I have a server that I set up at Amazon AWS EC2.
Recently i have been receiving these...
Time: Tue Sep 29 07:30:40 2015 -0400
PID: 11592 (Parent PID:11381)
Account: stymco
Uptime: 54888 seconds
Executable:
/usr/local/cpanel/3rdparty/perl/514/bin/perl
Command Line (often faked in exploits):
spamd child
Network connections by the process (if any):
tcp: 127.0.0.1:783 -> 0.0.0.0:0
tcp: 127.0.0.1:783 -> 127.0.0.1:60912
tcp: 10.0.0.15:48469 -> 208.83.137.115:2703
udp: 10.0.0.15:24448 -> 10.0.0.2:53
Files open by the process (if any):
/dev/null
/dev/null
/dev/null
/usr/local/cpanel/3rdparty/perl/514/bin/spamd
/home/stymco/.razor/razor-agent.log
And then today I received this...
Time: Tue Sep 29 21:35:18 2015 -0400
The following list of files have FAILED the md5sum comparison test. This means that the file has been changed in some way. This could be a result of an OS update or application upgrade. If the change is unexpected it should be investigated:
/usr/bin/ldapadd: FAILED
/usr/bin/ldapcompare: FAILED
/usr/bin/ldapdelete: FAILED
/usr/bin/ldapexop: FAILED
/usr/bin/ldapmodify: FAILED
/usr/bin/ldapmodrdn: FAILED
/usr/bin/ldappasswd: FAILED
/usr/bin/ldapsearch: FAILED
/usr/bin/ldapurl: FAILED
/usr/bin/ldapwhoami: FAILED
/usr/sbin/slapacl: FAILED
/usr/sbin/slapadd: FAILED
/usr/sbin/slapauth: FAILED
/usr/sbin/slapcat: FAILED
/usr/sbin/slapd: FAILED
/usr/sbin/slapdn: FAILED
/usr/sbin/slapindex: FAILED
/usr/sbin/slappasswd: FAILED
/usr/sbin/slapschema: FAILED
/usr/sbin/slaptest: FAILED
Is this something that is i should be worried about? Or is there a way that i can look deeper into this.
I have searched the web about some of these notices and all i can find is to disable the warnings that are getting emailed to me.
Any advice is much appreciated.
Aucun commentaire:
Enregistrer un commentaire