Host 91.134.251.101
France
OVH SAS
  • Open SMB file sharing detected
    IP: 91.134.251.101
    Port: 445
    First seen 2022-06-13 20:00
    Last seen 2023-05-05 09:28
    Open for 325 days
  • CheckMK monitoring endpoint publicly available
    IP: 91.134.251.101
    Port: 6556
    First seen 2022-06-17 23:12
    Last seen 2023-04-10 17:10
    Open for 296 days
    • Severity: high
      Fingerprint: 03cb82e6f6a6b45342c4bbcbbaf2bceb288a252c7451464e71dc25358cce1790

      Found public CheckMk agent:
      Version: 1.5.0p13
      AgentOS: linux
      Hostname: nd23
      AgentDirectory: /etc/check_mk
      DataDirectory: /var/lib/check_mk_agent
      SpoolDirectory: /var/lib/check_mk_agent/spool
      PluginsDirectory: /usr/lib/check_mk_agent/plugins
      LocalDirectory: /usr/lib/check_mk_agent/local
      
      Found process list through CheckMk:
      (root,225564,9264,00:01:13/8-01:18:18,1) /sbin/init
      (root,0,0,00:00:00/8-01:18:18,2) [kthreadd]
      (root,0,0,00:00:00/8-01:18:18,4) [kworker/0:0H]
      (root,0,0,00:00:00/8-01:18:18,6) [mm_percpu_wq]
      (root,0,0,00:00:10/8-01:18:18,7) [ksoftirqd/0]
      (root,0,0,00:01:47/8-01:18:18,8) [rcu_sched]
      (root,0,0,00:00:00/8-01:18:18,9) [rcu_bh]
      (root,0,0,00:00:00/8-01:18:18,10) [migration/0]
      (root,0,0,00:00:01/8-01:18:18,11) [watchdog/0]
      (root,0,0,00:00:00/8-01:18:18,12) [cpuhp/0]
      (root,0,0,00:00:00/8-01:18:18,13) [cpuhp/1]
      (root,0,0,00:00:01/8-01:18:18,14) [watchdog/1]
      (root,0,0,00:00:00/8-01:18:18,15) [migration/1]
      (root,0,0,00:00:00/8-01:18:18,16) [ksoftirqd/1]
      (root,0,0,00:00:00/8-01:18:18,18) [kworker/1:0H]
      (root,0,0,00:00:00/8-01:18:18,19) [cpuhp/2]
      (root,0,0,00:00:01/8-01:18:18,20) [watchdog/2]
      (root,0,0,00:00:00/8-01:18:18,21) [migration/2]
      (root,0,0,00:00:00/8-01:18:18,22) [ksoftirqd/2]
      (root,0,0,00:00:00/8-01:18:18,24) [kworker/2:0H]
      (root,0,0,00:00:00/8-01:18:18,25) [cpuhp/3]
      (root,0,0,00:00:01/8-01:18:18,26) [watchdog/3]
      (root,0,0,00:00:00/8-01:18:18,27) [migration/3]
      (root,0,0,00:00:00/8-01:18:18,28) [ksoftirqd/3]
      (root,0,0,00:00:00/8-01:18:18,30) [kworker/3:0H]
      (root,0,0,00:00:00/8-01:18:18,31) [cpuhp/4]
      (root,0,0,00:00:01/8-01:18:18,32) [watchdog/4]
      (root,0,0,00:00:00/8-01:18:18,33) [migration/4]
      (root,0,0,00:00:00/8-01:18:18,34) [ksoftirqd/4]
      (root,0,0,00:00:00/8-01:18:18,36) [kworker/4:0H]
      (root,0,0,00:00:00/8-01:18:18,37) [cpuhp/5]
      (root,0,0,00:00:01/8-01:18:18,38) [watchdog/5]
      (root,0,0,00:00:00/8-01:18:18,39) [migration/5]
      (root,0,0,00:00:00/8-01:18:18,40) [ksoftirqd/5]
      (root,0,0,00:00:00/8-01:18:18,42) [kworker/5:0H]
      (root,0,0,00:00:00/8-01:18:18,43) [kdevtmpfs]
      (root,0,0,00:00:00/8-01:18:18,44) [netns]
      (root,0,0,00:00:00/8-01:18:18,45) [rcu_tasks_kthre]
      (root,0,0,00:00:00/8-01:18:18,46) [kauditd]
      (root,0,0,00:00:01/8-01:18:18,49) [khungtaskd]
      (root,0,0,00:00:00/8-01:18:18,50) [oom_reaper]
      (root,0,0,00:00:00/8-01:18:18,51) [writeback]
      (root,0,0,00:00:00/8-01:18:18,52) [kcompactd0]
      (root,0,0,00:00:00/8-01:18:18,53) [ksmd]
      (root,0,0,00:00:00/8-01:18:18,54) [khugepaged]
      (root,0,0,00:00:00/8-01:18:18,55) [crypto]
      (root,0,0,00:00:00/8-01:18:18,56) [kintegrityd]
      (root,0,0,00:00:00/8-01:18:18,57) [kblockd]
      (root,0,0,00:00:00/8-01:18:18,58) [ata_sff]
      (root,0,0,00:00:00/8-01:18:18,59) [md]
      (root,0,0,00:00:00/8-01:18:18,60) [edac-poller]
      (root,0,0,00:00:00/8-01:18:18,61) [devfreq_wq]
      (root,0,0,00:00:00/8-01:18:18,62) [watchdogd]
      (root,0,0,00:00:01/8-01:18:17,68) [kswapd0]
      (root,0,0,00:00:00/8-01:18:17,69) [kworker/u13:0]
      (root,0,0,00:00:00/8-01:18:17,70) [ecryptfs-kthrea]
      (root,0,0,00:00:00/8-01:18:17,112) [kthrotld]
      (root,0,0,00:00:00/8-01:18:17,113) [acpi_thermal_pm]
      (root,0,0,00:00:00/8-01:18:17,114) [scsi_eh_0]
      (root,0,0,00:00:00/8-01:18:17,115) [scsi_tmf_0]
      (root,0,0,00:00:00/8-01:18:17,116) [scsi_eh_1]
      (root,0,0,00:00:00/8-01:18:17,117) [scsi_tmf_1]
      (root,0,0,00:00:00/8-01:18:17,123) [ipv6_addrconf]
      (root,0,0,00:00:00/8-01:18:17,132) [kstrp]
      (root,0,0,00:00:00/8-01:18:17,149) [charger_manager]
      (root,0,0,00:00:00/8-01:18:17,198) [scsi_eh_2]
      (root,0,0,00:00:00/8-01:18:17,199) [scsi_tmf_2]
      (root,0,0,00:00:00/8-01:18:13,236) [ttm_swap]
      (root,0,0,00:00:00/8-01:18:13,237) [kdmflush]
      (root,0,0,00:00:00/8-01:18:13,238) [bioset]
      (root,0,0,00:00:00/8-01:18:13,240) [kdmflush]
      (root,0,0,00:00:00/8-01:18:13,241) [bioset]
      (root,0,0,00:00:00/8-01:18:12,354) [raid5wq]
      (root,0,0,00:00:02/8-01:18:12,390) [kworker/4:1H]
      (root,0,0,00:00:03/8-01:18:12,391) [kworker/1:1H]
      (root,0,0,00:00:02/8-01:18:12,414) [kworker/3:1H]
      (root,0,0,00:00:26/8-01:18:11,425) [jbd2/dm-0-8]
      (root,0,0,00:00:00/8-01:18:11,426) [ext4-rsv-conver]
      (root,0,0,00:00:03/8-01:18:11,482) [kworker/2:1H]
      (root,0,0,00:00:03/8-01:18:11,484) [kworker/0:1H]
      (root,0,0,00:00:02/8-01:18:11,485) [kworker/5:1H]
      (root,0,0,00:00:00/16:01:04,500) [kworker/2:1]
      (root,0,0,00:00:00/8-01:18:09,514) [iscsi_eh]
      (root,0,0,00:00:00/8-01:18:09,515) [ib-comp-wq]
      (root,0,0,00:00:00/8-01:18:09,516) [ib-comp-unb-wq]
      (root,0,0,00:00:00/8-01:18:09,517) [ib_mcast]
      (root,0,0,00:00:00/8-01:18:09,518) [ib_nl_sa_wq]
      (root,0,0,00:00:00/8-01:18:09,519) [rdma_cm]
      (root,254000,155088,00:02:05/8-01:18:09,522) /lib/systemd/systemd-journald
      (root,105908,1756,00:00:00/8-01:18:08,549) /sbin/lvmetad -f
      (root,45788,4416,00:00:08/8-01:18:08,558) /lib/systemd/systemd-udevd
      (root,0,0,00:00:00/8-01:18:06,809) [ext4-rsv-conver]
      (systemd-timesync,141788,2988,00:00:01/8-01:18:06,927) /lib/systemd/systemd-timesyncd
      (systemd-network,71728,4808,00:00:01/8-01:18:03,1048) /lib/systemd/systemd-networkd
      (systemd-resolve,70628,5572,00:00:04/8-01:18:03,1073) /lib/systemd/systemd-resolved
      (root,110492,3384,00:00:19/8-01:17:58,1177) /usr/sbin/irqbalance --foreground
      (root,235692,2064,00:00:02/8-01:17:58,1189) /usr/bin/lxcfs /var/lib/lxcfs/
      (root,264092,12276,00:00:12/8-01:17:58,1199) /usr/sbin/nmbd --foreground --no-process-group
      (syslog,263048,4768,00:00:33/8-01:17:57,1220) /usr/sbin/rsyslogd -n
      (bind,601784,38504,00:00:07/8-01:17:57,1246) /usr/sbin/named -f -u bind
      (daemon,28336,2256,00:00:00/8-01:17:57,1271) /usr/sbin/atd -f
      (root,169544,17140,00:00:00/8-01:17:57,1309) /usr/bin/python3 /usr/bin/networkd-dispatcher --run-startup-triggers
      (root,30040,3016,00:00:02/8-01:17:57,1320) /usr/sbin/cron -f
      (root,31884,1620,00:00:28/8-01:17:57,1336) /usr/sbin/inetd
      (root,564436,37636,00:00:24/8-01:17:57,1412) /usr/sbin/apache2 -k start
      (root,70544,5696,00:00:01/8-01:17:57,1416) /lib/systemd/systemd-logind
      (root,286256,6604,00:00:25/8-01:17:57,1503) /usr/lib/accountsservice/accounts-daemon
      (mongodb,1541524,107624,00:27:53/8-01:17:56,1578) /usr/bin/mongod --config /etc/mongod.conf
      (messagebus,50368,4536,00:00:32/8-01:17:56,1589) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
      (root,186356,19816,00:00:00/8-01:17:56,1599) /usr/bin/python3 /usr/share/unattended-upgrades/unattended-upgrade-shutdown --wait-for-signal
      (root,72304,6024,00:00:31/8-01:17:56,1673) /usr/sbin/sshd -D
      (mysql,3492160,1310708,00:15:56/8-01:17:56,1676) /usr/sbin/mysqld
      (root,288884,6212,00:00:18/8-01:17:56,1826) /usr/lib/policykit-1/polkitd --no-debug
      (www-data,19912,172,00:00:12/8-01:17:56,1883) /usr/bin/htcacheclean -d 120 -p /var/cache/apache2/mod_cache_disk -l 300M -n
      (root,317604,18816,00:00:08/8-01:17:55,1884) /usr/sbin/winbindd --foreground --no-process-group
      (root,319956,13344,00:00:02/8-01:17:55,1951) /usr/sbin/winbindd --foreground --no-process-group
      (root,67384,3532,00:00:05/8-01:17:55,1979) /usr/lib/postfix/sbin/master -w
      (postfix,73980,4928,00:00:02/8-01:17:55,1983) qmgr -l -t unix -u
      (root,358052,23496,00:00:59/8-01:17:55,2023) /usr/sbin/smbd --foreground --no-process-group
      (root,28932,1776,00:00:00/8-01:17:55,2039) pure-ftpd (SERVER)
      (root,343692,4704,00:00:00/8-01:17:55,2081) /usr/sbin/smbd --foreground --no-process-group
      (root,343724,4704,00:00:04/8-01:17:55,2082) /usr/sbin/smbd --foreground --no-process-group
      (root,317604,4248,00:00:01/8-01:17:55,2092) /usr/sbin/winbindd --foreground --no-process-group
      (root,317604,6540,00:00:01/8-01:17:55,2095) /usr/sbin/winbindd --foreground --no-process-group
      (root,358036,6792,00:00:01/8-01:17:55,2096) /usr/sbin/smbd --foreground --no-process-group
      (root,96092,30160,00:01:06/8-01:17:54,2103) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (postfix,87728,7608,00:00:00/8-01:17:18,2285) tlsmgr -l -t unix -u -c
      (root,0,0,00:00:02/3-14:09:38,2998) [kworker/1:0]
      (www-data,946568,110160,00:00:05/12:44:08,6288) /usr/sbin/apache2 -k start
      (www-data,954856,102088,00:00:04/12:44:08,6291) /usr/sbin/apache2 -k start
      (www-data,940652,95532,00:00:07/12:40:17,6409) /usr/sbin/apache2 -k start
      (www-data,940592,112464,00:00:07/12:40:16,6412) /usr/sbin/apache2 -k start
      (root,0,0,00:00:01/1-06:56:01,7606) [kworker/5:0]
      (www-data,645160,76980,00:00:04/10:06:49,9859) /usr/sbin/apache2 -k start
      (root,14904,1692,00:00:00/6-23:49:33,14816) /sbin/agetty -o -p -- \u --noclear tty1 linux
      (root,0,0,00:00:07/1-23:25:28,15215) [kworker/0:1]
      (root,96092,27964,00:00:00/7-17:27:35,15556) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (root,96092,27988,00:00:00/2-17:28:00,16199) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (root,0,0,00:00:24/1-01:17:16,17435) [kworker/4:2]
      (root,0,0,00:00:00/03:38:43,24363) [kworker/0:2]
      (root,0,0,00:00:00/03:31:04,24637) [kworker/1:1]
      (postfix,73816,4684,00:00:00/54:27,28526) pickup -l -t unix -u -c
      (root,0,0,00:00:00/46:39,28833) [kworker/5:1]
      (root,0,0,00:00:00/25:56,29487) [kworker/3:2]
      (root,0,0,00:00:00/24:30,29521) [kworker/u12:3]
      (root,0,0,00:00:00/19:08,29659) [kworker/u12:0]
      (www-data,566816,22456,00:00:00/13:50,29807) /usr/sbin/apache2 -k start
      (www-data,566888,26896,00:00:00/13:46,29897) /usr/sbin/apache2 -k start
      (www-data,566808,21296,00:00:00/13:20,30040) /usr/sbin/apache2 -k start
      (www-data,567220,34452,00:00:00/12:39,30053) /usr/sbin/apache2 -k start
      (www-data,566792,21296,00:00:00/12:21,30055) /usr/sbin/apache2 -k start
      (root,0,0,00:00:00/11:16,30080) [kworker/u12:1]
      (root,0,0,00:00:00/07:38,30173) [kworker/4:1]
      (postfix,92436,9504,00:00:00/01:26,30269) smtpd -n smtp -t inet -u -c -o stress= -s 2
      (postfix,73816,4720,00:00:00/01:26,30270) proxymap -t unix -u
      (postfix,73816,4696,00:00:00/01:26,30271) anvil -l -t unix -u -c
      (root,0,0,00:00:00/01:06,30452) [kworker/3:1]
      (root,0,0,00:00:07/6-15:06:35,30458) [kworker/3:0]
      (root,0,0,00:00:00/00:00,30600) [kworker/0:0]
      (root,11740,3204,00:00:00/00:00,30633) /bin/bash /usr/bin/check_mk_agent
      (root,34412,2720,00:00:00/00:00,30649) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000
      (root,13564,1024,00:00:00/00:00,30650) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) /
      (root,0,0,00:00:02/17:01:48,30929) [kworker/2:2]
      
      Found network interfaces through CheckMk:
      [start_iplink]
      1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
          link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
      2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000
          link/ether 02:00:00:ba:c4:a5 brd ff:ff:ff:ff:ff:ff
      [end_iplink]
      
      
      Found on 2023-04-10 17:10
    • Severity: high
      Fingerprint: 03cb82e6f6a6b45342c4bbcbbaf2bceb288a252c7451464e71dc253523643aa4

      Found public CheckMk agent:
      Version: 1.5.0p13
      AgentOS: linux
      Hostname: nd23
      AgentDirectory: /etc/check_mk
      DataDirectory: /var/lib/check_mk_agent
      SpoolDirectory: /var/lib/check_mk_agent/spool
      PluginsDirectory: /usr/lib/check_mk_agent/plugins
      LocalDirectory: /usr/lib/check_mk_agent/local
      
      Found process list through CheckMk:
      (root,225612,9412,00:03:52/27-03:37:40,1) /lib/systemd/systemd --system --deserialize 40
      (root,0,0,00:00:00/27-03:37:40,2) [kthreadd]
      (root,0,0,00:00:00/27-03:37:40,4) [kworker/0:0H]
      (root,0,0,00:00:00/27-03:37:40,6) [mm_percpu_wq]
      (root,0,0,00:00:34/27-03:37:40,7) [ksoftirqd/0]
      (root,0,0,00:06:34/27-03:37:40,8) [rcu_sched]
      (root,0,0,00:00:00/27-03:37:40,9) [rcu_bh]
      (root,0,0,00:00:00/27-03:37:40,10) [migration/0]
      (root,0,0,00:00:05/27-03:37:40,11) [watchdog/0]
      (root,0,0,00:00:00/27-03:37:40,12) [cpuhp/0]
      (root,0,0,00:00:00/27-03:37:40,13) [cpuhp/1]
      (root,0,0,00:00:04/27-03:37:40,14) [watchdog/1]
      (root,0,0,00:00:00/27-03:37:40,15) [migration/1]
      (root,0,0,00:00:01/27-03:37:40,16) [ksoftirqd/1]
      (root,0,0,00:00:00/27-03:37:40,18) [kworker/1:0H]
      (root,0,0,00:00:00/27-03:37:40,19) [cpuhp/2]
      (root,0,0,00:00:05/27-03:37:40,20) [watchdog/2]
      (root,0,0,00:00:00/27-03:37:40,21) [migration/2]
      (root,0,0,00:00:00/27-03:37:40,22) [ksoftirqd/2]
      (root,0,0,00:00:00/27-03:37:40,24) [kworker/2:0H]
      (root,0,0,00:00:00/27-03:37:40,25) [cpuhp/3]
      (root,0,0,00:00:04/27-03:37:40,26) [watchdog/3]
      (root,0,0,00:00:00/27-03:37:40,27) [migration/3]
      (root,0,0,00:00:00/27-03:37:40,28) [ksoftirqd/3]
      (root,0,0,00:00:00/27-03:37:40,30) [kworker/3:0H]
      (root,0,0,00:00:00/27-03:37:40,31) [cpuhp/4]
      (root,0,0,00:00:04/27-03:37:40,32) [watchdog/4]
      (root,0,0,00:00:00/27-03:37:40,33) [migration/4]
      (root,0,0,00:00:01/27-03:37:40,34) [ksoftirqd/4]
      (root,0,0,00:00:00/27-03:37:40,36) [kworker/4:0H]
      (root,0,0,00:00:00/27-03:37:40,37) [cpuhp/5]
      (root,0,0,00:00:03/27-03:37:40,38) [watchdog/5]
      (root,0,0,00:00:00/27-03:37:40,39) [migration/5]
      (root,0,0,00:00:00/27-03:37:40,40) [ksoftirqd/5]
      (root,0,0,00:00:00/27-03:37:40,42) [kworker/5:0H]
      (root,0,0,00:00:00/27-03:37:40,43) [kdevtmpfs]
      (root,0,0,00:00:00/27-03:37:40,44) [netns]
      (root,0,0,00:00:00/27-03:37:40,45) [rcu_tasks_kthre]
      (root,0,0,00:00:00/27-03:37:40,46) [kauditd]
      (root,0,0,00:00:04/27-03:37:40,49) [khungtaskd]
      (root,0,0,00:00:00/27-03:37:40,50) [oom_reaper]
      (root,0,0,00:00:00/27-03:37:40,51) [writeback]
      (root,0,0,00:00:00/27-03:37:40,52) [kcompactd0]
      (root,0,0,00:00:00/27-03:37:40,53) [ksmd]
      (root,0,0,00:00:00/27-03:37:40,54) [khugepaged]
      (root,0,0,00:00:00/27-03:37:40,55) [crypto]
      (root,0,0,00:00:00/27-03:37:40,56) [kintegrityd]
      (root,0,0,00:00:00/27-03:37:40,57) [kblockd]
      (root,0,0,00:00:00/27-03:37:40,58) [ata_sff]
      (root,0,0,00:00:00/27-03:37:40,59) [md]
      (root,0,0,00:00:00/27-03:37:40,60) [edac-poller]
      (root,0,0,00:00:00/27-03:37:40,61) [devfreq_wq]
      (root,0,0,00:00:00/27-03:37:40,62) [watchdogd]
      (root,0,0,00:00:03/27-03:37:39,68) [kswapd0]
      (root,0,0,00:00:00/27-03:37:39,69) [kworker/u13:0]
      (root,0,0,00:00:00/27-03:37:39,70) [ecryptfs-kthrea]
      (root,0,0,00:00:00/27-03:37:39,112) [kthrotld]
      (root,0,0,00:00:00/27-03:37:39,113) [acpi_thermal_pm]
      (root,0,0,00:00:00/27-03:37:39,114) [scsi_eh_0]
      (root,0,0,00:00:00/27-03:37:39,115) [scsi_tmf_0]
      (root,0,0,00:00:00/27-03:37:39,116) [scsi_eh_1]
      (root,0,0,00:00:00/27-03:37:39,117) [scsi_tmf_1]
      (root,0,0,00:00:00/27-03:37:39,123) [ipv6_addrconf]
      (root,0,0,00:00:00/27-03:37:39,132) [kstrp]
      (root,0,0,00:00:00/27-03:37:39,149) [charger_manager]
      (root,0,0,00:00:00/27-03:37:39,204) [scsi_eh_2]
      (root,0,0,00:00:00/27-03:37:39,205) [scsi_tmf_2]
      (root,0,0,00:00:00/27-03:37:35,227) [ttm_swap]
      (root,0,0,00:00:05/27-03:37:35,239) [kworker/4:1H]
      (root,0,0,00:00:00/27-03:37:35,240) [kdmflush]
      (root,0,0,00:00:00/27-03:37:35,241) [bioset]
      (root,0,0,00:00:00/27-03:37:35,243) [kdmflush]
      (root,0,0,00:00:00/27-03:37:35,245) [bioset]
      (root,0,0,00:00:00/27-03:37:34,357) [raid5wq]
      (root,0,0,00:00:11/27-03:37:34,395) [kworker/0:1H]
      (root,0,0,00:00:10/27-03:37:34,407) [kworker/1:1H]
      (root,0,0,00:00:05/27-03:37:34,419) [kworker/3:1H]
      (root,0,0,00:01:18/27-03:37:33,430) [jbd2/dm-0-8]
      (root,0,0,00:00:00/27-03:37:33,431) [ext4-rsv-conver]
      (root,0,0,00:00:11/27-03:37:33,487) [kworker/2:1H]
      (root,0,0,00:00:00/27-03:37:31,518) [iscsi_eh]
      (root,0,0,00:00:00/27-03:37:31,519) [ib-comp-wq]
      (root,0,0,00:00:00/27-03:37:31,520) [ib-comp-unb-wq]
      (root,0,0,00:00:00/27-03:37:31,521) [ib_mcast]
      (root,0,0,00:00:00/27-03:37:31,522) [ib_nl_sa_wq]
      (root,0,0,00:00:00/27-03:37:31,523) [rdma_cm]
      (root,105908,1812,00:00:00/27-03:37:29,552) /sbin/lvmetad -f
      (root,0,0,00:00:05/27-03:37:29,582) [kworker/5:1H]
      (root,0,0,00:00:10/2-08:24:01,666) [kworker/2:1]
      (root,0,0,00:00:00/27-03:37:27,818) [ext4-rsv-conver]
      (root,30040,2964,00:00:08/27-03:37:19,1216) /usr/sbin/cron -f
      (root,110492,3320,00:01:04/27-03:37:19,1239) /usr/sbin/irqbalance --foreground
      (bind,602304,39260,00:00:22/27-03:37:19,1260) /usr/sbin/named -f -u bind
      (root,286256,6596,00:01:28/27-03:37:19,1431) /usr/lib/accountsservice/accounts-daemon
      (daemon,28336,2220,00:00:00/27-03:37:19,1451) /usr/sbin/atd -f
      (syslog,263048,4868,00:01:50/27-03:37:19,1458) /usr/sbin/rsyslogd -n
      (root,31884,1692,00:01:44/27-03:37:19,1475) /usr/sbin/inetd
      (root,236168,2620,00:00:14/27-03:37:19,1493) /usr/bin/lxcfs /var/lib/lxcfs/
      (root,70468,5788,00:00:06/27-03:37:18,1519) /lib/systemd/systemd-logind
      (root,264092,11896,00:02:38/27-03:37:18,1528) /usr/sbin/nmbd --foreground --no-process-group
      (root,0,0,00:00:00/50:40,1546) [kworker/u12:1]
      (messagebus,50488,4776,00:02:16/27-03:37:18,1557) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
      (root,96200,27936,00:00:00/16-16:12:49,1578) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (root,186356,19612,00:00:00/27-03:37:18,1605) /usr/bin/python3 /usr/share/unattended-upgrades/unattended-upgrade-shutdown --wait-for-signal
      (mongodb,1544448,108256,01:33:38/27-03:37:18,1616) /usr/bin/mongod --config /etc/mongod.conf
      (root,169544,16996,00:00:00/27-03:37:18,1705) /usr/bin/python3 /usr/bin/networkd-dispatcher --run-startup-triggers
      (root,0,0,00:00:00/50:13,1750) [kworker/2:2]
      (mysql,3887968,1676776,00:51:43/27-03:37:18,1772) /usr/sbin/mysqld
      (root,72304,6048,00:01:29/27-03:37:18,1774) /usr/sbin/sshd -D
      (root,288884,6120,00:01:14/27-03:37:18,1812) /usr/lib/policykit-1/polkitd --no-debug
      (root,67384,3284,00:00:19/27-03:37:17,1947) /usr/lib/postfix/sbin/master -w
      (root,317576,17852,00:00:28/27-03:37:17,1948) /usr/sbin/winbindd --foreground --no-process-group
      (postfix,73988,4952,00:00:08/27-03:37:17,1958) qmgr -l -t unix -u
      (postfix,73816,4748,00:00:00/36:49,1968) pickup -l -t unix -u -c
      (root,313652,9040,00:00:08/27-03:37:17,1971) /usr/sbin/winbindd --foreground --no-process-group
      (root,0,0,00:00:00/35:53,1972) [kworker/u12:0]
      (root,28932,1824,00:00:01/27-03:37:17,2062) pure-ftpd (SERVER)
      (root,358052,22584,00:04:00/27-03:37:17,2063) /usr/sbin/smbd --foreground --no-process-group
      (root,343692,4656,00:00:02/27-03:37:17,2107) /usr/sbin/smbd --foreground --no-process-group
      (root,343724,4664,00:00:18/27-03:37:17,2109) /usr/sbin/smbd --foreground --no-process-group
      (root,14904,1656,00:00:00/27-03:37:17,2122) /sbin/agetty -o -p -- \u --noclear tty1 linux
      (root,317576,6752,00:00:03/27-03:37:17,2145) /usr/sbin/winbindd --foreground --no-process-group
      (root,317576,4176,00:00:03/27-03:37:17,2146) /usr/sbin/winbindd --foreground --no-process-group
      (root,358036,6792,00:00:06/27-03:37:17,2147) /usr/sbin/smbd --foreground --no-process-group
      (root,96184,30032,00:04:56/27-03:37:15,2193) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (root,0,0,00:00:00/20:13,2391) [kworker/3:1]
      (root,362360,14432,00:00:00/10:18,2615) /usr/sbin/smbd --foreground --no-process-group
      (root,72304,5452,00:00:00/01:17,2726) sshd: [accepted]
      (root,0,0,00:00:00/00:00,2866) [kworker/u12:2]
      (root,0,0,00:00:00/00:00,2889) [kworker/2:0]
      (root,11740,3200,00:00:00/00:00,2890) /bin/bash /usr/bin/check_mk_agent
      (root,34412,2820,00:00:00/00:00,2906) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000
      (root,13564,1064,00:00:00/00:00,2907) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) /
      (root,564432,37816,00:00:26/8-11:45:44,3330) /usr/sbin/apache2 -k start
      (www-data,19912,172,00:00:15/8-11:45:44,3467) /usr/bin/htcacheclean -d 120 -p /var/cache/apache2/mod_cache_disk -l 300M -n
      (root,45084,3736,00:00:11/10-11:34:27,4820) /lib/systemd/systemd-udevd
      (root,0,0,00:00:01/1-12:41:15,5336) [kworker/1:0]
      (postfix,87728,7676,00:00:02/27-02:35:16,5724) tlsmgr -l -t unix -u -c
      (root,96184,27816,00:00:00/6-18:34:23,7052) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (root,96184,27876,00:00:00/8-09:22:56,8205) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (root,0,0,00:00:04/3-14:11:55,8423) [kworker/3:0]
      (root,0,0,00:00:02/15:43:34,8941) [kworker/0:2]
      (root,0,0,00:00:35/1-09:58:11,11115) [kworker/4:0]
      (root,364472,18132,00:00:00/2-18:40:13,13416) /usr/sbin/smbd --foreground --no-process-group
      (systemd-network,71728,4984,00:00:02/10-11:34:00,14075) /lib/systemd/systemd-networkd
      (systemd-resolve,70628,4860,00:00:05/10-11:34:00,14136) /lib/systemd/systemd-resolved
      (systemd-timesync,141788,2968,00:00:02/10-11:34:00,14188) /lib/systemd/systemd-timesyncd
      (root,122432,42816,00:02:54/10-11:34:00,14216) /lib/systemd/systemd-journald
      (root,0,0,00:00:19/10-11:34:00,14251) [kworker/5:3]
      (www-data,654584,93592,00:00:02/12:03:15,14570) /usr/sbin/apache2 -k start
      (www-data,650856,87396,00:00:02/12:03:15,14571) /usr/sbin/apache2 -k start
      (www-data,652592,102844,00:00:04/12:03:15,14572) /usr/sbin/apache2 -k start
      (www-data,646684,99056,00:00:01/12:03:15,14573) /usr/sbin/apache2 -k start
      (www-data,646856,88388,00:00:02/12:03:15,14574) /usr/sbin/apache2 -k start
      (www-data,651056,58352,00:00:02/12:00:45,14652) /usr/sbin/apache2 -k start
      (www-data,646760,76972,00:00:02/11:45:18,15375) /usr/sbin/apache2 -k start
      (root,96184,27820,00:00:00/4-16:59:53,23000) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (www-data,646692,82656,00:00:01/07:22:01,23271) /usr/sbin/apache2 -k start
      (www-data,650840,62860,00:00:00/07:18:26,23610) /usr/sbin/apache2 -k start
      (www-data,651712,84876,00:00:04/06:46:39,24344) /usr/sbin/apache2 -k start
      (root,0,0,00:00:00/15-11:34:15,26229) [xfsalloc]
      (root,0,0,00:00:00/15-11:34:15,26231) [xfs_mru_cache]
      (root,0,0,00:00:00/15-11:34:15,26238) [jfsIO]
      (root,0,0,00:00:00/15-11:34:15,26239) [jfsCommit]
      (root,0,0,00:00:00/15-11:34:15,26240) [jfsCommit]
      (root,0,0,00:00:00/15-11:34:15,26241) [jfsCommit]
      (root,0,0,00:00:00/15-11:34:15,26242) [jfsCommit]
      (root,0,0,00:00:00/15-11:34:15,26243) [jfsCommit]
      (root,0,0,00:00:00/15-11:34:15,26244) [jfsCommit]
      (root,0,0,00:00:00/15-11:34:15,26245) [jfsSync]
      (root,96204,27884,00:00:00/10-16:35:38,26552) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (root,0,0,00:00:00/03:25:48,30085) [kworker/0:0]
      (root,0,0,00:00:00/03:16:39,30530) [kworker/5:0]
      (root,96188,27928,00:00:00/22-11:59:41,30584) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (root,0,0,00:00:00/02:20:13,31827) [kworker/1:1]
      (root,0,0,00:00:00/01:44:14,32440) [kworker/4:1]
      
      Found network interfaces through CheckMk:
      [start_iplink]
      1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
          link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
      2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000
          link/ether 02:00:00:ba:c4:a5 brd ff:ff:ff:ff:ff:ff
      [end_iplink]
      
      
      Found on 2023-03-18 17:29
    • Severity: high
      Fingerprint: 03cb82e6f6a6b45342c4bbcbbaf2bceb288a252c7451464e71dc25357015776b

      Found public CheckMk agent:
      Version: 1.5.0p13
      AgentOS: linux
      Hostname: nd23
      AgentDirectory: /etc/check_mk
      DataDirectory: /var/lib/check_mk_agent
      SpoolDirectory: /var/lib/check_mk_agent/spool
      PluginsDirectory: /usr/lib/check_mk_agent/plugins
      LocalDirectory: /usr/lib/check_mk_agent/local
      
      Found process list through CheckMk:
      (root,225612,9412,00:03:35/25-01:17:36,1) /lib/systemd/systemd --system --deserialize 40
      (root,0,0,00:00:00/25-01:17:36,2) [kthreadd]
      (root,0,0,00:00:00/25-01:17:36,4) [kworker/0:0H]
      (root,0,0,00:00:00/25-01:17:36,6) [mm_percpu_wq]
      (root,0,0,00:00:31/25-01:17:36,7) [ksoftirqd/0]
      (root,0,0,00:06:03/25-01:17:36,8) [rcu_sched]
      (root,0,0,00:00:00/25-01:17:36,9) [rcu_bh]
      (root,0,0,00:00:00/25-01:17:36,10) [migration/0]
      (root,0,0,00:00:04/25-01:17:36,11) [watchdog/0]
      (root,0,0,00:00:00/25-01:17:36,12) [cpuhp/0]
      (root,0,0,00:00:00/25-01:17:36,13) [cpuhp/1]
      (root,0,0,00:00:04/25-01:17:36,14) [watchdog/1]
      (root,0,0,00:00:00/25-01:17:36,15) [migration/1]
      (root,0,0,00:00:01/25-01:17:36,16) [ksoftirqd/1]
      (root,0,0,00:00:00/25-01:17:36,18) [kworker/1:0H]
      (root,0,0,00:00:00/25-01:17:36,19) [cpuhp/2]
      (root,0,0,00:00:04/25-01:17:36,20) [watchdog/2]
      (root,0,0,00:00:00/25-01:17:36,21) [migration/2]
      (root,0,0,00:00:00/25-01:17:36,22) [ksoftirqd/2]
      (root,0,0,00:00:00/25-01:17:36,24) [kworker/2:0H]
      (root,0,0,00:00:00/25-01:17:36,25) [cpuhp/3]
      (root,0,0,00:00:04/25-01:17:36,26) [watchdog/3]
      (root,0,0,00:00:00/25-01:17:36,27) [migration/3]
      (root,0,0,00:00:00/25-01:17:36,28) [ksoftirqd/3]
      (root,0,0,00:00:00/25-01:17:36,30) [kworker/3:0H]
      (root,0,0,00:00:00/25-01:17:36,31) [cpuhp/4]
      (root,0,0,00:00:04/25-01:17:36,32) [watchdog/4]
      (root,0,0,00:00:00/25-01:17:36,33) [migration/4]
      (root,0,0,00:00:01/25-01:17:36,34) [ksoftirqd/4]
      (root,0,0,00:00:00/25-01:17:36,36) [kworker/4:0H]
      (root,0,0,00:00:00/25-01:17:36,37) [cpuhp/5]
      (root,0,0,00:00:03/25-01:17:36,38) [watchdog/5]
      (root,0,0,00:00:00/25-01:17:36,39) [migration/5]
      (root,0,0,00:00:00/25-01:17:36,40) [ksoftirqd/5]
      (root,0,0,00:00:00/25-01:17:36,42) [kworker/5:0H]
      (root,0,0,00:00:00/25-01:17:36,43) [kdevtmpfs]
      (root,0,0,00:00:00/25-01:17:36,44) [netns]
      (root,0,0,00:00:00/25-01:17:36,45) [rcu_tasks_kthre]
      (root,0,0,00:00:00/25-01:17:36,46) [kauditd]
      (root,0,0,00:00:03/25-01:17:36,49) [khungtaskd]
      (root,0,0,00:00:00/25-01:17:36,50) [oom_reaper]
      (root,0,0,00:00:00/25-01:17:36,51) [writeback]
      (root,0,0,00:00:00/25-01:17:36,52) [kcompactd0]
      (root,0,0,00:00:00/25-01:17:36,53) [ksmd]
      (root,0,0,00:00:00/25-01:17:36,54) [khugepaged]
      (root,0,0,00:00:00/25-01:17:36,55) [crypto]
      (root,0,0,00:00:00/25-01:17:36,56) [kintegrityd]
      (root,0,0,00:00:00/25-01:17:36,57) [kblockd]
      (root,0,0,00:00:00/25-01:17:36,58) [ata_sff]
      (root,0,0,00:00:00/25-01:17:36,59) [md]
      (root,0,0,00:00:00/25-01:17:36,60) [edac-poller]
      (root,0,0,00:00:00/25-01:17:36,61) [devfreq_wq]
      (root,0,0,00:00:00/25-01:17:36,62) [watchdogd]
      (root,0,0,00:00:03/25-01:17:35,68) [kswapd0]
      (root,0,0,00:00:00/25-01:17:35,69) [kworker/u13:0]
      (root,0,0,00:00:00/25-01:17:35,70) [ecryptfs-kthrea]
      (root,0,0,00:00:00/25-01:17:35,112) [kthrotld]
      (root,0,0,00:00:00/25-01:17:35,113) [acpi_thermal_pm]
      (root,0,0,00:00:00/25-01:17:35,114) [scsi_eh_0]
      (root,0,0,00:00:00/25-01:17:35,115) [scsi_tmf_0]
      (root,0,0,00:00:00/25-01:17:35,116) [scsi_eh_1]
      (root,0,0,00:00:00/25-01:17:35,117) [scsi_tmf_1]
      (root,0,0,00:00:00/25-01:17:35,123) [ipv6_addrconf]
      (root,0,0,00:00:00/25-01:17:35,132) [kstrp]
      (root,0,0,00:00:00/25-01:17:35,149) [charger_manager]
      (root,0,0,00:00:00/25-01:17:35,204) [scsi_eh_2]
      (root,0,0,00:00:00/25-01:17:35,205) [scsi_tmf_2]
      (root,0,0,00:00:00/25-01:17:31,227) [ttm_swap]
      (root,0,0,00:00:04/25-01:17:31,239) [kworker/4:1H]
      (root,0,0,00:00:00/25-01:17:31,240) [kdmflush]
      (root,0,0,00:00:00/25-01:17:31,241) [bioset]
      (root,0,0,00:00:00/25-01:17:31,243) [kdmflush]
      (root,0,0,00:00:00/25-01:17:31,245) [bioset]
      (root,0,0,00:00:00/25-01:17:30,357) [raid5wq]
      (root,0,0,00:00:10/25-01:17:30,395) [kworker/0:1H]
      (root,0,0,00:00:09/25-01:17:30,407) [kworker/1:1H]
      (root,0,0,00:00:05/25-01:17:30,419) [kworker/3:1H]
      (root,0,0,00:01:12/25-01:17:29,430) [jbd2/dm-0-8]
      (root,0,0,00:00:00/25-01:17:29,431) [ext4-rsv-conver]
      (root,0,0,00:00:10/25-01:17:29,487) [kworker/2:1H]
      (root,0,0,00:00:00/25-01:17:27,518) [iscsi_eh]
      (root,0,0,00:00:00/25-01:17:27,519) [ib-comp-wq]
      (root,0,0,00:00:00/25-01:17:27,520) [ib-comp-unb-wq]
      (root,0,0,00:00:00/25-01:17:27,521) [ib_mcast]
      (root,0,0,00:00:00/25-01:17:27,522) [ib_nl_sa_wq]
      (root,0,0,00:00:00/25-01:17:27,523) [rdma_cm]
      (root,105908,1812,00:00:00/25-01:17:25,552) /sbin/lvmetad -f
      (root,0,0,00:00:05/25-01:17:25,582) [kworker/5:1H]
      (root,0,0,00:00:01/06:03:57,666) [kworker/2:1]
      (root,0,0,00:00:00/25-01:17:23,818) [ext4-rsv-conver]
      (root,30040,2964,00:00:07/25-01:17:15,1216) /usr/sbin/cron -f
      (root,110492,3320,00:00:59/25-01:17:15,1239) /usr/sbin/irqbalance --foreground
      (bind,602044,38996,00:00:21/25-01:17:15,1260) /usr/sbin/named -f -u bind
      (root,286256,6596,00:01:21/25-01:17:15,1431) /usr/lib/accountsservice/accounts-daemon
      (daemon,28336,2220,00:00:00/25-01:17:15,1451) /usr/sbin/atd -f
      (syslog,263048,4860,00:01:41/25-01:17:15,1458) /usr/sbin/rsyslogd -n
      (root,31884,1692,00:01:36/25-01:17:15,1475) /usr/sbin/inetd
      (root,236168,2620,00:00:13/25-01:17:15,1493) /usr/bin/lxcfs /var/lib/lxcfs/
      (root,70468,5788,00:00:05/25-01:17:14,1519) /lib/systemd/systemd-logind
      (root,264092,11896,00:02:21/25-01:17:14,1528) /usr/sbin/nmbd --foreground --no-process-group
      (messagebus,50488,4776,00:02:07/25-01:17:14,1557) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
      (root,96200,27936,00:00:00/14-13:52:45,1578) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (root,186356,19612,00:00:00/25-01:17:14,1605) /usr/bin/python3 /usr/share/unattended-upgrades/unattended-upgrade-shutdown --wait-for-signal
      (mongodb,1544448,109300,01:26:43/25-01:17:14,1616) /usr/bin/mongod --config /etc/mongod.conf
      (root,169544,16996,00:00:00/25-01:17:14,1705) /usr/bin/python3 /usr/bin/networkd-dispatcher --run-startup-triggers
      (mysql,3887968,1648444,00:48:10/25-01:17:14,1772) /usr/sbin/mysqld
      (root,72304,6048,00:01:21/25-01:17:14,1774) /usr/sbin/sshd -D
      (root,288884,6120,00:01:09/25-01:17:14,1812) /usr/lib/policykit-1/polkitd --no-debug
      (root,67384,3284,00:00:18/25-01:17:13,1947) /usr/lib/postfix/sbin/master -w
      (root,317576,17852,00:00:26/25-01:17:13,1948) /usr/sbin/winbindd --foreground --no-process-group
      (postfix,73992,4956,00:00:07/25-01:17:13,1958) qmgr -l -t unix -u
      (root,313652,9040,00:00:07/25-01:17:13,1971) /usr/sbin/winbindd --foreground --no-process-group
      (root,0,0,00:00:02/1-16:22:14,2008) [kworker/1:2]
      (root,28932,1824,00:00:01/25-01:17:13,2062) pure-ftpd (SERVER)
      (root,358052,22584,00:03:45/25-01:17:13,2063) /usr/sbin/smbd --foreground --no-process-group
      (root,343692,4656,00:00:02/25-01:17:13,2107) /usr/sbin/smbd --foreground --no-process-group
      (root,343724,4664,00:00:17/25-01:17:13,2109) /usr/sbin/smbd --foreground --no-process-group
      (root,14904,1656,00:00:00/25-01:17:13,2122) /sbin/agetty -o -p -- \u --noclear tty1 linux
      (root,317576,6752,00:00:03/25-01:17:13,2145) /usr/sbin/winbindd --foreground --no-process-group
      (root,317576,4176,00:00:03/25-01:17:13,2146) /usr/sbin/winbindd --foreground --no-process-group
      (root,358036,6792,00:00:06/25-01:17:13,2147) /usr/sbin/smbd --foreground --no-process-group
      (root,96184,30008,00:04:25/25-01:17:11,2193) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (root,564432,37812,00:00:20/6-09:25:40,3330) /usr/sbin/apache2 -k start
      (www-data,19912,172,00:00:11/6-09:25:40,3467) /usr/bin/htcacheclean -d 120 -p /var/cache/apache2/mod_cache_disk -l 300M -n
      (root,0,0,00:00:10/2-09:43:08,4210) [kworker/0:1]
      (root,45084,3736,00:00:09/8-09:14:23,4820) /lib/systemd/systemd-udevd
      (postfix,87728,7676,00:00:02/25-00:15:12,5724) tlsmgr -l -t unix -u -c
      (root,0,0,00:00:00/03:00:09,6965) [kworker/0:2]
      (root,96184,27816,00:00:00/4-16:14:19,7052) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (root,96184,27876,00:00:00/6-07:02:52,8205) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (root,0,0,00:00:01/1-11:51:51,8423) [kworker/3:0]
      (www-data,648264,47912,00:00:00/01:44:38,9557) /usr/sbin/apache2 -k start
      (www-data,648304,59212,00:00:00/01:44:37,9558) /usr/sbin/apache2 -k start
      (www-data,648528,59256,00:00:00/01:33:56,9826) /usr/sbin/apache2 -k start
      (www-data,648244,58924,00:00:00/01:33:55,9827) /usr/sbin/apache2 -k start
      (root,0,0,00:00:00/01:01:50,11029) [kworker/3:2]
      (root,0,0,00:00:00/01:00:10,11275) [kworker/4:1]
      (root,0,0,00:00:00/46:05,11936) [kworker/5:0]
      (root,0,0,00:00:00/18:49,13176) [kworker/u12:0]
      (postfix,73816,4760,00:00:00/14:34,13293) pickup -l -t unix -u -c
      (root,0,0,00:00:00/12:12,13395) [kworker/u12:2]
      (root,364472,18132,00:00:00/16:20:09,13416) /usr/sbin/smbd --foreground --no-process-group
      (root,0,0,00:00:00/12:11,13452) [kworker/1:0]
      (root,0,0,00:00:00/04:05,13641) [kworker/u12:1]
      (root,72304,5548,00:00:00/01:42,13709) sshd: [accepted]
      (sshd,72304,744,00:00:00/01:42,13710) sshd: [net]
      (root,0,0,00:00:00/00:09,13918) [kworker/5:1]
      (systemd-network,71728,4984,00:00:02/8-09:13:56,14075) /lib/systemd/systemd-networkd
      (root,11740,3168,00:00:00/00:00,14086) /bin/bash /usr/bin/check_mk_agent
      (root,34412,2720,00:00:00/00:00,14102) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000
      (root,13564,1100,00:00:00/00:00,14103) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) /
      (systemd-resolve,70628,4860,00:00:05/8-09:13:56,14136) /lib/systemd/systemd-resolved
      (systemd-timesync,141788,2968,00:00:02/8-09:13:56,14188) /lib/systemd/systemd-timesyncd
      (root,338244,209856,00:02:19/8-09:13:56,14216) /lib/systemd/systemd-journald
      (root,0,0,00:00:15/8-09:13:56,14251) [kworker/5:3]
      (root,0,0,00:00:11/11:55:07,21173) [kworker/4:2]
      (root,96184,27820,00:00:00/2-14:39:49,23000) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (www-data,663164,91848,00:00:03/09:43:10,25423) /usr/sbin/apache2 -k start
      (www-data,648884,91124,00:00:02/09:43:10,25424) /usr/sbin/apache2 -k start
      (www-data,652888,102968,00:00:02/09:43:10,25425) /usr/sbin/apache2 -k start
      (www-data,650976,76936,00:00:02/09:43:10,25426) /usr/sbin/apache2 -k start
      (www-data,648876,65836,00:00:01/09:41:29,25509) /usr/sbin/apache2 -k start
      (root,0,0,00:00:03/1-02:00:50,25681) [kworker/2:2]
      (www-data,648808,67116,00:00:02/09:36:08,25716) /usr/sbin/apache2 -k start
      (root,0,0,00:00:00/13-09:14:11,26229) [xfsalloc]
      (root,0,0,00:00:00/13-09:14:11,26231) [xfs_mru_cache]
      (root,0,0,00:00:00/13-09:14:11,26238) [jfsIO]
      (root,0,0,00:00:00/13-09:14:11,26239) [jfsCommit]
      (root,0,0,00:00:00/13-09:14:11,26240) [jfsCommit]
      (root,0,0,00:00:00/13-09:14:11,26241) [jfsCommit]
      (root,0,0,00:00:00/13-09:14:11,26242) [jfsCommit]
      (root,0,0,00:00:00/13-09:14:11,26243) [jfsCommit]
      (root,0,0,00:00:00/13-09:14:11,26244) [jfsCommit]
      (root,0,0,00:00:00/13-09:14:11,26245) [jfsSync]
      (root,96204,27884,00:00:00/8-14:15:34,26552) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (root,96188,27928,00:00:00/20-09:39:37,30584) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      
      Found network interfaces through CheckMk:
      [start_iplink]
      1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
          link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
      2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000
          link/ether 02:00:00:ba:c4:a5 brd ff:ff:ff:ff:ff:ff
      [end_iplink]
      
      
      Found on 2023-03-16 15:09
    • Severity: high
      Fingerprint: 03cb82e6f6a6b45342c4bbcbbaf2bceb288a252c7451464e71dc25353ab94ec3

      Found public CheckMk agent:
      Version: 1.5.0p13
      AgentOS: linux
      Hostname: nd23
      AgentDirectory: /etc/check_mk
      DataDirectory: /var/lib/check_mk_agent
      SpoolDirectory: /var/lib/check_mk_agent/spool
      PluginsDirectory: /usr/lib/check_mk_agent/plugins
      LocalDirectory: /usr/lib/check_mk_agent/local
      
      Found process list through CheckMk:
      (root,225612,9420,00:03:24/23-20:44:48,1) /lib/systemd/systemd --system --deserialize 40
      (root,0,0,00:00:00/23-20:44:48,2) [kthreadd]
      (root,0,0,00:00:00/23-20:44:48,4) [kworker/0:0H]
      (root,0,0,00:00:00/23-20:44:48,6) [mm_percpu_wq]
      (root,0,0,00:00:29/23-20:44:48,7) [ksoftirqd/0]
      (root,0,0,00:05:45/23-20:44:48,8) [rcu_sched]
      (root,0,0,00:00:00/23-20:44:48,9) [rcu_bh]
      (root,0,0,00:00:00/23-20:44:48,10) [migration/0]
      (root,0,0,00:00:04/23-20:44:48,11) [watchdog/0]
      (root,0,0,00:00:00/23-20:44:48,12) [cpuhp/0]
      (root,0,0,00:00:00/23-20:44:48,13) [cpuhp/1]
      (root,0,0,00:00:04/23-20:44:48,14) [watchdog/1]
      (root,0,0,00:00:00/23-20:44:48,15) [migration/1]
      (root,0,0,00:00:00/23-20:44:48,16) [ksoftirqd/1]
      (root,0,0,00:00:00/23-20:44:48,18) [kworker/1:0H]
      (root,0,0,00:00:00/23-20:44:48,19) [cpuhp/2]
      (root,0,0,00:00:04/23-20:44:48,20) [watchdog/2]
      (root,0,0,00:00:00/23-20:44:48,21) [migration/2]
      (root,0,0,00:00:00/23-20:44:48,22) [ksoftirqd/2]
      (root,0,0,00:00:00/23-20:44:48,24) [kworker/2:0H]
      (root,0,0,00:00:00/23-20:44:48,25) [cpuhp/3]
      (root,0,0,00:00:04/23-20:44:48,26) [watchdog/3]
      (root,0,0,00:00:00/23-20:44:48,27) [migration/3]
      (root,0,0,00:00:00/23-20:44:48,28) [ksoftirqd/3]
      (root,0,0,00:00:00/23-20:44:48,30) [kworker/3:0H]
      (root,0,0,00:00:00/23-20:44:48,31) [cpuhp/4]
      (root,0,0,00:00:04/23-20:44:48,32) [watchdog/4]
      (root,0,0,00:00:00/23-20:44:48,33) [migration/4]
      (root,0,0,00:00:01/23-20:44:48,34) [ksoftirqd/4]
      (root,0,0,00:00:00/23-20:44:48,36) [kworker/4:0H]
      (root,0,0,00:00:00/23-20:44:48,37) [cpuhp/5]
      (root,0,0,00:00:03/23-20:44:48,38) [watchdog/5]
      (root,0,0,00:00:00/23-20:44:48,39) [migration/5]
      (root,0,0,00:00:00/23-20:44:48,40) [ksoftirqd/5]
      (root,0,0,00:00:00/23-20:44:48,42) [kworker/5:0H]
      (root,0,0,00:00:00/23-20:44:48,43) [kdevtmpfs]
      (root,0,0,00:00:00/23-20:44:48,44) [netns]
      (root,0,0,00:00:00/23-20:44:48,45) [rcu_tasks_kthre]
      (root,0,0,00:00:00/23-20:44:48,46) [kauditd]
      (root,0,0,00:00:03/23-20:44:48,49) [khungtaskd]
      (root,0,0,00:00:00/23-20:44:48,50) [oom_reaper]
      (root,0,0,00:00:00/23-20:44:48,51) [writeback]
      (root,0,0,00:00:00/23-20:44:48,52) [kcompactd0]
      (root,0,0,00:00:00/23-20:44:48,53) [ksmd]
      (root,0,0,00:00:00/23-20:44:48,54) [khugepaged]
      (root,0,0,00:00:00/23-20:44:48,55) [crypto]
      (root,0,0,00:00:00/23-20:44:48,56) [kintegrityd]
      (root,0,0,00:00:00/23-20:44:48,57) [kblockd]
      (root,0,0,00:00:00/23-20:44:48,58) [ata_sff]
      (root,0,0,00:00:00/23-20:44:48,59) [md]
      (root,0,0,00:00:00/23-20:44:48,60) [edac-poller]
      (root,0,0,00:00:00/23-20:44:48,61) [devfreq_wq]
      (root,0,0,00:00:00/23-20:44:48,62) [watchdogd]
      (root,0,0,00:00:01/23-20:44:47,68) [kswapd0]
      (root,0,0,00:00:00/23-20:44:47,69) [kworker/u13:0]
      (root,0,0,00:00:00/23-20:44:47,70) [ecryptfs-kthrea]
      (root,0,0,00:00:00/23-20:44:47,112) [kthrotld]
      (root,0,0,00:00:00/23-20:44:47,113) [acpi_thermal_pm]
      (root,0,0,00:00:00/23-20:44:47,114) [scsi_eh_0]
      (root,0,0,00:00:00/23-20:44:47,115) [scsi_tmf_0]
      (root,0,0,00:00:00/23-20:44:47,116) [scsi_eh_1]
      (root,0,0,00:00:00/23-20:44:47,117) [scsi_tmf_1]
      (root,0,0,00:00:00/23-20:44:47,123) [ipv6_addrconf]
      (root,0,0,00:00:00/23-20:44:47,132) [kstrp]
      (root,0,0,00:00:00/23-20:44:47,149) [charger_manager]
      (root,0,0,00:00:00/23-20:44:47,204) [scsi_eh_2]
      (root,0,0,00:00:00/23-20:44:47,205) [scsi_tmf_2]
      (root,0,0,00:00:00/23-20:44:43,227) [ttm_swap]
      (root,0,0,00:00:04/23-20:44:43,239) [kworker/4:1H]
      (root,0,0,00:00:00/23-20:44:43,240) [kdmflush]
      (root,0,0,00:00:00/23-20:44:43,241) [bioset]
      (root,0,0,00:00:00/23-20:44:43,243) [kdmflush]
      (root,0,0,00:00:00/23-20:44:43,245) [bioset]
      (root,0,0,00:00:00/23-20:44:42,357) [raid5wq]
      (root,0,0,00:00:10/23-20:44:42,395) [kworker/0:1H]
      (root,0,0,00:00:09/23-20:44:42,407) [kworker/1:1H]
      (root,0,0,00:00:05/23-20:44:42,419) [kworker/3:1H]
      (root,0,0,00:01:08/23-20:44:41,430) [jbd2/dm-0-8]
      (root,0,0,00:00:00/23-20:44:41,431) [ext4-rsv-conver]
      (root,0,0,00:00:10/23-20:44:41,487) [kworker/2:1H]
      (root,0,0,00:00:00/23-20:44:39,518) [iscsi_eh]
      (root,0,0,00:00:00/23-20:44:39,519) [ib-comp-wq]
      (root,0,0,00:00:00/23-20:44:39,520) [ib-comp-unb-wq]
      (root,0,0,00:00:00/23-20:44:39,521) [ib_mcast]
      (root,0,0,00:00:00/23-20:44:39,522) [ib_nl_sa_wq]
      (root,0,0,00:00:00/23-20:44:39,523) [rdma_cm]
      (root,105908,1812,00:00:00/23-20:44:37,552) /sbin/lvmetad -f
      (root,0,0,00:00:05/23-20:44:37,582) [kworker/5:1H]
      (root,0,0,00:00:00/23-20:44:35,818) [ext4-rsv-conver]
      (root,30040,2964,00:00:07/23-20:44:27,1216) /usr/sbin/cron -f
      (root,110492,3320,00:00:56/23-20:44:27,1239) /usr/sbin/irqbalance --foreground
      (bind,601784,38732,00:00:20/23-20:44:27,1260) /usr/sbin/named -f -u bind
      (root,286256,6596,00:01:16/23-20:44:27,1431) /usr/lib/accountsservice/accounts-daemon
      (daemon,28336,2220,00:00:00/23-20:44:27,1451) /usr/sbin/atd -f
      (syslog,263048,4696,00:01:35/23-20:44:27,1458) /usr/sbin/rsyslogd -n
      (root,31884,1692,00:01:31/23-20:44:27,1475) /usr/sbin/inetd
      (root,236168,2620,00:00:12/23-20:44:27,1493) /usr/bin/lxcfs /var/lib/lxcfs/
      (root,70468,5836,00:00:05/23-20:44:26,1519) /lib/systemd/systemd-logind
      (root,264092,12136,00:02:11/23-20:44:26,1528) /usr/sbin/nmbd --foreground --no-process-group
      (messagebus,50488,4776,00:02:00/23-20:44:26,1557) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
      (root,96200,27936,00:00:00/13-09:19:57,1578) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (root,186356,19868,00:00:00/23-20:44:26,1605) /usr/bin/python3 /usr/share/unattended-upgrades/unattended-upgrade-shutdown --wait-for-signal
      (mongodb,1540336,107504,01:22:41/23-20:44:26,1616) /usr/bin/mongod --config /etc/mongod.conf
      (root,169544,17252,00:00:00/23-20:44:26,1705) /usr/bin/python3 /usr/bin/networkd-dispatcher --run-startup-triggers
      (mysql,3887768,1600828,00:44:08/23-20:44:26,1772) /usr/sbin/mysqld
      (root,72304,6048,00:01:15/23-20:44:26,1774) /usr/sbin/sshd -D
      (root,288884,6120,00:01:05/23-20:44:26,1812) /usr/lib/policykit-1/polkitd --no-debug
      (root,67384,3284,00:00:17/23-20:44:25,1947) /usr/lib/postfix/sbin/master -w
      (root,317576,18116,00:00:24/23-20:44:25,1948) /usr/sbin/winbindd --foreground --no-process-group
      (postfix,73992,4956,00:00:07/23-20:44:25,1958) qmgr -l -t unix -u
      (root,313652,9040,00:00:07/23-20:44:25,1971) /usr/sbin/winbindd --foreground --no-process-group
      (root,0,0,00:00:00/11:49:26,2008) [kworker/1:2]
      (root,28932,1824,00:00:01/23-20:44:25,2062) pure-ftpd (SERVER)
      (root,358052,22836,00:03:33/23-20:44:25,2063) /usr/sbin/smbd --foreground --no-process-group
      (root,343692,4656,00:00:02/23-20:44:25,2107) /usr/sbin/smbd --foreground --no-process-group
      (root,343724,4664,00:00:16/23-20:44:25,2109) /usr/sbin/smbd --foreground --no-process-group
      (root,14904,1656,00:00:00/23-20:44:25,2122) /sbin/agetty -o -p -- \u --noclear tty1 linux
      (root,317576,6752,00:00:03/23-20:44:25,2145) /usr/sbin/winbindd --foreground --no-process-group
      (root,317576,4176,00:00:03/23-20:44:25,2146) /usr/sbin/winbindd --foreground --no-process-group
      (root,358036,6792,00:00:05/23-20:44:25,2147) /usr/sbin/smbd --foreground --no-process-group
      (root,96184,30008,00:04:08/23-20:44:23,2193) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (root,564432,37836,00:00:14/5-04:52:52,3330) /usr/sbin/apache2 -k start
      (www-data,19912,172,00:00:09/5-04:52:52,3467) /usr/bin/htcacheclean -d 120 -p /var/cache/apache2/mod_cache_disk -l 300M -n
      (root,0,0,00:00:05/1-05:10:20,4210) [kworker/0:1]
      (root,45084,3804,00:00:08/7-04:41:35,4820) /lib/systemd/systemd-udevd
      (postfix,87728,7676,00:00:02/23-19:42:24,5724) tlsmgr -l -t unix -u -c
      (root,96184,27816,00:00:00/3-11:41:31,7052) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (root,96184,27876,00:00:00/5-02:30:04,8205) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (root,0,0,00:00:00/07:19:03,8423) [kworker/3:0]
      (root,0,0,00:00:00/06:57:23,9069) [kworker/0:0]
      (www-data,665768,111012,00:00:01/05:10:24,12318) /usr/sbin/apache2 -k start
      (www-data,651604,95444,00:00:01/05:10:24,12319) /usr/sbin/apache2 -k start
      (www-data,655584,96880,00:00:01/05:10:24,12320) /usr/sbin/apache2 -k start
      (www-data,655340,59276,00:00:00/05:10:24,12321) /usr/sbin/apache2 -k start
      (www-data,667968,83200,00:00:01/05:10:24,12322) /usr/sbin/apache2 -k start
      (www-data,672472,92288,00:00:01/04:43:18,13384) /usr/sbin/apache2 -k start
      (www-data,665976,109816,00:00:01/04:43:17,13386) /usr/sbin/apache2 -k start
      (systemd-network,71728,5000,00:00:01/7-04:41:08,14075) /lib/systemd/systemd-networkd
      (systemd-resolve,70628,4896,00:00:04/7-04:41:08,14136) /lib/systemd/systemd-resolved
      (systemd-timesync,141788,2996,00:00:01/7-04:41:08,14188) /lib/systemd/systemd-timesyncd
      (root,396540,261016,00:01:53/7-04:41:08,14216) /lib/systemd/systemd-journald
      (root,0,0,00:00:13/7-04:41:08,14251) [kworker/5:3]
      (www-data,651316,96000,00:00:00/04:09:57,15248) /usr/sbin/apache2 -k start
      (root,0,0,00:00:00/04:04:01,15380) [kworker/2:2]
      (root,0,0,00:00:00/01:31:36,19296) [kworker/u12:2]
      (root,0,0,00:00:00/01:22:18,19613) [kworker/3:1]
      (postfix,73816,4864,00:00:00/01:06:22,19818) pickup -l -t unix -u -c
      (root,0,0,00:00:00/58:33,19979) [kworker/4:0]
      (root,0,0,00:00:00/52:14,20222) [kworker/5:0]
      (root,0,0,00:00:00/22:13,20888) [kworker/1:1]
      (root,0,0,00:00:00/10:57,21108) [kworker/u12:1]
      (root,0,0,00:00:00/01:17,21305) [kworker/u12:0]
      (root,364428,14296,00:00:00/00:41,21314) /usr/sbin/smbd --foreground --no-process-group
      (root,364428,14296,00:00:00/00:29,21353) /usr/sbin/smbd --foreground --no-process-group
      (root,362360,14424,00:00:00/00:08,21357) /usr/sbin/smbd --foreground --no-process-group
      (root,101560,6500,00:00:00/00:05,21360) sshd: root [priv]
      (sshd,72304,2896,00:00:00/00:05,21361) sshd: root [net]
      (root,362360,14424,00:00:00/00:03,21362) /usr/sbin/smbd --foreground --no-process-group
      (root,0,0,00:00:00/00:00,21442) [kworker/0:2]
      (root,0,0,00:00:00/00:00,21522) [kworker/1:0]
      (root,11740,3200,00:00:00/00:00,21524) /bin/bash /usr/bin/check_mk_agent
      (root,34412,2716,00:00:00/00:00,21540) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000
      (root,13564,1100,00:00:00/00:00,21541) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) /
      (root,96184,27820,00:00:00/1-10:07:01,23000) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (root,0,0,00:00:00/12-04:41:23,26229) [xfsalloc]
      (root,0,0,00:00:00/12-04:41:23,26231) [xfs_mru_cache]
      (root,0,0,00:00:00/12-04:41:23,26238) [jfsIO]
      (root,0,0,00:00:00/12-04:41:23,26239) [jfsCommit]
      (root,0,0,00:00:00/12-04:41:23,26240) [jfsCommit]
      (root,0,0,00:00:00/12-04:41:23,26241) [jfsCommit]
      (root,0,0,00:00:00/12-04:41:23,26242) [jfsCommit]
      (root,0,0,00:00:00/12-04:41:23,26243) [jfsCommit]
      (root,0,0,00:00:00/12-04:41:23,26244) [jfsCommit]
      (root,0,0,00:00:00/12-04:41:23,26245) [jfsSync]
      (root,96204,27884,00:00:00/7-09:42:46,26552) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (root,0,0,00:00:30/1-07:22:05,29618) [kworker/4:2]
      (root,0,0,00:00:02/14:50:03,30451) [kworker/2:1]
      (root,96188,27928,00:00:00/19-05:06:49,30584) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      
      Found network interfaces through CheckMk:
      [start_iplink]
      1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
          link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
      2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000
          link/ether 02:00:00:ba:c4:a5 brd ff:ff:ff:ff:ff:ff
      [end_iplink]
      
      
      Found on 2023-03-15 10:36
    • Severity: high
      Fingerprint: 03cb82e6f6a6b45342c4bbcbbaf2bceb288a252c7451464e71dc2535418657f2

      Found public CheckMk agent:
      Version: 1.5.0p13
      AgentOS: linux
      Hostname: nd23
      AgentDirectory: /etc/check_mk
      DataDirectory: /var/lib/check_mk_agent
      SpoolDirectory: /var/lib/check_mk_agent/spool
      PluginsDirectory: /usr/lib/check_mk_agent/plugins
      LocalDirectory: /usr/lib/check_mk_agent/local
      
      Found process list through CheckMk:
      (root,225552,9132,00:00:15/07:32:41,1) /sbin/init
      (root,0,0,00:00:00/07:32:41,2) [kthreadd]
      (root,0,0,00:00:00/07:32:41,4) [kworker/0:0H]
      (root,0,0,00:00:00/07:32:41,6) [mm_percpu_wq]
      (root,0,0,00:00:00/07:32:41,7) [ksoftirqd/0]
      (root,0,0,00:00:04/07:32:41,8) [rcu_sched]
      (root,0,0,00:00:00/07:32:41,9) [rcu_bh]
      (root,0,0,00:00:00/07:32:41,10) [migration/0]
      (root,0,0,00:00:00/07:32:41,11) [watchdog/0]
      (root,0,0,00:00:00/07:32:41,12) [cpuhp/0]
      (root,0,0,00:00:00/07:32:41,13) [cpuhp/1]
      (root,0,0,00:00:00/07:32:41,14) [watchdog/1]
      (root,0,0,00:00:00/07:32:41,15) [migration/1]
      (root,0,0,00:00:00/07:32:41,16) [ksoftirqd/1]
      (root,0,0,00:00:00/07:32:41,18) [kworker/1:0H]
      (root,0,0,00:00:00/07:32:41,19) [cpuhp/2]
      (root,0,0,00:00:00/07:32:41,20) [watchdog/2]
      (root,0,0,00:00:00/07:32:41,21) [migration/2]
      (root,0,0,00:00:00/07:32:41,22) [ksoftirqd/2]
      (root,0,0,00:00:00/07:32:41,24) [kworker/2:0H]
      (root,0,0,00:00:00/07:32:41,25) [cpuhp/3]
      (root,0,0,00:00:00/07:32:41,26) [watchdog/3]
      (root,0,0,00:00:00/07:32:41,27) [migration/3]
      (root,0,0,00:00:00/07:32:41,28) [ksoftirqd/3]
      (root,0,0,00:00:00/07:32:41,30) [kworker/3:0H]
      (root,0,0,00:00:00/07:32:41,31) [cpuhp/4]
      (root,0,0,00:00:00/07:32:41,32) [watchdog/4]
      (root,0,0,00:00:00/07:32:41,33) [migration/4]
      (root,0,0,00:00:00/07:32:41,34) [ksoftirqd/4]
      (root,0,0,00:00:00/07:32:41,36) [kworker/4:0H]
      (root,0,0,00:00:00/07:32:41,37) [cpuhp/5]
      (root,0,0,00:00:00/07:32:41,38) [watchdog/5]
      (root,0,0,00:00:00/07:32:41,39) [migration/5]
      (root,0,0,00:00:00/07:32:41,40) [ksoftirqd/5]
      (root,0,0,00:00:00/07:32:41,42) [kworker/5:0H]
      (root,0,0,00:00:00/07:32:41,43) [kdevtmpfs]
      (root,0,0,00:00:00/07:32:41,44) [netns]
      (root,0,0,00:00:00/07:32:41,45) [rcu_tasks_kthre]
      (root,0,0,00:00:00/07:32:41,46) [kauditd]
      (root,0,0,00:00:00/07:32:41,48) [kworker/1:1]
      (root,0,0,00:00:00/07:32:41,49) [khungtaskd]
      (root,0,0,00:00:00/07:32:41,50) [oom_reaper]
      (root,0,0,00:00:00/07:32:41,51) [writeback]
      (root,0,0,00:00:00/07:32:41,52) [kcompactd0]
      (root,0,0,00:00:00/07:32:41,53) [ksmd]
      (root,0,0,00:00:00/07:32:41,54) [khugepaged]
      (root,0,0,00:00:00/07:32:41,55) [crypto]
      (root,0,0,00:00:00/07:32:41,56) [kintegrityd]
      (root,0,0,00:00:00/07:32:41,57) [kblockd]
      (root,0,0,00:00:00/07:32:41,58) [ata_sff]
      (root,0,0,00:00:00/07:32:41,59) [md]
      (root,0,0,00:00:00/07:32:41,60) [edac-poller]
      (root,0,0,00:00:00/07:32:41,61) [devfreq_wq]
      (root,0,0,00:00:00/07:32:41,62) [watchdogd]
      (root,0,0,00:00:01/07:32:41,63) [kworker/2:1]
      (root,0,0,00:00:00/07:32:41,64) [kworker/3:1]
      (root,0,0,00:00:07/07:32:41,65) [kworker/4:1]
      (root,0,0,00:00:00/07:32:40,68) [kswapd0]
      (root,0,0,00:00:00/07:32:40,69) [kworker/u13:0]
      (root,0,0,00:00:00/07:32:40,70) [ecryptfs-kthrea]
      (root,0,0,00:00:00/07:32:40,112) [kthrotld]
      (root,0,0,00:00:00/07:32:40,113) [acpi_thermal_pm]
      (root,0,0,00:00:00/07:32:40,114) [scsi_eh_0]
      (root,0,0,00:00:00/07:32:40,115) [scsi_tmf_0]
      (root,0,0,00:00:00/07:32:40,116) [scsi_eh_1]
      (root,0,0,00:00:00/07:32:40,117) [scsi_tmf_1]
      (root,0,0,00:00:00/07:32:40,123) [ipv6_addrconf]
      (root,0,0,00:00:00/07:32:40,132) [kstrp]
      (root,0,0,00:00:00/07:32:40,149) [charger_manager]
      (root,0,0,00:00:00/07:32:40,204) [scsi_eh_2]
      (root,0,0,00:00:00/07:32:40,205) [scsi_tmf_2]
      (root,0,0,00:00:00/07:32:36,227) [ttm_swap]
      (root,0,0,00:00:00/07:32:36,239) [kworker/4:1H]
      (root,0,0,00:00:00/07:32:36,240) [kdmflush]
      (root,0,0,00:00:00/07:32:36,241) [bioset]
      (root,0,0,00:00:00/07:32:36,243) [kdmflush]
      (root,0,0,00:00:00/07:32:36,245) [bioset]
      (root,0,0,00:00:00/07:32:35,357) [raid5wq]
      (root,0,0,00:00:00/07:32:35,395) [kworker/0:1H]
      (root,0,0,00:00:00/07:32:35,407) [kworker/1:1H]
      (root,0,0,00:00:00/07:32:35,419) [kworker/3:1H]
      (root,0,0,00:00:00/07:32:34,430) [jbd2/dm-0-8]
      (root,0,0,00:00:00/07:32:34,431) [ext4-rsv-conver]
      (root,0,0,00:00:00/07:32:34,487) [kworker/2:1H]
      (root,0,0,00:00:00/07:32:32,518) [iscsi_eh]
      (root,0,0,00:00:00/07:32:32,519) [ib-comp-wq]
      (root,0,0,00:00:00/07:32:32,520) [ib-comp-unb-wq]
      (root,0,0,00:00:00/07:32:32,521) [ib_mcast]
      (root,0,0,00:00:00/07:32:32,522) [ib_nl_sa_wq]
      (root,0,0,00:00:00/07:32:32,523) [rdma_cm]
      (root,135672,58308,00:00:06/07:32:31,526) /lib/systemd/systemd-journald
      (root,0,0,00:00:01/07:32:31,530) [kworker/0:2]
      (root,105908,1808,00:00:00/07:32:30,552) /sbin/lvmetad -f
      (root,45940,4836,00:00:01/07:32:30,561) /lib/systemd/systemd-udevd
      (root,0,0,00:00:00/07:32:30,582) [kworker/5:1H]
      (root,0,0,00:00:00/07:32:28,818) [ext4-rsv-conver]
      (systemd-timesync,141788,3088,00:00:00/07:32:28,908) /lib/systemd/systemd-timesyncd
      (systemd-network,71728,5112,00:00:00/07:32:26,1082) /lib/systemd/systemd-networkd
      (systemd-resolve,70628,4760,00:00:00/07:32:26,1113) /lib/systemd/systemd-resolved
      (root,30040,3132,00:00:00/07:32:20,1216) /usr/sbin/cron -f
      (root,110492,3320,00:00:00/07:32:20,1239) /usr/sbin/irqbalance --foreground
      (bind,598664,34944,00:00:00/07:32:20,1260) /usr/sbin/named -f -u bind
      (root,286256,6740,00:00:01/07:32:20,1431) /usr/lib/accountsservice/accounts-daemon
      (root,563704,35464,00:00:00/07:32:20,1450) /usr/sbin/apache2 -k start
      (daemon,28336,2352,00:00:00/07:32:20,1451) /usr/sbin/atd -f
      (syslog,263048,4560,00:00:01/07:32:20,1458) /usr/sbin/rsyslogd -n
      (root,31884,1704,00:00:01/07:32:20,1475) /usr/sbin/inetd
      (root,161084,1552,00:00:00/07:32:20,1493) /usr/bin/lxcfs /var/lib/lxcfs/
      (www-data,671544,100848,00:00:03/07:32:20,1503) /usr/sbin/apache2 -k start
      (www-data,650884,102988,00:00:02/07:32:20,1504) /usr/sbin/apache2 -k start
      (www-data,657540,98008,00:00:02/07:32:20,1505) /usr/sbin/apache2 -k start
      (www-data,666164,83276,00:00:04/07:32:20,1507) /usr/sbin/apache2 -k start
      (www-data,671812,89056,00:00:02/07:32:20,1511) /usr/sbin/apache2 -k start
      (root,62012,5532,00:00:00/07:32:19,1519) /lib/systemd/systemd-logind
      (root,264092,12380,00:00:00/07:32:19,1528) /usr/sbin/nmbd --foreground --no-process-group
      (messagebus,50100,4476,00:00:01/07:32:19,1557) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
      (root,186356,20040,00:00:00/07:32:19,1605) /usr/bin/python3 /usr/share/unattended-upgrades/unattended-upgrade-shutdown --wait-for-signal
      (mongodb,1523504,104816,00:01:01/07:32:19,1616) /usr/bin/mongod --config /etc/mongod.conf
      (root,169544,17412,00:00:00/07:32:19,1705) /usr/bin/python3 /usr/bin/networkd-dispatcher --run-startup-triggers
      (mysql,2177432,317124,00:00:15/07:32:19,1772) /usr/sbin/mysqld
      (root,72304,6180,00:00:01/07:32:19,1774) /usr/sbin/sshd -D
      (root,288884,6280,00:00:00/07:32:19,1812) /usr/lib/policykit-1/polkitd --no-debug
      (www-data,19912,168,00:00:00/07:32:18,1914) /usr/bin/htcacheclean -d 120 -p /var/cache/apache2/mod_cache_disk -l 300M -n
      (root,67384,3416,00:00:00/07:32:18,1947) /usr/lib/postfix/sbin/master -w
      (root,317576,18356,00:00:00/07:32:18,1948) /usr/sbin/winbindd --foreground --no-process-group
      (postfix,73944,4912,00:00:00/07:32:18,1958) qmgr -l -t unix -u
      (root,313652,9064,00:00:00/07:32:18,1971) /usr/sbin/winbindd --foreground --no-process-group
      (root,28932,1836,00:00:00/07:32:18,2062) pure-ftpd (SERVER)
      (root,358052,23220,00:00:01/07:32:18,2063) /usr/sbin/smbd --foreground --no-process-group
      (root,343692,4692,00:00:00/07:32:18,2107) /usr/sbin/smbd --foreground --no-process-group
      (root,343724,4700,00:00:00/07:32:18,2109) /usr/sbin/smbd --foreground --no-process-group
      (root,14904,1816,00:00:00/07:32:18,2122) /sbin/agetty -o -p -- \u --noclear tty1 linux
      (root,317576,6776,00:00:00/07:32:18,2145) /usr/sbin/winbindd --foreground --no-process-group
      (root,317576,4200,00:00:00/07:32:18,2146) /usr/sbin/winbindd --foreground --no-process-group
      (root,358036,6828,00:00:00/07:32:18,2147) /usr/sbin/smbd --foreground --no-process-group
      (root,96056,30124,00:00:01/07:32:16,2193) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (root,0,0,00:00:00/07:31:48,2855) [kworker/5:3]
      (www-data,669244,99216,00:00:01/07:13:52,4034) /usr/sbin/apache2 -k start
      (postfix,87728,7820,00:00:00/06:30:17,5724) tlsmgr -l -t unix -u -c
      (www-data,673504,91300,00:00:01/06:11:58,6262) /usr/sbin/apache2 -k start
      (root,0,0,00:00:00/05:15:14,7979) [kworker/4:2]
      (root,0,0,00:00:00/03:15:14,11310) [kworker/5:1]
      (root,0,0,00:00:00/02:45:14,12533) [kworker/1:2]
      (root,0,0,00:00:00/01:45:14,14311) [kworker/0:1]
      (root,0,0,00:00:00/55:21,15173) [kworker/u12:2]
      (root,0,0,00:00:00/45:14,15529) [kworker/2:0]
      (root,0,0,00:00:00/37:04,15713) [kworker/u12:1]
      (www-data,566032,18388,00:00:00/31:35,15839) /usr/sbin/apache2 -k start
      (root,364440,14712,00:00:00/25:00,15944) /usr/sbin/smbd --foreground --no-process-group
      (root,0,0,00:00:00/15:14,16312) [kworker/3:2]
      (postfix,73816,4816,00:00:00/11:00,16408) pickup -l -t unix -u -c
      (root,0,0,00:00:00/09:09,16913) [kworker/u12:0]
      (root,101564,6588,00:00:00/00:12,17083) sshd: root [priv]
      (sshd,72304,3036,00:00:00/00:12,17084) sshd: root [net]
      (root,0,0,00:00:00/00:01,17164) [kworker/3:0]
      (root,0,0,00:00:00/00:00,17244) [kworker/0:0]
      (root,11740,3304,00:00:00/00:00,17246) /bin/bash /usr/bin/check_mk_agent
      (root,34412,2732,00:00:00/00:00,17262) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000
      (root,13564,1024,00:00:00/00:00,17263) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) /
      
      Found network interfaces through CheckMk:
      [start_iplink]
      1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
          link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
      2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000
          link/ether 02:00:00:ba:c4:a5 brd ff:ff:ff:ff:ff:ff
      [end_iplink]
      
      
      Found on 2023-02-19 21:24
    • Severity: high
      Fingerprint: 03cb82e6f6a6b45342c4bbcbbaf2bceb288a252c7451464e71dc25351eae40e4

      Found public CheckMk agent:
      Version: 1.5.0p13
      AgentOS: linux
      Hostname: nd23
      AgentDirectory: /etc/check_mk
      DataDirectory: /var/lib/check_mk_agent
      SpoolDirectory: /var/lib/check_mk_agent/spool
      PluginsDirectory: /usr/lib/check_mk_agent/plugins
      LocalDirectory: /usr/lib/check_mk_agent/local
      
      Found process list through CheckMk:
      (root,225524,7500,00:00:27/2-04:59:54,1) /sbin/init
      (root,0,0,00:00:00/2-04:59:54,2) [kthreadd]
      (root,0,0,00:00:00/2-04:59:54,4) [kworker/0:0H]
      (root,0,0,00:00:03/2-04:59:54,6) [kworker/0:1H]
      (root,0,0,00:00:00/2-04:59:54,7) [mm_percpu_wq]
      (root,0,0,00:00:02/2-04:59:54,8) [ksoftirqd/0]
      (root,0,0,00:00:29/2-04:59:54,9) [rcu_sched]
      (root,0,0,00:00:00/2-04:59:54,10) [rcu_bh]
      (root,0,0,00:00:00/2-04:59:54,11) [migration/0]
      (root,0,0,00:00:00/2-04:59:54,12) [watchdog/0]
      (root,0,0,00:00:00/2-04:59:54,13) [cpuhp/0]
      (root,0,0,00:00:00/2-04:59:54,14) [cpuhp/1]
      (root,0,0,00:00:00/2-04:59:54,15) [watchdog/1]
      (root,0,0,00:00:00/2-04:59:54,16) [migration/1]
      (root,0,0,00:00:00/2-04:59:54,17) [ksoftirqd/1]
      (root,0,0,00:00:00/2-04:59:54,19) [kworker/1:0H]
      (root,0,0,00:00:00/2-04:59:54,20) [cpuhp/2]
      (root,0,0,00:00:00/2-04:59:54,21) [watchdog/2]
      (root,0,0,00:00:00/2-04:59:54,22) [migration/2]
      (root,0,0,00:00:00/2-04:59:54,23) [ksoftirqd/2]
      (root,0,0,00:00:00/2-04:59:54,25) [kworker/2:0H]
      (root,0,0,00:00:00/2-04:59:54,26) [cpuhp/3]
      (root,0,0,00:00:00/2-04:59:54,27) [watchdog/3]
      (root,0,0,00:00:00/2-04:59:54,28) [migration/3]
      (root,0,0,00:00:00/2-04:59:54,29) [ksoftirqd/3]
      (root,0,0,00:00:00/2-04:59:54,31) [kworker/3:0H]
      (root,0,0,00:00:00/2-04:59:54,32) [cpuhp/4]
      (root,0,0,00:00:00/2-04:59:54,33) [watchdog/4]
      (root,0,0,00:00:00/2-04:59:54,34) [migration/4]
      (root,0,0,00:00:00/2-04:59:54,35) [ksoftirqd/4]
      (root,0,0,00:00:00/2-04:59:54,37) [kworker/4:0H]
      (root,0,0,00:00:00/2-04:59:54,38) [cpuhp/5]
      (root,0,0,00:00:00/2-04:59:54,39) [watchdog/5]
      (root,0,0,00:00:00/2-04:59:54,40) [migration/5]
      (root,0,0,00:00:00/2-04:59:54,41) [ksoftirqd/5]
      (root,0,0,00:00:00/2-04:59:54,43) [kworker/5:0H]
      (root,0,0,00:00:00/2-04:59:54,44) [kdevtmpfs]
      (root,0,0,00:00:00/2-04:59:54,45) [netns]
      (root,0,0,00:00:00/2-04:59:54,46) [rcu_tasks_kthre]
      (root,0,0,00:00:00/2-04:59:54,47) [kauditd]
      (root,0,0,00:00:08/2-04:59:54,48) [kworker/0:1]
      (root,0,0,00:00:00/2-04:59:54,50) [khungtaskd]
      (root,0,0,00:00:00/2-04:59:54,51) [oom_reaper]
      (root,0,0,00:00:00/2-04:59:54,52) [writeback]
      (root,0,0,00:00:00/2-04:59:54,53) [kcompactd0]
      (root,0,0,00:00:00/2-04:59:54,54) [ksmd]
      (root,0,0,00:00:00/2-04:59:54,55) [khugepaged]
      (root,0,0,00:00:00/2-04:59:54,56) [crypto]
      (root,0,0,00:00:00/2-04:59:54,57) [kintegrityd]
      (root,0,0,00:00:00/2-04:59:54,58) [kblockd]
      (root,0,0,00:00:00/2-04:59:54,59) [ata_sff]
      (root,0,0,00:00:00/2-04:59:54,60) [md]
      (root,0,0,00:00:00/2-04:59:54,61) [edac-poller]
      (root,0,0,00:00:00/2-04:59:54,62) [devfreq_wq]
      (root,0,0,00:00:00/2-04:59:54,63) [watchdogd]
      (root,0,0,00:00:09/2-04:59:53,69) [kswapd0]
      (root,0,0,00:00:00/2-04:59:53,70) [kworker/u13:0]
      (root,0,0,00:00:00/2-04:59:53,71) [ecryptfs-kthrea]
      (root,0,0,00:00:00/2-04:59:53,113) [kthrotld]
      (root,0,0,00:00:00/2-04:59:53,114) [acpi_thermal_pm]
      (root,0,0,00:00:00/2-04:59:53,115) [scsi_eh_0]
      (root,0,0,00:00:00/2-04:59:53,116) [scsi_tmf_0]
      (root,0,0,00:00:00/2-04:59:53,117) [scsi_eh_1]
      (root,0,0,00:00:00/2-04:59:53,118) [scsi_tmf_1]
      (root,0,0,00:00:01/2-04:59:53,121) [kworker/1:1H]
      (root,0,0,00:00:00/2-04:59:53,126) [ipv6_addrconf]
      (root,0,0,00:00:02/2-04:59:53,135) [kworker/2:1H]
      (root,0,0,00:00:00/2-04:59:53,136) [kstrp]
      (root,0,0,00:00:00/2-04:59:53,153) [charger_manager]
      (root,0,0,00:00:01/2-04:59:53,154) [kworker/4:1H]
      (root,0,0,00:00:01/2-04:59:53,200) [kworker/3:1H]
      (root,0,0,00:00:00/2-04:59:53,211) [scsi_eh_2]
      (root,0,0,00:00:00/2-04:59:53,213) [scsi_tmf_2]
      (root,0,0,00:00:01/2-04:59:53,230) [kworker/5:1H]
      (root,0,0,00:00:00/2-04:59:49,236) [ttm_swap]
      (root,0,0,00:00:00/2-04:59:49,246) [kdmflush]
      (root,0,0,00:00:00/2-04:59:49,247) [bioset]
      (root,0,0,00:00:00/2-04:59:49,249) [kdmflush]
      (root,0,0,00:00:00/2-04:59:49,250) [bioset]
      (root,0,0,00:00:00/2-04:59:48,360) [raid5wq]
      (root,0,0,00:00:12/2-04:59:47,429) [jbd2/dm-0-8]
      (root,0,0,00:00:00/2-04:59:47,430) [ext4-rsv-conver]
      (root,0,0,00:00:00/2-04:59:45,507) [iscsi_eh]
      (root,0,0,00:00:00/2-04:59:45,508) [ib-comp-wq]
      (root,0,0,00:00:00/2-04:59:45,509) [ib-comp-unb-wq]
      (root,0,0,00:00:00/2-04:59:45,510) [ib_mcast]
      (root,0,0,00:00:00/2-04:59:45,511) [ib_nl_sa_wq]
      (root,0,0,00:00:00/2-04:59:45,512) [rdma_cm]
      (root,183196,78956,00:00:23/2-04:59:45,518) /lib/systemd/systemd-journald
      (root,105908,1464,00:00:00/2-04:59:44,548) /sbin/lvmetad -f
      (root,46044,4408,00:00:02/2-04:59:43,557) /lib/systemd/systemd-udevd
      (root,0,0,00:00:00/2-04:59:42,800) [ext4-rsv-conver]
      (root,0,0,00:00:49/2-04:59:41,880) [kworker/3:2]
      (systemd-timesync,141788,1712,00:00:00/2-04:59:41,941) /lib/systemd/systemd-timesyncd
      (systemd-network,71728,3980,00:00:00/2-04:59:39,1057) /lib/systemd/systemd-networkd
      (systemd-resolve,70624,4248,00:00:01/2-04:59:39,1081) /lib/systemd/systemd-resolved
      (syslog,263048,4408,00:00:05/2-04:59:33,1184) /usr/sbin/rsyslogd -n
      (root,286256,4840,00:00:05/2-04:59:33,1203) /usr/lib/accountsservice/accounts-daemon
      (daemon,28336,2156,00:00:00/2-04:59:33,1220) /usr/sbin/atd -f
      (root,30040,2728,00:00:00/2-04:59:33,1227) /usr/sbin/cron -f
      (bind,592160,25348,00:00:00/2-04:59:33,1235) /usr/sbin/named -f -u bind
      (messagebus,50232,4128,00:00:02/2-04:59:33,1258) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
      (root,61972,3916,00:00:00/2-04:59:33,1335) /lib/systemd/systemd-logind
      (root,31884,1492,00:00:07/2-04:59:33,1354) /usr/sbin/inetd
      (root,169544,15488,00:00:00/2-04:59:33,1384) /usr/bin/python3 /usr/bin/networkd-dispatcher --run-startup-triggers
      (mongodb,1528880,84864,00:07:31/2-04:59:33,1410) /usr/bin/mongod --config /etc/mongod.conf
      (root,110492,2948,00:00:04/2-04:59:32,1471) /usr/sbin/irqbalance --foreground
      (root,235248,1920,00:00:00/2-04:59:32,1496) /usr/bin/lxcfs /var/lib/lxcfs/
      (root,264092,11628,00:00:03/2-04:59:32,1615) /usr/sbin/nmbd --foreground --no-process-group
      (root,563852,35512,00:00:05/2-04:59:32,1667) /usr/sbin/apache2 -k start
      (mysql,3097728,876048,00:04:56/2-04:59:32,1695) /usr/sbin/mysqld
      (root,72304,6076,00:00:04/2-04:59:32,1707) /usr/sbin/sshd -D
      (root,186356,17876,00:00:00/2-04:59:32,1825) /usr/bin/python3 /usr/share/unattended-upgrades/unattended-upgrade-shutdown --wait-for-signal
      (www-data,654616,143484,00:00:07/12:27:01,1842) /usr/sbin/apache2 -k start
      (root,288884,4780,00:00:01/2-04:59:32,1869) /usr/lib/policykit-1/polkitd --no-debug
      (www-data,19912,176,00:00:03/2-04:59:31,1918) /usr/bin/htcacheclean -d 120 -p /var/cache/apache2/mod_cache_disk -l 300M -n
      (root,67384,2704,00:00:01/2-04:59:31,1951) /usr/lib/postfix/sbin/master -w
      (postfix,73944,3760,00:00:00/2-04:59:31,1965) qmgr -l -t unix -u
      (root,317576,16876,00:00:02/2-04:59:31,1966) /usr/sbin/winbindd --foreground --no-process-group
      (root,313652,9036,00:00:00/2-04:59:31,1986) /usr/sbin/winbindd --foreground --no-process-group
      (root,358052,21772,00:00:15/2-04:59:31,2054) /usr/sbin/smbd --foreground --no-process-group
      (root,28928,1804,00:00:00/2-04:59:31,2082) pure-ftpd (SERVER)
      (root,343692,4700,00:00:00/2-04:59:31,2094) /usr/sbin/smbd --foreground --no-process-group
      (root,343724,4712,00:00:01/2-04:59:31,2095) /usr/sbin/smbd --foreground --no-process-group
      (root,14904,1624,00:00:00/2-04:59:31,2105) /sbin/agetty -o -p -- \u --noclear tty1 linux
      (root,317576,6580,00:00:00/2-04:59:31,2124) /usr/sbin/winbindd --foreground --no-process-group
      (root,317576,4064,00:00:00/2-04:59:31,2125) /usr/sbin/winbindd --foreground --no-process-group
      (root,358036,6744,00:00:00/2-04:59:31,2126) /usr/sbin/smbd --foreground --no-process-group
      (root,96092,28468,00:00:14/2-04:59:30,2157) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (postfix,87724,6312,00:00:00/2-04:54:39,2364) tlsmgr -l -t unix -u -c
      (root,0,0,00:00:01/11:59:11,2770) [kworker/4:1]
      (www-data,654712,150164,00:00:03/07:01:02,10408) /usr/sbin/apache2 -k start
      (www-data,681136,174068,00:00:11/07:01:01,10411) /usr/sbin/apache2 -k start
      (www-data,665880,146600,00:00:04/06:10:02,11810) /usr/sbin/apache2 -k start
      (root,0,0,00:00:00/06:08:28,11862) [kworker/5:2]
      (www-data,660016,101916,00:00:02/06:00:15,12726) /usr/sbin/apache2 -k start
      (www-data,670512,131840,00:00:02/05:59:12,12742) /usr/sbin/apache2 -k start
      (www-data,647736,104164,00:00:00/05:52:46,12893) /usr/sbin/apache2 -k start
      (www-data,649872,97560,00:00:01/05:50:05,12957) /usr/sbin/apache2 -k start
      (www-data,647948,97444,00:00:02/05:49:38,12967) /usr/sbin/apache2 -k start
      (root,0,0,00:00:00/04:48:36,14407) [kworker/2:0]
      (root,0,0,00:00:00/03:28:58,16244) [kworker/0:2]
      (root,0,0,00:00:00/01:59:50,18898) [kworker/3:0]
      (root,0,0,00:00:00/01:09:35,20291) [kworker/1:1]
      (root,0,0,00:00:00/01:04:57,20550) [kworker/5:1]
      (root,0,0,00:00:00/40:28,20940) [kworker/u12:1]
      (root,0,0,00:00:00/34:57,21188) [kworker/4:0]
      (postfix,73816,4736,00:00:00/24:46,21386) pickup -l -t unix -u -c
      (root,0,0,00:00:00/17:13,21504) [kworker/u12:0]
      (root,0,0,00:00:00/11:55,21595) [kworker/u12:2]
      (root,0,0,00:00:00/04:57,21884) [kworker/3:1]
      (root,364496,18848,00:00:00/00:06,21982) /usr/sbin/smbd --foreground --no-process-group
      (root,0,0,00:00:00/00:00,22141) [kworker/5:0]
      (root,11740,3212,00:00:00/00:00,22143) /bin/bash /usr/bin/check_mk_agent
      (root,34412,2764,00:00:00/00:00,22159) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000
      (root,13564,1100,00:00:00/00:00,22160) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) /
      (root,0,0,00:00:01/1-13:15:05,26184) [kworker/2:1]
      (www-data,669116,165124,00:00:19/15:48:05,26256) /usr/sbin/apache2 -k start
      (root,0,0,00:00:01/1-12:54:02,26783) [kworker/1:0]
      
      Found network interfaces through CheckMk:
      [start_iplink]
      1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
          link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
      2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000
          link/ether 02:00:00:ba:c4:a5 brd ff:ff:ff:ff:ff:ff
      [end_iplink]
      
      
      Found on 2023-02-07 21:13
    • Severity: high
      Fingerprint: 03cb82e6f6a6b45342c4bbcbbaf2bceb288a252c7451464e71dc253579212802

      Found public CheckMk agent:
      Version: 1.5.0p13
      AgentOS: linux
      Hostname: nd23
      AgentDirectory: /etc/check_mk
      DataDirectory: /var/lib/check_mk_agent
      SpoolDirectory: /var/lib/check_mk_agent/spool
      PluginsDirectory: /usr/lib/check_mk_agent/plugins
      LocalDirectory: /usr/lib/check_mk_agent/local
      
      Found process list through CheckMk:
      (root,225624,9300,00:01:06/5-18:50:12,1) /sbin/init
      (root,0,0,00:00:00/5-18:50:12,2) [kthreadd]
      (root,0,0,00:00:00/5-18:50:12,4) [kworker/0:0H]
      (root,0,0,00:00:08/5-18:50:12,6) [kworker/0:1H]
      (root,0,0,00:00:00/5-18:50:12,7) [mm_percpu_wq]
      (root,0,0,00:00:14/5-18:50:12,8) [ksoftirqd/0]
      (root,0,0,00:01:20/5-18:50:12,9) [rcu_sched]
      (root,0,0,00:00:00/5-18:50:12,10) [rcu_bh]
      (root,0,0,00:00:00/5-18:50:12,11) [migration/0]
      (root,0,0,00:00:00/5-18:50:12,12) [watchdog/0]
      (root,0,0,00:00:00/5-18:50:12,13) [cpuhp/0]
      (root,0,0,00:00:00/5-18:50:12,14) [cpuhp/1]
      (root,0,0,00:00:00/5-18:50:12,15) [watchdog/1]
      (root,0,0,00:00:00/5-18:50:12,16) [migration/1]
      (root,0,0,00:00:00/5-18:50:12,17) [ksoftirqd/1]
      (root,0,0,00:00:00/5-18:50:12,19) [kworker/1:0H]
      (root,0,0,00:00:00/5-18:50:12,20) [cpuhp/2]
      (root,0,0,00:00:00/5-18:50:12,21) [watchdog/2]
      (root,0,0,00:00:00/5-18:50:12,22) [migration/2]
      (root,0,0,00:00:00/5-18:50:12,23) [ksoftirqd/2]
      (root,0,0,00:00:00/5-18:50:12,25) [kworker/2:0H]
      (root,0,0,00:00:00/5-18:50:12,26) [cpuhp/3]
      (root,0,0,00:00:00/5-18:50:12,27) [watchdog/3]
      (root,0,0,00:00:00/5-18:50:12,28) [migration/3]
      (root,0,0,00:00:00/5-18:50:12,29) [ksoftirqd/3]
      (root,0,0,00:00:00/5-18:50:12,31) [kworker/3:0H]
      (root,0,0,00:00:00/5-18:50:12,32) [cpuhp/4]
      (root,0,0,00:00:00/5-18:50:12,33) [watchdog/4]
      (root,0,0,00:00:00/5-18:50:12,34) [migration/4]
      (root,0,0,00:00:00/5-18:50:12,35) [ksoftirqd/4]
      (root,0,0,00:00:00/5-18:50:12,37) [kworker/4:0H]
      (root,0,0,00:00:00/5-18:50:12,38) [cpuhp/5]
      (root,0,0,00:00:00/5-18:50:12,39) [watchdog/5]
      (root,0,0,00:00:00/5-18:50:12,40) [migration/5]
      (root,0,0,00:00:00/5-18:50:12,41) [ksoftirqd/5]
      (root,0,0,00:00:00/5-18:50:12,43) [kworker/5:0H]
      (root,0,0,00:00:00/5-18:50:12,44) [kdevtmpfs]
      (root,0,0,00:00:00/5-18:50:12,45) [netns]
      (root,0,0,00:00:00/5-18:50:12,46) [rcu_tasks_kthre]
      (root,0,0,00:00:00/5-18:50:12,47) [kauditd]
      (root,0,0,00:00:00/5-18:50:12,50) [khungtaskd]
      (root,0,0,00:00:00/5-18:50:12,51) [oom_reaper]
      (root,0,0,00:00:00/5-18:50:12,52) [writeback]
      (root,0,0,00:00:00/5-18:50:12,53) [kcompactd0]
      (root,0,0,00:00:00/5-18:50:12,54) [ksmd]
      (root,0,0,00:00:00/5-18:50:12,55) [khugepaged]
      (root,0,0,00:00:00/5-18:50:12,56) [crypto]
      (root,0,0,00:00:00/5-18:50:12,57) [kintegrityd]
      (root,0,0,00:00:00/5-18:50:12,58) [kblockd]
      (root,0,0,00:00:00/5-18:50:12,59) [ata_sff]
      (root,0,0,00:00:00/5-18:50:12,60) [md]
      (root,0,0,00:00:00/5-18:50:12,61) [edac-poller]
      (root,0,0,00:00:00/5-18:50:12,62) [devfreq_wq]
      (root,0,0,00:00:00/5-18:50:12,63) [watchdogd]
      (root,0,0,00:00:03/5-18:50:11,69) [kswapd0]
      (root,0,0,00:00:00/5-18:50:11,70) [kworker/u13:0]
      (root,0,0,00:00:00/5-18:50:11,71) [ecryptfs-kthrea]
      (root,0,0,00:00:00/5-18:50:11,113) [kthrotld]
      (root,0,0,00:00:00/5-18:50:11,114) [acpi_thermal_pm]
      (root,0,0,00:00:00/5-18:50:11,115) [scsi_eh_0]
      (root,0,0,00:00:00/5-18:50:11,116) [scsi_tmf_0]
      (root,0,0,00:00:00/5-18:50:11,117) [scsi_eh_1]
      (root,0,0,00:00:00/5-18:50:11,118) [scsi_tmf_1]
      (root,0,0,00:00:02/5-18:50:11,121) [kworker/1:1H]
      (root,0,0,00:00:00/5-18:50:11,125) [ipv6_addrconf]
      (root,0,0,00:00:00/5-18:50:11,134) [kstrp]
      (root,0,0,00:00:05/5-18:50:11,135) [kworker/2:1H]
      (root,0,0,00:00:00/5-18:50:11,152) [charger_manager]
      (root,0,0,00:00:02/5-18:50:11,154) [kworker/4:1H]
      (root,0,0,00:00:01/5-18:50:11,200) [kworker/3:1H]
      (root,0,0,00:00:00/5-18:50:11,207) [scsi_eh_2]
      (root,0,0,00:00:00/5-18:50:11,208) [scsi_tmf_2]
      (root,0,0,00:00:01/5-18:50:11,229) [kworker/5:1H]
      (root,0,0,00:00:00/5-18:50:07,244) [ttm_swap]
      (root,0,0,00:00:00/5-18:50:07,245) [kdmflush]
      (root,0,0,00:00:00/5-18:50:07,246) [bioset]
      (root,0,0,00:00:00/5-18:50:07,247) [kdmflush]
      (root,0,0,00:00:00/5-18:50:07,249) [bioset]
      (root,0,0,00:00:00/5-18:50:06,362) [raid5wq]
      (root,0,0,00:00:16/5-18:50:05,430) [jbd2/dm-0-8]
      (root,0,0,00:00:00/5-18:50:05,431) [ext4-rsv-conver]
      (root,0,0,00:00:00/5-18:50:03,500) [iscsi_eh]
      (root,0,0,00:00:00/5-18:50:03,501) [ib-comp-wq]
      (root,0,0,00:00:00/5-18:50:03,502) [ib-comp-unb-wq]
      (root,0,0,00:00:00/5-18:50:03,503) [ib_mcast]
      (root,0,0,00:00:00/5-18:50:03,504) [ib_nl_sa_wq]
      (root,0,0,00:00:00/5-18:50:03,505) [rdma_cm]
      (root,387612,246336,00:02:00/5-18:50:02,525) /lib/systemd/systemd-journald
      (root,105908,1976,00:00:00/5-18:50:01,551) /sbin/lvmetad -f
      (root,45780,4752,00:00:06/5-18:50:01,560) /lib/systemd/systemd-udevd
      (root,0,0,00:00:00/5-18:49:59,802) [ext4-rsv-conver]
      (systemd-timesync,141788,3068,00:00:01/5-18:49:58,890) /lib/systemd/systemd-timesyncd
      (systemd-network,71728,5076,00:00:01/5-18:49:56,1062) /lib/systemd/systemd-networkd
      (systemd-resolve,70628,6032,00:00:02/5-18:49:56,1085) /lib/systemd/systemd-resolved
      (root,110492,3396,00:00:12/5-18:49:51,1194) /usr/sbin/irqbalance --foreground
      (syslog,263048,4728,00:00:33/5-18:49:51,1209) /usr/sbin/rsyslogd -n
      (root,30040,3064,00:00:01/5-18:49:50,1225) /usr/sbin/cron -f
      (mongodb,1529392,106028,00:18:50/5-18:49:50,1235) /usr/bin/mongod --config /etc/mongod.conf
      (root,31884,1616,00:00:26/5-18:49:50,1247) /usr/sbin/inetd
      (bind,601000,37588,00:00:03/5-18:49:50,1277) /usr/sbin/named -f -u bind
      (messagebus,50376,4684,00:00:38/5-18:49:50,1328) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
      (root,61976,5488,00:00:01/5-18:49:50,1368) /lib/systemd/systemd-logind
      (root,286256,6668,00:00:24/5-18:49:50,1426) /usr/lib/accountsservice/accounts-daemon
      (daemon,28336,2372,00:00:00/5-18:49:50,1442) /usr/sbin/atd -f
      (root,169544,17428,00:00:00/5-18:49:50,1474) /usr/bin/python3 /usr/bin/networkd-dispatcher --run-startup-triggers
      (root,236168,2940,00:00:03/5-18:49:50,1507) /usr/bin/lxcfs /var/lib/lxcfs/
      (root,264092,12200,00:00:08/5-18:49:50,1547) /usr/sbin/nmbd --foreground --no-process-group
      (mysql,2966264,1027664,00:10:38/5-18:49:49,1671) /usr/sbin/mysqld
      (root,72304,6212,00:00:27/5-18:49:49,1718) /usr/sbin/sshd -D
      (root,288884,6404,00:00:21/5-18:49:49,1852) /usr/lib/policykit-1/polkitd --no-debug
      (root,186356,20012,00:00:00/5-18:49:49,1878) /usr/bin/python3 /usr/share/unattended-upgrades/unattended-upgrade-shutdown --wait-for-signal
      (root,317604,18940,00:00:05/5-18:49:49,1955) /usr/sbin/winbindd --foreground --no-process-group
      (root,67384,3484,00:00:04/5-18:49:49,2037) /usr/lib/postfix/sbin/master -w
      (postfix,73944,5064,00:00:01/5-18:49:49,2045) qmgr -l -t unix -u
      (root,319956,13608,00:00:01/5-18:49:49,2057) /usr/sbin/winbindd --foreground --no-process-group
      (root,358052,23080,00:00:50/5-18:49:48,2127) /usr/sbin/smbd --foreground --no-process-group
      (root,28928,1636,00:00:00/5-18:49:48,2143) pure-ftpd (SERVER)
      (root,14904,1836,00:00:00/5-18:49:48,2148) /sbin/agetty -o -p -- \u --noclear tty1 linux
      (root,343692,4680,00:00:00/5-18:49:48,2166) /usr/sbin/smbd --foreground --no-process-group
      (root,343724,4680,00:00:03/5-18:49:48,2167) /usr/sbin/smbd --foreground --no-process-group
      (root,317604,4304,00:00:00/5-18:49:48,2172) /usr/sbin/winbindd --foreground --no-process-group
      (root,317604,6540,00:00:00/5-18:49:48,2184) /usr/sbin/winbindd --foreground --no-process-group
      (root,358036,6916,00:00:01/5-18:49:48,2190) /usr/sbin/smbd --foreground --no-process-group
      (root,96092,30076,00:00:42/5-18:49:46,2223) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (postfix,87724,7656,00:00:00/5-18:31:55,2908) tlsmgr -l -t unix -u -c
      (root,0,0,00:00:00/12:26:47,4448) [kworker/2:0]
      (root,0,0,00:00:04/1-02:26:33,9109) [kworker/0:2]
      (root,0,0,00:00:02/2-07:31:51,11439) [kworker/3:5]
      (root,0,0,00:00:05/2-07:31:50,11551) [kworker/4:4]
      (root,563852,37608,00:00:06/2-07:31:50,11629) /usr/sbin/apache2 -k start
      (www-data,19912,176,00:00:03/2-07:31:49,11758) /usr/bin/htcacheclean -d 120 -p /var/cache/apache2/mod_cache_disk -l 300M -n
      (www-data,960564,108148,00:00:06/07:15:03,13471) /usr/sbin/apache2 -k start
      (www-data,958948,109088,00:00:06/07:15:03,13473) /usr/sbin/apache2 -k start
      (www-data,973292,99960,00:00:04/07:15:03,13474) /usr/sbin/apache2 -k start
      (www-data,948620,77908,00:00:05/07:15:03,13475) /usr/sbin/apache2 -k start
      (www-data,979352,130580,00:00:07/07:15:03,13476) /usr/sbin/apache2 -k start
      (www-data,979288,149192,00:00:07/06:57:44,13837) /usr/sbin/apache2 -k start
      (www-data,975948,81532,00:00:04/06:57:02,13842) /usr/sbin/apache2 -k start
      (root,96092,27996,00:00:00/1-14:40:39,14320) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (root,0,0,00:00:00/05:26:49,16042) [kworker/1:1]
      (root,0,0,00:00:03/2-04:56:34,19081) [kworker/1:0]
      (www-data,660632,47864,00:00:01/03:37:47,19378) /usr/sbin/apache2 -k start
      (root,0,0,00:00:00/03:02:02,21182) [kworker/2:2]
      (www-data,581768,42816,00:00:02/02:36:36,22768) /usr/sbin/apache2 -k start
      (root,0,0,00:00:00/01:56:48,23728) [kworker/5:1]
      (root,0,0,00:00:00/01:26:46,24303) [kworker/3:0]
      (root,0,0,00:00:00/44:28,25330) [kworker/0:0]
      (root,0,0,00:00:00/44:09,25336) [kworker/u12:1]
      (postfix,73816,4880,00:00:00/42:15,25380) pickup -l -t unix -u -c
      (root,0,0,00:00:00/32:02,25699) [kworker/4:1]
      (root,0,0,00:00:00/22:19,25839) [kworker/u12:2]
      (root,364468,18176,00:00:00/17:20,25936) /usr/sbin/smbd --foreground --no-process-group
      (root,0,0,00:00:00/08:22,26117) [kworker/u12:0]
      (root,0,0,00:00:00/02:02,26348) [kworker/5:2]
      (root,0,0,00:00:00/00:00,26525) [kworker/2:1]
      (root,11740,3240,00:00:00/00:00,26527) /bin/bash /usr/bin/check_mk_agent
      (root,34412,2792,00:00:00/00:00,26543) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000
      (root,13564,1100,00:00:00/00:00,26544) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) /
      (root,0,0,00:00:30/1-07:15:06,30776) [kworker/5:0]
      
      Found network interfaces through CheckMk:
      [start_iplink]
      1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
          link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
      2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000
          link/ether 02:00:00:ba:c4:a5 brd ff:ff:ff:ff:ff:ff
      [end_iplink]
      
      
      Found on 2023-02-04 12:41
    • Severity: high
      Fingerprint: 03cb82e6f6a6b45342c4bbcbbaf2bceb288a252c7451464e71dc2535ee2b8f95

      Found public CheckMk agent:
      Version: 1.5.0p13
      AgentOS: linux
      Hostname: nd23
      AgentDirectory: /etc/check_mk
      DataDirectory: /var/lib/check_mk_agent
      SpoolDirectory: /var/lib/check_mk_agent/spool
      PluginsDirectory: /usr/lib/check_mk_agent/plugins
      LocalDirectory: /usr/lib/check_mk_agent/local
      
      Found process list through CheckMk:
      (root,225288,8568,00:02:29/18-04:43:15,1) /sbin/init
      (root,0,0,00:00:00/18-04:43:15,2) [kthreadd]
      (root,0,0,00:00:00/18-04:43:15,4) [kworker/0:0H]
      (root,0,0,00:00:31/18-04:43:15,6) [kworker/0:1H]
      (root,0,0,00:00:00/18-04:43:15,7) [mm_percpu_wq]
      (root,0,0,00:00:30/18-04:43:15,8) [ksoftirqd/0]
      (root,0,0,00:04:31/18-04:43:15,9) [rcu_sched]
      (root,0,0,00:00:00/18-04:43:15,10) [rcu_bh]
      (root,0,0,00:00:00/18-04:43:15,11) [migration/0]
      (root,0,0,00:00:03/18-04:43:15,12) [watchdog/0]
      (root,0,0,00:00:00/18-04:43:15,13) [cpuhp/0]
      (root,0,0,00:00:00/18-04:43:15,14) [cpuhp/1]
      (root,0,0,00:00:03/18-04:43:15,15) [watchdog/1]
      (root,0,0,00:00:00/18-04:43:15,16) [migration/1]
      (root,0,0,00:00:00/18-04:43:15,17) [ksoftirqd/1]
      (root,0,0,00:00:00/18-04:43:15,19) [kworker/1:0H]
      (root,0,0,00:00:00/18-04:43:15,20) [cpuhp/2]
      (root,0,0,00:00:03/18-04:43:15,21) [watchdog/2]
      (root,0,0,00:00:00/18-04:43:15,22) [migration/2]
      (root,0,0,00:00:00/18-04:43:15,23) [ksoftirqd/2]
      (root,0,0,00:00:00/18-04:43:15,25) [kworker/2:0H]
      (root,0,0,00:00:00/18-04:43:15,26) [cpuhp/3]
      (root,0,0,00:00:03/18-04:43:15,27) [watchdog/3]
      (root,0,0,00:00:00/18-04:43:15,28) [migration/3]
      (root,0,0,00:00:00/18-04:43:15,29) [ksoftirqd/3]
      (root,0,0,00:00:00/18-04:43:15,31) [kworker/3:0H]
      (root,0,0,00:00:00/18-04:43:15,32) [cpuhp/4]
      (root,0,0,00:00:02/18-04:43:15,33) [watchdog/4]
      (root,0,0,00:00:00/18-04:43:15,34) [migration/4]
      (root,0,0,00:00:00/18-04:43:15,35) [ksoftirqd/4]
      (root,0,0,00:00:00/18-04:43:15,37) [kworker/4:0H]
      (root,0,0,00:00:00/18-04:43:15,38) [cpuhp/5]
      (root,0,0,00:00:02/18-04:43:15,39) [watchdog/5]
      (root,0,0,00:00:00/18-04:43:15,40) [migration/5]
      (root,0,0,00:00:00/18-04:43:15,41) [ksoftirqd/5]
      (root,0,0,00:00:00/18-04:43:15,43) [kworker/5:0H]
      (root,0,0,00:00:00/18-04:43:15,44) [kdevtmpfs]
      (root,0,0,00:00:00/18-04:43:15,45) [netns]
      (root,0,0,00:00:00/18-04:43:15,46) [rcu_tasks_kthre]
      (root,0,0,00:00:00/18-04:43:15,47) [kauditd]
      (root,0,0,00:00:02/18-04:43:15,50) [khungtaskd]
      (root,0,0,00:00:00/18-04:43:15,51) [oom_reaper]
      (root,0,0,00:00:00/18-04:43:15,52) [writeback]
      (root,0,0,00:00:00/18-04:43:15,53) [kcompactd0]
      (root,0,0,00:00:00/18-04:43:15,54) [ksmd]
      (root,0,0,00:00:00/18-04:43:15,55) [khugepaged]
      (root,0,0,00:00:00/18-04:43:15,56) [crypto]
      (root,0,0,00:00:00/18-04:43:15,57) [kintegrityd]
      (root,0,0,00:00:00/18-04:43:15,58) [kblockd]
      (root,0,0,00:00:00/18-04:43:15,59) [ata_sff]
      (root,0,0,00:00:00/18-04:43:15,60) [md]
      (root,0,0,00:00:00/18-04:43:15,61) [edac-poller]
      (root,0,0,00:00:00/18-04:43:15,62) [devfreq_wq]
      (root,0,0,00:00:00/18-04:43:15,63) [watchdogd]
      (root,0,0,00:00:07/18-04:43:14,69) [kswapd0]
      (root,0,0,00:00:00/18-04:43:14,70) [kworker/u13:0]
      (root,0,0,00:00:00/18-04:43:14,71) [ecryptfs-kthrea]
      (root,0,0,00:00:00/18-04:43:14,113) [kthrotld]
      (root,0,0,00:00:00/18-04:43:14,114) [acpi_thermal_pm]
      (root,0,0,00:00:00/18-04:43:14,115) [scsi_eh_0]
      (root,0,0,00:00:00/18-04:43:14,116) [scsi_tmf_0]
      (root,0,0,00:00:00/18-04:43:14,117) [scsi_eh_1]
      (root,0,0,00:00:00/18-04:43:14,118) [scsi_tmf_1]
      (root,0,0,00:00:10/18-04:43:14,121) [kworker/1:1H]
      (root,0,0,00:00:00/18-04:43:14,125) [ipv6_addrconf]
      (root,0,0,00:00:00/18-04:43:14,134) [kstrp]
      (root,0,0,00:00:17/18-04:43:14,135) [kworker/2:1H]
      (root,0,0,00:00:00/18-04:43:14,152) [charger_manager]
      (root,0,0,00:00:07/18-04:43:14,153) [kworker/4:1H]
      (root,0,0,00:00:03/18-04:43:14,196) [kworker/3:1H]
      (root,0,0,00:00:00/18-04:43:14,208) [scsi_eh_2]
      (root,0,0,00:00:00/18-04:43:14,209) [scsi_tmf_2]
      (root,0,0,00:00:05/18-04:43:14,223) [kworker/5:1H]
      (root,0,0,00:00:00/18-04:43:10,230) [ttm_swap]
      (root,0,0,00:00:00/18-04:43:10,242) [kdmflush]
      (root,0,0,00:00:00/18-04:43:10,243) [bioset]
      (root,0,0,00:00:00/18-04:43:10,245) [kdmflush]
      (root,0,0,00:00:00/18-04:43:10,246) [bioset]
      (root,0,0,00:00:00/18-04:43:09,356) [raid5wq]
      (root,0,0,00:00:52/18-04:43:08,426) [jbd2/dm-0-8]
      (root,0,0,00:00:00/18-04:43:08,427) [ext4-rsv-conver]
      (root,0,0,00:00:00/18-04:43:07,504) [iscsi_eh]
      (root,0,0,00:00:00/18-04:43:07,505) [ib-comp-wq]
      (root,0,0,00:00:00/18-04:43:07,506) [ib-comp-unb-wq]
      (root,0,0,00:00:00/18-04:43:07,507) [ib_mcast]
      (root,0,0,00:00:00/18-04:43:07,508) [ib_nl_sa_wq]
      (root,0,0,00:00:00/18-04:43:07,509) [rdma_cm]
      (root,383932,255012,00:05:41/18-04:43:06,517) /lib/systemd/systemd-journald
      (root,105908,1840,00:00:00/18-04:43:05,545) /sbin/lvmetad -f
      (root,45780,4232,00:00:19/18-04:43:05,554) /lib/systemd/systemd-udevd
      (root,0,0,00:00:00/18-04:43:03,794) [ext4-rsv-conver]
      (systemd-timesync,141788,2992,00:00:04/18-04:43:03,913) /lib/systemd/systemd-timesyncd
      (root,0,0,00:03:06/8-00:43:15,939) [kworker/3:1]
      (root,0,0,00:00:00/01:15:42,1022) [kworker/2:2]
      (systemd-network,71728,5000,00:00:04/18-04:43:01,1045) /lib/systemd/systemd-networkd
      (systemd-resolve,70608,5812,00:00:09/18-04:43:00,1068) /lib/systemd/systemd-resolved
      (syslog,263048,4552,00:01:27/18-04:42:56,1194) /usr/sbin/rsyslogd -n
      (root,169544,16960,00:00:00/18-04:42:55,1212) /usr/bin/python3 /usr/bin/networkd-dispatcher --run-startup-triggers
      (root,30040,2960,00:00:05/18-04:42:55,1234) /usr/sbin/cron -f
      (root,31884,1620,00:01:06/18-04:42:55,1291) /usr/sbin/inetd
      (messagebus,50384,4380,00:01:01/18-04:42:55,1322) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
      (root,61972,5376,00:00:04/18-04:42:55,1356) /lib/systemd/systemd-logind
      (bind,593200,28180,00:00:02/18-04:42:55,1367) /usr/sbin/named -f -u bind
      (root,309588,2140,00:00:07/18-04:42:55,1437) /usr/bin/lxcfs /var/lib/lxcfs/
      (root,110492,3408,00:00:42/18-04:42:55,1460) /usr/sbin/irqbalance --foreground
      (daemon,28336,2180,00:00:00/18-04:42:55,1490) /usr/sbin/atd -f
      (mongodb,1538488,107652,01:00:33/18-04:42:55,1552) /usr/bin/mongod --config /etc/mongod.conf
      (root,286256,6592,00:01:05/18-04:42:55,1576) /usr/lib/accountsservice/accounts-daemon
      (root,264092,12136,00:00:28/18-04:42:55,1600) /usr/sbin/nmbd --foreground --no-process-group
      (root,564420,37212,00:00:46/18-04:42:55,1645) /usr/sbin/apache2 -k start
      (mysql,3163464,1160788,00:31:31/18-04:42:55,1673) /usr/sbin/mysqld
      (root,72304,6044,00:01:10/18-04:42:55,1675) /usr/sbin/sshd -D
      (root,288884,6304,00:00:35/18-04:42:54,1831) /usr/lib/policykit-1/polkitd --no-debug
      (root,186356,19296,00:00:00/18-04:42:54,1860) /usr/bin/python3 /usr/share/unattended-upgrades/unattended-upgrade-shutdown --wait-for-signal
      (root,67384,3432,00:00:14/18-04:42:54,1920) /usr/lib/postfix/sbin/master -w
      (postfix,73976,4872,00:00:05/18-04:42:54,1936) qmgr -l -t unix -u
      (www-data,19912,176,00:00:27/18-04:42:54,1938) /usr/bin/htcacheclean -d 120 -p /var/cache/apache2/mod_cache_disk -l 300M -n
      (root,317604,18708,00:00:18/18-04:42:54,1972) /usr/sbin/winbindd --foreground --no-process-group
      (root,319956,13448,00:00:06/18-04:42:54,1991) /usr/sbin/winbindd --foreground --no-process-group
      (root,358052,23056,00:03:37/18-04:42:54,2027) /usr/sbin/smbd --foreground --no-process-group
      (root,28928,1808,00:00:00/18-04:42:54,2049) pure-ftpd (SERVER)
      (root,343692,4704,00:00:01/18-04:42:54,2059) /usr/sbin/smbd --foreground --no-process-group
      (root,343724,4704,00:00:16/18-04:42:54,2060) /usr/sbin/smbd --foreground --no-process-group
      (root,0,0,00:00:00/40:39,2062) [kworker/1:0]
      (root,14904,1672,00:00:00/18-04:42:54,2063) /sbin/agetty -o -p -- \u --noclear tty1 linux
      (root,317604,4224,00:00:02/18-04:42:54,2072) /usr/sbin/winbindd --foreground --no-process-group
      (root,317604,6568,00:00:02/18-04:42:53,2084) /usr/sbin/winbindd --foreground --no-process-group
      (root,358036,6684,00:00:04/18-04:42:53,2104) /usr/sbin/smbd --foreground --no-process-group
      (root,96080,29060,00:02:55/18-04:42:53,2140) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (root,0,0,00:00:00/23:54,2358) [kworker/u12:1]
      (postfix,73816,4776,00:00:00/18:09,2435) pickup -l -t unix -u -c
      (root,0,0,00:00:00/10:23,2708) [kworker/u12:2]
      (root,0,0,00:00:00/05:09,2798) [kworker/u12:3]
      (root,364496,18848,00:00:00/00:09,2862) /usr/sbin/smbd --foreground --no-process-group
      (root,0,0,00:00:00/00:00,2974) [kworker/0:0]
      (root,11740,3220,00:00:00/00:00,3023) /bin/bash /usr/bin/check_mk_agent
      (root,34412,2824,00:00:00/00:00,3039) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000
      (root,13564,1168,00:00:00/00:00,3040) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) /
      (postfix,87724,7636,00:00:02/18-04:07:34,3664) tlsmgr -l -t unix -u -c
      (www-data,965356,136768,00:00:20/18:58:49,4196) /usr/sbin/apache2 -k start
      (www-data,951056,146016,00:00:23/18:58:49,4199) /usr/sbin/apache2 -k start
      (root,0,0,00:00:03/18:50:01,4487) [kworker/0:2]
      (root,96080,26996,00:00:00/12-09:57:37,5224) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (root,96212,28368,00:00:00/7-00:46:53,8757) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (root,0,0,00:00:15/10-04:09:08,9262) [kworker/2:0]
      (root,0,0,00:00:01/15:48:56,10374) [kworker/4:2]
      (root,0,0,00:00:02/2-11:10:28,13420) [kworker/5:0]
      (root,0,0,00:00:01/1-03:46:23,21590) [kworker/1:2]
      (root,96080,27000,00:00:00/17-18:46:11,22705) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (root,0,0,00:00:00/07:16:12,22720) [kworker/5:2]
      (www-data,981408,111744,00:00:19/07:08:23,23026) /usr/sbin/apache2 -k start
      (www-data,961992,92592,00:00:10/06:57:48,23183) /usr/sbin/apache2 -k start
      (www-data,951400,105000,00:00:13/06:56:40,23191) /usr/sbin/apache2 -k start
      (www-data,941332,87044,00:00:10/06:40:16,23742) /usr/sbin/apache2 -k start
      (www-data,965936,93792,00:00:08/06:32:18,23827) /usr/sbin/apache2 -k start
      (www-data,661900,101104,00:00:07/06:28:32,23884) /usr/sbin/apache2 -k start
      (root,0,0,00:00:00/06:27:44,23896) [kworker/4:1]
      (www-data,944448,64724,00:00:03/06:26:29,23908) /usr/sbin/apache2 -k start
      (www-data,950312,64756,00:00:02/06:03:02,24598) /usr/sbin/apache2 -k start
      (root,0,0,00:00:00/02:59:33,30487) [kworker/0:1]
      (root,0,0,00:00:00/01:45:42,32565) [kworker/3:0]
      
      Found network interfaces through CheckMk:
      [start_iplink]
      1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
          link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
      2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000
          link/ether 02:00:00:ba:c4:a5 brd ff:ff:ff:ff:ff:ff
      [end_iplink]
      
      
      Found on 2023-01-03 00:24
    • Severity: high
      Fingerprint: 03cb82e6f6a6b45342c4bbcbbaf2bceb288a252c7451464e71dc2535fbe1df14

      Found public CheckMk agent:
      Version: 1.5.0p13
      AgentOS: linux
      Hostname: nd23
      AgentDirectory: /etc/check_mk
      DataDirectory: /var/lib/check_mk_agent
      SpoolDirectory: /var/lib/check_mk_agent/spool
      PluginsDirectory: /usr/lib/check_mk_agent/plugins
      LocalDirectory: /usr/lib/check_mk_agent/local
      
      Found process list through CheckMk:
      (root,225472,9212,00:01:15/8-13:44:52,1) /sbin/init
      (root,0,0,00:00:00/8-13:44:52,2) [kthreadd]
      (root,0,0,00:00:00/8-13:44:52,4) [kworker/0:0H]
      (root,0,0,00:00:12/8-13:44:52,6) [kworker/0:1H]
      (root,0,0,00:00:00/8-13:44:52,7) [mm_percpu_wq]
      (root,0,0,00:00:14/8-13:44:52,8) [ksoftirqd/0]
      (root,0,0,00:02:04/8-13:44:52,9) [rcu_sched]
      (root,0,0,00:00:00/8-13:44:52,10) [rcu_bh]
      (root,0,0,00:00:00/8-13:44:52,11) [migration/0]
      (root,0,0,00:00:01/8-13:44:52,12) [watchdog/0]
      (root,0,0,00:00:00/8-13:44:52,13) [cpuhp/0]
      (root,0,0,00:00:00/8-13:44:52,14) [cpuhp/1]
      (root,0,0,00:00:01/8-13:44:52,15) [watchdog/1]
      (root,0,0,00:00:00/8-13:44:52,16) [migration/1]
      (root,0,0,00:00:00/8-13:44:52,17) [ksoftirqd/1]
      (root,0,0,00:00:00/8-13:44:52,19) [kworker/1:0H]
      (root,0,0,00:00:00/8-13:44:52,20) [cpuhp/2]
      (root,0,0,00:00:01/8-13:44:52,21) [watchdog/2]
      (root,0,0,00:00:00/8-13:44:52,22) [migration/2]
      (root,0,0,00:00:00/8-13:44:52,23) [ksoftirqd/2]
      (root,0,0,00:00:00/8-13:44:52,25) [kworker/2:0H]
      (root,0,0,00:00:00/8-13:44:52,26) [cpuhp/3]
      (root,0,0,00:00:01/8-13:44:52,27) [watchdog/3]
      (root,0,0,00:00:00/8-13:44:52,28) [migration/3]
      (root,0,0,00:00:00/8-13:44:52,29) [ksoftirqd/3]
      (root,0,0,00:00:00/8-13:44:52,31) [kworker/3:0H]
      (root,0,0,00:00:00/8-13:44:52,32) [cpuhp/4]
      (root,0,0,00:00:01/8-13:44:52,33) [watchdog/4]
      (root,0,0,00:00:00/8-13:44:52,34) [migration/4]
      (root,0,0,00:00:00/8-13:44:52,35) [ksoftirqd/4]
      (root,0,0,00:00:00/8-13:44:52,37) [kworker/4:0H]
      (root,0,0,00:00:00/8-13:44:52,38) [cpuhp/5]
      (root,0,0,00:00:01/8-13:44:52,39) [watchdog/5]
      (root,0,0,00:00:00/8-13:44:52,40) [migration/5]
      (root,0,0,00:00:00/8-13:44:52,41) [ksoftirqd/5]
      (root,0,0,00:03:17/8-13:44:52,42) [kworker/5:0]
      (root,0,0,00:00:00/8-13:44:52,43) [kworker/5:0H]
      (root,0,0,00:00:00/8-13:44:52,44) [kdevtmpfs]
      (root,0,0,00:00:00/8-13:44:52,45) [netns]
      (root,0,0,00:00:00/8-13:44:52,46) [rcu_tasks_kthre]
      (root,0,0,00:00:00/8-13:44:52,47) [kauditd]
      (root,0,0,00:00:01/8-13:44:52,50) [khungtaskd]
      (root,0,0,00:00:00/8-13:44:52,51) [oom_reaper]
      (root,0,0,00:00:00/8-13:44:52,52) [writeback]
      (root,0,0,00:00:00/8-13:44:52,53) [kcompactd0]
      (root,0,0,00:00:00/8-13:44:52,54) [ksmd]
      (root,0,0,00:00:00/8-13:44:52,55) [khugepaged]
      (root,0,0,00:00:00/8-13:44:52,56) [crypto]
      (root,0,0,00:00:00/8-13:44:52,57) [kintegrityd]
      (root,0,0,00:00:00/8-13:44:52,58) [kblockd]
      (root,0,0,00:00:00/8-13:44:52,59) [ata_sff]
      (root,0,0,00:00:00/8-13:44:52,60) [md]
      (root,0,0,00:00:00/8-13:44:52,61) [edac-poller]
      (root,0,0,00:00:00/8-13:44:52,62) [devfreq_wq]
      (root,0,0,00:00:00/8-13:44:52,63) [watchdogd]
      (root,0,0,00:00:04/8-13:44:51,69) [kswapd0]
      (root,0,0,00:00:00/8-13:44:51,70) [kworker/u13:0]
      (root,0,0,00:00:00/8-13:44:51,71) [ecryptfs-kthrea]
      (root,0,0,00:00:00/8-13:44:51,113) [kthrotld]
      (root,0,0,00:00:00/8-13:44:51,114) [acpi_thermal_pm]
      (root,0,0,00:00:00/8-13:44:51,115) [scsi_eh_0]
      (root,0,0,00:00:00/8-13:44:51,116) [scsi_tmf_0]
      (root,0,0,00:00:00/8-13:44:51,117) [scsi_eh_1]
      (root,0,0,00:00:00/8-13:44:51,118) [scsi_tmf_1]
      (root,0,0,00:00:04/8-13:44:51,121) [kworker/1:1H]
      (root,0,0,00:00:00/8-13:44:51,125) [ipv6_addrconf]
      (root,0,0,00:00:07/8-13:44:51,134) [kworker/2:1H]
      (root,0,0,00:00:00/8-13:44:51,135) [kstrp]
      (root,0,0,00:00:00/8-13:44:51,152) [charger_manager]
      (root,0,0,00:00:03/8-13:44:51,154) [kworker/4:1H]
      (root,0,0,00:00:02/8-13:44:51,208) [kworker/3:1H]
      (root,0,0,00:00:00/8-13:44:51,209) [scsi_eh_2]
      (root,0,0,00:00:00/8-13:44:51,210) [scsi_tmf_2]
      (root,0,0,00:00:03/8-13:44:51,212) [kworker/5:1H]
      (root,0,0,00:00:00/8-13:44:47,243) [ttm_swap]
      (root,0,0,00:00:00/8-13:44:47,244) [kdmflush]
      (root,0,0,00:00:00/8-13:44:47,245) [bioset]
      (root,0,0,00:00:00/8-13:44:47,247) [kdmflush]
      (root,0,0,00:00:00/8-13:44:47,248) [bioset]
      (root,0,0,00:00:00/8-13:44:46,361) [raid5wq]
      (root,0,0,00:00:24/8-13:44:46,430) [jbd2/dm-0-8]
      (root,0,0,00:00:00/8-13:44:46,431) [ext4-rsv-conver]
      (root,0,0,00:00:01/1-01:04:34,450) [kworker/4:1]
      (root,0,0,00:00:00/8-13:44:44,519) [iscsi_eh]
      (root,0,0,00:00:00/8-13:44:44,520) [ib-comp-wq]
      (root,0,0,00:00:00/8-13:44:44,521) [ib-comp-unb-wq]
      (root,0,0,00:00:00/8-13:44:44,522) [ib_mcast]
      (root,0,0,00:00:00/8-13:44:44,523) [ib_nl_sa_wq]
      (root,0,0,00:00:00/8-13:44:44,524) [rdma_cm]
      (root,401860,262976,00:02:42/8-13:44:43,525) /lib/systemd/systemd-journald
      (root,105908,1872,00:00:00/8-13:44:43,549) /sbin/lvmetad -f
      (root,45780,4584,00:00:10/8-13:44:43,558) /lib/systemd/systemd-udevd
      (root,0,0,00:00:00/8-13:44:42,807) [ext4-rsv-conver]
      (systemd-timesync,141788,3124,00:00:01/8-13:44:41,889) /lib/systemd/systemd-timesyncd
      (systemd-network,71728,5064,00:00:02/8-13:44:39,1063) /lib/systemd/systemd-networkd
      (systemd-resolve,70624,4948,00:00:03/8-13:44:39,1081) /lib/systemd/systemd-resolved
      (root,62012,5304,00:00:02/8-13:44:33,1194) /lib/systemd/systemd-logind
      (root,235752,2200,00:00:03/8-13:44:33,1227) /usr/bin/lxcfs /var/lib/lxcfs/
      (root,31884,1708,00:00:29/8-13:44:33,1251) /usr/sbin/inetd
      (daemon,28336,2308,00:00:00/8-13:44:33,1252) /usr/sbin/atd -f
      (messagebus,50364,4728,00:00:38/8-13:44:33,1265) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
      (root,186356,19972,00:00:00/8-13:44:33,1280) /usr/bin/python3 /usr/share/unattended-upgrades/unattended-upgrade-shutdown --wait-for-signal
      (bind,602300,39140,00:00:08/8-13:44:33,1293) /usr/sbin/named -f -u bind
      (syslog,263048,4716,00:00:42/8-13:44:33,1301) /usr/sbin/rsyslogd -n
      (root,30040,3008,00:00:02/8-13:44:33,1350) /usr/sbin/cron -f
      (root,169544,17560,00:00:00/8-13:44:33,1366) /usr/bin/python3 /usr/bin/networkd-dispatcher --run-startup-triggers
      (root,110492,3396,00:00:19/8-13:44:32,1378) /usr/sbin/irqbalance --foreground
      (mongodb,1531712,106656,00:29:12/8-13:44:32,1392) /usr/bin/mongod --config /etc/mongod.conf
      (root,264092,12144,00:00:13/8-13:44:32,1531) /usr/sbin/nmbd --foreground --no-process-group
      (root,286256,6796,00:00:32/8-13:44:32,1558) /usr/lib/accountsservice/accounts-daemon
      (root,72304,6168,00:00:34/8-13:44:32,1683) /usr/sbin/sshd -D
      (root,564420,37048,00:00:21/8-13:44:32,1686) /usr/sbin/apache2 -k start
      (mysql,2505900,987488,00:14:21/8-13:44:32,1734) /usr/sbin/mysqld
      (root,288884,6532,00:00:22/8-13:44:32,1749) /usr/lib/policykit-1/polkitd --no-debug
      (www-data,19912,176,00:00:13/8-13:44:32,1807) /usr/bin/htcacheclean -d 120 -p /var/cache/apache2/mod_cache_disk -l 300M -n
      (root,317604,18700,00:00:08/8-13:44:32,1847) /usr/sbin/winbindd --foreground --no-process-group
      (root,319956,13788,00:00:02/8-13:44:31,1920) /usr/sbin/winbindd --foreground --no-process-group
      (root,67384,3408,00:00:05/8-13:44:31,1997) /usr/lib/postfix/sbin/master -w
      (postfix,73944,4952,00:00:02/8-13:44:31,2010) qmgr -l -t unix -u
      (root,358052,23484,00:01:41/8-13:44:31,2031) /usr/sbin/smbd --foreground --no-process-group
      (root,28928,1740,00:00:00/8-13:44:31,2060) pure-ftpd (SERVER)
      (root,343692,4788,00:00:00/8-13:44:31,2071) /usr/sbin/smbd --foreground --no-process-group
      (root,343724,4788,00:00:07/8-13:44:31,2072) /usr/sbin/smbd --foreground --no-process-group
      (root,317604,4328,00:00:01/8-13:44:31,2076) /usr/sbin/winbindd --foreground --no-process-group
      (root,317604,6556,00:00:01/8-13:44:31,2078) /usr/sbin/winbindd --foreground --no-process-group
      (root,14904,1860,00:00:00/8-13:44:31,2089) /sbin/agetty -o -p -- \u --noclear tty1 linux
      (root,358036,6736,00:00:02/8-13:44:31,2091) /usr/sbin/smbd --foreground --no-process-group
      (root,96080,30064,00:01:04/8-13:44:30,2165) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (postfix,87724,7636,00:00:00/8-13:12:03,2983) tlsmgr -l -t unix -u -c
      (root,0,0,00:00:00/08:05:14,9740) [kworker/2:1]
      (root,0,0,00:00:00/06:10:23,12496) [kworker/4:0]
      (root,0,0,00:00:01/19:44:13,14013) [kworker/3:1]
      (root,0,0,00:00:02/19:40:23,14335) [kworker/0:0]
      (www-data,650256,53436,00:00:00/04:23:30,15960) /usr/sbin/apache2 -k start
      (www-data,966880,99556,00:00:02/04:23:30,15961) /usr/sbin/apache2 -k start
      (www-data,952192,101376,00:00:01/04:23:30,15962) /usr/sbin/apache2 -k start
      (www-data,952356,128428,00:00:02/04:23:30,15963) /usr/sbin/apache2 -k start
      (www-data,946220,79040,00:00:01/04:23:30,15964) /usr/sbin/apache2 -k start
      (www-data,968736,123344,00:00:02/04:20:20,16049) /usr/sbin/apache2 -k start
      (root,0,0,00:00:00/04:10:22,16396) [kworker/0:2]
      (www-data,958324,104480,00:00:01/03:59:06,16590) /usr/sbin/apache2 -k start
      (root,0,0,00:00:00/03:10:22,18132) [kworker/5:1]
      (root,96212,27996,00:00:00/3-13:09:50,18898) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (root,0,0,00:00:00/40:22,21455) [kworker/1:0]
      (root,0,0,00:00:00/28:14,21658) [kworker/3:0]
      (root,0,0,00:00:00/18:21,21814) [kworker/u12:0]
      (root,0,0,00:00:00/12:58,21955) [kworker/u12:1]
      (root,0,0,00:00:00/10:22,22179) [kworker/2:2]
      (root,362356,14372,00:00:00/05:54,22266) /usr/sbin/smbd --foreground --no-process-group
      (root,362356,14372,00:00:00/05:19,22270) /usr/sbin/smbd --foreground --no-process-group
      (root,0,0,00:00:00/05:11,22272) [kworker/2:0]
      (root,0,0,00:00:00/03:32,22315) [kworker/u12:2]
      (root,364492,19072,00:00:00/00:27,22401) /usr/sbin/smbd --foreground --no-process-group
      (postfix,73816,4668,00:00:00/00:20,22402) pickup -l -t unix -u -c
      (root,11740,3252,00:00:00/00:00,22562) /bin/bash /usr/bin/check_mk_agent
      (root,0,0,00:00:00/00:00,22578) [kworker/5:2]
      (root,34412,2796,00:00:00/00:00,22579) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000
      (root,13564,1124,00:00:00/00:00,22580) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) /
      (root,0,0,00:00:02/1-04:23:29,24546) [kworker/1:1]
      
      Found network interfaces through CheckMk:
      [start_iplink]
      1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
          link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
      2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000
          link/ether 02:00:00:ba:c4:a5 brd ff:ff:ff:ff:ff:ff
      [end_iplink]
      
      
      Found on 2022-12-14 09:49
    • Severity: high
      Fingerprint: 03cb82e6f6a6b45342c4bbcbbaf2bceb288a252c7451464e71dc25357510bd3c

      Found public CheckMk agent:
      Version: 1.5.0p13
      AgentOS: linux
      Hostname: nd23
      AgentDirectory: /etc/check_mk
      DataDirectory: /var/lib/check_mk_agent
      SpoolDirectory: /var/lib/check_mk_agent/spool
      PluginsDirectory: /usr/lib/check_mk_agent/plugins
      LocalDirectory: /usr/lib/check_mk_agent/local
      
      Found process list through CheckMk:
      (root,225504,9148,00:00:13/01:59:35,1) /sbin/init
      (root,0,0,00:00:00/01:59:35,2) [kthreadd]
      (root,0,0,00:00:00/01:59:35,4) [kworker/0:0H]
      (root,0,0,00:00:00/01:59:35,6) [kworker/0:1H]
      (root,0,0,00:00:00/01:59:35,7) [mm_percpu_wq]
      (root,0,0,00:00:00/01:59:35,8) [ksoftirqd/0]
      (root,0,0,00:00:01/01:59:35,9) [rcu_sched]
      (root,0,0,00:00:00/01:59:35,10) [rcu_bh]
      (root,0,0,00:00:00/01:59:35,11) [migration/0]
      (root,0,0,00:00:00/01:59:35,12) [watchdog/0]
      (root,0,0,00:00:00/01:59:35,13) [cpuhp/0]
      (root,0,0,00:00:00/01:59:35,14) [cpuhp/1]
      (root,0,0,00:00:00/01:59:35,15) [watchdog/1]
      (root,0,0,00:00:00/01:59:35,16) [migration/1]
      (root,0,0,00:00:00/01:59:35,17) [ksoftirqd/1]
      (root,0,0,00:00:00/01:59:35,19) [kworker/1:0H]
      (root,0,0,00:00:00/01:59:35,20) [cpuhp/2]
      (root,0,0,00:00:00/01:59:35,21) [watchdog/2]
      (root,0,0,00:00:00/01:59:35,22) [migration/2]
      (root,0,0,00:00:00/01:59:35,23) [ksoftirqd/2]
      (root,0,0,00:00:00/01:59:35,25) [kworker/2:0H]
      (root,0,0,00:00:00/01:59:35,26) [cpuhp/3]
      (root,0,0,00:00:00/01:59:35,27) [watchdog/3]
      (root,0,0,00:00:00/01:59:35,28) [migration/3]
      (root,0,0,00:00:00/01:59:35,29) [ksoftirqd/3]
      (root,0,0,00:00:00/01:59:35,31) [kworker/3:0H]
      (root,0,0,00:00:00/01:59:35,32) [cpuhp/4]
      (root,0,0,00:00:00/01:59:35,33) [watchdog/4]
      (root,0,0,00:00:00/01:59:35,34) [migration/4]
      (root,0,0,00:00:00/01:59:35,35) [ksoftirqd/4]
      (root,0,0,00:00:00/01:59:35,37) [kworker/4:0H]
      (root,0,0,00:00:00/01:59:35,38) [cpuhp/5]
      (root,0,0,00:00:00/01:59:35,39) [watchdog/5]
      (root,0,0,00:00:00/01:59:35,40) [migration/5]
      (root,0,0,00:00:00/01:59:35,41) [ksoftirqd/5]
      (root,0,0,00:00:00/01:59:35,43) [kworker/5:0H]
      (root,0,0,00:00:00/01:59:35,44) [kdevtmpfs]
      (root,0,0,00:00:00/01:59:35,45) [netns]
      (root,0,0,00:00:00/01:59:35,46) [rcu_tasks_kthre]
      (root,0,0,00:00:00/01:59:35,47) [kauditd]
      (root,0,0,00:00:00/01:59:35,48) [kworker/0:1]
      (root,0,0,00:00:00/01:59:35,49) [kworker/1:1]
      (root,0,0,00:00:00/01:59:35,50) [khungtaskd]
      (root,0,0,00:00:00/01:59:35,51) [oom_reaper]
      (root,0,0,00:00:00/01:59:35,52) [writeback]
      (root,0,0,00:00:00/01:59:35,53) [kcompactd0]
      (root,0,0,00:00:00/01:59:35,54) [ksmd]
      (root,0,0,00:00:00/01:59:35,55) [khugepaged]
      (root,0,0,00:00:00/01:59:35,56) [crypto]
      (root,0,0,00:00:00/01:59:35,57) [kintegrityd]
      (root,0,0,00:00:00/01:59:35,58) [kblockd]
      (root,0,0,00:00:00/01:59:35,59) [ata_sff]
      (root,0,0,00:00:00/01:59:35,60) [md]
      (root,0,0,00:00:00/01:59:35,61) [edac-poller]
      (root,0,0,00:00:00/01:59:35,62) [devfreq_wq]
      (root,0,0,00:00:00/01:59:35,63) [watchdogd]
      (root,0,0,00:00:00/01:59:35,64) [kworker/2:1]
      (root,0,0,00:00:00/01:59:34,69) [kswapd0]
      (root,0,0,00:00:00/01:59:34,70) [kworker/u13:0]
      (root,0,0,00:00:00/01:59:34,71) [ecryptfs-kthrea]
      (root,0,0,00:00:00/01:59:34,113) [kthrotld]
      (root,0,0,00:00:00/01:59:34,114) [acpi_thermal_pm]
      (root,0,0,00:00:00/01:59:34,115) [scsi_eh_0]
      (root,0,0,00:00:00/01:59:34,116) [scsi_tmf_0]
      (root,0,0,00:00:00/01:59:34,117) [scsi_eh_1]
      (root,0,0,00:00:00/01:59:34,118) [scsi_tmf_1]
      (root,0,0,00:00:00/01:59:34,121) [kworker/1:1H]
      (root,0,0,00:00:00/01:59:34,125) [ipv6_addrconf]
      (root,0,0,00:00:00/01:59:34,134) [kstrp]
      (root,0,0,00:00:00/01:59:34,135) [kworker/2:1H]
      (root,0,0,00:00:00/01:59:34,152) [charger_manager]
      (root,0,0,00:00:00/01:59:34,153) [kworker/2:2]
      (root,0,0,00:00:00/01:59:34,154) [kworker/4:1H]
      (root,0,0,00:00:00/01:59:34,218) [kworker/3:1H]
      (root,0,0,00:00:00/01:59:34,219) [scsi_eh_2]
      (root,0,0,00:00:00/01:59:34,220) [scsi_tmf_2]
      (root,0,0,00:00:00/01:59:34,221) [kworker/5:1H]
      (root,0,0,00:00:00/01:59:30,250) [ttm_swap]
      (root,0,0,00:00:00/01:59:30,253) [kdmflush]
      (root,0,0,00:00:00/01:59:30,254) [bioset]
      (root,0,0,00:00:00/01:59:30,255) [kdmflush]
      (root,0,0,00:00:00/01:59:30,256) [bioset]
      (root,0,0,00:00:00/01:59:29,372) [raid5wq]
      (root,0,0,00:00:00/01:59:28,441) [jbd2/dm-0-8]
      (root,0,0,00:00:00/01:59:28,442) [ext4-rsv-conver]
      (root,208056,58084,00:00:03/01:59:26,523) /lib/systemd/systemd-journald
      (root,0,0,00:00:00/01:59:25,528) [iscsi_eh]
      (root,0,0,00:00:00/01:59:25,529) [ib-comp-wq]
      (root,0,0,00:00:00/01:59:25,530) [ib-comp-unb-wq]
      (root,0,0,00:00:00/01:59:25,531) [ib_mcast]
      (root,0,0,00:00:00/01:59:25,532) [ib_nl_sa_wq]
      (root,0,0,00:00:00/01:59:25,533) [rdma_cm]
      (root,0,0,00:00:00/01:59:25,539) [kworker/0:2]
      (root,105908,1760,00:00:00/01:59:24,560) /sbin/lvmetad -f
      (root,0,0,00:00:01/01:59:24,564) [kworker/5:2]
      (root,45872,4688,00:00:00/01:59:24,570) /lib/systemd/systemd-udevd
      (root,0,0,00:00:00/01:59:23,792) [kworker/1:2]
      (root,0,0,00:00:00/01:59:23,807) [ext4-rsv-conver]
      (systemd-timesync,141788,3128,00:00:00/01:59:22,899) /lib/systemd/systemd-timesyncd
      (systemd-network,71728,5080,00:00:00/01:59:20,1062) /lib/systemd/systemd-networkd
      (systemd-resolve,70496,4620,00:00:00/01:59:20,1088) /lib/systemd/systemd-resolved
      (root,169544,17568,00:00:00/01:59:14,1196) /usr/bin/python3 /usr/bin/networkd-dispatcher --run-startup-triggers
      (root,161084,1548,00:00:00/01:59:14,1239) /usr/bin/lxcfs /var/lib/lxcfs/
      (root,264092,12312,00:00:00/01:59:14,1257) /usr/sbin/nmbd --foreground --no-process-group
      (messagebus,50108,4184,00:00:00/01:59:14,1280) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
      (mongodb,1522224,107708,00:00:14/01:59:14,1342) /usr/bin/mongod --config /etc/mongod.conf
      (bind,591120,26920,00:00:00/01:59:14,1351) /usr/sbin/named -f -u bind
      (daemon,28336,2296,00:00:00/01:59:14,1402) /usr/sbin/atd -f
      (root,30040,3196,00:00:00/01:59:14,1435) /usr/sbin/cron -f
      (root,110492,3376,00:00:00/01:59:14,1446) /usr/sbin/irqbalance --foreground
      (root,563704,35512,00:00:00/01:59:14,1459) /usr/sbin/apache2 -k start
      (syslog,263048,3992,00:00:00/01:59:14,1473) /usr/sbin/rsyslogd -n
      (root,286256,6684,00:00:00/01:59:14,1496) /usr/lib/accountsservice/accounts-daemon
      (root,61972,5472,00:00:00/01:59:14,1530) /lib/systemd/systemd-logind
      (www-data,646120,62884,00:00:00/01:59:13,1549) /usr/sbin/apache2 -k start
      (www-data,566236,21712,00:00:00/01:59:13,1550) /usr/sbin/apache2 -k start
      (www-data,644388,62056,00:00:00/01:59:13,1551) /usr/sbin/apache2 -k start
      (root,31884,1624,00:00:00/01:59:13,1553) /usr/sbin/inetd
      (www-data,646100,71280,00:00:00/01:59:13,1555) /usr/sbin/apache2 -k start
      (www-data,566828,38336,00:00:00/01:59:13,1561) /usr/sbin/apache2 -k start
      (mysql,1980400,274980,00:00:04/01:59:13,1682) /usr/sbin/mysqld
      (root,0,0,00:00:00/01:59:13,1696) [kworker/4:2]
      (root,72304,6268,00:00:00/01:59:13,1697) /usr/sbin/sshd -D
      (root,186356,20104,00:00:00/01:59:13,1816) /usr/bin/python3 /usr/share/unattended-upgrades/unattended-upgrade-shutdown --wait-for-signal
      (root,288884,6384,00:00:00/01:59:13,1831) /usr/lib/policykit-1/polkitd --no-debug
      (www-data,19912,176,00:00:00/01:59:13,1886) /usr/bin/htcacheclean -d 120 -p /var/cache/apache2/mod_cache_disk -l 300M -n
      (root,317604,18432,00:00:00/01:59:13,1938) /usr/sbin/winbindd --foreground --no-process-group
      (root,67384,3604,00:00:00/01:59:13,1999) /usr/lib/postfix/sbin/master -w
      (postfix,73944,4920,00:00:00/01:59:13,2013) qmgr -l -t unix -u
      (root,319956,13564,00:00:00/01:59:13,2021) /usr/sbin/winbindd --foreground --no-process-group
      (root,358052,23564,00:00:00/01:59:12,2079) /usr/sbin/smbd --foreground --no-process-group
      (root,28928,428,00:00:00/01:59:12,2093) pure-ftpd (SERVER)
      (root,343692,4600,00:00:00/01:59:12,2111) /usr/sbin/smbd --foreground --no-process-group
      (root,343724,4592,00:00:00/01:59:12,2112) /usr/sbin/smbd --foreground --no-process-group
      (root,317604,4292,00:00:00/01:59:12,2117) /usr/sbin/winbindd --foreground --no-process-group
      (root,14904,1860,00:00:00/01:59:12,2121) /sbin/agetty -o -p -- \u --noclear tty1 linux
      (root,317604,6684,00:00:00/01:59:12,2124) /usr/sbin/winbindd --foreground --no-process-group
      (root,358036,6848,00:00:00/01:59:12,2125) /usr/sbin/smbd --foreground --no-process-group
      (root,96080,30248,00:00:00/01:59:11,2162) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (root,0,0,00:00:00/01:58:42,2370) [kworker/3:3]
      (www-data,644464,67200,00:00:00/01:53:30,2596) /usr/sbin/apache2 -k start
      (www-data,646656,66060,00:00:00/01:53:27,2603) /usr/sbin/apache2 -k start
      (root,0,0,00:00:00/01:27:33,3156) [kworker/3:0]
      (root,0,0,00:00:00/01:14:02,3353) [kworker/u12:0]
      (root,0,0,00:00:00/57:33,3784) [kworker/4:1]
      (postfix,73816,4736,00:00:00/30:11,4497) pickup -l -t unix -u -c
      (postfix,87724,7620,00:00:00/30:01,4503) tlsmgr -l -t unix -u -c
      (root,0,0,00:00:00/27:34,4769) [kworker/5:1]
      (root,0,0,00:00:00/11:52,5242) [kworker/u12:1]
      (root,0,0,00:00:00/06:36,5352) [kworker/u12:2]
      (www-data,566032,18396,00:00:00/05:00,5398) /usr/sbin/apache2 -k start
      (www-data,566032,18396,00:00:00/04:59,5399) /usr/sbin/apache2 -k start
      (www-data,566032,18396,00:00:00/04:59,5400) /usr/sbin/apache2 -k start
      (root,0,0,00:00:00/00:00,5659) [kworker/2:0]
      (root,11740,3264,00:00:00/00:00,5662) /bin/bash /usr/bin/check_mk_agent
      (root,34412,2832,00:00:00/00:00,5678) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000
      (root,13564,1068,00:00:00/00:00,5679) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) /
      
      Found network interfaces through CheckMk:
      [start_iplink]
      1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
          link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
      2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000
          link/ether 02:00:00:ba:c4:a5 brd ff:ff:ff:ff:ff:ff
      [end_iplink]
      
      
      Found on 2022-11-23 20:06
    • Severity: high
      Fingerprint: 03cb82e6f6a6b45342c4bbcbbaf2bceb288a252c7451464e71dc253521ff571c

      Found public CheckMk agent:
      Version: 1.5.0p13
      AgentOS: linux
      Hostname: nd23
      AgentDirectory: /etc/check_mk
      DataDirectory: /var/lib/check_mk_agent
      SpoolDirectory: /var/lib/check_mk_agent/spool
      PluginsDirectory: /usr/lib/check_mk_agent/plugins
      LocalDirectory: /usr/lib/check_mk_agent/local
      
      Found process list through CheckMk:
      (root,225504,9112,00:00:14/12:17:35,1) /sbin/init
      (root,0,0,00:00:00/12:17:35,2) [kthreadd]
      (root,0,0,00:00:00/12:17:35,4) [kworker/0:0H]
      (root,0,0,00:00:00/12:17:35,6) [kworker/0:1H]
      (root,0,0,00:00:00/12:17:35,7) [mm_percpu_wq]
      (root,0,0,00:00:00/12:17:35,8) [ksoftirqd/0]
      (root,0,0,00:00:06/12:17:35,9) [rcu_sched]
      (root,0,0,00:00:00/12:17:35,10) [rcu_bh]
      (root,0,0,00:00:00/12:17:35,11) [migration/0]
      (root,0,0,00:00:00/12:17:35,12) [watchdog/0]
      (root,0,0,00:00:00/12:17:35,13) [cpuhp/0]
      (root,0,0,00:00:00/12:17:35,14) [cpuhp/1]
      (root,0,0,00:00:00/12:17:35,15) [watchdog/1]
      (root,0,0,00:00:00/12:17:35,16) [migration/1]
      (root,0,0,00:00:00/12:17:35,17) [ksoftirqd/1]
      (root,0,0,00:00:00/12:17:35,19) [kworker/1:0H]
      (root,0,0,00:00:00/12:17:35,20) [cpuhp/2]
      (root,0,0,00:00:00/12:17:35,21) [watchdog/2]
      (root,0,0,00:00:00/12:17:35,22) [migration/2]
      (root,0,0,00:00:00/12:17:35,23) [ksoftirqd/2]
      (root,0,0,00:00:00/12:17:35,25) [kworker/2:0H]
      (root,0,0,00:00:00/12:17:35,26) [cpuhp/3]
      (root,0,0,00:00:00/12:17:35,27) [watchdog/3]
      (root,0,0,00:00:00/12:17:35,28) [migration/3]
      (root,0,0,00:00:00/12:17:35,29) [ksoftirqd/3]
      (root,0,0,00:00:00/12:17:35,31) [kworker/3:0H]
      (root,0,0,00:00:00/12:17:35,32) [cpuhp/4]
      (root,0,0,00:00:00/12:17:35,33) [watchdog/4]
      (root,0,0,00:00:00/12:17:35,34) [migration/4]
      (root,0,0,00:00:00/12:17:35,35) [ksoftirqd/4]
      (root,0,0,00:00:00/12:17:35,37) [kworker/4:0H]
      (root,0,0,00:00:00/12:17:35,38) [cpuhp/5]
      (root,0,0,00:00:00/12:17:35,39) [watchdog/5]
      (root,0,0,00:00:00/12:17:35,40) [migration/5]
      (root,0,0,00:00:00/12:17:35,41) [ksoftirqd/5]
      (root,0,0,00:00:00/12:17:35,43) [kworker/5:0H]
      (root,0,0,00:00:00/12:17:35,44) [kdevtmpfs]
      (root,0,0,00:00:00/12:17:35,45) [netns]
      (root,0,0,00:00:00/12:17:35,46) [rcu_tasks_kthre]
      (root,0,0,00:00:00/12:17:35,47) [kauditd]
      (root,0,0,00:00:02/12:17:35,48) [kworker/0:1]
      (root,0,0,00:00:00/12:17:35,50) [khungtaskd]
      (root,0,0,00:00:00/12:17:35,51) [oom_reaper]
      (root,0,0,00:00:00/12:17:35,52) [writeback]
      (root,0,0,00:00:00/12:17:35,53) [kcompactd0]
      (root,0,0,00:00:00/12:17:35,54) [ksmd]
      (root,0,0,00:00:00/12:17:35,55) [khugepaged]
      (root,0,0,00:00:00/12:17:35,56) [crypto]
      (root,0,0,00:00:00/12:17:35,57) [kintegrityd]
      (root,0,0,00:00:00/12:17:35,58) [kblockd]
      (root,0,0,00:00:00/12:17:35,59) [ata_sff]
      (root,0,0,00:00:00/12:17:35,60) [md]
      (root,0,0,00:00:00/12:17:35,61) [edac-poller]
      (root,0,0,00:00:00/12:17:35,62) [devfreq_wq]
      (root,0,0,00:00:00/12:17:35,63) [watchdogd]
      (root,0,0,00:00:11/12:17:35,65) [kworker/3:1]
      (root,0,0,00:00:01/12:17:35,66) [kworker/4:1]
      (root,0,0,00:00:00/12:17:34,69) [kswapd0]
      (root,0,0,00:00:00/12:17:34,70) [kworker/u13:0]
      (root,0,0,00:00:00/12:17:34,71) [ecryptfs-kthrea]
      (root,0,0,00:00:00/12:17:34,113) [kthrotld]
      (root,0,0,00:00:00/12:17:34,114) [acpi_thermal_pm]
      (root,0,0,00:00:00/12:17:34,115) [scsi_eh_0]
      (root,0,0,00:00:00/12:17:34,116) [scsi_tmf_0]
      (root,0,0,00:00:00/12:17:34,117) [scsi_eh_1]
      (root,0,0,00:00:00/12:17:34,118) [scsi_tmf_1]
      (root,0,0,00:00:00/12:17:34,121) [kworker/1:1H]
      (root,0,0,00:00:00/12:17:34,125) [ipv6_addrconf]
      (root,0,0,00:00:00/12:17:34,134) [kstrp]
      (root,0,0,00:00:00/12:17:34,135) [kworker/2:1H]
      (root,0,0,00:00:00/12:17:34,152) [charger_manager]
      (root,0,0,00:00:00/12:17:34,154) [kworker/4:1H]
      (root,0,0,00:00:00/12:17:34,208) [kworker/3:1H]
      (root,0,0,00:00:00/12:17:34,213) [scsi_eh_2]
      (root,0,0,00:00:00/12:17:34,214) [scsi_tmf_2]
      (root,0,0,00:00:00/12:17:34,215) [kworker/5:1H]
      (root,0,0,00:00:00/12:17:30,248) [ttm_swap]
      (root,0,0,00:00:00/12:17:30,249) [kdmflush]
      (root,0,0,00:00:00/12:17:30,250) [bioset]
      (root,0,0,00:00:00/12:17:30,252) [kdmflush]
      (root,0,0,00:00:00/12:17:30,253) [bioset]
      (root,0,0,00:00:00/12:17:29,366) [raid5wq]
      (root,0,0,00:00:01/12:17:28,436) [jbd2/dm-0-8]
      (root,0,0,00:00:00/12:17:28,437) [ext4-rsv-conver]
      (root,0,0,00:00:00/12:17:25,522) [iscsi_eh]
      (root,0,0,00:00:00/12:17:25,523) [ib-comp-wq]
      (root,0,0,00:00:00/12:17:25,524) [ib-comp-unb-wq]
      (root,0,0,00:00:00/12:17:25,525) [ib_mcast]
      (root,0,0,00:00:00/12:17:25,526) [ib_nl_sa_wq]
      (root,0,0,00:00:00/12:17:25,527) [rdma_cm]
      (root,174080,89324,00:00:11/12:17:25,533) /lib/systemd/systemd-journald
      (root,0,0,00:00:00/12:17:25,534) [kworker/5:2]
      (root,105908,1904,00:00:00/12:17:24,537) /sbin/lvmetad -f
      (root,45784,4604,00:00:01/12:17:24,565) /lib/systemd/systemd-udevd
      (root,0,0,00:00:00/12:17:23,803) [ext4-rsv-conver]
      (systemd-timesync,141788,3084,00:00:00/12:17:22,879) /lib/systemd/systemd-timesyncd
      (systemd-network,71728,5044,00:00:00/12:17:20,1052) /lib/systemd/systemd-networkd
      (systemd-resolve,70608,5932,00:00:00/12:17:20,1072) /lib/systemd/systemd-resolved
      (messagebus,50236,4436,00:00:02/12:17:16,1187) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
      (root,110492,3320,00:00:01/12:17:16,1297) /usr/sbin/irqbalance --foreground
      (daemon,28336,2364,00:00:00/12:17:16,1310) /usr/sbin/atd -f
      (bind,591380,27140,00:00:03/12:17:16,1320) /usr/sbin/named -f -u bind
      (root,161084,1620,00:00:00/12:17:16,1348) /usr/bin/lxcfs /var/lib/lxcfs/
      (root,169544,17524,00:00:00/12:17:16,1360) /usr/bin/python3 /usr/bin/networkd-dispatcher --run-startup-triggers
      (root,61980,5472,00:00:00/12:17:16,1383) /lib/systemd/systemd-logind
      (root,286256,6664,00:00:01/12:17:15,1531) /usr/lib/accountsservice/accounts-daemon
      (mongodb,1525428,105344,00:01:37/12:17:15,1567) /usr/bin/mongod --config /etc/mongod.conf
      (root,31884,1660,00:00:01/12:17:15,1617) /usr/sbin/inetd
      (syslog,263048,4496,00:00:02/12:17:15,1635) /usr/sbin/rsyslogd -n
      (root,563704,35456,00:00:01/12:17:15,1652) /usr/sbin/apache2 -k start
      (root,264092,12464,00:00:00/12:17:15,1654) /usr/sbin/nmbd --foreground --no-process-group
      (root,30040,3092,00:00:00/12:17:15,1674) /usr/sbin/cron -f
      (www-data,670880,136424,00:00:05/12:17:15,1720) /usr/sbin/apache2 -k start
      (www-data,671308,145516,00:00:06/12:17:15,1721) /usr/sbin/apache2 -k start
      (www-data,644932,68252,00:00:02/12:17:15,1724) /usr/sbin/apache2 -k start
      (root,72304,6416,00:00:01/12:17:15,1740) /usr/sbin/sshd -D
      (mysql,2308432,320808,00:00:25/12:17:15,1817) /usr/sbin/mysqld
      (root,288884,6548,00:00:01/12:17:15,1868) /usr/lib/policykit-1/polkitd --no-debug
      (root,186356,20080,00:00:00/12:17:15,1895) /usr/bin/python3 /usr/share/unattended-upgrades/unattended-upgrade-shutdown --wait-for-signal
      (www-data,19912,168,00:00:00/12:17:15,1930) /usr/bin/htcacheclean -d 120 -p /var/cache/apache2/mod_cache_disk -l 300M -n
      (root,317604,18708,00:00:00/12:17:15,2013) /usr/sbin/winbindd --foreground --no-process-group
      (root,67384,3488,00:00:00/12:17:14,2065) /usr/lib/postfix/sbin/master -w
      (postfix,73944,4852,00:00:00/12:17:14,2069) qmgr -l -t unix -u
      (root,319956,13512,00:00:00/12:17:14,2085) /usr/sbin/winbindd --foreground --no-process-group
      (root,358052,23536,00:00:03/12:17:14,2129) /usr/sbin/smbd --foreground --no-process-group
      (root,28928,1824,00:00:00/12:17:14,2136) pure-ftpd (SERVER)
      (root,343692,4776,00:00:00/12:17:14,2187) /usr/sbin/smbd --foreground --no-process-group
      (root,343724,4776,00:00:00/12:17:14,2188) /usr/sbin/smbd --foreground --no-process-group
      (root,317604,4352,00:00:00/12:17:14,2194) /usr/sbin/winbindd --foreground --no-process-group
      (root,317604,6580,00:00:00/12:17:14,2213) /usr/sbin/winbindd --foreground --no-process-group
      (root,358036,6856,00:00:00/12:17:14,2220) /usr/sbin/smbd --foreground --no-process-group
      (root,14904,1828,00:00:00/12:17:14,2225) /sbin/agetty -o -p -- \u --noclear tty1 linux
      (root,96100,29940,00:00:02/12:17:13,2317) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (www-data,667464,112676,00:00:01/12:13:45,2460) /usr/sbin/apache2 -k start
      (www-data,971704,163436,00:00:03/12:13:44,2466) /usr/sbin/apache2 -k start
      (postfix,87724,7856,00:00:00/10:23:23,4940) tlsmgr -l -t unix -u -c
      (root,0,0,00:00:00/04:20:35,15549) [kworker/0:0]
      (root,0,0,00:00:00/04:07:52,15977) [kworker/1:0]
      (root,0,0,00:00:00/03:50:35,16453) [kworker/2:0]
      (www-data,670720,73388,00:00:00/03:45:56,16546) /usr/sbin/apache2 -k start
      (www-data,664936,65516,00:00:00/03:45:55,16590) /usr/sbin/apache2 -k start
      (www-data,664856,81708,00:00:00/03:45:55,16591) /usr/sbin/apache2 -k start
      (www-data,663020,88860,00:00:00/03:44:57,16787) /usr/sbin/apache2 -k start
      (root,0,0,00:00:00/03:28:00,17114) [kworker/2:2]
      (www-data,656824,71248,00:00:00/02:32:43,18241) /usr/sbin/apache2 -k start
      (root,0,0,00:00:00/01:45:21,19663) [kworker/3:2]
      (root,0,0,00:00:00/01:20:35,20618) [kworker/5:0]
      (root,0,0,00:00:00/55:03,21112) [kworker/u12:1]
      (root,0,0,00:00:00/30:48,21700) [kworker/4:0]
      (postfix,73816,4748,00:00:00/29:48,21715) pickup -l -t unix -u -c
      (root,0,0,00:00:00/15:31,22223) [kworker/1:2]
      (root,0,0,00:00:00/10:03,22334) [kworker/u12:2]
      (root,0,0,00:00:00/04:52,22452) [kworker/u12:0]
      (root,362216,13272,00:00:00/00:52,22510) /usr/sbin/smbd --foreground --no-process-group
      (root,0,0,00:00:00/00:00,22606) [kworker/1:1]
      (root,0,0,00:00:00/00:00,22685) [kworker/3:0]
      (root,11740,3300,00:00:00/00:00,22687) /bin/bash /usr/bin/check_mk_agent
      (root,34412,2832,00:00:00/00:00,22703) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000
      (root,13564,1056,00:00:00/00:00,22704) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) /
      
      Found network interfaces through CheckMk:
      [start_iplink]
      1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
          link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
      2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000
          link/ether 02:00:00:ba:c4:a5 brd ff:ff:ff:ff:ff:ff
      [end_iplink]
      
      
      Found on 2022-11-06 20:29
    • Severity: high
      Fingerprint: 03cb82e6f6a6b45342c4bbcbbaf2bceb288a252c7451464e71dc253597a9ba7f

      Found public CheckMk agent:
      Version: 1.5.0p13
      AgentOS: linux
      Hostname: nd23
      AgentDirectory: /etc/check_mk
      DataDirectory: /var/lib/check_mk_agent
      SpoolDirectory: /var/lib/check_mk_agent/spool
      PluginsDirectory: /usr/lib/check_mk_agent/plugins
      LocalDirectory: /usr/lib/check_mk_agent/local
      
      Found process list through CheckMk:
      (root,225580,9140,00:04:35/34-05:56:00,1) /sbin/init
      (root,0,0,00:00:00/34-05:56:00,2) [kthreadd]
      (root,0,0,00:00:00/34-05:56:00,4) [kworker/0:0H]
      (root,0,0,00:00:00/34-05:56:00,6) [mm_percpu_wq]
      (root,0,0,00:00:40/34-05:56:00,7) [ksoftirqd/0]
      (root,0,0,00:09:42/34-05:56:00,8) [rcu_sched]
      (root,0,0,00:00:00/34-05:56:00,9) [rcu_bh]
      (root,0,0,00:00:00/34-05:56:00,10) [migration/0]
      (root,0,0,00:00:06/34-05:56:00,11) [watchdog/0]
      (root,0,0,00:00:00/34-05:56:00,12) [cpuhp/0]
      (root,0,0,00:00:00/34-05:56:00,13) [cpuhp/1]
      (root,0,0,00:00:06/34-05:56:00,14) [watchdog/1]
      (root,0,0,00:00:00/34-05:56:00,15) [migration/1]
      (root,0,0,00:00:01/34-05:56:00,16) [ksoftirqd/1]
      (root,0,0,00:00:00/34-05:56:00,18) [kworker/1:0H]
      (root,0,0,00:00:00/34-05:56:00,19) [cpuhp/2]
      (root,0,0,00:00:06/34-05:56:00,20) [watchdog/2]
      (root,0,0,00:00:00/34-05:56:00,21) [migration/2]
      (root,0,0,00:00:01/34-05:56:00,22) [ksoftirqd/2]
      (root,0,0,00:00:00/34-05:56:00,24) [kworker/2:0H]
      (root,0,0,00:00:00/34-05:56:00,25) [cpuhp/3]
      (root,0,0,00:00:06/34-05:56:00,26) [watchdog/3]
      (root,0,0,00:00:00/34-05:56:00,27) [migration/3]
      (root,0,0,00:00:01/34-05:56:00,28) [ksoftirqd/3]
      (root,0,0,00:00:00/34-05:56:00,30) [kworker/3:0H]
      (root,0,0,00:00:00/34-05:56:00,31) [cpuhp/4]
      (root,0,0,00:00:06/34-05:56:00,32) [watchdog/4]
      (root,0,0,00:00:00/34-05:56:00,33) [migration/4]
      (root,0,0,00:00:01/34-05:56:00,34) [ksoftirqd/4]
      (root,0,0,00:00:00/34-05:56:00,36) [kworker/4:0H]
      (root,0,0,00:00:00/34-05:56:00,37) [cpuhp/5]
      (root,0,0,00:00:04/34-05:56:00,38) [watchdog/5]
      (root,0,0,00:00:00/34-05:56:00,39) [migration/5]
      (root,0,0,00:00:02/34-05:56:00,40) [ksoftirqd/5]
      (root,0,0,00:00:00/34-05:56:00,42) [kworker/5:0H]
      (root,0,0,00:00:00/34-05:56:00,43) [kdevtmpfs]
      (root,0,0,00:00:00/34-05:56:00,44) [netns]
      (root,0,0,00:00:00/34-05:56:00,45) [rcu_tasks_kthre]
      (root,0,0,00:00:00/34-05:56:00,46) [kauditd]
      (root,0,0,00:00:05/34-05:56:00,49) [khungtaskd]
      (root,0,0,00:00:00/34-05:56:00,50) [oom_reaper]
      (root,0,0,00:00:00/34-05:56:00,51) [writeback]
      (root,0,0,00:00:00/34-05:56:00,52) [kcompactd0]
      (root,0,0,00:00:00/34-05:56:00,53) [ksmd]
      (root,0,0,00:00:00/34-05:56:00,54) [khugepaged]
      (root,0,0,00:00:00/34-05:56:00,55) [crypto]
      (root,0,0,00:00:00/34-05:56:00,56) [kintegrityd]
      (root,0,0,00:00:00/34-05:56:00,57) [kblockd]
      (root,0,0,00:00:00/34-05:56:00,58) [ata_sff]
      (root,0,0,00:00:00/34-05:56:00,59) [md]
      (root,0,0,00:00:00/34-05:56:00,60) [edac-poller]
      (root,0,0,00:00:00/34-05:56:00,61) [devfreq_wq]
      (root,0,0,00:00:00/34-05:56:00,62) [watchdogd]
      (root,0,0,00:00:30/34-05:55:59,68) [kswapd0]
      (root,0,0,00:00:00/34-05:55:59,69) [kworker/u13:0]
      (root,0,0,00:00:00/34-05:55:59,70) [ecryptfs-kthrea]
      (root,0,0,00:00:00/34-05:55:59,112) [kthrotld]
      (root,0,0,00:00:00/34-05:55:59,113) [acpi_thermal_pm]
      (root,0,0,00:00:00/34-05:55:59,114) [scsi_eh_0]
      (root,0,0,00:00:00/34-05:55:59,115) [scsi_tmf_0]
      (root,0,0,00:00:00/34-05:55:59,116) [scsi_eh_1]
      (root,0,0,00:00:00/34-05:55:59,117) [scsi_tmf_1]
      (root,0,0,00:00:00/34-05:55:59,123) [ipv6_addrconf]
      (root,0,0,00:00:00/34-05:55:59,132) [kstrp]
      (root,0,0,00:00:00/34-05:55:59,149) [charger_manager]
      (root,0,0,00:00:00/34-05:55:59,212) [scsi_eh_2]
      (root,0,0,00:00:00/34-05:55:59,213) [scsi_tmf_2]
      (root,0,0,00:00:00/34-05:55:55,235) [ttm_swap]
      (root,0,0,00:00:00/34-05:55:54,245) [kdmflush]
      (root,0,0,00:00:00/34-05:55:54,246) [bioset]
      (root,0,0,00:00:00/34-05:55:54,248) [kdmflush]
      (root,0,0,00:00:00/34-05:55:54,249) [bioset]
      (root,0,0,00:00:00/34-05:55:54,355) [raid5wq]
      (root,0,0,00:00:06/34-05:55:54,390) [kworker/4:1H]
      (root,0,0,00:00:14/34-05:55:54,391) [kworker/1:1H]
      (root,0,0,00:00:07/34-05:55:53,416) [kworker/5:1H]
      (root,0,0,00:01:48/34-05:55:53,427) [jbd2/dm-0-8]
      (root,0,0,00:00:00/34-05:55:53,428) [ext4-rsv-conver]
      (root,0,0,00:00:14/34-05:55:52,493) [kworker/0:1H]
      (root,0,0,00:00:00/34-05:55:52,500) [iscsi_eh]
      (root,0,0,00:00:00/34-05:55:52,501) [ib-comp-wq]
      (root,0,0,00:00:00/34-05:55:52,502) [ib-comp-unb-wq]
      (root,0,0,00:00:00/34-05:55:52,503) [ib_mcast]
      (root,0,0,00:00:00/34-05:55:52,504) [ib_nl_sa_wq]
      (root,0,0,00:00:00/34-05:55:52,505) [rdma_cm]
      (root,184264,86384,00:09:14/34-05:55:52,515) /lib/systemd/systemd-journald
      (root,0,0,00:00:15/34-05:55:51,522) [kworker/2:1H]
      (root,105908,1816,00:00:00/34-05:55:50,548) /sbin/lvmetad -f
      (root,45724,4312,00:00:38/34-05:55:50,557) /lib/systemd/systemd-udevd
      (root,0,0,00:00:07/34-05:55:50,579) [kworker/3:1H]
      (root,0,0,00:00:00/34-05:55:49,778) [ext4-rsv-conver]
      (systemd-timesync,141788,3056,00:00:08/34-05:55:48,913) /lib/systemd/systemd-timesyncd
      (systemd-network,71728,4792,00:00:08/34-05:55:47,1029) /lib/systemd/systemd-networkd
      (systemd-resolve,70628,5772,00:00:17/34-05:55:47,1064) /lib/systemd/systemd-resolved
      (www-data,651232,119612,00:00:04/17:10:44,1217) /usr/sbin/apache2 -k start
      (mongodb,1551128,108016,02:01:16/34-05:55:42,1218) /usr/bin/mongod --config /etc/mongod.conf
      (root,286256,6608,00:01:52/34-05:55:42,1239) /usr/lib/accountsservice/accounts-daemon
      (root,31884,1652,00:02:07/34-05:55:42,1254) /usr/sbin/inetd
      (root,264092,12364,00:01:29/34-05:55:42,1270) /usr/sbin/nmbd --foreground --no-process-group
      (root,70468,5556,00:00:08/34-05:55:42,1279) /lib/systemd/systemd-logind
      (bind,592940,28840,00:00:05/34-05:55:42,1290) /usr/sbin/named -f -u bind
      (root,110492,3348,00:01:27/34-05:55:42,1332) /usr/sbin/irqbalance --foreground
      (messagebus,50492,4652,00:02:12/34-05:55:42,1346) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
      (daemon,28336,2160,00:00:00/34-05:55:42,1388) /usr/sbin/atd -f
      (root,186356,16464,00:00:00/34-05:55:42,1418) /usr/bin/python3 /usr/share/unattended-upgrades/unattended-upgrade-shutdown --wait-for-signal
      (root,564428,37052,00:01:39/34-05:55:42,1426) /usr/sbin/apache2 -k start
      (root,30040,2960,00:00:10/34-05:55:42,1428) /usr/sbin/cron -f
      (root,96152,27700,00:00:00/6-01:23:58,1517) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (root,310036,2640,00:00:16/34-05:55:41,1551) /usr/bin/lxcfs /var/lib/lxcfs/
      (syslog,263048,4632,00:02:18/34-05:55:41,1598) /usr/sbin/rsyslogd -n
      (root,169544,14120,00:00:00/34-05:55:41,1620) /usr/bin/python3 /usr/bin/networkd-dispatcher --run-startup-triggers
      (root,72304,6020,00:01:57/34-05:55:41,1683) /usr/sbin/sshd -D
      (root,288884,6332,00:01:15/34-05:55:41,1722) /usr/lib/policykit-1/polkitd --no-debug
      (www-data,19912,172,00:00:54/34-05:55:41,1824) /usr/bin/htcacheclean -d 120 -p /var/cache/apache2/mod_cache_disk -l 300M -n
      (root,317604,18672,00:00:37/34-05:55:41,1830) /usr/sbin/winbindd --foreground --no-process-group
      (root,319956,13520,00:00:11/34-05:55:41,1912) /usr/sbin/winbindd --foreground --no-process-group
      (root,67384,3284,00:00:25/34-05:55:41,1972) /usr/lib/postfix/sbin/master -w
      (postfix,74060,4928,00:00:11/34-05:55:41,1976) qmgr -l -t unix -u
      (root,358052,23156,00:05:45/34-05:55:41,2020) /usr/sbin/smbd --foreground --no-process-group
      (root,28928,1724,00:00:01/34-05:55:41,2036) pure-ftpd (SERVER)
      (root,343692,4696,00:00:03/34-05:55:41,2074) /usr/sbin/smbd --foreground --no-process-group
      (root,343724,4696,00:00:26/34-05:55:41,2075) /usr/sbin/smbd --foreground --no-process-group
      (root,317604,4280,00:00:04/34-05:55:40,2079) /usr/sbin/winbindd --foreground --no-process-group
      (root,317604,6660,00:00:04/34-05:55:40,2082) /usr/sbin/winbindd --foreground --no-process-group
      (root,14904,1692,00:00:00/34-05:55:40,2083) /sbin/agetty -o -p -- \u --noclear tty1 linux
      (root,358036,6648,00:00:09/34-05:55:40,2094) /usr/sbin/smbd --foreground --no-process-group
      (root,96152,29920,00:07:16/34-05:55:40,2135) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (www-data,649108,113332,00:00:03/16:21:37,2474) /usr/sbin/apache2 -k start
      (postfix,87848,7704,00:00:03/34-05:39:04,2627) tlsmgr -l -t unix -u -c
      (root,96168,27268,00:00:00/34-05:39:04,2629) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (root,96152,27256,00:00:00/21-22:59:51,7225) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (www-data,646884,75412,00:00:02/13:35:25,7505) /usr/sbin/apache2 -k start
      (root,96152,27696,00:00:00/11-08:33:56,9972) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (mysql,2571180,1034192,00:18:53/9-18:00:30,10871) /usr/sbin/mysqld
      (www-data,646968,78724,00:00:01/09:42:42,14841) /usr/sbin/apache2 -k start
      (www-data,942484,85600,00:00:01/09:42:41,14842) /usr/sbin/apache2 -k start
      (root,0,0,00:00:03/1-16:56:19,15274) [kworker/4:2]
      (root,96152,27272,00:00:00/16-15:48:05,15651) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (root,0,0,00:00:00/08:53:45,16018) [kworker/1:2]
      (root,96152,27696,00:00:00/10-06:28:08,18742) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (root,0,0,00:00:01/06:27:50,19410) [kworker/2:1]
      (root,0,0,00:00:06/1-14:47:42,21368) [kworker/0:2]
      (root,0,0,00:00:00/04:31:29,22530) [kworker/0:1]
      (root,96152,27732,00:00:00/17:52:34,22753) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (root,96152,27680,00:00:00/14-05:44:52,23176) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (root,0,0,00:00:35/1-12:58:51,24544) [kworker/5:2]
      (www-data,649208,136592,00:00:05/17:14:25,24687) /usr/sbin/apache2 -k start
      (www-data,647316,83444,00:00:04/17:14:25,24688) /usr/sbin/apache2 -k start
      (www-data,648976,101584,00:00:03/17:14:25,24689) /usr/sbin/apache2 -k start
      (www-data,645164,94800,00:00:05/17:14:25,24691) /usr/sbin/apache2 -k start
      (www-data,649204,116660,00:00:04/17:14:25,24694) /usr/sbin/apache2 -k start
      (root,0,0,00:00:00/02:31:29,25688) [kworker/3:1]
      (root,96152,27300,00:00:00/27-06:03:33,26717) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (root,0,0,00:00:00/23-17:50:29,26824) [xfsalloc]
      (root,0,0,00:00:00/23-17:50:29,26826) [xfs_mru_cache]
      (root,0,0,00:00:00/23-17:50:29,26832) [jfsIO]
      (root,0,0,00:00:00/23-17:50:29,26833) [jfsCommit]
      (root,0,0,00:00:00/23-17:50:29,26834) [jfsCommit]
      (root,0,0,00:00:00/23-17:50:29,26835) [jfsCommit]
      (root,0,0,00:00:00/23-17:50:29,26836) [jfsCommit]
      (root,0,0,00:00:00/23-17:50:29,26837) [jfsCommit]
      (root,0,0,00:00:00/23-17:50:29,26838) [jfsCommit]
      (root,0,0,00:00:00/23-17:50:29,26839) [jfsSync]
      (root,0,0,00:00:00/01:20:11,27517) [kworker/1:0]
      (postfix,73816,4928,00:00:00/01:03:09,27789) pickup -l -t unix -u -c
      (root,0,0,00:00:00/38:02,28352) [kworker/4:0]
      (root,0,0,00:00:00/31:29,28617) [kworker/2:0]
      (root,0,0,00:00:00/23:50,28787) [kworker/5:1]
      (root,0,0,00:00:00/18:37,28895) [kworker/u12:1]
      (root,0,0,00:00:00/13:24,29007) [kworker/u12:0]
      (root,0,0,00:00:00/08:08,29130) [kworker/u12:2]
      (root,0,0,00:00:06/6-04:48:48,29392) [kworker/3:2]
      (root,0,0,00:00:00/01:29,29415) [kworker/4:1]
      (root,362356,14508,00:00:00/00:07,29474) /usr/sbin/smbd --foreground --no-process-group
      (root,11740,3248,00:00:00/00:00,29634) /bin/bash /usr/bin/check_mk_agent
      (root,0,0,00:00:00/00:00,29637) [kworker/5:0]
      (root,34412,2860,00:00:00/00:00,29651) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000
      (root,13564,1080,00:00:00/00:00,29652) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) /
      
      Found network interfaces through CheckMk:
      [start_iplink]
      1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
          link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
      2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000
          link/ether 02:00:00:ba:c4:a5 brd ff:ff:ff:ff:ff:ff
      [end_iplink]
      
      
      Found on 2022-11-03 22:40
    • Severity: high
      Fingerprint: 03cb82e6f6a6b45342c4bbcbbaf2bceb288a252c7451464e71dc25350ef31213

      Found public CheckMk agent:
      Version: 1.5.0p13
      AgentOS: linux
      Hostname: nd23
      AgentDirectory: /etc/check_mk
      DataDirectory: /var/lib/check_mk_agent
      SpoolDirectory: /var/lib/check_mk_agent/spool
      PluginsDirectory: /usr/lib/check_mk_agent/plugins
      LocalDirectory: /usr/lib/check_mk_agent/local
      
      Found process list through CheckMk:
      (root,225516,9032,00:02:38/19-07:02:45,1) /sbin/init
      (root,0,0,00:00:00/19-07:02:45,2) [kthreadd]
      (root,0,0,00:00:00/19-07:02:45,4) [kworker/0:0H]
      (root,0,0,00:00:00/19-07:02:45,6) [mm_percpu_wq]
      (root,0,0,00:00:24/19-07:02:45,7) [ksoftirqd/0]
      (root,0,0,00:05:15/19-07:02:45,8) [rcu_sched]
      (root,0,0,00:00:00/19-07:02:45,9) [rcu_bh]
      (root,0,0,00:00:00/19-07:02:45,10) [migration/0]
      (root,0,0,00:00:03/19-07:02:45,11) [watchdog/0]
      (root,0,0,00:00:00/19-07:02:45,12) [cpuhp/0]
      (root,0,0,00:00:00/19-07:02:45,13) [cpuhp/1]
      (root,0,0,00:00:03/19-07:02:45,14) [watchdog/1]
      (root,0,0,00:00:00/19-07:02:45,15) [migration/1]
      (root,0,0,00:00:00/19-07:02:45,16) [ksoftirqd/1]
      (root,0,0,00:00:00/19-07:02:45,18) [kworker/1:0H]
      (root,0,0,00:00:00/19-07:02:45,19) [cpuhp/2]
      (root,0,0,00:00:03/19-07:02:45,20) [watchdog/2]
      (root,0,0,00:00:00/19-07:02:45,21) [migration/2]
      (root,0,0,00:00:00/19-07:02:45,22) [ksoftirqd/2]
      (root,0,0,00:00:00/19-07:02:45,24) [kworker/2:0H]
      (root,0,0,00:00:00/19-07:02:45,25) [cpuhp/3]
      (root,0,0,00:00:03/19-07:02:45,26) [watchdog/3]
      (root,0,0,00:00:00/19-07:02:45,27) [migration/3]
      (root,0,0,00:00:00/19-07:02:45,28) [ksoftirqd/3]
      (root,0,0,00:00:00/19-07:02:45,30) [kworker/3:0H]
      (root,0,0,00:00:00/19-07:02:45,31) [cpuhp/4]
      (root,0,0,00:00:03/19-07:02:45,32) [watchdog/4]
      (root,0,0,00:00:00/19-07:02:45,33) [migration/4]
      (root,0,0,00:00:00/19-07:02:45,34) [ksoftirqd/4]
      (root,0,0,00:00:00/19-07:02:45,36) [kworker/4:0H]
      (root,0,0,00:00:00/19-07:02:45,37) [cpuhp/5]
      (root,0,0,00:00:02/19-07:02:45,38) [watchdog/5]
      (root,0,0,00:00:00/19-07:02:45,39) [migration/5]
      (root,0,0,00:00:01/19-07:02:45,40) [ksoftirqd/5]
      (root,0,0,00:00:00/19-07:02:45,42) [kworker/5:0H]
      (root,0,0,00:00:00/19-07:02:45,43) [kdevtmpfs]
      (root,0,0,00:00:00/19-07:02:45,44) [netns]
      (root,0,0,00:00:00/19-07:02:45,45) [rcu_tasks_kthre]
      (root,0,0,00:00:00/19-07:02:45,46) [kauditd]
      (root,0,0,00:00:02/19-07:02:45,49) [khungtaskd]
      (root,0,0,00:00:00/19-07:02:45,50) [oom_reaper]
      (root,0,0,00:00:00/19-07:02:45,51) [writeback]
      (root,0,0,00:00:00/19-07:02:45,52) [kcompactd0]
      (root,0,0,00:00:00/19-07:02:45,53) [ksmd]
      (root,0,0,00:00:00/19-07:02:45,54) [khugepaged]
      (root,0,0,00:00:00/19-07:02:45,55) [crypto]
      (root,0,0,00:00:00/19-07:02:45,56) [kintegrityd]
      (root,0,0,00:00:00/19-07:02:45,57) [kblockd]
      (root,0,0,00:00:00/19-07:02:45,58) [ata_sff]
      (root,0,0,00:00:00/19-07:02:45,59) [md]
      (root,0,0,00:00:00/19-07:02:45,60) [edac-poller]
      (root,0,0,00:00:00/19-07:02:45,61) [devfreq_wq]
      (root,0,0,00:00:00/19-07:02:45,62) [watchdogd]
      (root,0,0,00:00:15/19-07:02:44,68) [kswapd0]
      (root,0,0,00:00:00/19-07:02:44,69) [kworker/u13:0]
      (root,0,0,00:00:00/19-07:02:44,70) [ecryptfs-kthrea]
      (root,0,0,00:00:00/19-07:02:44,112) [kthrotld]
      (root,0,0,00:00:00/19-07:02:44,113) [acpi_thermal_pm]
      (root,0,0,00:00:00/19-07:02:44,114) [scsi_eh_0]
      (root,0,0,00:00:00/19-07:02:44,115) [scsi_tmf_0]
      (root,0,0,00:00:00/19-07:02:44,116) [scsi_eh_1]
      (root,0,0,00:00:00/19-07:02:44,117) [scsi_tmf_1]
      (root,0,0,00:00:00/19-07:02:44,123) [ipv6_addrconf]
      (root,0,0,00:00:00/19-07:02:44,132) [kstrp]
      (root,0,0,00:00:00/19-07:02:44,149) [charger_manager]
      (root,0,0,00:00:00/19-07:02:44,212) [scsi_eh_2]
      (root,0,0,00:00:00/19-07:02:44,213) [scsi_tmf_2]
      (root,0,0,00:00:00/19-07:02:40,235) [ttm_swap]
      (root,0,0,00:00:00/19-07:02:39,245) [kdmflush]
      (root,0,0,00:00:00/19-07:02:39,246) [bioset]
      (root,0,0,00:00:00/19-07:02:39,248) [kdmflush]
      (root,0,0,00:00:00/19-07:02:39,249) [bioset]
      (root,0,0,00:00:00/19-07:02:39,355) [raid5wq]
      (root,0,0,00:00:04/19-07:02:39,390) [kworker/4:1H]
      (root,0,0,00:00:08/19-07:02:39,391) [kworker/1:1H]
      (root,0,0,00:00:04/19-07:02:38,416) [kworker/5:1H]
      (root,0,0,00:01:03/19-07:02:38,427) [jbd2/dm-0-8]
      (root,0,0,00:00:00/19-07:02:38,428) [ext4-rsv-conver]
      (root,0,0,00:00:08/19-07:02:37,493) [kworker/0:1H]
      (root,0,0,00:00:00/19-07:02:37,500) [iscsi_eh]
      (root,0,0,00:00:00/19-07:02:37,501) [ib-comp-wq]
      (root,0,0,00:00:00/19-07:02:37,502) [ib-comp-unb-wq]
      (root,0,0,00:00:00/19-07:02:37,503) [ib_mcast]
      (root,0,0,00:00:00/19-07:02:37,504) [ib_nl_sa_wq]
      (root,0,0,00:00:00/19-07:02:37,505) [rdma_cm]
      (root,163612,74296,00:05:25/19-07:02:37,515) /lib/systemd/systemd-journald
      (root,0,0,00:00:09/19-07:02:36,522) [kworker/2:1H]
      (root,105908,1816,00:00:00/19-07:02:35,548) /sbin/lvmetad -f
      (root,45724,4456,00:00:21/19-07:02:35,557) /lib/systemd/systemd-udevd
      (root,0,0,00:00:04/19-07:02:35,579) [kworker/3:1H]
      (root,0,0,00:00:00/19-07:02:34,778) [ext4-rsv-conver]
      (systemd-timesync,141788,3112,00:00:04/19-07:02:33,913) /lib/systemd/systemd-timesyncd
      (systemd-network,71728,4924,00:00:04/19-07:02:32,1029) /lib/systemd/systemd-networkd
      (systemd-resolve,70628,5904,00:00:10/19-07:02:32,1064) /lib/systemd/systemd-resolved
      (mongodb,1551128,107248,01:05:45/19-07:02:27,1218) /usr/bin/mongod --config /etc/mongod.conf
      (root,286256,6712,00:01:06/19-07:02:27,1239) /usr/lib/accountsservice/accounts-daemon
      (root,31884,1656,00:01:10/19-07:02:27,1254) /usr/sbin/inetd
      (root,264092,12376,00:01:04/19-07:02:27,1270) /usr/sbin/nmbd --foreground --no-process-group
      (root,70468,5688,00:00:04/19-07:02:27,1279) /lib/systemd/systemd-logind
      (bind,592160,26896,00:00:02/19-07:02:27,1290) /usr/sbin/named -f -u bind
      (root,110492,3360,00:00:48/19-07:02:27,1332) /usr/sbin/irqbalance --foreground
      (messagebus,50492,4616,00:01:12/19-07:02:27,1346) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
      (daemon,28336,2292,00:00:00/19-07:02:27,1388) /usr/sbin/atd -f
      (root,186356,16624,00:00:00/19-07:02:27,1418) /usr/bin/python3 /usr/share/unattended-upgrades/unattended-upgrade-shutdown --wait-for-signal
      (root,564428,37244,00:00:58/19-07:02:27,1426) /usr/sbin/apache2 -k start
      (root,30040,3132,00:00:05/19-07:02:27,1428) /usr/sbin/cron -f
      (root,309560,2164,00:00:08/19-07:02:26,1551) /usr/bin/lxcfs /var/lib/lxcfs/
      (syslog,263048,4788,00:01:21/19-07:02:26,1598) /usr/sbin/rsyslogd -n
      (root,169544,14292,00:00:00/19-07:02:26,1620) /usr/bin/python3 /usr/bin/networkd-dispatcher --run-startup-triggers
      (mysql,3754604,1327052,00:37:42/19-07:02:26,1676) /usr/sbin/mysqld
      (root,72304,6152,00:01:09/19-07:02:26,1683) /usr/sbin/sshd -D
      (root,288884,6504,00:00:41/19-07:02:26,1722) /usr/lib/policykit-1/polkitd --no-debug
      (www-data,19912,172,00:00:30/19-07:02:26,1824) /usr/bin/htcacheclean -d 120 -p /var/cache/apache2/mod_cache_disk -l 300M -n
      (root,317604,18712,00:00:20/19-07:02:26,1830) /usr/sbin/winbindd --foreground --no-process-group
      (root,319956,13664,00:00:06/19-07:02:26,1912) /usr/sbin/winbindd --foreground --no-process-group
      (root,67384,3416,00:00:14/19-07:02:26,1972) /usr/lib/postfix/sbin/master -w
      (postfix,74060,5060,00:00:06/19-07:02:26,1976) qmgr -l -t unix -u
      (root,358052,23288,00:03:12/19-07:02:26,2020) /usr/sbin/smbd --foreground --no-process-group
      (root,28928,1736,00:00:00/19-07:02:26,2036) pure-ftpd (SERVER)
      (root,343692,4708,00:00:02/19-07:02:26,2074) /usr/sbin/smbd --foreground --no-process-group
      (root,343724,4708,00:00:15/19-07:02:26,2075) /usr/sbin/smbd --foreground --no-process-group
      (root,317604,4292,00:00:02/19-07:02:25,2079) /usr/sbin/winbindd --foreground --no-process-group
      (root,317604,6672,00:00:02/19-07:02:25,2082) /usr/sbin/winbindd --foreground --no-process-group
      (root,14904,1864,00:00:00/19-07:02:25,2083) /sbin/agetty -o -p -- \u --noclear tty1 linux
      (root,358036,6660,00:00:05/19-07:02:25,2094) /usr/sbin/smbd --foreground --no-process-group
      (root,96152,30024,00:03:23/19-07:02:25,2135) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (postfix,87724,7136,00:00:01/19-06:45:49,2627) tlsmgr -l -t unix -u -c
      (root,96168,27280,00:00:00/19-06:45:49,2629) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (root,0,0,00:00:17/4-13:40:26,3885) [kworker/2:0]
      (root,0,0,00:00:00/11:08:14,4848) [kworker/1:1]
      (root,96152,27268,00:00:00/7-00:06:36,7225) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (root,0,0,00:00:03/23:03:08,11040) [kworker/0:2]
      (root,96152,27284,00:00:00/1-16:54:50,15651) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (root,0,0,00:00:00/05:08:14,15802) [kworker/3:0]
      (www-data,654948,57220,00:00:00/04:43:06,16510) /usr/sbin/apache2 -k start
      (www-data,655132,100956,00:00:02/04:43:06,16511) /usr/sbin/apache2 -k start
      (www-data,669764,121036,00:00:03/04:43:06,16512) /usr/sbin/apache2 -k start
      (www-data,665400,84808,00:00:01/04:43:06,16513) /usr/sbin/apache2 -k start
      (www-data,644644,73256,00:00:01/04:43:06,16514) /usr/sbin/apache2 -k start
      (root,0,0,00:00:00/04:43:05,16522) [kworker/0:1]
      (www-data,665364,96276,00:00:02/04:40:35,16590) /usr/sbin/apache2 -k start
      (www-data,659216,101264,00:00:01/04:34:19,16855) /usr/sbin/apache2 -k start
      (www-data,566960,38604,00:00:00/02:09:59,20269) /usr/sbin/apache2 -k start
      (root,0,0,00:00:19/19:15:30,21382) [kworker/5:1]
      (root,0,0,00:00:00/01:33:10,21405) [kworker/2:1]
      (root,0,0,00:00:01/19:10:31,22375) [kworker/3:1]
      (postfix,73816,4964,00:00:00/42:09,22897) pickup -l -t unix -u -c
      (root,364492,18452,00:00:00/40:21,22913) /usr/sbin/smbd --foreground --no-process-group
      (root,0,0,00:00:00/38:14,23124) [kworker/u12:1]
      (root,0,0,00:00:00/38:14,23127) [kworker/4:2]
      (root,0,0,00:00:00/22:59,23398) [kworker/u12:0]
      (root,0,0,00:00:00/22:59,23399) [kworker/1:2]
      (root,0,0,00:00:00/08:14,23832) [kworker/5:0]
      (root,0,0,00:00:00/02:32,23911) [kworker/u12:2]
      (root,0,0,00:00:00/00:00,24105) [kworker/1:0]
      (root,11740,3300,00:00:00/00:00,24107) /bin/bash /usr/bin/check_mk_agent
      (root,34412,2836,00:00:00/00:00,24123) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000
      (root,13564,1104,00:00:00/00:00,24124) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) /
      (root,0,0,00:00:07/3-01:28:21,26543) [kworker/4:1]
      (root,96152,27312,00:00:00/12-07:10:18,26717) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (root,0,0,00:00:00/8-18:57:14,26824) [xfsalloc]
      (root,0,0,00:00:00/8-18:57:14,26826) [xfs_mru_cache]
      (root,0,0,00:00:00/8-18:57:14,26832) [jfsIO]
      (root,0,0,00:00:00/8-18:57:14,26833) [jfsCommit]
      (root,0,0,00:00:00/8-18:57:14,26834) [jfsCommit]
      (root,0,0,00:00:00/8-18:57:14,26835) [jfsCommit]
      (root,0,0,00:00:00/8-18:57:14,26836) [jfsCommit]
      (root,0,0,00:00:00/8-18:57:14,26837) [jfsCommit]
      (root,0,0,00:00:00/8-18:57:14,26838) [jfsCommit]
      (root,0,0,00:00:00/8-18:57:14,26839) [jfsSync]
      
      Found network interfaces through CheckMk:
      [start_iplink]
      1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
          link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
      2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000
          link/ether 02:00:00:ba:c4:a5 brd ff:ff:ff:ff:ff:ff
      [end_iplink]
      
      
      Found on 2022-10-19 23:47
    • Severity: high
      Fingerprint: 03cb82e6f6a6b45342c4bbcbbaf2bceb288a252c7451464e71dc2535ac22c3a0

      Found public CheckMk agent:
      Version: 1.5.0p13
      AgentOS: linux
      Hostname: nd23
      AgentDirectory: /etc/check_mk
      DataDirectory: /var/lib/check_mk_agent
      SpoolDirectory: /var/lib/check_mk_agent/spool
      PluginsDirectory: /usr/lib/check_mk_agent/plugins
      LocalDirectory: /usr/lib/check_mk_agent/local
      
      Found process list through CheckMk:
      (root,225480,8976,00:00:21/1-06:31:43,1) /sbin/init
      (root,0,0,00:00:00/1-06:31:43,2) [kthreadd]
      (root,0,0,00:00:00/1-06:31:43,4) [kworker/0:0H]
      (root,0,0,00:00:00/1-06:31:43,6) [mm_percpu_wq]
      (root,0,0,00:00:01/1-06:31:43,7) [ksoftirqd/0]
      (root,0,0,00:00:15/1-06:31:43,8) [rcu_sched]
      (root,0,0,00:00:00/1-06:31:43,9) [rcu_bh]
      (root,0,0,00:00:00/1-06:31:43,10) [migration/0]
      (root,0,0,00:00:00/1-06:31:43,11) [watchdog/0]
      (root,0,0,00:00:00/1-06:31:43,12) [cpuhp/0]
      (root,0,0,00:00:00/1-06:31:43,13) [cpuhp/1]
      (root,0,0,00:00:00/1-06:31:43,14) [watchdog/1]
      (root,0,0,00:00:00/1-06:31:43,15) [migration/1]
      (root,0,0,00:00:00/1-06:31:43,16) [ksoftirqd/1]
      (root,0,0,00:00:00/1-06:31:43,18) [kworker/1:0H]
      (root,0,0,00:00:00/1-06:31:43,19) [cpuhp/2]
      (root,0,0,00:00:00/1-06:31:43,20) [watchdog/2]
      (root,0,0,00:00:00/1-06:31:43,21) [migration/2]
      (root,0,0,00:00:00/1-06:31:43,22) [ksoftirqd/2]
      (root,0,0,00:00:00/1-06:31:43,24) [kworker/2:0H]
      (root,0,0,00:00:00/1-06:31:43,25) [cpuhp/3]
      (root,0,0,00:00:00/1-06:31:43,26) [watchdog/3]
      (root,0,0,00:00:00/1-06:31:43,27) [migration/3]
      (root,0,0,00:00:00/1-06:31:43,28) [ksoftirqd/3]
      (root,0,0,00:00:00/1-06:31:43,30) [kworker/3:0H]
      (root,0,0,00:00:00/1-06:31:43,31) [cpuhp/4]
      (root,0,0,00:00:00/1-06:31:43,32) [watchdog/4]
      (root,0,0,00:00:00/1-06:31:43,33) [migration/4]
      (root,0,0,00:00:00/1-06:31:43,34) [ksoftirqd/4]
      (root,0,0,00:00:00/1-06:31:43,36) [kworker/4:0H]
      (root,0,0,00:00:00/1-06:31:43,37) [cpuhp/5]
      (root,0,0,00:00:00/1-06:31:43,38) [watchdog/5]
      (root,0,0,00:00:00/1-06:31:43,39) [migration/5]
      (root,0,0,00:00:00/1-06:31:43,40) [ksoftirqd/5]
      (root,0,0,00:00:00/1-06:31:43,42) [kworker/5:0H]
      (root,0,0,00:00:00/1-06:31:43,43) [kdevtmpfs]
      (root,0,0,00:00:00/1-06:31:43,44) [netns]
      (root,0,0,00:00:00/1-06:31:43,45) [rcu_tasks_kthre]
      (root,0,0,00:00:00/1-06:31:43,46) [kauditd]
      (root,0,0,00:00:00/1-06:31:43,49) [khungtaskd]
      (root,0,0,00:00:00/1-06:31:43,50) [oom_reaper]
      (root,0,0,00:00:00/1-06:31:43,51) [writeback]
      (root,0,0,00:00:00/1-06:31:43,52) [kcompactd0]
      (root,0,0,00:00:00/1-06:31:43,53) [ksmd]
      (root,0,0,00:00:00/1-06:31:43,54) [khugepaged]
      (root,0,0,00:00:00/1-06:31:43,55) [crypto]
      (root,0,0,00:00:00/1-06:31:43,56) [kintegrityd]
      (root,0,0,00:00:00/1-06:31:43,57) [kblockd]
      (root,0,0,00:00:00/1-06:31:43,58) [ata_sff]
      (root,0,0,00:00:00/1-06:31:43,59) [md]
      (root,0,0,00:00:00/1-06:31:43,60) [edac-poller]
      (root,0,0,00:00:00/1-06:31:43,61) [devfreq_wq]
      (root,0,0,00:00:00/1-06:31:43,62) [watchdogd]
      (root,0,0,00:00:25/1-06:31:43,64) [kworker/3:1]
      (root,0,0,00:00:02/1-06:31:43,65) [kworker/4:1]
      (root,0,0,00:00:01/1-06:31:43,66) [kworker/5:1]
      (root,0,0,00:00:00/1-06:31:42,68) [kswapd0]
      (root,0,0,00:00:00/1-06:31:42,69) [kworker/u13:0]
      (root,0,0,00:00:00/1-06:31:42,70) [ecryptfs-kthrea]
      (root,0,0,00:00:00/1-06:31:42,112) [kthrotld]
      (root,0,0,00:00:00/1-06:31:42,113) [acpi_thermal_pm]
      (root,0,0,00:00:00/1-06:31:42,114) [scsi_eh_0]
      (root,0,0,00:00:00/1-06:31:42,115) [scsi_tmf_0]
      (root,0,0,00:00:00/1-06:31:42,116) [scsi_eh_1]
      (root,0,0,00:00:00/1-06:31:42,117) [scsi_tmf_1]
      (root,0,0,00:00:00/1-06:31:42,123) [ipv6_addrconf]
      (root,0,0,00:00:00/1-06:31:42,132) [kstrp]
      (root,0,0,00:00:00/1-06:31:42,149) [charger_manager]
      (root,0,0,00:00:01/1-06:31:42,150) [kworker/1:2]
      (root,0,0,00:00:00/1-06:31:42,200) [scsi_eh_2]
      (root,0,0,00:00:00/1-06:31:42,201) [scsi_tmf_2]
      (root,0,0,00:00:00/1-06:31:42,223) [ttm_swap]
      (root,0,0,00:00:00/1-06:31:37,237) [kdmflush]
      (root,0,0,00:00:00/1-06:31:37,238) [bioset]
      (root,0,0,00:00:00/1-06:31:37,240) [kdmflush]
      (root,0,0,00:00:00/1-06:31:37,241) [bioset]
      (root,0,0,00:00:00/1-06:31:37,332) [kworker/5:1H]
      (root,0,0,00:00:00/1-06:31:37,333) [kworker/0:1H]
      (root,0,0,00:00:00/1-06:31:36,341) [raid5wq]
      (root,0,0,00:00:00/1-06:31:36,378) [kworker/2:1H]
      (root,0,0,00:00:00/1-06:31:36,401) [kworker/4:1H]
      (root,0,0,00:00:03/1-06:31:36,412) [jbd2/dm-0-8]
      (root,0,0,00:00:00/1-06:31:36,413) [ext4-rsv-conver]
      (root,0,0,00:00:00/1-06:31:34,497) [kworker/3:1H]
      (root,0,0,00:00:00/1-06:31:34,505) [iscsi_eh]
      (root,0,0,00:00:00/1-06:31:34,506) [ib-comp-wq]
      (root,0,0,00:00:00/1-06:31:34,507) [ib-comp-unb-wq]
      (root,0,0,00:00:00/1-06:31:34,508) [ib_mcast]
      (root,0,0,00:00:00/1-06:31:34,509) [ib_nl_sa_wq]
      (root,0,0,00:00:00/1-06:31:33,510) [rdma_cm]
      (root,272764,152564,00:00:29/1-06:31:33,511) /lib/systemd/systemd-journald
      (root,105908,1764,00:00:00/1-06:31:33,522) /sbin/lvmetad -f
      (root,0,0,00:00:04/1-06:31:33,537) [kworker/0:2]
      (root,46040,4848,00:00:02/1-06:31:33,544) /lib/systemd/systemd-udevd
      (root,0,0,00:00:00/1-06:31:32,568) [kworker/1:1H]
      (root,0,0,00:00:00/1-06:31:31,770) [ext4-rsv-conver]
      (systemd-timesync,141784,3180,00:00:00/1-06:31:31,858) /lib/systemd/systemd-timesyncd
      (systemd-network,71720,4964,00:00:00/1-06:31:30,1014) /lib/systemd/systemd-networkd
      (systemd-resolve,70604,5888,00:00:00/1-06:31:29,1058) /lib/systemd/systemd-resolved
      (bind,591900,27812,00:00:00/1-06:31:24,1239) /usr/sbin/named -f -u bind
      (messagebus,50108,4348,00:00:08/1-06:31:24,1270) /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
      (root,30040,2948,00:00:00/1-06:31:24,1298) /usr/sbin/cron -f
      (root,61976,5424,00:00:00/1-06:31:24,1340) /lib/systemd/systemd-logind
      (root,110492,3328,00:00:02/1-06:31:24,1363) /usr/sbin/irqbalance --foreground
      (root,169544,17544,00:00:00/1-06:31:24,1384) /usr/bin/python3 /usr/bin/networkd-dispatcher --run-startup-triggers
      (root,31884,1696,00:00:03/1-06:31:24,1415) /usr/sbin/inetd
      (daemon,28336,2296,00:00:00/1-06:31:24,1442) /usr/sbin/atd -f
      (root,235720,2156,00:00:00/1-06:31:24,1452) /usr/bin/lxcfs /var/lib/lxcfs/
      (root,264092,12152,00:00:02/1-06:31:24,1496) /usr/sbin/nmbd --foreground --no-process-group
      (mongodb,1527492,105512,00:03:24/1-06:31:24,1510) /usr/bin/mongod --config /etc/mongod.conf
      (root,286256,6728,00:00:04/1-06:31:24,1529) /usr/lib/accountsservice/accounts-daemon
      (syslog,263048,4416,00:00:06/1-06:31:24,1540) /usr/sbin/rsyslogd -n
      (root,563852,36792,00:00:02/1-06:31:24,1580) /usr/sbin/apache2 -k start
      (root,72304,6204,00:00:03/1-06:31:23,1611) /usr/sbin/sshd -D
      (mysql,2441896,606312,00:01:54/1-06:31:23,1612) /usr/sbin/mysqld
      (root,288884,6496,00:00:04/1-06:31:23,1689) /usr/lib/policykit-1/polkitd --no-debug
      (root,186356,20088,00:00:00/1-06:31:23,1708) /usr/bin/python3 /usr/share/unattended-upgrades/unattended-upgrade-shutdown --wait-for-signal
      (www-data,19912,168,00:00:01/1-06:31:23,1759) /usr/bin/htcacheclean -d 120 -p /var/cache/apache2/mod_cache_disk -l 300M -n
      (root,316824,18592,00:00:01/1-06:31:23,1765) /usr/sbin/winbindd --foreground --no-process-group
      (root,319956,13560,00:00:00/1-06:31:23,1844) /usr/sbin/winbindd --foreground --no-process-group
      (root,67384,3536,00:00:00/1-06:31:23,1846) /usr/lib/postfix/sbin/master -w
      (postfix,73944,4880,00:00:00/1-06:31:23,1851) qmgr -l -t unix -u
      (root,357272,22972,00:00:30/1-06:31:23,1886) /usr/sbin/smbd --foreground --no-process-group
      (root,28928,1836,00:00:00/1-06:31:23,1888) pure-ftpd (SERVER)
      (root,343692,4656,00:00:00/1-06:31:23,1924) /usr/sbin/smbd --foreground --no-process-group
      (root,343732,6084,00:00:02/1-06:31:23,1929) /usr/sbin/smbd --foreground --no-process-group
      (root,316824,4280,00:00:00/1-06:31:23,1937) /usr/sbin/winbindd --foreground --no-process-group
      (root,316824,6612,00:00:00/1-06:31:23,1941) /usr/sbin/winbindd --foreground --no-process-group
      (root,357256,6856,00:00:00/1-06:31:23,1952) /usr/sbin/smbd --foreground --no-process-group
      (root,14904,1840,00:00:00/1-06:31:23,1953) /sbin/agetty -o -p -- \u --noclear tty1 linux
      (root,96088,29996,00:00:06/1-06:31:22,2035) /usr/bin/perl /usr/share/webmin/miniserv.pl /etc/webmin/miniserv.conf
      (root,0,0,00:00:05/1-06:30:53,2121) [kworker/2:3]
      (www-data,965972,148216,00:00:08/10:13:38,3346) /usr/sbin/apache2 -k start
      (root,0,0,00:00:00/01:37:19,7820) [kworker/u12:0]
      (root,0,0,00:00:00/01:16:18,9616) [kworker/2:0]
      (www-data,667432,108468,00:00:02/08:36:42,9927) /usr/sbin/apache2 -k start
      (postfix,73816,4932,00:00:00/01:09:24,10103) pickup -l -t unix -u -c
      (root,0,0,00:00:00/01:03:18,10727) [kworker/3:2]
      (postfix,87724,7672,00:00:00/1-04:25:33,11895) tlsmgr -l -t unix -u -c
      (root,0,0,00:00:00/36:24,13048) [kworker/4:2]
      (root,0,0,00:00:00/33:19,13407) [kworker/5:0]
      (www-data,671396,73928,00:00:02/07:40:32,13720) /usr/sbin/apache2 -k start
      (www-data,671660,97248,00:00:03/07:40:30,13723) /usr/sbin/apache2 -k start
      (www-data,665456,67728,00:00:01/07:40:27,13728) /usr/sbin/apache2 -k start
      (root,0,0,00:00:00/19:36,14289) [kworker/1:0]
      (root,0,0,00:00:00/07:00,15127) [kworker/0:1]
      (root,0,0,00:00:00/04:54,15239) [kworker/1:1]
      (root,103888,6856,00:00:00/00:11,15695) sshd: unknown [priv]
      (sshd,72304,2968,00:00:00/00:09,15696) sshd: unknown [net]
      (root,0,0,00:00:00/00:01,15778) [kworker/0:0]
      (root,0,0,00:00:00/00:00,15858) [kworker/u12:2]
      (root,0,0,00:00:00/00:00,15859) [kworker/4:0]
      (root,11740,3244,00:00:00/00:00,15861) /bin/bash /usr/bin/check_mk_agent
      (root,34412,2832,00:00:00/00:00,15877) ps ax -o user:32,vsz,rss,cputime,etime,pid,command --columns 10000
      (root,13564,1124,00:00:00/00:00,15878) sed -e 1d -e s/ *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) *\([^ ]*\) */(\1,\2,\3,\4\/\5,\6) /
      (www-data,958724,101828,00:00:11/13:14:27,21922) /usr/sbin/apache2 -k start
      (www-data,664096,138112,00:00:09/13:14:27,21923) /usr/sbin/apache2 -k start
      (root,0,0,00:00:00/19:04:41,22722) [xfsalloc]
      (root,0,0,00:00:00/19:04:41,22723) [xfs_mru_cache]
      (root,0,0,00:00:00/19:04:41,22731) [jfsIO]
      (root,0,0,00:00:00/19:04:41,22732) [jfsCommit]
      (root,0,0,00:00:00/19:04:41,22733) [jfsCommit]
      (root,0,0,00:00:00/19:04:41,22734) [jfsCommit]
      (root,0,0,00:00:00/19:04:41,22735) [jfsCommit]
      (root,0,0,00:00:00/19:04:41,22736) [jfsCommit]
      (root,0,0,00:00:00/19:04:41,22737) [jfsCommit]
      (root,0,0,00:00:00/19:04:41,22738) [jfsSync]
      (www-data,950900,140876,00:00:14/18:46:14,25265) /usr/sbin/apache2 -k start
      (www-data,965244,143732,00:00:15/18:27:38,26841) /usr/sbin/apache2 -k start
      (root,0,0,00:00:01/03:52:12,30222) [kworker/u12:1]
      (www-data,668280,93288,00:00:08/11:11:58,30984) /usr/sbin/apache2 -k start
      (root,0,0,00:00:01/03:28:53,31896) [kworker/u12:3]
      
      Found network interfaces through CheckMk:
      [start_iplink]
      1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
          link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
      2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000
          link/ether 02:00:00:ba:c4:a5 brd ff:ff:ff:ff:ff:ff
      [end_iplink]
      
      
      Found on 2022-06-17 23:12
Domain summary
No record