I see every day repeated process netstat -nlp,and it takes kind a huge cpu usage(from 20 to 30 percent).I think that is some kind of hidden process,since it doesn't say which user starting it,and i was not able to find cron,i sended support question to whm/cpanel support but it seems they dont know too,i mean they gived me command which should mark when commands appear into log but it doesn't work when i run
Here is command which they gived me:
PHP Code:
#!/bin/bash
# save me as /root/check-netstat or whatever
# and then setup a cron task that runs once per minute
# or however often you want. Don't forget to remove the
# task once you've tracked it down!
found_netstat=$(ps auxwwwwwww|grep "netstat "|grep -vE
"grep")
if [ ! -z "$found_netstat" ]; then
echo "`date +%Y%m%d%H%M: $found_netstat" >> /root/netstat.log
fi
And then i get following error:
Usage: grep [OPTION]... PATTERN [FILE]...
Try `grep --help' for more information.
Usage: grep [OPTION]... PATTERN [FILE]...
Try `grep --help' for more information.
./check-netstat: line 4: unexpected EOF while looking for matching ``'
./check-netstat: line 7: syntax error: unexpected end of file
Also i already set cron for running that command so please fix it.
Any idea how to find what causing this and how to remove it?I am worried someone could control server and i wont know that.