From: "Malcolm Wild" <cobaltsec@xxxxxxxxxxx>
Reply-To: cobalt-security@xxxxxxxxxxxxxxx
To: <cobalt-security@xxxxxxxxxxxxxxx>
Subject: RE: SV: [cobalt-security] - too many sendmail processes
Date: Tue, 25 Sep 2001 17:10:06 +0100
type
ps aux
this will show what started the process e.g. script, program, etc
it'll give you an indication of what is using sendmail
I'd also suggest having a look in the outgoing mail to see what it contains
if you don't like it kill it
kill PID#
that'll give you some pointers for more info on howtos just post back
-----Original Message-----
From: cobalt-security-admin@xxxxxxxxxxxxxxx
[mailto:cobalt-security-admin@xxxxxxxxxxxxxxx]On Behalf Of njd 76
Sent: 25 September 2001 16:14
To: cobalt-security@xxxxxxxxxxxxxxx
Subject: Re: SV: [cobalt-security] - too many sendmail processes
I am fairly new to the security world but i installed chkrootkit on one of
my cobalts and have found it to be a great way to keep on top of the log
files. My problem however is after I installed it I noticed when I ran top
the following was in the list: (not sure if chkrootkit has anything to do
with this)
1911 root 0 0 1660 1660 1388 S 0 0.0 1.2 0:00 sendmail
1912 root 0 0 1768 1768 1336 S 0 0.0 1.3 0:00 sendmail
2000 root 0 0 1660 1660 1384 S 0 0.0 1.2 0:00 sendmail
2001 root 0 0 1820 1820 1344 S 0 0.0 1.4 0:00 sendmail
2108 root 0 0 1660 1660 1388 S 0 0.0 1.2 0:00 sendmail
2111 root 0 0 1768 1768 1336 S 0 0.0 1.3 0:00 sendmail
2174 root 0 0 1660 1660 1388 S 0 0.0 1.2 0:00 sendmail
2175 root 0 0 1776 1776 1340 S 0 0.0 1.3 0:00 sendmail
2224 root 0 0 1660 1660 1384 S 0 0.0 1.2 0:00 sendmail
2225 root 0 0 1820 1820 1344 S 0 0.0 1.4 0:00 sendmail
2246 root 0 0 1660 1660 1388 S 0 0.0 1.2 0:00 sendmail
2248 root 0 0 1776 1776 1340 S 0 0.0 1.3 0:00 sendmail
etc....
Any idea on what is causing this or what is going on? Is there a way to
kill
these or is it ok to have them running? I have about 15 sites on this
server.
Hope you guys can help.
Cheers,
Nick Damoulakis
_______________________________________________
cobalt-security mailing list
cobalt-security@xxxxxxxxxxxxxxx
http://list.cobalt.com/mailman/listinfo/cobalt-security
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
_______________________________________________
cobalt-security mailing list
cobalt-security@xxxxxxxxxxxxxxx
http://list.cobalt.com/mailman/listinfo/cobalt-security
_______________________________________________
cobalt-security mailing list
cobalt-security@xxxxxxxxxxxxxxx
http://list.cobalt.com/mailman/listinfo/cobalt-security