Thanks. I tried that already. With the dfix and denyhosts running, it usually takes care of most of those automatically. In this case, I didn't find anything too excessive. Just the normal amount of activity. I am still stumped.
On 3/16/11 10:40 PM, "Eiji Hamano (bluequartz)" <[email protected]> wrote: >>> Steady, linear rise in new processes created on the server, 2 every 5 >>> minutes > > I also have the same experience. > Following steps were always escaped from my BO crisis. > > 1. Search for unusual extensive access. > tail -200 /var/log/secure > > 2. If you find the IP address, DROP it on you server. > /sbin/iptables -A INPUT -s xxx.xxx.xxx.xxx -j DROP > > 3. Using a TOP command, Obtain the IDs of invalid new processes. > Then, KILL new processes. > kill -9 xxxx xxxx xxxx xxxx xxxx .............. > > Best Regards. Eiji Hmanao > > _______________________________________________ > Blueonyx mailing list > [email protected] > http://www.blueonyx.it/mailman/listinfo/blueonyx > _______________________________________________ Blueonyx mailing list [email protected] http://www.blueonyx.it/mailman/listinfo/blueonyx
