Weird thing on my dedicated server

mohsleem · 08-08-2009, 07:07 PM

Hello Gurus,

I was working on my server linux, installing MySQL, Java, Tomcat, everything went find and I am able to run my application, yesterday I got a weird problem, I can't reach my box !!! no SSH, no FTP, no HTTP, nothing at all is responding, I tried to ping the server from another machine I get reply only for 3-5 seconds and the server goes offline for around 25-20 minutes, then it replies to my ping for 3-4 seconds and go back offline for 15-20 minutes and so on !!!

I didn't do anything wrong on the server, I don't know if it was a virus since I ran "iptables -F" which clears all the firewall rules, I know this is stupid thing, but I am not a system admin and didn't have time to go and read to set my own iptables ACLs....

In the 3-4 seconds period I was able to run ps -ef hoping this help you taking a deeper look...Thanks

Note: I tried to reboot the server without any progress !

Server is hosted at: joey.rapint.com you can ping it and see yourself the weird replies

[root@joey ~]# ps -ef
root 1 0 0 12:04 ? 00:00:00 init [3]
root 2 1 0 12:04 ? 00:00:00 [migration/0]
root 3 1 0 12:04 ? 00:00:00 [ksoftirqd/0]
root 4 1 0 12:04 ? 00:00:00 [watchdog/0]
root 5 1 0 12:04 ? 00:00:00 [events/0]
root 6 1 0 12:04 ? 00:00:00 [khelper]
root 7 1 0 12:04 ? 00:00:00 [kthread]
root 9 7 0 12:04 ? 00:00:00 [xenwatch]
root 10 7 0 12:04 ? 00:00:00 [xenbus]
root 14 7 0 12:04 ? 00:00:00 [migration/1]
root 15 7 0 12:04 ? 00:00:00 [ksoftirqd/1]
root 16 7 0 12:04 ? 00:00:00 [watchdog/1]
root 17 7 0 12:04 ? 00:00:00 [events/1]
root 18 7 0 12:04 ? 00:00:00 [migration/2]
root 19 7 0 12:04 ? 00:00:00 [ksoftirqd/2]
root 20 7 0 12:04 ? 00:00:00 [watchdog/2]
root 21 7 0 12:04 ? 00:00:00 [events/2]
root 22 7 0 12:04 ? 00:00:00 [migration/3]
root 23 7 0 12:04 ? 00:00:00 [ksoftirqd/3]
root 24 7 0 12:04 ? 00:00:00 [watchdog/3]
root 25 7 0 12:04 ? 00:00:00 [events/3]
root 30 7 0 12:04 ? 00:00:00 [kblockd/0]
root 31 7 0 12:04 ? 00:00:00 [kblockd/1]
root 32 7 0 12:04 ? 00:00:00 [kblockd/2]
root 33 7 0 12:04 ? 00:00:00 [kblockd/3]
root 34 7 0 12:04 ? 00:00:00 [cqueue/0]
root 35 7 0 12:04 ? 00:00:00 [cqueue/1]
root 36 7 0 12:04 ? 00:00:00 [cqueue/2]
root 37 7 0 12:04 ? 00:00:00 [cqueue/3]
root 41 7 0 12:04 ? 00:00:00 [khubd]
root 43 7 0 12:04 ? 00:00:00 [kseriod]
root 96 7 0 12:04 ? 00:00:00 [pdflush]
root 97 7 0 12:04 ? 00:00:00 [pdflush]
root 98 7 0 12:04 ? 00:00:00 [kswapd0]
root 99 7 0 12:04 ? 00:00:00 [aio/0]
root 100 7 0 12:04 ? 00:00:00 [aio/1]
root 101 7 0 12:04 ? 00:00:00 [aio/2]
root 102 7 0 12:04 ? 00:00:00 [aio/3]
root 243 7 0 12:04 ? 00:00:00 [kpsmoused]
root 287 7 0 12:04 ? 00:00:00 [kstriped]
root 308 7 0 12:04 ? 00:00:00 [kjournald]
root 337 7 0 12:04 ? 00:00:00 [kauditd]
root 366 1 0 12:04 ? 00:00:00 /sbin/udevd -d
root 781 7 0 12:04 ? 00:00:00 [kmpathd/0]
root 782 7 0 12:04 ? 00:00:00 [kmpathd/1]
root 783 7 0 12:04 ? 00:00:00 [kmpathd/2]
root 784 7 0 12:04 ? 00:00:00 [kmpathd/3]
root 785 7 0 12:04 ? 00:00:00 [kmpath_handlerd]
root 814 7 0 12:05 ? 00:00:00 [kjournald]
root 1095 1 0 12:05 ? 00:00:00 mcstransd
root 1279 1 0 12:05 ? 00:00:00 auditd
root 1281 1279 0 12:05 ? 00:00:00 /sbin/audispd
root 1298 1 0 12:05 ? 00:00:00 /usr/sbin/restorecond
root 1308 1 0 12:05 ? 00:00:00 syslogd -m 0
root 1311 1 0 12:05 ? 00:00:00 klogd -x
root 1322 1 0 12:05 ? 00:00:00 irqbalance
rpc 1334 1 0 12:05 ? 00:00:00 portmap
root 1358 1 0 12:05 ? 00:00:00 rpc.statd
root 1391 7 0 12:05 ? 00:00:00 [rpciod/0]
root 1392 7 0 12:05 ? 00:00:00 [rpciod/1]
root 1393 7 0 12:05 ? 00:00:00 [rpciod/2]
root 1394 7 0 12:05 ? 00:00:00 [rpciod/3]
root 1402 1 0 12:05 ? 00:00:00 rpc.idmapd
dbus 1419 1 0 12:05 ? 00:00:00 dbus-daemon --system
root 1430 1 0 12:05 ? 00:00:00 /usr/sbin/hcid
root 1436 1 0 12:05 ? 00:00:00 /usr/sbin/sdpd
root 1465 1 0 12:05 ? 00:00:00 [krfcommd]
root 1506 1 0 12:05 ? 00:00:00 pcscd
root 1526 1 0 12:05 ? 00:00:00 /usr/bin/hidd --server
root 1544 1 0 12:05 ? 00:00:00 automount
root 1572 1 0 12:05 ? 00:00:00 /usr/sbin/sshd
root 1582 1 0 12:05 ? 00:00:00 cupsd
root 1593 1 0 12:05 ? 00:00:00 xinetd -stayalive -pidfile /var/run/xinetd.pid
root 1852 1 0 12:05 ? 00:00:00 sendmail: accepting connections
smmsp 1861 1 0 12:05 ? 00:00:00 sendmail: Queue runner@01:00:00 for /var/spool/clientmqueue
root 1872 1 0 12:05 ? 00:00:00 gpm -m /dev/input/mice -t exps2
root 1888 1 0 12:05 ? 00:00:00 crond
root 1908 1 0 12:05 ? 00:00:00 /usr/sbin/atd
avahi 1954 1 0 12:05 ? 00:00:00 avahi-daemon: running [joey.local]
avahi 1955 1954 0 12:05 ? 00:00:00 avahi-daemon: chroot helper
68 1967 1 0 12:05 ? 00:00:00 hald
root 1968 1967 0 12:05 ? 00:00:00 hald-runner
root 1996 1 0 12:05 ? 00:00:00 /usr/sbin/smartd -q never
root 1999 1 0 12:05 xvc0 00:00:00 /sbin/agetty xvc0 9600 vt100-nav
root 2002 1 0 12:05 ? 00:00:00 /usr/bin/python -tt /usr/sbin/yum-updatesd
root 2004 1 0 12:05 ? 00:00:00 /usr/libexec/gam_server
root 2991 1572 0 19:35 ? 00:00:00 sshd: root@pts/0
root 2993 2991 0 19:35 pts/0 00:00:00 -bash
root 3017 2993 0 19:35 pts/0 00:00:00 ps -ef
[root@joey ~]#