There are a couple of troublesome aspects to this problem, especially the fact that you could not kill the process. A dramatic increase in server load, with 100% cpu usage can indicate an application has gone into the weeds and there may be a mundane explanation for this occurrence. It could also be an indication that you have been compromised. Without more detail it is impossible to say. Lets start with some questions:
1 - Do you know what repquota does and are you using it?
2 - What distribution and rev level are you running?
3 - what server applications, e.g. SSH, Apache, Postfix, are you running (again what rev level)?
4 - Are you using any content mangement or server management tools, e.g. plesk, nagios, webmin?
With the file being run as root, use the command /bin/ps axfwwwe to see what the process tree is. This should give you an idea if it has been launched, say for example, from a user who has SSH'd into the system. Then look at the output of netstat -pane and verify that the connections all look legitimate. For example do you see extra connections on SSH or on a non standard port?
|