Hi guys, firstly let me say i know nothing about Ruby and it was a colleague that has since left the company that did and worked on a project for a client. the clients hosting company had to upgrade the server his website was on and when it moved across we had a few problems - namely the website didnt come back on. the hosting company had failed to turn ruby on - doh! and also have a redirect to the correct port. anyway, the website was running, but the hosting company had emailed part of the server log (pasted below) and as the old server died they dont know if this existed on the old server as well. could you tell me what this means, is it an issue, can it be ignored? Sun Feb 3 05:01:06 2008 lfd: *Suspicious Process* PID:9658 User:barton Uptime:232873 secs EXE:/usr/bin/ruby CMD:/usr/bin/ruby /usr/bin/mongrel_rails start -p 12001 -d -e production -P log/mongrel.pid Sun Feb 3 05:01:06 2008 lfd: *User Processing* PID:9658 Kill:0 User:barton Time:232873 EXE:/usr/bin/ruby CMD:/usr/bin/ruby /usr/bin/mongrel_rails start -p 12001 -d -e production -P log/mongrel.pid remember i dont know anything about ruby so if you can lay this out in the simplest terms that would be great. thanks in advance :o) -- Posted via http://www.ruby-forum.com/.
On Thu, 7 Feb 2008, Neil Na wrote:> ... > means, is it an issue, can it be ignored? > > Sun Feb 3 05:01:06 2008 lfd: *Suspicious Process* PID:9658 User:barton > Uptime:232873 secs EXE:/usr/bin/ruby CMD:/usr/bin/ruby > /usr/bin/mongrel_rails start -p 12001 -d -e production -P > log/mongrel.pid > Sun Feb 3 05:01:06 2008 lfd: *User Processing* PID:9658 Kill:0 > User:barton Time:232873 EXE:/usr/bin/ruby CMD:/usr/bin/ruby > /usr/bin/mongrel_rails start -p 12001 -d -e production -P > log/mongrel.pid >It can be ignored. The firewall is barking at mongrel because it is listening in a high port (12001) - many backdoors like to listen at high ports like this. Just give some bones to your firewall, so it will stop barking at your mongrel. Cheers, filipe { @ icewall.org GPG 1024D/A6BA423E http://filipe.icewall.org/ }