[Eisfair] brute force blocking 2.1.2
Nils Lange
nils at killa.eisfair.net
So Feb 26 01:51:03 CET 2023
On 25.02.2023 11:57, Marcus Röckrath wrote:
> Läuft es immer noch?
Habe es noch einmal neu gestartet.
> Wenn ja, kannst du eine zweite Konsole aufmachen und dann dort erstmal
>
> ps ax
> top -n 1
>
> ausführen und Ausgaben posten.
>
> Ich denke, da wird was hängen (Endlosschleife).
>
Da seit dem Updateversuch keine Mail über Bruteforce mehr gekommen ist,
gehe ich davon aus, dass das Script nicht mehr läuft.
Gruß, Nils
Hier die Ausgaben:
mail # ps ax
PID TTY STAT TIME COMMAND
1 ? Ss 0:03 init [2]
2 ? S 0:00 [kthreadd]
3 ? I< 0:00 [rcu_gp]
4 ? I< 0:00 [rcu_par_gp]
5 ? I< 0:00 [slub_flushwq]
6 ? I< 0:00 [netns]
7 ? I 4:14 [kworker/0:0-mm_percpu_wq]
8 ? I< 0:00 [kworker/0:0H-events_highpri]
10 ? I< 0:00 [mm_percpu_wq]
11 ? S 0:00 [rcu_tasks_trace]
12 ? S 1:03 [ksoftirqd/0]
13 ? I 2:06 [rcu_sched]
14 ? S 0:00 [migration/0]
15 ? S 0:00 [cpuhp/0]
16 ? S 0:00 [cpuhp/1]
17 ? S 0:01 [migration/1]
18 ? S 1:14 [ksoftirqd/1]
20 ? I< 0:00 [kworker/1:0H-kblockd]
21 ? S 0:00 [kdevtmpfs]
22 ? I< 0:00 [inet_frag_wq]
24 ? S 0:00 [oom_reaper]
25 ? I< 0:00 [writeback]
26 ? S 0:06 [kcompactd0]
42 ? I< 0:00 [kintegrityd]
43 ? I< 0:00 [kblockd]
44 ? I< 0:00 [blkcg_punt_bio]
45 ? I< 0:00 [md]
46 ? I< 0:00 [devfreq_wq]
47 ? S 0:00 [watchdogd]
48 ? I< 1:04 [kworker/0:1H-kblockd]
51 ? S 5:21 [kswapd0]
72 ? I< 0:00 [kthrotld]
104 ? I< 0:00 [acpi_thermal_pm]
753 ? I< 0:00 [raid5wq]
763 ? I< 0:00 [kstrp]
1530 ? I 0:00 [kworker/0:1]
1925 ? I< 0:00 [ata_sff]
1961 ? S 0:00 [scsi_eh_0]
1970 ? S 0:00 [scsi_eh_1]
1971 ? I< 0:00 [scsi_tmf_0]
1972 ? I< 0:00 [scsi_tmf_1]
1976 ? S 0:00 [scsi_eh_2]
1977 ? I< 0:00 [scsi_tmf_2]
1981 ? S 0:00 [scsi_eh_3]
1982 ? I< 0:00 [scsi_tmf_3]
1986 ? S 0:00 [scsi_eh_4]
1993 ? I< 0:00 [scsi_tmf_4]
1997 ? S 0:00 [scsi_eh_5]
1998 ? I< 0:00 [scsi_tmf_5]
2074 ? I< 0:55 [kworker/1:1H-kblockd]
2079 ? S 0:00 [scsi_eh_6]
2080 ? I< 0:00 [scsi_tmf_6]
2081 ? S 6:42 [usb-storage]
2121 ? I< 0:00 [uas]
2201 ? S 0:16 [jbd2/sda3-8]
2202 ? I< 0:00 [ext4-rsv-conver]
2306 ? Ss 0:00 /sbin/udevd --daemon
4456 ? I< 0:00 [edac-poller]
4506 ? S 0:00 [card0-crtc0]
4507 ? S 0:00 [card0-crtc1]
4573 ? S 0:00 [jbd2/sda1-8]
4574 ? I< 0:00 [ext4-rsv-conver]
4575 ? S 0:00 [jbd2/sdb1-8]
4576 ? I< 0:00 [ext4-rsv-conver]
4578 ? S 0:00 [jbd2/sdc1-8]
4579 ? I< 0:00 [ext4-rsv-conver]
4580 ? S 0:00 [jbd2/sdd1-8]
4581 ? I< 0:00 [ext4-rsv-conver]
5031 ? SNs 0:00 imapd
5096 ? SNs 0:02 /usr/sbin/haveged -p /run/haveged.pid -w
1024 -v -1
5115 ? SNsl 0:56 /usr/sbin/named -t /var/lib/named -u named
5120 ? I< 0:00 [mld]
5121 ? I< 0:00 [ipv6_addrconf]
5509 ? SNs 0:08 /usr/sbin/syslogd -m 20
5772 ? Ssl 3:04 /usr/sbin/redis-server 127.0.0.1:6379
5882 ? SNs 0:00 /usr/sbin/xinetd -reuse -stayalive -pidfile
/run/xine
5890 ? SNs 0:00 sshd: /usr/sbin/sshd -f
/usr/etc/ssh/sshd_config [lis
5899 ? SNs 0:00 /usr/sbin/atd
6048 ? S 0:00 /bin/sh /usr/lib/mysql/103/bin/mysqld_safe
--defaults
6225 ? Sl 1:42 /usr/lib/mysql/103/bin/mysqld
--defaults-file=/etc/my
7750 ? SNs 0:00 imapd
11320 ? SNs 0:00 sshd: root at pts/0
11671 pts/0 SNs 0:00 -bash
12258 pts/0 SN+ 0:00 /bin/sh /sbin/setup
12264 pts/0 SN+ 0:00 /bin/sh /var/install/bin/show-menu
/var/install/menu/
12565 pts/0 SN+ 0:00 /bin/sh /var/install/bin/show-menu
/var/install/menu/
12592 ? SNs 0:10 /usr/sbin/nmbd -D
12593 ? SN 0:00 /usr/sbin/nmbd -D
12608 ? SNs 0:00 /usr/sbin/smbd -D
12610 ? SN 0:00 /usr/sbin/smbd -D
12611 ? SN 0:00 /usr/sbin/smbd -D
12616 ? SN 0:00 /usr/libexec/samba/samba-bgqd
--ready-signal-fd=45 --
12689 ? I< 0:00 [cifsiod]
12690 ? I< 0:00 [smb3decryptd]
12691 ? I< 0:00 [cifsfileinfoput]
12692 ? I< 0:00 [cifsoplockd]
12693 ? I< 0:00 [deferredclose]
12696 ? S 1:16 [cifsd]
16821 ? SNs 0:00 imapd
17087 ? SNs 0:01 imapd
17088 ? SNs 0:00 imapd
17236 ? S 0:02 [jbd2/sde1-8]
17237 ? I< 0:00 [ext4-rsv-conver]
17329 ? SN 0:00 /usr/sbin/smbd -D
17412 ? I 0:00 [kworker/u8:0-events_unbound]
17892 ? Ss 0:05 /usr/bin/perl -T -w /usr/sbin/spamd -d -u
spam -r /ru
17893 ? S 0:06 spamd child
17894 ? S 0:13 spamd child
17895 ? S 0:05 spamd child
17896 ? S 0:03 spamd child
17897 ? S 0:04 spamd child
18640 ? S 0:04 /bin/sh /var/install/bin/antispam-control
18726 ? Ss 0:00 /usr/sbin/exim -bd -q30m -om -oP /run/exim.pid
19164 ? I 0:12 [kworker/1:0-mm_percpu_wq]
19645 ? SNsl 0:10 /usr/sbin/minidlnad -P /var/run/minidlna.pid
-f /etc/
19824 ? SNsl 1:58 /usr/sbin/clamd
20353 ? SN 0:00 /usr/sbin/smartd -p /run/smartd.pid
20368 ? SNs 0:00 /usr/sbin/mini_httpd -C
/etc/httpd/mini_httpd.conf
20388 ? S 0:14 /bin/sh /usr/bin/dyneisfair-client.sh
20454 tty1 Ss+ 0:00 /sbin/mingetty --noclear tty1
20455 tty2 Ss+ 0:00 /sbin/mingetty tty2
20456 tty3 Ss+ 0:00 /sbin/mingetty tty3
20457 tty4 Ss+ 0:00 /sbin/mingetty tty4
20483 pts/0 SN+ 0:00 /bin/sh /var/install/bin/show-menu
/var/install/menu/
21177 pts/0 SN+ 0:00 /bin/sh /var/install/bin/list-packages-eisman
upgrada
21446 pts/0 SN+ 0:00 /bin/bash /var/install/bin/browse-packages
--install
22296 pts/0 SN+ 0:00 /bin/sh /usr/bin/eisman install --auto
--url=https://
22308 pts/0 SN+ 0:00 /bin/bash /usr/share/eisman/eisman_install.sh
--auto
22310 pts/0 SN+ 0:00 /usr/bin/gawk -v packages=
brute_force_blocking=2.1.2
22617 ? SNs 0:02 /usr/sbin/dhcpd -4 -cf /etc/dhcpd.conf -lf
/var/lib/d
22772 ? SNs 0:01 /usr/sbin/apache2
22776 ? SN 0:00 /usr/sbin/apache2
22777 ? SN 0:00 /usr/sbin/apache2
22778 ? SN 0:00 /usr/sbin/apache2
22826 ? SN 0:00 /usr/sbin/apache2
22827 ? SN 0:00 /usr/sbin/apache2
23292 ? SNs 0:00 /usr/sbin/fcron
23314 pts/0 SN+ 0:00 sh /tmp/install.sh
https://ojaehrling.de/eis/brute_fo
25901 ? I 0:00 [kworker/1:2-cifsiod]
27127 pts/0 SN+ 0:00 /bin/sh
/var/install/config.d/brute_force_blocking.sh
27322 ? SNs 0:00 sshd: root at pts/1
27614 pts/1 SNs 0:00 -bash
28797 ? SN 0:00 /bin/sh /usr/bin/fetchmail-loader start
28881 ? I 0:00 [kworker/u8:2-events_unbound]
30422 ? SN 0:00 su - exim -s /bin/sh -c export
LANG=C;/usr/bin/fetchm
30427 ? SNs 0:00 -sh -c export LANG=C;/usr/bin/fetchmail -f
/etc/fetch
30440 ? SN 0:00 /usr/bin/fetchmail -f /etc/fetchmail.conf
--daemon 0
30441 ? R 0:09 /usr/sbin/exim -bd -q30m -om -oP /run/exim.pid
30449 ? S 0:00 sleep 10
30458 ? S 0:00 sleep 20
30460 pts/1 RN+ 0:00 ps ax
31126 ? SNs 0:00 gpg-agent --homedir
/var/antispam/spamassassin/sa-upd
32433 ? I 0:00 [kworker/u8:1-ext4-rsv-conversion]
mail # top -n 1
top - 01:41:29 up 23:29, 3 users, load average: 0.44, 0.55, 0.68
Tasks: 150 total, 1 running, 149 sleeping, 0 stopped, 0 zombie
%Cpu(s): 0.0 us, 2.9 sy, 2.9 ni, 94.1 id, 0.0 wa, 0.0 hi, 0.0 si,
0.0 st
MiB Mem : 3945.895 total, 406.688 free, 1503.770 used, 2035.438 buff/cache
MiB Swap: 1023.996 total, 832.832 free, 191.164 used. 2015.410 avail Mem
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+
COMMAND
30540 root 30 10 4212 2724 2264 R 6.250 0.067 0:00.02 top
1 root 20 0 2600 1504 1468 S 0.000 0.037 0:03.13 init
2 root 20 0 0 0 0 S 0.000 0.000 0:00.01
kthreadd
3 root 0 -20 0 0 0 I 0.000 0.000 0:00.00 rcu_gp
4 root 0 -20 0 0 0 I 0.000 0.000 0:00.00
rcu_par_gp
5 root 0 -20 0 0 0 I 0.000 0.000 0:00.00
slub_flus+
6 root 0 -20 0 0 0 I 0.000 0.000 0:00.00 netns
7 root 20 0 0 0 0 I 0.000 0.000 4:14.62
kworker/0+
8 root 0 -20 0 0 0 I 0.000 0.000 0:00.00
kworker/0+
10 root 0 -20 0 0 0 I 0.000 0.000 0:00.00
mm_percpu+
11 root 20 0 0 0 0 S 0.000 0.000 0:00.00
rcu_tasks+
12 root 20 0 0 0 0 S 0.000 0.000 1:03.96
ksoftirqd+
13 root 20 0 0 0 0 I 0.000 0.000 2:06.90
rcu_sched
14 root rt 0 0 0 0 S 0.000 0.000 0:00.65
migration+
15 root 20 0 0 0 0 S 0.000 0.000 0:00.00
cpuhp/0
16 root 20 0 0 0 0 S 0.000 0.000 0:00.00
cpuhp/1
17 root rt 0 0 0 0 S 0.000 0.000 0:01.05
migration+
Mehr Informationen über die Mailingliste Eisfair