Michael,
We always recommend running on the latest version of AstLinux to mitigate
security risks. If possible, you should upgrade both to 1.2.9 and move the 1.8
box to a current version of Asterisk.
It looks like some process was consuming a considerable amount of ram (unknown
how much you have installed). It is possible that this was an attack. It
could have been some other sort of memory leak, but the only ones we’re
commonly aware of are related to Zabbix over time.
Darrick
From: Michael Knill [mailto:michael.kn...@ipcsolutions.com.au]
Sent: Sunday, June 4, 2017 8:30 PM
To: AstLinux List <astlinux-users@lists.sourceforge.net>
Subject: [Astlinux-users] Asterisk stopped
Hmm its been a bad morning.
I had two separate sites this morning with the same issue in that Asterisk had
crashed. Yes these two sites don't have Safe Asterisk configured but its still
VERY unusual as Asterisk crashes are rare enough but on the same morning?
Unfortunately one site did not have ANY logs regarding the crash which was very
unusual. Astlinux 1.2.7 Asterisk 11.22.0
Another site did as added below. Astlinux 1.2.0 Asterisk 1.8.30
...... lots of these ......
Jun 5 10:01:00 3003-ATP-CM1 local0.warn asterisk[1094]: WARNING[20995]:
channel.c:1513 in __ast_queue_frame: Exceptionally long voice queue length
queuing to Local/430@DialPlan1-000026ea;2
Jun 5 10:01:00 3003-ATP-CM1 local0.warn asterisk[1094]: WARNING[20995]:
channel.c:1513 in __ast_queue_frame: Exceptionally long voice queue length
queuing to Local/430@DialPlan1-000026ea;2
Jun 5 10:01:00 3003-ATP-CM1 local0.warn asterisk[1094]: WARNING[20995]:
channel.c:1513 in __ast_queue_frame: Exceptionally long voice queue length
queuing to Local/430@DialPlan1-000026ea;2
........
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: crond invoked oom-killer:
gfp_mask=0x201da, order=0, oom_adj=0, oom_score_adj=0
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: Pid: 330, comm: crond Tainted: G
O 3.2.62-astlinux #1
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: Call Trace:
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c10581ed>] T.499+0x6b/0x18e
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c110cce2>] ?
___ratelimit+0x9e/0xbc
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c105833f>] T.498+0x2f/0x23e
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c1028c8a>] ?
has_capability_noaudit+0x2e/0x3a
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c1058762>]
out_of_memory+0x214/0x2b9
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c105b161>]
__alloc_pages_nodemask+0x3f7/0x47e
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c1056f72>]
do_read_cache_page+0x39/0x105
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c10c92b2>] ?
ext2_writepages+0xf/0xf
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c1057072>]
read_cache_page_async+0x16/0x1b
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c1057082>]
read_cache_page+0xb/0x12
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c10c7018>]
ext2_get_page+0x1c/0x1e3
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c108cf8b>] ?
vfsmount_lock_local_unlock+0xd/0x22
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c107fb95>] ?
terminate_walk+0x30/0x32
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c10c7d49>]
ext2_find_entry+0x72/0x188
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c10c7e71>]
ext2_inode_by_name+0x12/0x31
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c10caa83>]
ext2_lookup+0x22/0x65
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c107fced>]
d_alloc_and_lookup+0x38/0x4f
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c10819cb>]
__lookup_hash+0x9a/0xa5
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c1081b74>]
lookup_one_len_nd+0x8f/0x9e
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c10ea9e8>]
lookup_whiteout+0x66/0xd9
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c10e7c60>]
unionfs_lookup_full+0x157/0x6b8
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c10e09b0>] ?
__unionfs_d_revalidate+0x337/0x363
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c1064123>] ?
__krealloc+0x38/0x50
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c1064168>] ?
krealloc+0x2d/0x33
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c10e7914>] ?
new_dentry_private_data+0x7a/0xdc
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c10e280e>]
unionfs_lookup+0x6b/0x105
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c107fced>]
d_alloc_and_lookup+0x38/0x4f
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c10800f2>]
do_lookup+0x1ca/0x2a4
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c1082ddd>] do_last+0xe3/0x5ef
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c1083385>]
path_openat+0x9c/0x2c2
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c1083655>]
do_filp_open+0x21/0x60
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c108bfa8>] ?
alloc_fd+0xbf/0xe2
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c1076d3d>]
do_sys_open+0xf6/0x179
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c1076e02>] sys_open+0x1e/0x26
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c128b765>]
syscall_call+0x7/0x7
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c1280000>] ?
ip_rt_do_proc_exit+0x15/0x30
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: Mem-Info:
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: DMA per-cpu:
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: CPU 0: hi: 0, btch: 1
usd: 0
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: Normal per-cpu:
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: CPU 0: hi: 90, btch: 15
usd: 12
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: active_anon:33674
inactive_anon:25254 isolated_anon:0
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: active_file:5 inactive_file:6
isolated_file:0
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: unevictable:0 dirty:0
writeback:0 unstable:0
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: free:611 slab_reclaimable:896
slab_unreclaimable:1423
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: mapped:2804 shmem:29022
pagetables:116 bounce:0
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: DMA free:1052kB min:120kB
low:148kB high:180kB active_anon:9000kB inactive_anon:5668kB active_file:0kB
inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB
present:15808kB mlocked:0kB dirty:0kB writeback:0kB
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: lowmem_reserve[]: 0 238 238 238
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: Normal free:1392kB min:1912kB
low:2388kB high:2868kB active_anon:125696kB inactive_anon:95348kB
active_file:20kB inactive_file:24kB unevictable:0kB isolated(anon):0kB
isolated(file):0kB present:243840kB mlocked:0kB dirty:0kB wr
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: lowmem_reserve[]: 0 0 0 0
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: DMA: 1*4kB 1*8kB 1*16kB 0*32kB
0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB 0*2048kB 0*4096kB = 1052kB
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: Normal: 28*4kB 0*8kB 0*16kB
0*32kB 0*64kB 0*128kB 1*256kB 0*512kB 1*1024kB 0*2048kB 0*4096kB = 1392kB
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: 29033 total pagecache pages
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: 0 pages in swap cache
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: Swap cache stats: add 0, delete
0, find 0/0
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: Free swap = 0kB
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: Total swap = 0kB
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: 65520 pages RAM
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: 0 pages HighMem
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: 1659 pages reserved
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: 7100 pages shared
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: 59763 pages non-shared
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ pid ] uid tgid total_vm
rss cpu oom_adj oom_score_adj name
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ 162] 0 162 446
205 0 -17 -1000 udevd
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ 174] 0 174 445
151 0 -17 -1000 udevd
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ 175] 0 175 445
151 0 -17 -1000 udevd
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ 250] 0 250 505
115 0 0 0 syslogd
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ 252] 0 252 505
110 0 0 0 klogd
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ 273] 0 273 566
269 0 0 0 pppoe-connect
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ 292] 0 292 581
239 0 0 0 pppd
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ 330] 0 330 515
168 0 0 0 crond
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ 770] 0 770 623
327 0 0 0 adaptive-ban-he
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ 1025] 65534 1025 518
266 0 0 0 dnsmasq
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ 1036] 0 1036 657
263 0 0 0 ntpd
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ 1064] 0 1064 1006
242 0 -17 -1000 sshd
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ 1070] 0 1070 842
153 0 0 0 vsftpd
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ 1094] 0 1094 34835
29568 0 0 0 asterisk
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ 1095] 0 1095 626
188 0 0 0 astcanary
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ 1134] 0 1134 880
139 0 0 0 shellinaboxd
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ 1136] 0 1136 880
113 0 0 0 shellinaboxd
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ 1153] 0 1153 1077
559 0 0 0 lighttpd
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ 1154] 0 1154 2372
920 0 0 0 php
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ 1156] 0 1156 2372
920 0 0 0 php
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ 1157] 0 1157 2372
405 0 0 0 php
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ 1162] 0 1162 2568
1076 0 0 0 php
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ 1190] 0 1190 506
152 0 0 0 getty
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ 5076] 0 5076 506
144 0 0 0 sed
Jun 5 10:01:01 3003-ATP-CM1 user.err kernel: Out of memory: Kill process 1094
(asterisk) score 450 or sacrifice child
Jun 5 10:01:01 3003-ATP-CM1 user.err kernel: Killed process 1095 (astcanary)
total-vm:2504kB, anon-rss:116kB, file-rss:636kB
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: crond invoked oom-killer:
gfp_mask=0x201da, order=0, oom_adj=0, oom_score_adj=0
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: Pid: 330, comm: crond Tainted: G
O 3.2.62-astlinux #1
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: Call Trace:
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c10581ed>] T.499+0x6b/0x18e
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c110cce2>] ?
___ratelimit+0x9e/0xbc
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c105833f>] T.498+0x2f/0x23e
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c1028c8a>] ?
has_capability_noaudit+0x2e/0x3a
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c1058762>]
out_of_memory+0x214/0x2b9
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c105b161>]
__alloc_pages_nodemask+0x3f7/0x47e
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c1056f72>]
do_read_cache_page+0x39/0x105
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c10c92b2>] ?
ext2_writepages+0xf/0xf
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c1057072>]
read_cache_page_async+0x16/0x1b
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c1057082>]
read_cache_page+0xb/0x12
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c10c7018>]
ext2_get_page+0x1c/0x1e3
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c108cf8b>] ?
vfsmount_lock_local_unlock+0xd/0x22
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c107fb95>] ?
terminate_walk+0x30/0x32
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c10c7d49>]
ext2_find_entry+0x72/0x188
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c10c7e71>]
ext2_inode_by_name+0x12/0x31
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c10caa83>]
ext2_lookup+0x22/0x65
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c107fced>]
d_alloc_and_lookup+0x38/0x4f
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c10819cb>]
__lookup_hash+0x9a/0xa5
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c1081b74>]
lookup_one_len_nd+0x8f/0x9e
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c10ea9e8>]
lookup_whiteout+0x66/0xd9
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c10e7c60>]
unionfs_lookup_full+0x157/0x6b8
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c10e09b0>] ?
__unionfs_d_revalidate+0x337/0x363
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c1064123>] ?
__krealloc+0x38/0x50
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c1064168>] ?
krealloc+0x2d/0x33
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c10e7914>] ?
new_dentry_private_data+0x7a/0xdc
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c10e280e>]
unionfs_lookup+0x6b/0x105
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c107fced>]
d_alloc_and_lookup+0x38/0x4f
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c10800f2>]
do_lookup+0x1ca/0x2a4
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c1082ddd>] do_last+0xe3/0x5ef
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c1083385>]
path_openat+0x9c/0x2c2
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c1083655>]
do_filp_open+0x21/0x60
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c108bfa8>] ?
alloc_fd+0xbf/0xe2
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c1076d3d>]
do_sys_open+0xf6/0x179
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c1076e02>] sys_open+0x1e/0x26
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c128b765>]
syscall_call+0x7/0x7
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: [<c1280000>] ?
ip_rt_do_proc_exit+0x15/0x30
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: Mem-Info:
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: DMA per-cpu:
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: CPU 0: hi: 0, btch: 1
usd: 0
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: Normal per-cpu:
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: CPU 0: hi: 90, btch: 15
usd: 44
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: active_anon:33722
inactive_anon:25177 isolated_anon:0
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: active_file:0 inactive_file:11
isolated_file:0
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: unevictable:0 dirty:0
writeback:0 unstable:0
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: free:611 slab_reclaimable:896
slab_unreclaimable:1424
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: mapped:2728 shmem:29022
pagetables:113 bounce:0
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: DMA free:1052kB min:120kB
low:148kB high:180kB active_anon:9296kB inactive_anon:5372kB active_file:0kB
inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB
present:15808kB mlocked:0kB dirty:0kB writeback:0kB
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: lowmem_reserve[]: 0 238 238 238
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: Normal free:1392kB min:1912kB
low:2388kB high:2868kB active_anon:125592kB inactive_anon:95336kB
active_file:0kB inactive_file:44kB unevictable:0kB isolated(anon):0kB
isolated(file):0kB present:243840kB mlocked:0kB dirty:0kB wri
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: lowmem_reserve[]: 0 0 0 0
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: DMA: 1*4kB 1*8kB 1*16kB 0*32kB
0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB 0*2048kB 0*4096kB = 1052kB
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: Normal: 28*4kB 0*8kB 0*16kB
0*32kB 0*64kB 0*128kB 1*256kB 0*512kB 1*1024kB 0*2048kB 0*4096kB = 1392kB
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: 29033 total pagecache pages
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: 0 pages in swap cache
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: Swap cache stats: add 0, delete
0, find 0/0
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: Free swap = 0kB
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: Total swap = 0kB
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: 65520 pages RAM
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: 0 pages HighMem
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: 1659 pages reserved
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: 6941 pages shared
Jun 5 10:01:01 3003-ATP-CM1 user.warn kernel: 59807 pages non-shared
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ pid ] uid tgid total_vm
rss cpu oom_adj oom_score_adj name
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ 162] 0 162 446
205 0 -17 -1000 udevd
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ 174] 0 174 445
151 0 -17 -1000 udevd
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ 175] 0 175 445
151 0 -17 -1000 udevd
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ 250] 0 250 505
115 0 0 0 syslogd
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ 252] 0 252 505
110 0 0 0 klogd
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ 273] 0 273 566
269 0 0 0 pppoe-connect
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ 292] 0 292 581
239 0 0 0 pppd
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ 330] 0 330 515
168 0 0 0 crond
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ 770] 0 770 623
327 0 0 0 adaptive-ban-he
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ 1025] 65534 1025 518
266 0 0 0 dnsmasq
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ 1036] 0 1036 657
263 0 0 0 ntpd
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ 1064] 0 1064 1006
242 0 -17 -1000 sshd
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ 1070] 0 1070 842
153 0 0 0 vsftpd
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ 1094] 0 1094 34835
29568 0 0 0 asterisk
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ 1134] 0 1134 880
139 0 0 0 shellinaboxd
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ 1136] 0 1136 880
113 0 0 0 shellinaboxd
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ 1153] 0 1153 1077
559 0 0 0 lighttpd
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ 1154] 0 1154 2372
920 0 0 0 php
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ 1156] 0 1156 2372
920 0 0 0 php
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ 1157] 0 1157 2372
405 0 0 0 php
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ 1162] 0 1162 2568
1076 0 0 0 php
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ 1190] 0 1190 506
152 0 0 0 getty
Jun 5 10:01:01 3003-ATP-CM1 user.info kernel: [ 5076] 0 5076 506
144 0 0 0 sed
Jun 5 10:01:01 3003-ATP-CM1 user.err kernel: Out of memory: Kill process 1094
(asterisk) score 450 or sacrifice child
Jun 5 10:01:01 3003-ATP-CM1 user.err kernel: Killed process 1094 (asterisk)
total-vm:139340kB, anon-rss:111212kB, file-rss:7060kB
Now it could just be an AMAZING coincidence but Im actually more concerned it
may have been a common hack attempt. This one above did have a lot of banned
IP’s but I don't know when.
Any ideas? should I be concerned? Should I be doing some upgrades?
Regards
Michael Knill
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Astlinux-users mailing list
Astlinux-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/astlinux-users
Donations to support AstLinux are graciously accepted via PayPal to
pay...@krisk.org.
