I have a CentOS 3.8 server which i manage for web hosting (web server, mail server + database server). Today i got it down because of an attack, here is the last snapshot of top command before server dies 09:47:30 up 21 days, 6:54, 1 user, load average: 363.88, 727.82, 253.42 3949 processes: 135 sleeping, 3800 running, 14 zombie, 0 stopped CPU states: cpu user nice system irq softirq iowait idle total 0.6% 0.0% 99.2% 0.0% 0.0% 0.0% 0.0% cpu00 0.4% 0.0% 99.4% 0.0% 0.0% 0.0% 0.0% cpu01 0.8% 0.0% 99.0% 0.0% 0.1% 0.0% 0.0% Mem: 2055236k av, 1935836k used, 119400k free, 0k shrd, 188120k buff 1286892k actv, 165568k in_d, 17336k in_c Swap: 2040244k av, 22676k used, 2017568k free 901000k cached PID USER PRI NI SIZE RSS SHARE STAT %CPU %MEM TIME CPU COMMAND 6515 root 19 0 10048 9.8M 2612 R 3.9 0.4 1:06 1 cpsrvd-ssl 7175 root 18 0 564 564 492 S 2.7 0.0 0:03 0 couriertcpd 10365 nobody 19 0 11020 10M 2352 R 2.5 0.5 0:08 0 httpd 1998 root 19 0 10724 10M 2140 R 2.4 0.5 3:02 1 httpd 10719 mailnull 19 0 1892 1892 1548 R 1.8 0.0 3:49 0 exim 7169 root 19 0 552 552 476 R 1.8 0.0 0:10 1 couriertcpd 29384 manmoud 25 0 380 380 308 R 1.0 0.0 0:01 0 2-4-21 26278 manmoud 24 0 420 420 308 R 0.9 0.0 0:01 1 2-4-21 26519 manmoud 25 0 420 420 308 R 0.9 0.0 0:01 1 2-4-21 26524 manmoud 25 0 424 424 308 R 0.9 0.0 0:01 1 2-4-21 29368 manmoud 25 0 412 412 308 R 0.9 0.0 0:01 1 2-4-21 25916 manmoud 24 0 388 388 308 R 0.8 0.0 0:01 0 2-4-21 25922 manmoud 25 0 388 388 308 R 0.8 0.0 0:01 0 2-4-21 Clearly, the user manmod caused this huge load. Are there any way to prevent such high load caused by any user on the system except root?? thanx
I have a CentOS 3.8 server which i manage for web hosting (web server, mail server + database server). Today i got it down because of an attack, here is the last snapshot of top command before server dies 09:47:30 up 21 days, 6:54, 1 user, load average: 363.88, 727.82, 253.42 3949 processes: 135 sleeping, 3800 running, 14 zombie, 0 stopped CPU states: cpu user nice system irq softirq iowait idle total 0.6% 0.0% 99.2% 0.0% 0.0% 0.0% 0.0% cpu00 0.4% 0.0% 99.4% 0.0% 0.0% 0.0% 0.0% cpu01 0.8% 0.0% 99.0% 0.0% 0.1% 0.0% 0.0% Mem: 2055236k av, 1935836k used, 119400k free, 0k shrd, 188120k buff 1286892k actv, 165568k in_d, 17336k in_c Swap: 2040244k av, 22676k used, 2017568k free 901000k cached PID USER PRI NI SIZE RSS SHARE STAT %CPU %MEM TIME CPU COMMAND 6515 root 19 0 10048 9.8M 2612 R 3.9 0.4 1:06 1 cpsrvd-ssl 7175 root 18 0 564 564 492 S 2.7 0.0 0:03 0 couriertcpd 10365 nobody 19 0 11020 10M 2352 R 2.5 0.5 0:08 0 httpd 1998 root 19 0 10724 10M 2140 R 2.4 0.5 3:02 1 httpd 10719 mailnull 19 0 1892 1892 1548 R 1.8 0.0 3:49 0 exim 7169 root 19 0 552 552 476 R 1.8 0.0 0:10 1 couriertcpd 29384 manmoud 25 0 380 380 308 R 1.0 0.0 0:01 0 2-4-21 26278 manmoud 24 0 420 420 308 R 0.9 0.0 0:01 1 2-4-21 26519 manmoud 25 0 420 420 308 R 0.9 0.0 0:01 1 2-4-21 26524 manmoud 25 0 424 424 308 R 0.9 0.0 0:01 1 2-4-21 29368 manmoud 25 0 412 412 308 R 0.9 0.0 0:01 1 2-4-21 25916 manmoud 24 0 388 388 308 R 0.8 0.0 0:01 0 2-4-21 25922 manmoud 25 0 388 388 308 R 0.8 0.0 0:01 0 2-4-21 Clearly, the user manmod caused this huge load. Are there any way to prevent such high load caused by any user on the system except root?? thanx
I have a CentOS 3.8 server which i manage for web hosting (web server, mail server + database server). Today i got it down because of an attack, here is the last snapshot of top command before server dies 09:47:30 up 21 days, 6:54, 1 user, load average: 363.88, 727.82, 253.42 3949 processes: 135 sleeping, 3800 running, 14 zombie, 0 stopped CPU states: cpu user nice system irq softirq iowait idle total 0.6% 0.0% 99.2% 0.0% 0.0% 0.0% 0.0% cpu00 0.4% 0.0% 99.4% 0.0% 0.0% 0.0% 0.0% cpu01 0.8% 0.0% 99.0% 0.0% 0.1% 0.0% 0.0% Mem: 2055236k av, 1935836k used, 119400k free, 0k shrd, 188120k buff 1286892k actv, 165568k in_d, 17336k in_c Swap: 2040244k av, 22676k used, 2017568k free 901000k cached PID USER PRI NI SIZE RSS SHARE STAT %CPU %MEM TIME CPU COMMAND 6515 root 19 0 10048 9.8M 2612 R 3.9 0.4 1:06 1 cpsrvd-ssl 7175 root 18 0 564 564 492 S 2.7 0.0 0:03 0 couriertcpd 10365 nobody 19 0 11020 10M 2352 R 2.5 0.5 0:08 0 httpd 1998 root 19 0 10724 10M 2140 R 2.4 0.5 3:02 1 httpd 10719 mailnull 19 0 1892 1892 1548 R 1.8 0.0 3:49 0 exim 7169 root 19 0 552 552 476 R 1.8 0.0 0:10 1 couriertcpd 29384 manmoud 25 0 380 380 308 R 1.0 0.0 0:01 0 2-4-21 26278 manmoud 24 0 420 420 308 R 0.9 0.0 0:01 1 2-4-21 26519 manmoud 25 0 420 420 308 R 0.9 0.0 0:01 1 2-4-21 26524 manmoud 25 0 424 424 308 R 0.9 0.0 0:01 1 2-4-21 29368 manmoud 25 0 412 412 308 R 0.9 0.0 0:01 1 2-4-21 25916 manmoud 24 0 388 388 308 R 0.8 0.0 0:01 0 2-4-21 25922 manmoud 25 0 388 388 308 R 0.8 0.0 0:01 0 2-4-21 Clearly, the user manmod caused this huge load. Are there any way to prevent such high load caused by any user on the system except root?? thanx
> Clearly, the user manmod caused this huge load. > Are there any way to prevent such high load caused by any user on the > system except root??You can set up resource limiting by modifying /etc/security/limits.conf to suit your needs. -- During times of universal deceit, telling the truth becomes a revolutionary act. George Orwell
Reasonably Related Threads
- centos + kswapd0 error
- CentOS 5.1 - MySQL 5.0.22 - Courier auth lib problem
- Bug#446310: setting package to logcheck-database logtail logcheck, tagging 452879, tagging 450660, tagging 450697 ...
- How to know which process is eating the cpu
- Stalled Authentication, Great Clues