Weird Spamd
Apr 28, 2008
i have this really annoying issue i'm hoping you can help with.
it seems the spamd child process gets stuck and causes 100% cpu usage. but this doens't just happen randomly, its only for this single user account. e.g. take a look at top output:
4581 <username> 93 40:58.87 1.3 82624 52m 2280 R spamd child
the 93 is 93% cpu usage. 40:58 is how long the process has been running, 40 minutes and counting (i just killed it though). and all it tells me its running spamd child. it usually dies after a few hours but only after causing 200% cpu usage (100% on both cpus) and making my server load skyrocket. This happens at least twice daily at no set times.
this user isn't a spammer. no scripts, no mail queue generation, no email accounts even.
running cpanel 11, centos 4.
View 3 Replies
ADVERTISEMENT
Oct 28, 2006
what thise services mean or refer to !!!!
imap
spamd
View 2 Replies
View Related
May 27, 2009
I am having trouble fixing spamd on my server, spamd -- failed!
How do i go about fixing this?
View 9 Replies
View Related
Jul 30, 2009
I a keep received the email as below every 5 min:
spamd failed @ Fri Jul 31 09:29:04 2009. A restart was attempted automagically.
Service Check Method: [check command]
Cmd Service Check Raw Output: Spamd is not running
View 6 Replies
View Related
Feb 25, 2008
root@server [~]# service exim restart
Shutting down clamd: [ OK ]
Shutting down exim: [ OK ]
Shutting down antirelayd: [ OK ]
Shutting down spamd: [ OK ]
Starting clamd: [ OK ]
Starting exim-26: [ OK ]
Starting exim: [ OK ]
Starting exim-smtps: [ OK ]
Starting antirelayd: [ OK ]
Starting spamd: [1814] warn: server socket setup failed, retry 1: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
[1814] warn: server socket setup failed, retry 2: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
[1814] error: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
spamd: could not create INET socket on 127.0.0.1:783: Address already in use
I tried forced exim update, restarted xinetd, nothing works.
View 2 Replies
View Related
Nov 11, 2008
Anyone have a complete tutorial from start to finish on installing spamd as a smtp relay server/gateway? Im looking for some good doccumentation on this all i can find is just the spamd install guide but thats it. Im not even sure if i need postfix etc on the machine to run I have no idea.
1. what are the requirements
2. how to install and compile spamd
3. how to configure your mail servers to accept only mail from smtp relay and setup your mx records accordingly.
View 0 Replies
View Related
Nov 25, 2007
I have a VPS with 320MB of RAM. The problem is that spammassassin is killing my VPS.
Spamd service was using 50% of memory (+- 150MB of RAM).
Do you think that this is normal RAM for Spamd?
View 10 Replies
View Related
Sep 25, 2007
Spamd often died once in a while. How do i set up an auto monitoring and restart it if it dies? Btw, i'm on a Unix machine.
View 14 Replies
View Related
Jun 30, 2007
Spamd seems to be using 36% of RAM, which I work out to be around 290-300mb
Is that normal
top - 12:43:32 up 1 day, 15:09, 1 user, load average: 0.04, 0.05, 0.02
Tasks: 72 total, 1 running, 71 sleeping, 0 stopped, 0 zombie
Cpu(s): 0.0% us, 0.1% sy, 0.0% ni, 99.9% id, 0.0% wa, 0.0% hi, 0.0% si
Mem: 851968k total, 544616k used, 307352k free, 0k buffers
Swap: 0k total, 0k used, 0k free, 0k cached
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
28548 root 16 0 1888 1012 792 R 0 0.1 0:00.19 top
1 root 16 0 1620 600 520 S 0 0.1 0:00.64 init
23557 root 15 0 1524 544 456 S 0 0.1 0:02.13 syslogd
23570 named 16 0 69408 3872 1956 S 0 0.5 0:01.26 named
23587 root 20 0 1448 376 320 S 0 0.0 0:00.00 courierlogger
23588 root 15 0 1796 616 508 S 0 0.1 0:00.01 authdaemond
23590 root 16 0 1796 364 244 S 0 0.0 0:00.03 authdaemond
23592 root 16 0 1796 368 248 S 0 0.0 0:00.04 authdaemond
23593 root 15 0 1796 368 248 S 0 0.0 0:00.04 authdaemond
23594 root 16 0 1796 368 248 S 0 0.0 0:00.03 authdaemond
23595 root 16 0 1796 368 248 S 0 0.0 0:00.04 authdaemond
23602 root 15 0 4008 1128 832 S 0 0.1 0:00.67 sshd
23675 root 16 0 6580 4964 1228 S 0 0.6 0:01.08 chkservd
23856 root 16 0 2472 924 536 S 0 0.1 0:00.22 crond
24066 root 18 0 14096 8476 352 S 0 1.0 0:00.00 cpdavd
24074 root 16 0 5520 3708 1040 S 0 0.4 0:00.36 cpbandwd
24075 root 34 19 9068 6588 1756 S 0 0.8 0:10.20 cpanellogd
24116 nobody 18 0 3772 1724 652 S 0 0.2 0:00.00 entropychat
24146 root 18 0 4044 804 576 S 0 0.1 0:00.00 saslauthd
24169 root 18 0 1480 392 320 S 0 0.0 0:00.00 portsentry
25608 root 17 0 5400 3836 2320 S 0 0.5 0:02.25 authProg
25627 root 16 0 5400 3836 2320 S 0 0.5 0:02.28 authProg
30325 root 16 0 5400 3836 2320 S 0 0.5 0:02.07 authProg
11563 root 18 0 2072 804 668 S 0 0.1 0:00.00 xinetd
11603 root 15 0 1452 384 324 S 0 0.0 0:00.00 courierlogger
11604 root 15 0 1560 512 440 S 0 0.1 0:00.00 couriertcpd
11610 root 18 0 1452 304 252 S 0 0.0 0:00.00 courierlogger
11611 root 18 0 1560 492 420 S 0 0.1 0:00.00 couriertcpd
11616 root 15 0 1452 384 324 S 0 0.0 0:00.16 courierlogger
11617 root 15 0 1560 512 440 S 0 0.1 0:00.17 couriertcpd
11622 root 20 0 1452 304 252 S 0 0.0 0:00.00 courierlogger
11623 root 18 0 1560 492 420 S 0 0.1 0:00.00 couriertcpd
24353 root 16 0 5400 3768 2256 S 0 0.4 0:01.76 authProg
20008 root 17 0 5400 3772 2256 S 0 0.4 0:02.04 authProg
28437 mailnull 16 0 8516 1200 796 S 0 0.1 0:00.43 exim
28443 mailnull 18 0 8460 1148 752 S 0 0.1 0:00.00 exim
28481 root 16 0 26116 23m 1880 S 0 2.8 0:01.37 spamd
28503 root 16 0 3028 1140 640 S 0 0.1 0:01.95 antirelayd
28505 root 16 0 305m 302m 2032 S 0 36.3 3:26.74 spamd
28506 root 16 0 28776 26m 2008 S 0 3.2 0:01.02 spamd
28512 mailman 19 0 10276 4928 840 S 0 0.6 0:00.01 mailmanctl
28515 mailman 16 0 10060 6688 2612 S 0 0.8 0:03.59 python2.4
28516 mailman 16 0 10064 6696 2612 S 0 0.8 0:03.78 python2.4
28517 mailman 16 0 10036 6700 2612 S 0 0.8 0:03.56 python2.4
28519 mailman 16 0 10096 6692 2612 S 0 0.8 0:03.60 python2.4
28522 mailman 16 0 10044 6720 2612 S 0 0.8 0:03.64 python2.4
28523 mailman 16 0 10060 6760 2612 S 0 0.8 0:03.78 python2.4
28524 mailman 16 0 10060 6688 2612 S 0 0.8 0:03.74 python2.4
28525 mailman 16 0 10060 6692 2612 S 0 0.8 0:00.15 python2.4
28571 root 17 0 2144 1128 964 S 0 0.1 0:00.00 mysqld_safe
28594 mysql 15 0 106m 17m 4184 S 0 2.1 0:54.08 mysqld
28635 mailnull 16 0 8496 3764 1520 S 0 0.4 0:00.88 eximstats
29982 root 16 0 2756 608 404 S 0 0.1 0:00.17 postsuexecinsta
[root@awt ~]# spamd restart
[29871] warn: server socket setup failed, retry 1: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
[29871] warn: server socket setup failed, retry 2: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
[29871] error: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
spamd: could not create INET socket on 127.0.0.1:783: Address already in use
[root@awt ~]# top
top - 12:43:58 up 1 day, 15:10, 1 user, load average: 0.02, 0.04, 0.02
Tasks: 72 total, 1 running, 71 sleeping, 0 stopped, 0 zombie
Cpu(s): 0.1% us, 0.0% sy, 0.0% ni, 99.9% id, 0.0% wa, 0.0% hi, 0.0% si
Mem: 851968k total, 544392k used, 307576k free, 0k buffers
Swap: 0k total, 0k used, 0k free, 0k cached
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
29918 root 16 0 1888 1012 792 R 0 0.1 0:00.01 top
1 root 16 0 1620 600 520 S 0 0.1 0:00.64 init
23557 root 15 0 1524 544 456 S 0 0.1 0:02.13 syslogd
23570 named 16 0 69408 3872 1956 S 0 0.5 0:01.26 named
23587 root 20 0 1448 376 320 S 0 0.0 0:00.00 courierlogger
23588 root 15 0 1796 616 508 S 0 0.1 0:00.01 authdaemond
23590 root 16 0 1796 364 244 S 0 0.0 0:00.03 authdaemond
23592 root 16 0 1796 368 248 S 0 0.0 0:00.04 authdaemond
23593 root 15 0 1796 368 248 S 0 0.0 0:00.04 authdaemond
23594 root 16 0 1796 368 248 S 0 0.0 0:00.03 authdaemond
23595 root 16 0 1796 368 248 S 0 0.0 0:00.04 authdaemond
23602 root 15 0 4008 1128 832 S 0 0.1 0:00.67 sshd
23675 root 16 0 6580 4964 1228 S 0 0.6 0:01.08 chkservd
23856 root 16 0 2472 924 536 S 0 0.1 0:00.22 crond
24066 root 18 0 14096 8476 352 S 0 1.0 0:00.00 cpdavd
24074 root 16 0 5520 3708 1040 S 0 0.4 0:00.37 cpbandwd
24075 root 34 19 9068 6588 1756 S 0 0.8 0:10.20 cpanellogd
24116 nobody 18 0 3772 1724 652 S 0 0.2 0:00.00 entropychat
24146 root 18 0 4044 804 576 S 0 0.1 0:00.00 saslauthd
24169 root 18 0 1480 392 320 S 0 0.0 0:00.00 portsentry
25608 root 17 0 5400 3836 2320 S 0 0.5 0:02.25 authProg
25627 root 16 0 5400 3836 2320 S 0 0.5 0:02.28 authProg
30325 root 16 0 5400 3836 2320 S 0 0.5 0:02.07 authProg
11563 root 18 0 2072 804 668 S 0 0.1 0:00.00 xinetd
11603 root 15 0 1452 384 324 S 0 0.0 0:00.00 courierlogger
11604 root 15 0 1560 512 440 S 0 0.1 0:00.00 couriertcpd
11610 root 18 0 1452 304 252 S 0 0.0 0:00.00 courierlogger
11611 root 18 0 1560 492 420 S 0 0.1 0:00.00 couriertcpd
11616 root 15 0 1452 384 324 S 0 0.0 0:00.16 courierlogger
11617 root 15 0 1560 512 440 S 0 0.1 0:00.17 couriertcpd
11622 root 20 0 1452 304 252 S 0 0.0 0:00.00 courierlogger
11623 root 18 0 1560 492 420 S 0 0.1 0:00.00 couriertcpd
24353 root 16 0 5400 3768 2256 S 0 0.4 0:01.76 authProg
20008 root 17 0 5400 3772 2256 S 0 0.4 0:02.04 authProg
28437 mailnull 16 0 8516 1200 796 S 0 0.1 0:00.43 exim
28443 mailnull 18 0 8460 1148 752 S 0 0.1 0:00.00 exim
28481 root 16 0 26116 23m 1880 S 0 2.8 0:01.37 spamd
28503 root 16 0 3028 1140 640 S 0 0.1 0:01.95 antirelayd
28505 root 16 0 305m 302m 2032 S 0 36.3 3:26.74 spamd
28506 root 16 0 28776 26m 2008 S 0 3.2 0:01.02 spamd
28512 mailman 19 0 10276 4928 840 S 0 0.6 0:00.01 mailmanctl
28515 mailman 16 0 10060 6688 2612 S 0 0.8 0:03.59 python2.4
28516 mailman 16 0 10064 6696 2612 S 0 0.8 0:03.78 python2.4
28517 mailman 16 0 10036 6700 2612 S 0 0.8 0:03.56 python2.4
28519 mailman 16 0 10096 6692 2612 S 0 0.8 0:03.60 python2.4
28522 mailman 16 0 10044 6720 2612 S 0 0.8 0:03.64 python2.4
28523 mailman 16 0 10060 6760 2612 S 0 0.8 0:03.78 python2.4
28524 mailman 16 0 10060 6688 2612 S 0 0.8 0:03.74 python2.4
28525 mailman 16 0 10060 6692 2612 S 0 0.8 0:00.15 python2.4
28571 root 17 0 2144 1128 964 S 0 0.1 0:00.00 mysqld_safe
28594 mysql 15 0 106m 17m 4184 S 0 2.1 0:54.08 mysqld
28635 mailnull 16 0 8496 3764 1520 S 0 0.4 0:00.88 eximstats
29982 root 16 0 2756 608 404 S 0 0.1 0:00.17 postsuexecinsta
View 14 Replies
View Related
Oct 15, 2007
I'm having a problem with one user account, every 5-10 minutes a spamd process of this user gets locked using 60-90% cpu and never ends. If I don't kill the process another one does the same and they all get locked causing very high loads
I reinstalled exim but it did nothing
The problem persisted even when this user's account was suspended
View 12 Replies
View Related
Mar 30, 2007
What would be the best spamd configuration setup for a server running Cent?
PID File
Maximum Children
Maximum Connections Perl Child
View 1 Replies
View Related
Feb 8, 2008
It may have already been covered, but i have searched and cannot find a solution to the following.
I have a few Shared hosting servers using Cpanel. The biggest use of resource is spamd.
Is there a way of setting up a spamd server, ie not using Cpanel so that this server purely does the spam checking then passes it back to which ever Cpanel server it came from.
I have done this using postfix, but I'm new to the whole exim / Cpanel thing.
View 4 Replies
View Related
Aug 5, 2008
I have been using my Server for a decent while, All of a sudden of the last month it has decided that it wants to play a game.
"Spamd" keeps failing and automagically restarts.
It restarts and works, But then Fails once again a few hours later. One morning I woke up to 7 error messages with the same service.
By Restarting Exim it resolves the issue but it happens hours later.
I have tried mostly of what I can think of.
Does anyone have any other thoughts on this issue and how it can be resolved?
View 4 Replies
View Related
Jul 29, 2009
I am pretty sure that the following entries in the logs are not good and I would like to resolve this issue. I have been reading on Google for several hours straight looking for answers and have come up short.
[/var/log]# grep -i -C4 failed maillog | tail -18
Jul 29 10:12:29 bamboo spamd[31310]: spamd: setuid to root succeeded
Jul 29 10:12:29 bamboo spamd[31310]: spamd: still running as root: user not specified with -u, not found, or set to root, falling back to nobody
Jul 29 10:12:29 bamboo spamd[31310]: spamd: processing message <GTUBE1.1010101@example.net> for root:99
Jul 29 10:12:29 bamboo spamd[31310]: auto-whitelist: open of auto-whitelist file failed: locker: safe_lock: cannot create tmp lockfile /.spamassassin/auto-whitelist.lock.bamboo.site.com.31310 for /.spamassassin/auto-whitelist.lock: No such file or directory
Jul 29 10:12:29 bamboo spamd[31310]: spamd: identified spam (1000.0/5.0) for root:99 in 0.0 seconds, 834 bytes.
Jul 29 10:12:29 bamboo spamd[31310]: spamd: result: Y 999 - GTUBE,NO_RECEIVED,NO_RELAYS ....
View 7 Replies
View Related
Feb 18, 2008
i've noticed a number of times in the past few weeks where the spamd process gets stuck (apache 2 server / whm) with a single user name running the process. there is no spam being sent out, no major incoming influx of mail either - the process is just stuck but consumes 100% of cpu and runs for ages before it terminates itself.
for e.g. right now my top output:
2789 <username> 25 0 99 287:44.76 1.3 79760 49m 2288 R spamd child
the 287 is the cumulative CPU time - no way it should be stuck like this.
how i can figure out what's causing this problem?
View 2 Replies
View Related
Jul 24, 2007
My nobody_check is killing a process that seems to be o.k. but I'm not sure. The process is running /usr/bin/perl-bin which I never heard of. I thought it was /usr/bin/perl
Should I be concerned? Again, I don't know what /perl-bin is.
Process ID: 28457 has been killed
Restuls for PID: 28457
total 0
dr-xr-xr-x 3 nobody nobody 0 Jul 23 17:00 .
dr-xr-xr-x 201 root root 0 Jun 29 11:59 ..
dr-xr-xr-x 2 root root 0 Jul 23 17:00 attr
-r-------- 1 root root 0 Jul 23 17:00 auxv
-r--r--r-- 1 root root 0 Jul 23 17:00 cmdline
lrwxrwxrwx 1 root root 0 Jul 23 17:00 cwd -> /
-r-------- 1 root root 0 Jul 23 17:00 environ
lrwxrwxrwx 1 root root 0 Jul 23 17:00 exe -> /usr/bin/perl-bin
dr-x------ 2 root root 0 Jul 23 17:00 fd
-rw-r--r-- 1 root root 0 Jul 23 17:00 loginuid
-r-------- 1 root root 0 Jul 23 17:00 maps
-rw------- 1 root root 0 Jul 23 17:00 mem
-r--r--r-- 1 root root 0 Jul 23 17:00 mounts
lrwxrwxrwx 1 root root 0 Jul 23 17:00 root -> /
-r--r--r-- 1 root root 0 Jul 23 17:00 stat
-r--r--r-- 1 root root 0 Jul 23 17:00 statm
-r--r--r-- 1 root root 0 Jul 23 17:00 status
dr-xr-xr-x 3 root root 0 Jul 23 17:00 task
-r--r--r-- 1 root root 0 Jul 23 17:00 wchan
Netstat:
tcp 0 0 127.0.0.1:783 127.0.0.1:40957
CLOSE_WAIT 28457/spamd child
udp 0 0 xx.xxx.xxx.xx:41008 216.52.190.1:53
ESTABLISHED 28457/spamd child
unix 3 [ ] STREAM CONNECTED 120878416 28457/spamd
child
unix 2 [ ] DGRAM 120872220 28457/spamd
child
unix 2 [ ] STREAM CONNECTED 120847759 28457/spamd
child
unix 2 [ ] STREAM CONNECTED 120832442 28457/spamd
child
Environ:
Process ID: 23944 has been killed
Restuls for PID: 23944
total 0
dr-xr-xr-x 3 nobody nobody 0 Jul 23 16:55 .
dr-xr-xr-x 206 root root 0 Jun 29 11:59 ..
dr-xr-xr-x 2 root root 0 Jul 23 17:00 attr
-r-------- 1 root root 0 Jul 23 17:00 auxv
-r--r--r-- 1 root root 0 Jul 23 16:55 cmdline
lrwxrwxrwx 1 root root 0 Jul 23 17:00 cwd -> /
-r-------- 1 root root 0 Jul 23 17:00 environ
lrwxrwxrwx 1 root root 0 Jul 23 16:55 exe -> /usr/bin/perl-bin
dr-x------ 2 root root 0 Jul 23 17:00 fd
-rw-r--r-- 1 root root 0 Jul 23 17:00 loginuid
-r-------- 1 root root 0 Jul 23 17:00 maps
-rw------- 1 root root 0 Jul 23 17:00 mem
-r--r--r-- 1 root root 0 Jul 23 17:00 mounts
lrwxrwxrwx 1 root root 0 Jul 23 17:00 root -> /
-r--r--r-- 1 root root 0 Jul 23 16:55 stat
-r--r--r-- 1 root root 0 Jul 23 16:55 statm
-r--r--r-- 1 root root 0 Jul 23 16:55 status
dr-xr-xr-x 3 root root 0 Jul 23 17:00 task
-r--r--r-- 1 root root 0 Jul 23 17:00 wchan
Netstat:
tcp 1 0 127.0.0.1:783 127.0.0.1:40955
CLOSE_WAIT 23944/spamd child
udp 0 0 xx.xx.xxx.xxx:55606 216.52.190.1:53
ESTABLISHED 23944/spamd child
unix 3 [ ] STREAM CONNECTED 120847760 23944/spamd
child
unix 2 [ ] STREAM CONNECTED 120832442 23944/spamd
child
unix 2 [ ] DGRAM 120677444 23944/spamd
child
Environ:
View 4 Replies
View Related
Dec 3, 2007
I have just moved my sites from shared host to a vps. After several initial problems (cpanel issue, config not set up correctly, memory spikes and sites down every morning due to backup and stats) I thought everything was going to be ok. hmm.
My server load starts off fine first thing (less than 1) then creeps up nearly 1 per hour, ie been 3.5 hours now and it is at 2.57. Sites are ok at the moment but yesterday load got up to nearly 7 and sites were extremely slow.
CPU usage is HIGH for one site and goes up very quickly throughout the day. Yesterday it reached well over 90%. First thing today it was already amber and showing 14%. It is now 70.54% and shows below it :
Top Process %CPU 80.2 spamd child
Top Process %CPU 79.8 spamd child
Top Process %CPU 79.4 spamd child
I have a ticket open and they (Liquid Web) they are not sure what the deal is, but are apparently monitoring it to see if they can isolate the cause of the problem. But that was a couple of days ago and now the ticket is due for closure.
I telephoned them (expensive as I'm in the UK!) and raised my concerns, but was just told that everything looked ok on the vps, cpu usage was in fact not high and to ignore the warnings.
So, I am posting here to see if anybody can help me get to the root of this.
I understand that spamd child is to do with email / spam assassin?
My problem is that this is the first vps I have had and don't have a clue now where to go or what to do.
Anybody understand about spamd child that can explain it to a poor dumb blonde and how to fix it?
View 14 Replies
View Related
Nov 9, 2009
Do yo uguys know how to skip CLAMD and SPAMD on local emails on cpanel server?
our clietns send emails internall too crazily, running clamd and spamd cause high load often
View 1 Replies
View Related
Jun 3, 2009
I've got a vB site which has a RSS Poster Bot (fetches RSS Feeds then posts them). However, for some strange reason, it stopped working. Theres no errors in the error_log and when I do a manual run, it just times out after a minute or so.
The only thing I can think of is that one of the RSS Feeds is down or one of the sites is blocking the server IP for some reason.
View 2 Replies
View Related
Oct 8, 2007
I have a weird problem since the movement of our ip range with one of our servers. Bind doesn`t seem to react on any changes we make.
For example, the server still resolves to the old ip adress while we changed all of those with ipswap.sh (directadmin)
The weird thing is that all zone files are 100% Correct. Ip`s are all changed and no sign of the old ip whatsoever.
Again, the nameserver still resolves to the old ip`s.
Also when i create a new domain, named.conf is changed and the zone file is created sucessfully. Still the nameserver doesn`t seem to add the domain name.
Restarting, reloading and even reinstalling named doesn`t help
View 2 Replies
View Related
Mar 29, 2008
I'm seeing weird characters on my support home page:
That's found right below "Home > Support"
The source code shows the following...
Quote:
<tr>
<td style="padding:0px"><p>Welcome to our Support Area.</p>
I've checked the two template files (header.tpl and homepage.tpl) but did not find such characters. Its boggling me. Not even whitespace.
View 4 Replies
View Related
Aug 4, 2007
Got a couple of questions on my Centos server.
It is my only (at present), and main production web server located in a datacentre in the Uk.
I am running Centos 4-4.2 since a hardware failure earlier this year neccesitated a stressful overnight ssh reinstall.
I have it setup pretty well now (I think!) but I cant work out how I am able to sftp into the server!
Reason being, I have installed VSFTPD (made sure there were no ftpd daemons installed or running), and when I stop this service via sshd, it does not affect the fact that I can then sftp in to the server using an ftp client such as wsftp pro...
Also, even when I change the vsftpd.conf to jail certain ftp users to a directory, it seems to have no effect and ftp works exactly as it did before without imposing the restrictions?
There is no other ftp daemon showing up in the process list.
I have tripwire installed, rootkit hunter, and cisco hardware firewall in conjunciton with ip tables.
I dont 'think' its hacked!
Also, the last time I upgraded centos was from an early v4 to 4.4.2 due to major hardware failure on the server and the fact I didnt have a mirrored OS/server backup (due to cost) *but I did of course have all my sites and databases etc)
I am rather scared to upgrade Centos kernel to the latest version in part due to horror stories I have heard from others (NOT regarding Centos specifically) from kernel upgrades going wrong or compatibility issues etc that mean that I am very very reluctant to do it on our main production server..
I am imminently buying another server to act as a failover and backup for the existing one,but is keeping my current Centos install as it is and holding out to wait for a test server the best thing to do? (are there any serious security issues in 4.4.2? bugs etc?)
Or should I have confidence and get Yum to do its business!
View 6 Replies
View Related
Aug 9, 2007
This is a very weird network issue that we are currently facing.
There are 2 servers, 1.1.1.1 and 2.2.2.2;
I can ping both IPs from my computer at the office or from anywhere else.
BUT, I cannot ping each other. For example, I log into 1.1.1.1 and cannot ping 2.2.2.2 and vice-versa.
This is very weird and I am thinking this is not OS related and something beyond that.
I was wondering if anyone of you came across this type of issue and possible direct us in the right direction.
View 5 Replies
View Related
Dec 25, 2007
It seems that i am facing some weird Apache issue.
I cant access my forum.domain.com but can access forum.domain.com/admin
I didnt found anything in Apache error logs,but found this in access logs
IP HERE - - [26/Dec/2007:03:13:44 +0400] "GET / HTTP/1.0" 200 22435 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; InfoPath.1; .NET CLR 2.0.50727)"
Is there anything strange in that info and what does 22435 represent?
View 2 Replies
View Related
May 6, 2009
On one of my Web sites I have it set to e-mail me whenever someone tries a SQL Injection attempt through the GET.
(I find some of the results interesting and/or funny.)
I also have it e-mail me the visitor's IP address and browser client.
I recently got one with a result for the IP address that certainly got my interest.
It read:
Quote:
<?php phpinfo(); echo "LOOOOL, X-FORWERD BUG"; ?>
The PHP scripting I use to get the IP address is:
Code:
$visIP = isset($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR'];
I guess I'm wondering how they may have done it, and if this indicates an issues where people can hack my site (for control or at least info) through this method?
View 2 Replies
View Related
May 5, 2009
I keep getting weird characters such as .... in MySQL.
View 3 Replies
View Related