Server stats and other stuff

Recently I noticed that on my server the host process (/usr/bin/host) was chewing up TONS of CPU (90-100% on one core and 10-20% on the other according to top).  After doing some research I found the following article on host process being used in an HTTP DDOS attack.
The lsof (LiSt Open Files) command gives fairly detailed output of the files in use at a particular time, filtering this list to a particular process id (in my case the out of control host process) filters to only the files that are contributing to the attack.  The following command is what I used:
sudo lsof | grep {pid of the out of control process}
As a note, I do NOT recommend running the lsof command without filtering by process id.  The result is LONG, my terminal was outputting text for a couple of minutes before I cancelled it.
Long story short, CMS updates are good, folders with 777 permissions are bad and Google can save a format re-install when used correctly with a bit of willingness to get your hands dirty.

Add new comment

Filtered HTML

  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Categories: