云主机cpu使用率突然很高
查看服务器发现异常
1 crontab
# crontab -l
* * * * * /tmp/.dns/y2kupdate >/dev/null 2>&1
2 iptables
# iptables -nL
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:6667
3 top
# top
...
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
13627 root 20 0 117936 16420 428 S 693.0 0.1 63521:36 /tmp/. -u 45z52tWbwt5ZaQr4yQ8Na78aRihkWJJXVPtaMeHkLcKMS182U4vvLqyZaDeyZR7nDAE3Fp2WMutEVE9XwrTjA1hwHJm7E5F.10000+cn2 -o 0x36246e41:7777 -p x+
P 按cpu排序
c 查看详细启动命令
4 port
# netstat -natp|grep 13627
tcp 0 0 192.168.0.56:38044 54.36.110.65:7777 ESTABLISHED 13627/.
5 confirm
# curl http://54.36.110.65:7777
mining server online
进程会连接到挖矿服务器