> Not seen it but have seen variants reported - that's a coin miner of > some sort (-u username -p password - the fact it's looking for RAM > available etc suggests probably Scrypt-based). The IP it's targeting > is a pool called YPool. Might be worth reporting this to the pool > and/or the host of the file (company called VolumeDrive apparently).
Thanks. I've discovered this now. > Are you running any Nagios extensions that run as servers? Are you > using nrpe/is it locked down in your firewall to only accept your > Nagios host? All locked down, but checking. We use Opsview Pro so are raising a ticket with them too as there are no opsview-agent/nrpe updates that we haven't applied. Gavin. -- Kind Regards, Gavin Henry. Managing Director. T +44 (0) 1224 279484 M +44 (0) 7930 323266 F +44 (0) 1224 824887 E [email protected] Open Source. Open Solutions(tm). http://www.suretecsystems.com/ Suretec Systems is a limited company registered in Scotland. Registered number: SC258005. Registered office: 24 Cormack Park, Rothienorman, Inverurie, Aberdeenshire, AB51 8GL. Subject to disclaimer at http://www.suretecgroup.com/disclaimer.html Do you know we have our own VoIP provider called SureVoIP? See http://www.surevoip.co.uk OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
