown [priv] (sshd,67568,1752,0.0) sshd: unknown [net] (root,110232,1532,0.0) /bin/bash /usr/bin/check_mk_agent (root,13368,1012,0.0) ps ax -o user,vsz,rss,pcpu,command --columns 10000 (root,8392,832,0.0) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4) / (root,0,0,0.0) [migration/3] (root,0,0,0.0) [stopper/3] (root,0,0,0.0) [ksoftirqd/3] (root,0,0,0.0) [kthrotld/3] (root,0,0,0.0) [crypto/3] (root,0,0,0.0) [aio/3] (root,0,0,0.0) [md_misc/3] (root,0,0,0.0) [md/3] (root,0,0,0.0) [ata_sff/3] (root,0,0,0.0) [kblockd/3] (root,0,0,0.0) [kintegrityd/3] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_long/3] (root,0,0,0.0) [events/3] (root,0,0,0.0) [events/3] (root,0,0,0.0) [watchdog/3] (root,0,0,0.0) [migration/2] (root,0,0,0.0) [stopper/2] (root,0,0,0.0) [ksoftirqd/2] (root,0,0,0.0) [kthrotld/2] (root,0,0,0.0) [crypto/2] (root,0,0,0.0) [aio/2] (root,0,0,0.0) [md_misc/2] (root,0,0,0.0) [md/2] (root,0,0,0.0) [ata_sff/2] (root,0,0,0.0) [kblockd/2] (root,0,0,0.0) [kintegrityd/2] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_long/2] (root,0,0,0.0) [events/2] (root,0,0,0.0) [events/2] (root,0,0,0.0) [watchdog/2]
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbd51b336f6083b8906ad374733d13f17a51df9a37
Found public CheckMk agent: Version: 1.2.4p1 AgentOS: linux PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local SpoolDirectory: /etc/check_mk/spool AgentDirectory: /etc/check_mk OnlyFrom: Found process list through CheckMk: (root,19232,1036,0.0) /sbin/init (root,0,0,0.0) [kthreadd] (root,0,0,0.0) [migration/0] (root,0,0,0.0) [ksoftirqd/0] (root,0,0,0.0) [stopper/0] (root,0,0,0.0) [watchdog/0] (root,0,0,0.0) [migration/1] (root,0,0,0.0) [stopper/1] (root,0,0,0.0) [ksoftirqd/1] (root,0,0,0.0) [watchdog/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events_long/0] (root,0,0,0.0) [events_long/1] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [cgroup] (root,0,0,0.0) [khelper] (root,0,0,0.0) [netns] (root,0,0,0.0) [async/mgr] (root,0,0,0.0) [pm] (root,0,0,0.0) [sync_supers] (root,0,0,0.0) [bdi-default] (root,0,0,0.0) [kintegrityd/0] (root,0,0,0.0) [kintegrityd/1] (root,0,0,0.0) [kblockd/0] (root,0,0,0.0) [kblockd/1] (root,0,0,0.0) [kacpid] (root,0,0,0.0) [kacpi_notify] (root,0,0,0.0) [kacpi_hotplug] (root,0,0,0.0) [ata_aux] (root,0,0,0.0) [ata_sff/0] (root,0,0,0.0) [ata_sff/1] (root,0,0,0.0) [ksuspend_usbd] (root,0,0,0.0) [khubd] (root,0,0,0.0) [kseriod] (root,0,0,0.0) [md/0] (root,0,0,0.0) [md/1] (root,0,0,0.0) [md_misc/0] (root,0,0,0.0) [md_misc/1] (root,0,0,0.0) [linkwatch] (root,0,0,0.0) [khungtaskd] (root,0,0,0.0) [kswapd0] (root,0,0,0.0) [ksmd] (root,0,0,0.0) [khugepaged] (root,0,0,0.0) [aio/0] (root,0,0,0.0) [aio/1] (root,0,0,0.0) [crypto/0] (root,0,0,0.0) [crypto/1] (root,0,0,0.0) [kthrotld/0] (root,0,0,0.0) [kthrotld/1] (root,0,0,0.0) [pciehpd] (root,0,0,0.0) [kpsmoused] (root,0,0,0.0) [usbhid_resumer] (root,0,0,0.0) [deferwq] (root,0,0,0.0) [kdmremove] (root,0,0,0.0) [kstriped] (root,0,0,0.0) [scsi_eh_0] (root,0,0,0.0) [scsi_eh_1] (root,0,0,0.0) [scsi_eh_2] (root,0,0,0.0) [vmw_pvscsi_wq_2] (root,0,0,0.0) [kdmflush] (root,0,0,0.0) [kdmflush] (root,0,0,0.0) [jbd2/dm-0-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,10900,264,0.0) /sbin/udevd -d (root,0,0,0.0) [vmmemctl] (root,0,0,0.0) [jbd2/sda1-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,0,0,0.0) [kauditd] (root,0,0,0.0) [flush-253:0] (root,37200,420,0.0) /usr/local/sbin/keepalived -D (root,39304,1332,0.0) /usr/local/sbin/keepalived -D (root,39304,784,0.0) /usr/local/sbin/keepalived -D (root,93156,732,0.0) auditd (root,249856,5600,0.0) /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 (rpc,19108,940,0.0) rpcbind (root,200180,1908,0.0) /usr/sbin/snmpd -LS0-6d -Lf /dev/null -p /var/run/snmpd.pid (root,66224,616,0.0) /usr/sbin/sshd (root,21716,744,0.0) xinetd -stayalive -pidfile /var/run/xinetd.pid (root,71216,1676,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (nagios,41464,744,0.0) nrpe -c /etc/nagios/nrpe.cfg -d (root,380016,8520,0.0) /usr/bin/vmtoolsd (root,31840,344,0.0) /usr/sbin/htcacheclean -d5 -n -i -p/var/cache/mod_proxy -l150M (root,116856,676,0.0) crond (root,214584,59840,0.1) splunkd -p 8089 start (root,62884,824,0.0) [splunkd pid=2622] splunkd -p 8089 start [process-runner] (root,198272,1040,0.0) /usr/bin/python -Es /usr/bin/fail2ban-server -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid -x -b (root,251276,14716,0.1) /usr/bin/monitorix -c /etc/monitorix/monitorix.conf -p /var/run/monitorix.pid (root,4064,484,0.0) /sbin/mingetty /dev/tty1 (root,4064,484,0.0) /sbin/mingetty /dev/tty2 (root,4064,484,0.0) /sbin/mingetty /dev/tty3 (root,4064,484,0.0) /sbin/mingetty /dev/tty4 (root,4064,484,0.0) /sbin/mingetty /dev/tty5 (root,4064,484,0.0) /sbin/mingetty /dev/tty6 (nobody,217028,2084,0.0) monitorix-httpd listening on 8080 (root,10896,208,0.0) /sbin/udevd -d (root,10896,180,0.0) /sbin/udevd -d (postfix,97208,6688,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,97104,6648,0.0) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (opendkim,2132772,5200,0.1) /usr/sbin/opendkim -x /etc/opendkim.conf -P /var/run/opendkim/opendkim.pid (postfix,80952,3324,0.0) pickup -l -t fifo -u (root,108168,708,0.0) /bin/sh /usr/bin/mysqld_safe --datadir=/var/lib/mysql --socket=/var/lib/mysql/mysql.sock --pid-file=/var/run/mysqld/mysqld.pid --basedir=/usr --user=mysql (mysql,4554580,2330840,1.2) /usr/libexec/mysqld --basedir=/usr --datadir=/var/lib/mysql --user=mysql --log-error=/var/log/mysqld.log --pid-file=/var/run/mysqld/mysqld.pid --socket=/var/lib/mysql/mysql.sock (5008,213452,13624,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,97104,6648,0.0) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (5008,213440,13664,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,97204,6716,1.2) smtpd -n submission -t inet -u -o stress= -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,80960,3380,0.0) trivial-rewrite -n rewrite -t unix -u (nobody,35692,4620,0.0) /usr/bin/perl -w /etc/postfix/random.pl (postfix,81176,3656,0.4) cleanup -z -t unix -u (postfix,81444,4892,0.1) smtp -n rotate3 -t unix -u -o syslog_name=postfix-rotate3 -o smtp_helo_name=smtp112.ext.armada.it -o smtp_bind_address=5.134.127.227 (postfix,81440,4888,0.1) smtp -n rotate2 -t unix -u -o syslog_name=postfix-rotate2 -o smtp_helo_name=smtp111.ext.armada.it -o smtp_bind_address=5.134.127.226 (postfix,81444,4888,0.2) smtp -n rotate4 -t unix -u -o syslog_name=postfix-rotate4 -o smtp_helo_name=smtp113.ext.armada.it -o smtp_bind_address=5.134.127.228 (postfix,81440,4904,0.1) smtp -n rotate1 -t unix -u -o syslog_name=postfix-rotate1 -o smtp_helo_name=smtp110.ext.armada.it -o smtp_bind_address=5.134.127.225 (postfix,81440,4888,0.1) smtp -n rotate5 -t unix -u -o syslog_name=postfix-rotate5 -o smtp_helo_name=smtp114.ext.armada.it -o smtp_bind_address=5.134.127.229 (postfix,97208,6604,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (root,110232,1568,0.0) /bin/bash /usr/bin/check_mk_agent (root,110232,732,0.0) /bin/bash /usr/bin/check_mk_agent (root,110232,648,0.0) /bin/bash /usr/bin/check_mk_agent (root,830732,11092,0.6) python /usr/lib64/nagios/plugins/check_blacklist -w 1 -c 3 -h 5.134.127.110 (root,98636,3768,0.0) sshd: unknown [priv] (sshd,67568,1748,0.0) sshd: unknown [net] (root,69640,3360,0.0) sshd: [accepted] (sshd,67568,1580,0.0) sshd: [net] (root,110232,1532,0.0) /bin/bash /usr/bin/check_mk_agent (root,13368,1008,0.0) ps ax -o user,vsz,rss,pcpu,command --columns 10000 (root,8392,824,0.0) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4) / (5008,213580,13844,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (apache,472584,42936,0.4) /usr/sbin/httpd (apache,470388,40784,0.4) /usr/sbin/httpd (postfix,80940,3356,0.0) spawn -z -n 127.0.0.1:2527 -t inet user=nobody argv=/etc/postfix/random.pl (root,349928,19244,0.0) /usr/sbin/httpd (5008,182364,9156,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (apache,466252,36552,0.3) /usr/sbin/httpd (apache,467216,37508,0.3) /usr/sbin/httpd (5008,213580,13816,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (root,81000,2408,0.0) /usr/libexec/postfix/master (postfix,83016,4304,0.0) qmgr -l -t fifo -u (postfix,82044,3636,0.0) tlsmgr -l -t unix -u (postfix,81668,2504,0.0) anvil -l -t unix -u (root,0,0,0.0) [migration/3] (root,0,0,0.0) [stopper/3] (root,0,0,0.0) [ksoftirqd/3] (root,0,0,0.0) [kthrotld/3] (root,0,0,0.0) [crypto/3] (root,0,0,0.0) [aio/3] (root,0,0,0.0) [md_misc/3] (root,0,0,0.0) [md/3] (root,0,0,0.0) [ata_sff/3] (root,0,0,0.0) [kblockd/3] (root,0,0,0.0) [kintegrityd/3] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_long/3] (root,0,0,0.0) [events/3] (root,0,0,0.0) [events/3] (root,0,0,0.0) [watchdog/3] (root,0,0,0.0) [migration/2] (root,0,0,0.0) [stopper/2] (root,0,0,0.0) [ksoftirqd/2] (root,0,0,0.0) [kthrotld/2] (root,0,0,0.0) [crypto/2] (root,0,0,0.0) [aio/2] (root,0,0,0.0) [md_misc/2] (root,0,0,0.0) [md/2] (root,0,0,0.0) [ata_sff/2] (root,0,0,0.0) [kblockd/2] (root,0,0,0.0) [kintegrityd/2] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_long/2] (root,0,0,0.0) [events/2] (root,0,0,0.0) [events/2] (root,0,0,0.0) [watchdog/2] (postfix,80956,3380,0.0) showq -t unix -u (5008,213712,13916,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (apache,464928,35332,0.3) /usr/sbin/httpd
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbd51b336f6083b8906ad374733d13f17ac2fd3018
Found public CheckMk agent: Version: 1.2.4p1 AgentOS: linux PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local SpoolDirectory: /etc/check_mk/spool AgentDirectory: /etc/check_mk OnlyFrom: Found process list through CheckMk: (root,19232,1052,0.0) /sbin/init (root,0,0,0.0) [kthreadd] (root,0,0,0.0) [migration/0] (root,0,0,0.0) [ksoftirqd/0] (root,0,0,0.0) [stopper/0] (root,0,0,0.0) [watchdog/0] (root,0,0,0.0) [migration/1] (root,0,0,0.0) [stopper/1] (root,0,0,0.0) [ksoftirqd/1] (root,0,0,0.0) [watchdog/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events_long/0] (root,0,0,0.0) [events_long/1] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [cgroup] (root,0,0,0.0) [khelper] (root,0,0,0.0) [netns] (root,0,0,0.0) [async/mgr] (root,0,0,0.0) [pm] (root,0,0,0.0) [sync_supers] (root,0,0,0.0) [bdi-default] (root,0,0,0.0) [kintegrityd/0] (root,0,0,0.0) [kintegrityd/1] (root,0,0,0.0) [kblockd/0] (root,0,0,0.0) [kblockd/1] (root,0,0,0.0) [kacpid] (root,0,0,0.0) [kacpi_notify] (root,0,0,0.0) [kacpi_hotplug] (root,0,0,0.0) [ata_aux] (root,0,0,0.0) [ata_sff/0] (root,0,0,0.0) [ata_sff/1] (root,0,0,0.0) [ksuspend_usbd] (root,0,0,0.0) [khubd] (root,0,0,0.0) [kseriod] (root,0,0,0.0) [md/0] (root,0,0,0.0) [md/1] (root,0,0,0.0) [md_misc/0] (root,0,0,0.0) [md_misc/1] (root,0,0,0.0) [linkwatch] (root,0,0,0.0) [khungtaskd] (root,0,0,0.0) [kswapd0] (root,0,0,0.0) [ksmd] (root,0,0,0.0) [khugepaged] (root,0,0,0.0) [aio/0] (root,0,0,0.0) [aio/1] (root,0,0,0.0) [crypto/0] (root,0,0,0.0) [crypto/1] (root,0,0,0.0) [kthrotld/0] (root,0,0,0.0) [kthrotld/1] (root,0,0,0.0) [pciehpd] (root,0,0,0.0) [kpsmoused] (root,0,0,0.0) [usbhid_resumer] (root,0,0,0.0) [deferwq] (root,0,0,0.0) [kdmremove] (root,0,0,0.0) [kstriped] (root,0,0,0.0) [scsi_eh_0] (root,0,0,0.0) [scsi_eh_1] (root,0,0,0.0) [scsi_eh_2] (root,0,0,0.0) [vmw_pvscsi_wq_2] (root,0,0,0.0) [kdmflush] (root,0,0,0.0) [kdmflush] (root,0,0,0.0) [jbd2/dm-0-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,10900,272,0.0) /sbin/udevd -d (root,0,0,0.0) [vmmemctl] (root,0,0,0.0) [jbd2/sda1-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,0,0,0.0) [kauditd] (root,0,0,0.0) [flush-253:0] (root,37200,420,0.0) /usr/local/sbin/keepalived -D (root,39304,1360,0.0) /usr/local/sbin/keepalived -D (root,39304,784,0.0) /usr/local/sbin/keepalived -D (root,93156,732,0.0) auditd (root,249856,5576,0.0) /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 (rpc,19108,964,0.0) rpcbind (root,200180,1896,0.0) /usr/sbin/snmpd -LS0-6d -Lf /dev/null -p /var/run/snmpd.pid (root,66224,616,0.0) /usr/sbin/sshd (root,21716,744,0.0) xinetd -stayalive -pidfile /var/run/xinetd.pid (root,71216,1676,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (nagios,41464,744,0.0) nrpe -c /etc/nagios/nrpe.cfg -d (root,376420,12780,0.0) /usr/bin/vmtoolsd (root,31840,348,0.0) /usr/sbin/htcacheclean -d5 -n -i -p/var/cache/mod_proxy -l150M (root,116856,676,0.0) crond (root,214584,59936,0.1) splunkd -p 8089 start (root,62884,824,0.0) [splunkd pid=2622] splunkd -p 8089 start [process-runner] (root,198272,1040,0.0) /usr/bin/python -Es /usr/bin/fail2ban-server -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid -x -b (5008,213592,13824,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (root,251276,14796,0.1) /usr/bin/monitorix -c /etc/monitorix/monitorix.conf -p /var/run/monitorix.pid (root,4064,484,0.0) /sbin/mingetty /dev/tty1 (root,4064,484,0.0) /sbin/mingetty /dev/tty2 (root,4064,484,0.0) /sbin/mingetty /dev/tty3 (root,4064,484,0.0) /sbin/mingetty /dev/tty4 (root,4064,484,0.0) /sbin/mingetty /dev/tty5 (root,4064,484,0.0) /sbin/mingetty /dev/tty6 (nobody,217028,2104,0.0) monitorix-httpd listening on 8080 (root,10896,216,0.0) /sbin/udevd -d (root,10896,188,0.0) /sbin/udevd -d (apache,461052,34240,0.2) /usr/sbin/httpd (5008,213588,13828,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (apache,464024,37364,0.3) /usr/sbin/httpd (opendkim,2132772,8152,0.1) /usr/sbin/opendkim -x /etc/opendkim.conf -P /var/run/opendkim/opendkim.pid (apache,469744,43140,0.4) /usr/sbin/httpd (root,108168,816,0.0) /bin/sh /usr/bin/mysqld_safe --datadir=/var/lib/mysql --socket=/var/lib/mysql/mysql.sock --pid-file=/var/run/mysqld/mysqld.pid --basedir=/usr --user=mysql (mysql,4554580,2332436,1.2) /usr/libexec/mysqld --basedir=/usr --datadir=/var/lib/mysql --user=mysql --log-error=/var/log/mysqld.log --pid-file=/var/run/mysqld/mysqld.pid --socket=/var/lib/mysql/mysql.sock (apache,471456,42644,0.4) /usr/sbin/httpd (5008,213448,13780,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,80956,3376,0.0) showq -t unix -u (5008,213452,13704,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (root,348188,20508,0.0) /usr/sbin/httpd (5008,182364,9260,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,81176,3660,0.0) cleanup -z -t unix -u (apache,465040,36396,0.2) /usr/sbin/httpd (postfix,97168,6720,0.0) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (root,81000,3400,0.0) /usr/libexec/postfix/master (postfix,83016,5472,0.0) qmgr -l -t fifo -u (postfix,82044,4960,0.0) tlsmgr -l -t unix -u (postfix,81668,3724,0.0) anvil -l -t unix -u (postfix,81176,3660,0.0) cleanup -z -t unix -u (postfix,97240,6732,0.0) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,97232,6688,0.0) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,80952,3328,0.0) pickup -l -t fifo -u (5008,213452,13784,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,97208,6612,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,80960,3396,0.0) trivial-rewrite -n rewrite -t unix -u (postfix,80940,3320,0.0) spawn -z -n 127.0.0.1:2527 -t inet user=nobody argv=/etc/postfix/random.pl (nobody,35692,4624,0.0) /usr/bin/perl -w /etc/postfix/random.pl (postfix,81440,4900,0.0) smtp -n rotate1 -t unix -u -o syslog_name=postfix-rotate1 -o smtp_helo_name=smtp110.ext.armada.it -o smtp_bind_address=5.134.127.225 (postfix,81440,4896,0.0) smtp -n rotate2 -t unix -u -o syslog_name=postfix-rotate2 -o smtp_helo_name=smtp111.ext.armada.it -o smtp_bind_address=5.134.127.226 (postfix,81440,4892,0.0) smtp -n rotate4 -t unix -u -o syslog_name=postfix-rotate4 -o smtp_helo_name=smtp113.ext.armada.it -o smtp_bind_address=5.134.127.228 (postfix,97208,6632,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,81440,4880,0.0) smtp -n rotate1 -t unix -u -o syslog_name=postfix-rotate1 -o smtp_helo_name=smtp110.ext.armada.it -o smtp_bind_address=5.134.127.225 (postfix,81440,4892,0.0) smtp -n rotate3 -t unix -u -o syslog_name=postfix-rotate3 -o smtp_helo_name=smtp112.ext.armada.it -o smtp_bind_address=5.134.127.227 (postfix,81444,4884,0.0) smtp -n rotate5 -t unix -u -o syslog_name=postfix-rotate5 -o smtp_helo_name=smtp114.ext.armada.it -o smtp_bind_address=5.134.127.229 (root,110232,1572,0.1) /bin/bash /usr/bin/check_mk_agent (root,110232,736,0.0) /bin/bash /usr/bin/check_mk_agent (root,110232,652,0.0) /bin/bash /usr/bin/check_mk_agent (root,830728,11084,1.4) python /usr/lib64/nagios/plugins/check_blacklist -w 1 -c 3 -h 5.134.127.110 (root,110232,1536,0.0) /bin/bash /usr/bin/check_mk_agent (root,13372,1012,0.0) ps ax -o user,vsz,rss,pcpu,command --columns 10000 (root,8392,828,0.0) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4) / (root,0,0,0.0) [migration/3] (root,0,0,0.0) [stopper/3] (root,0,0,0.0) [ksoftirqd/3] (root,0,0,0.0) [kthrotld/3] (root,0,0,0.0) [crypto/3] (root,0,0,0.0) [aio/3] (root,0,0,0.0) [md_misc/3] (root,0,0,0.0) [md/3] (root,0,0,0.0) [ata_sff/3] (root,0,0,0.0) [kblockd/3] (root,0,0,0.0) [kintegrityd/3] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_long/3] (root,0,0,0.0) [events/3] (root,0,0,0.0) [events/3] (root,0,0,0.0) [watchdog/3] (root,0,0,0.0) [migration/2] (root,0,0,0.0) [stopper/2] (root,0,0,0.0) [ksoftirqd/2] (root,0,0,0.0) [kthrotld/2] (root,0,0,0.0) [crypto/2] (root,0,0,0.0) [aio/2] (root,0,0,0.0) [md_misc/2] (root,0,0,0.0) [md/2] (root,0,0,0.0) [ata_sff/2] (root,0,0,0.0) [kblockd/2] (root,0,0,0.0) [kintegrityd/2] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_long/2] (root,0,0,0.0) [events/2] (root,0,0,0.0) [events/2] (root,0,0,0.0) [watchdog/2] (5008,213448,13760,0.0) /usr/bin/perl /usr/sbin/cbpolicyd
Severity: high
Fingerprint: 03cb82e6f6a6b45342c4bbcbd51b336f6083b8906ad374733d13f17a2397ab82
Found public CheckMk agent: Version: 1.2.4p1 AgentOS: linux PluginsDirectory: /usr/lib/check_mk_agent/plugins LocalDirectory: /usr/lib/check_mk_agent/local SpoolDirectory: /etc/check_mk/spool AgentDirectory: /etc/check_mk OnlyFrom: Found process list through CheckMk: (root,19232,1012,0.0) /sbin/init (root,0,0,0.0) [kthreadd] (root,0,0,0.0) [migration/0] (root,0,0,0.0) [ksoftirqd/0] (root,0,0,0.0) [stopper/0] (root,0,0,0.0) [watchdog/0] (root,0,0,0.0) [migration/1] (root,0,0,0.0) [stopper/1] (root,0,0,0.0) [ksoftirqd/1] (root,0,0,0.0) [watchdog/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events/0] (root,0,0,0.0) [events/1] (root,0,0,0.0) [events_long/0] (root,0,0,0.0) [events_long/1] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [cgroup] (root,0,0,0.0) [khelper] (root,0,0,0.0) [netns] (root,0,0,0.0) [async/mgr] (root,0,0,0.0) [pm] (root,0,0,0.0) [sync_supers] (root,0,0,0.0) [bdi-default] (root,0,0,0.0) [kintegrityd/0] (root,0,0,0.0) [kintegrityd/1] (root,0,0,0.0) [kblockd/0] (root,0,0,0.0) [kblockd/1] (root,0,0,0.0) [kacpid] (root,0,0,0.0) [kacpi_notify] (root,0,0,0.0) [kacpi_hotplug] (root,0,0,0.0) [ata_aux] (root,0,0,0.0) [ata_sff/0] (root,0,0,0.0) [ata_sff/1] (root,0,0,0.0) [ksuspend_usbd] (root,0,0,0.0) [khubd] (root,0,0,0.0) [kseriod] (root,0,0,0.0) [md/0] (root,0,0,0.0) [md/1] (root,0,0,0.0) [md_misc/0] (root,0,0,0.0) [md_misc/1] (root,0,0,0.0) [linkwatch] (root,0,0,0.0) [khungtaskd] (root,0,0,0.0) [kswapd0] (root,0,0,0.0) [ksmd] (root,0,0,0.0) [khugepaged] (root,0,0,0.0) [aio/0] (root,0,0,0.0) [aio/1] (root,0,0,0.0) [crypto/0] (root,0,0,0.0) [crypto/1] (root,0,0,0.0) [kthrotld/0] (root,0,0,0.0) [kthrotld/1] (root,0,0,0.0) [pciehpd] (root,0,0,0.0) [kpsmoused] (root,0,0,0.0) [usbhid_resumer] (root,0,0,0.0) [deferwq] (root,0,0,0.0) [kdmremove] (root,0,0,0.0) [kstriped] (root,0,0,0.0) [scsi_eh_0] (root,0,0,0.0) [scsi_eh_1] (root,0,0,0.0) [scsi_eh_2] (root,0,0,0.0) [vmw_pvscsi_wq_2] (root,0,0,0.0) [kdmflush] (root,0,0,0.0) [kdmflush] (root,0,0,0.0) [jbd2/dm-0-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,10900,420,0.0) /sbin/udevd -d (root,0,0,0.0) [vmmemctl] (root,0,0,0.0) [jbd2/sda1-8] (root,0,0,0.0) [ext4-dio-unwrit] (root,0,0,0.0) [kauditd] (root,0,0,0.0) [flush-253:0] (root,37200,420,0.0) /usr/local/sbin/keepalived -D (root,39304,1360,0.0) /usr/local/sbin/keepalived -D (root,39304,784,0.0) /usr/local/sbin/keepalived -D (apache,465776,43956,0.4) /usr/sbin/httpd (root,93156,732,0.0) auditd (root,249856,5528,0.0) /sbin/rsyslogd -i /var/run/syslogd.pid -c 5 (rpc,19108,888,0.0) rpcbind (root,200180,1888,0.0) /usr/sbin/snmpd -LS0-6d -Lf /dev/null -p /var/run/snmpd.pid (root,66224,616,0.0) /usr/sbin/sshd (root,21716,744,0.0) xinetd -stayalive -pidfile /var/run/xinetd.pid (apache,462248,40428,0.3) /usr/sbin/httpd (root,71216,1676,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (root,71216,1664,0.0) /usr/sbin/saslauthd -m /var/run/saslauthd -a pam (nagios,41464,744,0.0) nrpe -c /etc/nagios/nrpe.cfg -d (root,360416,9076,0.0) /usr/bin/vmtoolsd (root,31840,348,0.0) /usr/sbin/htcacheclean -d5 -n -i -p/var/cache/mod_proxy -l150M (root,116856,676,0.0) crond (root,214584,58104,0.1) splunkd -p 8089 start (root,62884,824,0.0) [splunkd pid=2622] splunkd -p 8089 start [process-runner] (root,198272,1040,0.0) /usr/bin/python -Es /usr/bin/fail2ban-server -s /var/run/fail2ban/fail2ban.sock -p /var/run/fail2ban/fail2ban.pid -x -b (root,251276,14720,0.1) /usr/bin/monitorix -c /etc/monitorix/monitorix.conf -p /var/run/monitorix.pid (root,4064,484,0.0) /sbin/mingetty /dev/tty1 (root,4064,484,0.0) /sbin/mingetty /dev/tty2 (root,4064,484,0.0) /sbin/mingetty /dev/tty3 (root,4064,484,0.0) /sbin/mingetty /dev/tty4 (root,4064,484,0.0) /sbin/mingetty /dev/tty5 (root,4064,484,0.0) /sbin/mingetty /dev/tty6 (nobody,217028,2104,0.0) monitorix-httpd listening on 8080 (root,10896,408,0.0) /sbin/udevd -d (root,10896,380,0.0) /sbin/udevd -d (root,108168,816,0.0) /bin/sh /usr/bin/mysqld_safe --datadir=/var/lib/mysql --socket=/var/lib/mysql/mysql.sock --pid-file=/var/run/mysqld/mysqld.pid --basedir=/usr --user=mysql (mysql,4554320,2339668,1.2) /usr/libexec/mysqld --basedir=/usr --datadir=/var/lib/mysql --user=mysql --log-error=/var/log/mysqld.log --pid-file=/var/run/mysqld/mysqld.pid --socket=/var/lib/mysql/mysql.sock (postfix,80952,3384,0.0) pickup -l -t fifo -u (root,80996,2588,0.0) /usr/libexec/postfix/master (postfix,83052,4124,0.0) qmgr -l -t fifo -u (postfix,82044,3948,0.0) tlsmgr -l -t unix -u (postfix,81052,2648,0.0) anvil -l -t unix -u (5008,213448,13592,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (5008,213596,13720,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,97216,6676,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (postfix,80956,3380,0.0) showq -t unix -u (5008,213580,13724,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,97184,6664,0.0) smtpd -n smtp -t inet -u -o stress= -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (5008,213324,12300,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,97232,6652,0.0) smtpd -n 465 -t inet -u -o stress= -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (5008,213452,13532,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (root,340348,17560,0.0) /usr/sbin/httpd (5008,182364,8976,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (postfix,81176,3652,0.0) cleanup -z -t unix -u (postfix,80940,3320,0.0) spawn -z -n 127.0.0.1:2527 -t inet user=nobody argv=/etc/postfix/random.pl (postfix,81440,4868,0.0) smtp -n rotate5 -t unix -u -o syslog_name=postfix-rotate5 -o smtp_helo_name=smtp114.ext.armada.it -o smtp_bind_address=5.134.127.229 (postfix,81440,4864,0.0) smtp -n rotate1 -t unix -u -o syslog_name=postfix-rotate1 -o smtp_helo_name=smtp110.ext.armada.it -o smtp_bind_address=5.134.127.225 (postfix,97204,6624,0.0) smtpd -n submission -t inet -u -o stress= -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject (5008,213324,11880,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (root,67568,3164,0.0) sshd: [accepted] (sshd,67568,1404,0.0) sshd: [net] (root,110232,1568,0.0) /bin/bash /usr/bin/check_mk_agent (root,110232,732,0.0) /bin/bash /usr/bin/check_mk_agent (root,110232,648,0.0) /bin/bash /usr/bin/check_mk_agent (root,830732,7036,0.8) python /usr/lib64/nagios/plugins/check_blacklist -w 1 -c 3 -h 5.134.127.110 (root,98636,3772,0.0) sshd: unknown [priv] (sshd,67568,1752,0.0) sshd: unknown [net] (root,67568,3204,0.0) sshd: [accepted] (sshd,67568,1536,0.0) sshd: [net] (root,110232,1532,0.0) /bin/bash /usr/bin/check_mk_agent (root,13368,1008,0.0) ps ax -o user,vsz,rss,pcpu,command --columns 10000 (root,8392,828,0.0) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4) / (5008,214040,14172,0.0) /usr/bin/perl /usr/sbin/cbpolicyd (opendkim,2132756,5000,0.2) /usr/sbin/opendkim -x /etc/opendkim.conf -P /var/run/opendkim/opendkim.pid (apache,461860,40144,0.3) /usr/sbin/httpd (root,0,0,0.0) [migration/3] (root,0,0,0.0) [stopper/3] (root,0,0,0.0) [ksoftirqd/3] (root,0,0,0.0) [kthrotld/3] (root,0,0,0.0) [crypto/3] (root,0,0,0.0) [aio/3] (root,0,0,0.0) [md_misc/3] (root,0,0,0.0) [md/3] (root,0,0,0.0) [ata_sff/3] (root,0,0,0.0) [kblockd/3] (root,0,0,0.0) [kintegrityd/3] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_long/3] (root,0,0,0.0) [events/3] (root,0,0,0.0) [events/3] (root,0,0,0.0) [watchdog/3] (root,0,0,0.0) [migration/2] (root,0,0,0.0) [stopper/2] (root,0,0,0.0) [ksoftirqd/2] (root,0,0,0.0) [kthrotld/2] (root,0,0,0.0) [crypto/2] (root,0,0,0.0) [aio/2] (root,0,0,0.0) [md_misc/2] (root,0,0,0.0) [md/2] (root,0,0,0.0) [ata_sff/2] (root,0,0,0.0) [kblockd/2] (root,0,0,0.0) [kintegrityd/2] (root,0,0,0.0) [events_power_ef] (root,0,0,0.0) [events_long/2] (root,0,0,0.0) [events/2] (root,0,0,0.0) [events/2] (root,0,0,0.0) [watchdog/2] (apache,463028,41260,0.3) /usr/sbin/httpd (apache,465440,43680,0.4) /usr/sbin/httpd
No description available
Severity: medium
Fingerprint: c72c1c3018e67f2f18e67f2f9d6971f19d6971f17dac9f717dac9f712e6b9466
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Wednesday, 09-Nov-2022 07:20:56 CET Restart Time: Wednesday, 09-Nov-2022 03:38:01 CET Parent Server Generation: 369 Server uptime: 3 hours 42 minutes 55 seconds Total accesses: 701 - Total Traffic: 1.8 MB CPU Usage: u245.88 s8.83 cu0 cs0 - 1.9% CPU load .0524 requests/sec - 139 B/second - 2665 B/request 1 requests currently being processed, 3 idle workers ___W............................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-369268190/231/231_ 97.090350.00.660.66 161.35.86.181smtp110.ext.armada.itGET /debug/default/view?panel=config HTTP/1.1 1-369268200/238/238_ 81.540210.00.600.60 161.35.86.181smtp110.ext.armada.itGET /v2/_catalog HTTP/1.1 2-369325720/171/171_ 52.630220.00.410.41 161.35.86.181smtp110.ext.armada.itGET /login.action HTTP/1.1 3-369180700/61/61W 23.45000.00.120.12 161.35.86.181smtp110.ext.armada.itGET /server-status HTTP/1.1 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: c72c1c3018e67f2f18e67f2f9d6971f19d6971f17dac9f717dac9f71d29e571d
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Friday, 05-Aug-2022 09:35:01 CEST Restart Time: Friday, 05-Aug-2022 03:33:02 CEST Parent Server Generation: 273 Server uptime: 6 hours 1 minute 59 seconds Total accesses: 1172 - Total Traffic: 3.0 MB CPU Usage: u431.13 s16.61 cu0 cs0 - 2.06% CPU load .054 requests/sec - 145 B/second - 2698 B/request 3 requests currently being processed, 2 idle workers _W.C._W......................................................... ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-273124640/304/304_ 124.200220.00.830.83 161.35.86.181smtp110.ext.armada.itGET /debug/default/view?panel=config HTTP/1.1 1-273124650/284/284W 98.67000.00.810.81 127.0.0.1smtp110.ext.armada.itGET /parser/ HTTP/1.1 2-273-0/0/9. 0.161761200.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 3-273266551/198/198C 67.650210.00.450.45 161.35.86.181smtp110.ext.armada.itGET /v2/_catalog HTTP/1.1 4-273-0/0/3. 0.041761100.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 5-273266600/196/196_ 85.040220.00.450.45 161.35.86.181smtp110.ext.armada.itGET /idx_config/ HTTP/1.1 6-273266610/176/176W 71.98000.00.470.47 161.35.86.181smtp110.ext.armada.itGET /server-status HTTP/1.1 7-273-0/0/1. 0.001761400.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 8-273-0/0/1. 0.001761300.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: c72c1c3018e67f2f18e67f2f9d6971f19d6971f17dac9f717dac9f7168939ceb
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Thursday, 04-Aug-2022 04:03:44 CEST Restart Time: Thursday, 04-Aug-2022 03:50:02 CEST Parent Server Generation: 272 Server uptime: 13 minutes 42 seconds Total accesses: 43 - Total Traffic: 121 kB CPU Usage: u8.72 s.35 cu0 cs0 - 1.1% CPU load .0523 requests/sec - 150 B/second - 2881 B/request 1 requests currently being processed, 1 idle workers W_.............................................................. ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-272271000/22/22W 4.40000.00.070.07 161.35.188.242smtp110.ext.armada.itGET /server-status HTTP/1.1 1-272271010/21/21_ 4.670280.00.040.04 161.35.188.242smtp110.ext.armada.itGET / HTTP/1.1 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: c72c1c3018e67f2f18e67f2f9d6971f19d6971f17dac9f717dac9f71128c3a91
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Friday, 08-Jul-2022 05:52:56 CEST Restart Time: Friday, 08-Jul-2022 03:45:05 CEST Parent Server Generation: 245 Server uptime: 2 hours 7 minutes 50 seconds Total accesses: 396 - Total Traffic: 1.4 MB CPU Usage: u102.38 s4.06 cu0 cs0 - 1.39% CPU load .0516 requests/sec - 194 B/second - 3772 B/request 1 requests currently being processed, 4 idle workers .W____.......................................................... ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-245-0/0/94. 17.72361500.00.000.27 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 1-245218650/132/132W 43.90000.00.500.50 134.122.112.12smtp110.ext.armada.itGET /server-status HTTP/1.1 2-2459080/43/43_ 18.660160.00.130.13 134.122.112.12smtp110.ext.armada.itGET /debug/default/view?panel=config HTTP/1.1 3-24510500/38/42_ 9.790260.00.100.12 134.122.112.12smtp110.ext.armada.itGET / HTTP/1.1 4-2459120/43/43_ 7.850170.00.180.18 134.122.112.12smtp110.ext.armada.itGET /api/search?folderIds=0 HTTP/1.1 5-2459140/42/42_ 8.520170.00.230.23 134.122.112.12smtp110.ext.armada.itGET /v2/_catalog HTTP/1.1 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: c72c1c3018e67f2f18e67f2f9d6971f19d6971f17dac9f717dac9f714b9d1c85
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Monday, 13-Jun-2022 07:27:24 CEST Restart Time: Monday, 13-Jun-2022 03:46:01 CEST Parent Server Generation: 220 Server uptime: 3 hours 41 minutes 22 seconds Total accesses: 790 - Total Traffic: 2.4 MB CPU Usage: u192.39 s8.5 cu0 cs0 - 1.51% CPU load .0595 requests/sec - 188 B/second - 3175 B/request 1 requests currently being processed, 4 idle workers W____........................................................... ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-220165280/226/226W 65.51000.00.620.62 161.35.188.242smtp110.ext.armada.itGET /server-status HTTP/1.1 1-220165290/218/218_ 39.67000.00.690.69 161.35.188.242smtp110.ext.armada.itGET /cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e 2-220285230/115/115_ 38.99000.00.470.47 161.35.188.242smtp110.ext.armada.itGET /cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e 3-220285240/114/114_ 35.850230.00.350.35 161.35.188.242smtp110.ext.armada.itGET /.DS_Store HTTP/1.1 4-220285250/117/117_ 20.870150.00.270.27 161.35.188.242smtp110.ext.armada.itCONNECT leakix.net:443 HTTP/1.1 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: c72c1c3018e67f2f18e67f2f9d6971f19d6971f17dac9f717dac9f713e6c7e19
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Thursday, 26-May-2022 06:02:29 CEST Restart Time: Thursday, 26-May-2022 03:46:01 CEST Parent Server Generation: 202 Server uptime: 2 hours 16 minutes 27 seconds Total accesses: 439 - Total Traffic: 1.5 MB CPU Usage: u91.91 s3.37 cu0 cs0 - 1.16% CPU load .0536 requests/sec - 192 B/second - 3585 B/request 1 requests currently being processed, 4 idle workers W.____.......................................................... ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-202266050/118/118W 43.97000.00.360.36 161.35.86.181smtp110.ext.armada.itGET /server-status HTTP/1.1 1-202-0/0/104. 3.0690500.00.000.35 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 2-202298250/96/96_ 33.930190.00.250.25 161.35.86.181smtp110.ext.armada.itGET /v2/_catalog HTTP/1.1 3-202150570/36/36_ 7.280250.00.200.20 161.35.86.181smtp110.ext.armada.itGET /.json HTTP/1.1 4-202150620/39/39_ 6.64000.00.240.24 161.35.86.181smtp110.ext.armada.itGET /favicon.ico HTTP/1.1 5-202196500/14/32_ 0.400140.00.010.07 161.35.86.181smtp110.ext.armada.itGET /idx_config/ HTTP/1.1 6-202-0/0/7. 0.0090600.00.000.02 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 7-202-0/0/7. 0.0090700.00.000.03 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: c72c1c3018e67f2f18e67f2f9d6971f19d6971f17dac9f717dac9f711167d499
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Sunday, 08-May-2022 12:23:06 CEST Restart Time: Sunday, 08-May-2022 03:19:01 CEST Parent Server Generation: 184 Server uptime: 9 hours 4 minutes 4 seconds Total accesses: 1559 - Total Traffic: 1.0 MB CPU Usage: u402.65 s14.26 cu0 cs0 - 1.28% CPU load .0478 requests/sec - 32 B/second - 675 B/request 1 requests currently being processed, 2 idle workers __W............................................................. ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-18450190/552/552_ 120.62000.00.410.41 134.122.112.12smtp110.ext.armada.itGET /cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e 1-18450200/555/555_ 164.680330.00.350.35 134.122.112.12smtp110.ext.armada.itGET /.DS_Store HTTP/1.1 2-184270780/452/452W 131.61000.00.240.24 134.122.112.12smtp110.ext.armada.itGET /server-status HTTP/1.1 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: c72c1c3018e67f2f18e67f2f9d6971f19d6971f17dac9f717dac9f71e2eef7c0
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Friday, 15-Apr-2022 12:11:51 CEST Restart Time: Friday, 15-Apr-2022 03:18:01 CEST Parent Server Generation: 161 Server uptime: 8 hours 53 minutes 49 seconds Total accesses: 2584 - Total Traffic: 4.7 MB CPU Usage: u811.79 s32.13 cu0 cs0 - 2.63% CPU load .0807 requests/sec - 154 B/second - 1911 B/request 1 requests currently being processed, 4 idle workers .W___._......................................................... ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-161-0/0/387. 135.391518600.00.001.22 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 1-161120050/737/737W 269.51000.01.471.47 161.35.86.181smtp110.ext.armada.itGET /server-status HTTP/1.1 2-161220620/433/433_ 124.57000.00.680.68 161.35.86.181smtp110.ext.armada.itGET /favicon.ico HTTP/1.1 3-16179300/347/347_ 145.480310.00.350.35 161.35.86.181smtp110.ext.armada.itGET /.git/config HTTP/1.1 4-16179320/319/319_ 74.370260.00.520.52 161.35.86.181smtp110.ext.armada.itGET /debug/default/view?panel=config HTTP/1.1 5-161-0/0/5. 0.001518500.00.000.03 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 6-16179380/349/349_ 94.600220.00.440.44 161.35.86.181smtp110.ext.armada.itGET /frontend_dev.php/$ HTTP/1.1 7-161-0/0/3. 0.001518400.00.000.01 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 8-161-0/0/2. 0.001518800.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 9-161-0/0/2. 0.001518700.00.000.00 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: c72c1c3018e67f2f18e67f2f9d6971f19d6971f17dac9f717dac9f7105edcc6a
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Sunday, 30-Jan-2022 16:17:25 CET Restart Time: Sunday, 30-Jan-2022 03:33:01 CET Parent Server Generation: 86 Server uptime: 12 hours 44 minutes 23 seconds Total accesses: 2647 - Total Traffic: 8.1 MB CPU Usage: u519.26 s18.45 cu0 cs0 - 1.17% CPU load .0577 requests/sec - 184 B/second - 3198 B/request 1 requests currently being processed, 4 idle workers __._.._W........................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-86190020/532/557_ 124.650150.01.411.58 143.198.136.88smtp110.ext.armada.itGET /s/lkx/_/;/META-INF/maven/com.atlassian.jira/jira-webapp-di 1-86125340/427/463_ 113.00000.01.121.38 143.198.136.88smtp110.ext.armada.itGET /cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e 2-86-0/0/517. 101.68191600.00.001.48 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 3-86312350/22/117_ 6.331140.00.050.63 143.198.136.88smtp110.ext.armada.itCONNECT leakix.net:443 HTTP/1.1 4-86-0/0/94. 20.243875200.00.000.35 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 5-86-0/0/110. 23.913875400.00.000.40 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 6-86125470/404/404_ 63.070240.01.111.11 143.198.136.88smtp110.ext.armada.itGET /.DS_Store HTTP/1.1 7-86125480/385/385W 84.83000.01.151.15 143.198.136.88smtp110.ext.armada.itGET /server-status HTTP/1.1 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: c72c1c3018e67f2f18e67f2f9d6971f19d6971f17dac9f717dac9f71bb0af739
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Sunday, 02-Jan-2022 10:22:41 CET Restart Time: Sunday, 02-Jan-2022 03:11:01 CET Parent Server Generation: 58 Server uptime: 7 hours 11 minutes 39 seconds Total accesses: 1255 - Total Traffic: 3.9 MB CPU Usage: u346.49 s12.39 cu0 cs0 - 1.39% CPU load .0485 requests/sec - 157 B/second - 3248 B/request 1 requests currently being processed, 4 idle workers ___W_........................................................... ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-58266590/378/378_ 103.290160.00.940.94 161.35.86.181smtp110.ext.armada.itGET /idx_config/ HTTP/1.1 1-58266600/372/372_ 106.210160.01.281.28 161.35.86.181smtp110.ext.armada.itGET /debug/default/view?panel=config HTTP/1.1 2-58157520/172/172_ 47.840260.00.710.71 161.35.86.181smtp110.ext.armada.itGET /.json HTTP/1.1 3-58157600/167/167W 46.88000.00.540.54 161.35.86.181smtp110.ext.armada.itGET /server-status HTTP/1.1 4-58157610/166/166_ 54.660160.00.420.42 161.35.86.181smtp110.ext.armada.itGET /frontend_dev.php/$ HTTP/1.1 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Severity: medium
Fingerprint: c72c1c3018e67f2f18e67f2f9d6971f19d6971f17dac9f717dac9f7140cf7145
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Saturday, 23-Oct-2021 16:46:57 CEST Restart Time: Saturday, 23-Oct-2021 03:37:02 CEST Parent Server Generation: 127 Server uptime: 13 hours 9 minutes 54 seconds Total accesses: 2302 - Total Traffic: 7.3 MB CPU Usage: u807.48 s29.87 cu0 cs0 - 1.77% CPU load .0486 requests/sec - 161 B/second - 3317 B/request 1 requests currently being processed, 3 idle workers ___W............................................................ ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-127137170/737/737_ 277.990250.02.582.58 161.35.86.181smtp110.ext.armada.itGET / HTTP/1.1 1-127137180/727/727_ 278.270160.02.002.00 161.35.86.181smtp110.ext.armada.itGET /frontend_dev.php/$ HTTP/1.1 2-127185390/681/681_ 237.780160.02.252.25 161.35.86.181smtp110.ext.armada.itGET /debug/default/view?panel=config HTTP/1.1 3-12799640/157/157W 43.31000.00.450.45 161.35.86.181smtp110.ext.armada.itGET /server-status HTTP/1.1 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Fingerprint: c72c1c3018e67f2f18e67f2f9d6971f19d6971f17dac9f717dac9f7157d7cf94
Apache Status Apache Server Status for 5.134.127.229 Server Version: Apache/2.2.15 (Unix) DAV/2 PHP/5.3.3 Server Built: Oct 16 2014 14:48:21 Current Time: Friday, 25-Jun-2021 03:01:49 CEST Restart Time: Thursday, 24-Jun-2021 03:28:01 CEST Parent Server Generation: 6 Server uptime: 23 hours 33 minutes 47 seconds Total accesses: 4851 - Total Traffic: 16.1 MB CPU Usage: u788.13 s29.98 cu0 cs0 - .964% CPU load .0572 requests/sec - 199 B/second - 3490 B/request 1 requests currently being processed, 4 idle workers ____..W......................................................... ................................................................ ................................................................ ................................................................ Scoreboard Key: "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process SrvPIDAccMCPU SSReqConnChildSlotClientVHostRequest 0-6146440/1083/1083_ 340.841230.03.443.44 178.32.197.91smtp110.ext.armada.itGET / HTTP/1.1 1-6146450/1095/1095_ 245.940270.03.623.62 167.71.13.196smtp110.ext.armada.itGET / HTTP/1.1 2-6200350/576/1007_ 116.060270.01.893.02 167.71.13.196smtp110.ext.armada.itGET / HTTP/1.1 3-6191190/94/732_ 33.902160.00.252.53 167.71.13.196smtp110.ext.armada.it\x16\x03\x01 4-6-0/0/266. 27.101844100.00.000.95 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 5-6-0/0/359. 0.001843800.00.001.53 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 6-6240150/191/191W 37.65000.00.540.54 167.71.13.196smtp110.ext.armada.itGET /server-status HTTP/1.1 7-6-0/0/10. 0.001843900.00.000.05 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 8-6-0/0/6. 0.001844300.00.000.01 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 9-6-0/0/5. 0.001844400.00.000.03 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 10-6-0/0/93. 16.62971900.00.000.29 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 11-6-0/0/4. 0.001844000.00.000.14 ::1smtp110.ext.armada.itOPTIONS * HTTP/1.0 SrvChild Server number - generation PIDOS process ID AccNumber of accesses this connection / this child / this slot MMode of operation CPUCPU usage, number of seconds SSSeconds since beginning of most recent request ReqMilliseconds required to process most recent request ConnKilobytes transferred this connection ChildMegabytes transferred this child SlotTotal megabytes transferred this slot
Open service 5.134.127.229:80
2024-04-30 18:52
HTTP/1.1 200 OK Date: Tue, 30 Apr 2024 18:52:34 GMT Server: Apache/2.2.15 (CentOS) X-Powered-By: PHP/5.3.3 Set-Cookie: PHPSESSID=a3iamfhkgto157493enll3tkf5; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Length: 6171 Connection: close Content-Type: text/html; charset=UTF-8 <!doctype html> <html class="no-js"> <head> <meta charset="utf-8"> <title></title> <meta name="description" content=""> <meta name="viewport" content="width=device-width"> <link rel="shortcut icon" href="/favicon.ico" /> <!-- Place favicon.ico and apple-touch-icon.png in the root directory --> <!-- build:css styles/vendor.css --> <!-- bower:css --> <!-- endbower --> <!-- endbuild --> <!-- build:css(.tmp) styles/main.css --> <link rel="stylesheet" href="styles/main.css"> <link rel="stylesheet" href="styles/extra.css"> <link rel="stylesheet" href="styles/angular-busy.min.css"> <!-- endbuild --> </head> <body ng-app="app" ng-class="bodyclass" style="margin:0px;padding:0px;"> <!--[if lt IE 7]> <p class="browsehappy">You are using an <strong>outdated</strong> browser. Please <a href="http://browsehappy.com/">upgrade your browser</a> to improve your experience.</p> <![endif]--> <!-- Add your site or application content here --> <div class="container container-full"> <nav ng-include="'views/nav/menu.html'" ng-if="location.path() != '/login'"></nav> <div ui-view=""></div> <nav ng-include="'views/nav/footer.html'" ng-if="location.path() != '/login'"></nav> </div> <!-- Google Analytics: change UA-XXXXX-X to be your site's ID --> <script> (function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){ (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o), m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m) })(window,document,'script','//www.google-analytics.com/analytics.js','ga'); ga('create', 'UA-XXXXX-X'); ga('send', 'pageview'); </script> <!--[if lt IE 9]> <script src="bower_components/es5-shim/es5-shim.js"></script> <script src="bower_components/json3/lib/json3.min.js"></script> <![endif]--> <!-- build:js scripts/vendor.js --> <!-- bower:js --> <script src="bower_components/jquery/dist/jquery.min.js"></script> <script src="bower_components/angular/angular.min.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/affix.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/alert.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/button.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/carousel.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/collapse.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/dropdown.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/tab.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/transition.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/scrollspy.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/modal.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/tooltip.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/popover.js"></script> <script src="bower_components/angular-resource/angular-resource.min.js"></script> <script src="bower_components/angular-cookies/angular-cookies.min.js"></script> <script src="bower_components/angular-sanitize/angular-sanitize.min.js"></script> <script src="bower_components/angular-route/angular-route.min.js"></script> <script src="bower_components/ngstorage/ngStorage.min.js"></script> <script src="bower_components/angular-translate/angular-translate.min.js"></script> <script src="bower_comp
Open service 5.134.127.229:80
2024-04-28 17:46
HTTP/1.1 200 OK Date: Sun, 28 Apr 2024 17:46:37 GMT Server: Apache/2.2.15 (CentOS) X-Powered-By: PHP/5.3.3 Set-Cookie: PHPSESSID=j2qlgomm9ql3lula09q6i9om70; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Length: 6171 Connection: close Content-Type: text/html; charset=UTF-8 <!doctype html> <html class="no-js"> <head> <meta charset="utf-8"> <title></title> <meta name="description" content=""> <meta name="viewport" content="width=device-width"> <link rel="shortcut icon" href="/favicon.ico" /> <!-- Place favicon.ico and apple-touch-icon.png in the root directory --> <!-- build:css styles/vendor.css --> <!-- bower:css --> <!-- endbower --> <!-- endbuild --> <!-- build:css(.tmp) styles/main.css --> <link rel="stylesheet" href="styles/main.css"> <link rel="stylesheet" href="styles/extra.css"> <link rel="stylesheet" href="styles/angular-busy.min.css"> <!-- endbuild --> </head> <body ng-app="app" ng-class="bodyclass" style="margin:0px;padding:0px;"> <!--[if lt IE 7]> <p class="browsehappy">You are using an <strong>outdated</strong> browser. Please <a href="http://browsehappy.com/">upgrade your browser</a> to improve your experience.</p> <![endif]--> <!-- Add your site or application content here --> <div class="container container-full"> <nav ng-include="'views/nav/menu.html'" ng-if="location.path() != '/login'"></nav> <div ui-view=""></div> <nav ng-include="'views/nav/footer.html'" ng-if="location.path() != '/login'"></nav> </div> <!-- Google Analytics: change UA-XXXXX-X to be your site's ID --> <script> (function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){ (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o), m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m) })(window,document,'script','//www.google-analytics.com/analytics.js','ga'); ga('create', 'UA-XXXXX-X'); ga('send', 'pageview'); </script> <!--[if lt IE 9]> <script src="bower_components/es5-shim/es5-shim.js"></script> <script src="bower_components/json3/lib/json3.min.js"></script> <![endif]--> <!-- build:js scripts/vendor.js --> <!-- bower:js --> <script src="bower_components/jquery/dist/jquery.min.js"></script> <script src="bower_components/angular/angular.min.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/affix.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/alert.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/button.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/carousel.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/collapse.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/dropdown.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/tab.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/transition.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/scrollspy.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/modal.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/tooltip.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/popover.js"></script> <script src="bower_components/angular-resource/angular-resource.min.js"></script> <script src="bower_components/angular-cookies/angular-cookies.min.js"></script> <script src="bower_components/angular-sanitize/angular-sanitize.min.js"></script> <script src="bower_components/angular-route/angular-route.min.js"></script> <script src="bower_components/ngstorage/ngStorage.min.js"></script> <script src="bower_components/angular-translate/angular-translate.min.js"></script> <script src="bower_comp
Open service 5.134.127.229:22
2024-04-25 15:35
Open service 5.134.127.229:80
2024-04-24 00:37
HTTP/1.1 200 OK Date: Wed, 24 Apr 2024 00:37:19 GMT Server: Apache/2.2.15 (CentOS) X-Powered-By: PHP/5.3.3 Set-Cookie: PHPSESSID=hlo864lefht587utfpc120up97; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Length: 6171 Connection: close Content-Type: text/html; charset=UTF-8 <!doctype html> <html class="no-js"> <head> <meta charset="utf-8"> <title></title> <meta name="description" content=""> <meta name="viewport" content="width=device-width"> <link rel="shortcut icon" href="/favicon.ico" /> <!-- Place favicon.ico and apple-touch-icon.png in the root directory --> <!-- build:css styles/vendor.css --> <!-- bower:css --> <!-- endbower --> <!-- endbuild --> <!-- build:css(.tmp) styles/main.css --> <link rel="stylesheet" href="styles/main.css"> <link rel="stylesheet" href="styles/extra.css"> <link rel="stylesheet" href="styles/angular-busy.min.css"> <!-- endbuild --> </head> <body ng-app="app" ng-class="bodyclass" style="margin:0px;padding:0px;"> <!--[if lt IE 7]> <p class="browsehappy">You are using an <strong>outdated</strong> browser. Please <a href="http://browsehappy.com/">upgrade your browser</a> to improve your experience.</p> <![endif]--> <!-- Add your site or application content here --> <div class="container container-full"> <nav ng-include="'views/nav/menu.html'" ng-if="location.path() != '/login'"></nav> <div ui-view=""></div> <nav ng-include="'views/nav/footer.html'" ng-if="location.path() != '/login'"></nav> </div> <!-- Google Analytics: change UA-XXXXX-X to be your site's ID --> <script> (function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){ (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o), m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m) })(window,document,'script','//www.google-analytics.com/analytics.js','ga'); ga('create', 'UA-XXXXX-X'); ga('send', 'pageview'); </script> <!--[if lt IE 9]> <script src="bower_components/es5-shim/es5-shim.js"></script> <script src="bower_components/json3/lib/json3.min.js"></script> <![endif]--> <!-- build:js scripts/vendor.js --> <!-- bower:js --> <script src="bower_components/jquery/dist/jquery.min.js"></script> <script src="bower_components/angular/angular.min.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/affix.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/alert.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/button.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/carousel.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/collapse.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/dropdown.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/tab.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/transition.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/scrollspy.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/modal.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/tooltip.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/popover.js"></script> <script src="bower_components/angular-resource/angular-resource.min.js"></script> <script src="bower_components/angular-cookies/angular-cookies.min.js"></script> <script src="bower_components/angular-sanitize/angular-sanitize.min.js"></script> <script src="bower_components/angular-route/angular-route.min.js"></script> <script src="bower_components/ngstorage/ngStorage.min.js"></script> <script src="bower_components/angular-translate/angular-translate.min.js"></script> <script src="bower_comp
Open service 5.134.127.229:22
2024-04-24 00:27
Open service 5.134.127.229:80
2024-04-18 18:19
HTTP/1.1 200 OK Date: Thu, 18 Apr 2024 18:19:14 GMT Server: Apache/2.2.15 (CentOS) X-Powered-By: PHP/5.3.3 Set-Cookie: PHPSESSID=d7nsnok2vip3c6j69nkf9o6fm1; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Length: 6171 Connection: close Content-Type: text/html; charset=UTF-8 <!doctype html> <html class="no-js"> <head> <meta charset="utf-8"> <title></title> <meta name="description" content=""> <meta name="viewport" content="width=device-width"> <link rel="shortcut icon" href="/favicon.ico" /> <!-- Place favicon.ico and apple-touch-icon.png in the root directory --> <!-- build:css styles/vendor.css --> <!-- bower:css --> <!-- endbower --> <!-- endbuild --> <!-- build:css(.tmp) styles/main.css --> <link rel="stylesheet" href="styles/main.css"> <link rel="stylesheet" href="styles/extra.css"> <link rel="stylesheet" href="styles/angular-busy.min.css"> <!-- endbuild --> </head> <body ng-app="app" ng-class="bodyclass" style="margin:0px;padding:0px;"> <!--[if lt IE 7]> <p class="browsehappy">You are using an <strong>outdated</strong> browser. Please <a href="http://browsehappy.com/">upgrade your browser</a> to improve your experience.</p> <![endif]--> <!-- Add your site or application content here --> <div class="container container-full"> <nav ng-include="'views/nav/menu.html'" ng-if="location.path() != '/login'"></nav> <div ui-view=""></div> <nav ng-include="'views/nav/footer.html'" ng-if="location.path() != '/login'"></nav> </div> <!-- Google Analytics: change UA-XXXXX-X to be your site's ID --> <script> (function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){ (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o), m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m) })(window,document,'script','//www.google-analytics.com/analytics.js','ga'); ga('create', 'UA-XXXXX-X'); ga('send', 'pageview'); </script> <!--[if lt IE 9]> <script src="bower_components/es5-shim/es5-shim.js"></script> <script src="bower_components/json3/lib/json3.min.js"></script> <![endif]--> <!-- build:js scripts/vendor.js --> <!-- bower:js --> <script src="bower_components/jquery/dist/jquery.min.js"></script> <script src="bower_components/angular/angular.min.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/affix.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/alert.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/button.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/carousel.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/collapse.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/dropdown.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/tab.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/transition.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/scrollspy.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/modal.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/tooltip.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/popover.js"></script> <script src="bower_components/angular-resource/angular-resource.min.js"></script> <script src="bower_components/angular-cookies/angular-cookies.min.js"></script> <script src="bower_components/angular-sanitize/angular-sanitize.min.js"></script> <script src="bower_components/angular-route/angular-route.min.js"></script> <script src="bower_components/ngstorage/ngStorage.min.js"></script> <script src="bower_components/angular-translate/angular-translate.min.js"></script> <script src="bower_comp
Open service 5.134.127.229:80
2024-04-10 14:11
HTTP/1.1 200 OK Date: Wed, 10 Apr 2024 14:11:24 GMT Server: Apache/2.2.15 (CentOS) X-Powered-By: PHP/5.3.3 Set-Cookie: PHPSESSID=65otmt0c63nq41kqr5djggv8v7; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Length: 6171 Connection: close Content-Type: text/html; charset=UTF-8 <!doctype html> <html class="no-js"> <head> <meta charset="utf-8"> <title></title> <meta name="description" content=""> <meta name="viewport" content="width=device-width"> <link rel="shortcut icon" href="/favicon.ico" /> <!-- Place favicon.ico and apple-touch-icon.png in the root directory --> <!-- build:css styles/vendor.css --> <!-- bower:css --> <!-- endbower --> <!-- endbuild --> <!-- build:css(.tmp) styles/main.css --> <link rel="stylesheet" href="styles/main.css"> <link rel="stylesheet" href="styles/extra.css"> <link rel="stylesheet" href="styles/angular-busy.min.css"> <!-- endbuild --> </head> <body ng-app="app" ng-class="bodyclass" style="margin:0px;padding:0px;"> <!--[if lt IE 7]> <p class="browsehappy">You are using an <strong>outdated</strong> browser. Please <a href="http://browsehappy.com/">upgrade your browser</a> to improve your experience.</p> <![endif]--> <!-- Add your site or application content here --> <div class="container container-full"> <nav ng-include="'views/nav/menu.html'" ng-if="location.path() != '/login'"></nav> <div ui-view=""></div> <nav ng-include="'views/nav/footer.html'" ng-if="location.path() != '/login'"></nav> </div> <!-- Google Analytics: change UA-XXXXX-X to be your site's ID --> <script> (function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){ (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o), m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m) })(window,document,'script','//www.google-analytics.com/analytics.js','ga'); ga('create', 'UA-XXXXX-X'); ga('send', 'pageview'); </script> <!--[if lt IE 9]> <script src="bower_components/es5-shim/es5-shim.js"></script> <script src="bower_components/json3/lib/json3.min.js"></script> <![endif]--> <!-- build:js scripts/vendor.js --> <!-- bower:js --> <script src="bower_components/jquery/dist/jquery.min.js"></script> <script src="bower_components/angular/angular.min.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/affix.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/alert.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/button.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/carousel.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/collapse.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/dropdown.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/tab.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/transition.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/scrollspy.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/modal.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/tooltip.js"></script> <script src="bower_components/bootstrap-sass-official/vendor/assets/javascripts/bootstrap/popover.js"></script> <script src="bower_components/angular-resource/angular-resource.min.js"></script> <script src="bower_components/angular-cookies/angular-cookies.min.js"></script> <script src="bower_components/angular-sanitize/angular-sanitize.min.js"></script> <script src="bower_components/angular-route/angular-route.min.js"></script> <script src="bower_components/ngstorage/ngStorage.min.js"></script> <script src="bower_components/angular-translate/angular-translate.min.js"></script> <script src="bower_comp