not ignoring processes and users in pignore

Post Reply
omaclay
Junior Member
Posts: 2
Joined: 24 Mar 2022, 13:30

not ignoring processes and users in pignore

Post by omaclay »

csf.pignore entries:
----
# It is strongly recommended that you use command line ignores very carefully
# as any process can change what is reported to the OS.
#
# For more information see readme.txt
puser: .*conf
puser: .*arch
exe: /usr/bin/icecast
exe: /opt/cpanel/ea-php74/root/usr/bin/php
exe: /usr/local/src/pontifiserver/pontifiserver
exe: /usr/local/src/pontifiserver/pontifistreamer
exe: /usr/local/src/pontificorder2/pontificorder2
exe: /usr/local/bin/pontificorder2
exe: /usr/local/bin/pontifiserver
exe: /usr/local/bin/pontifistreamer
user: audio
user: audio2
user: streampacserv
-----
lfd.log entries:
-----
Mar 20 07:00:24 nu lfd[27938]: *Suspicious Process* PID:15358 PPID:15358 User:streampacserv Uptime:2000465 secs EXE:/usr/bin/icecast CMD:/usr/bin/icecast -c /home/streampacserv/public_html/icecast_streampacserv.xml
Mar 20 07:00:24 nu lfd[27938]: *User Processing* PID:5645 Kill:0 User:wdbxconf Time:36911 EXE:/usr/bin/bash CMD:-bash
Mar 20 07:00:24 nu lfd[27938]: *User Processing* PID:15358 Kill:0 User:streampacserv VM:1069(MB) EXE:/usr/bin/icecast CMD:/usr/bin/icecast -c /home/streampacserv/public_html/icecast_streampacserv.xml
Mar 20 07:00:24 nu lfd[27938]: *User Processing* PID:15358 Kill:0 User:streampacserv Time:2000465 EXE:/usr/bin/icecast CMD:/usr/bin/icecast -c /home/streampacserv/public_html/icecast_streampacserv.xml
Mar 20 08:00:27 nu lfd[5519]: *Suspicious Process* PID:15358 PPID:15358 User:streampacserv Uptime:2004068 secs EXE:/usr/bin/icecast CMD:/usr/bin/icecast -c /home/streampacserv/public_html/icecast_streampacserv.xml
Mar 20 08:00:27 nu lfd[5519]: *User Processing* PID:15358 Kill:0 User:streampacserv VM:1069(MB) EXE:/usr/bin/icecast CMD:/usr/bin/icecast -c /home/streampacserv/public_html/icecast_streampacserv.xml
Mar 20 08:00:27 nu lfd[5519]: *User Processing* PID:15358 Kill:0 User:streampacserv Time:2004068 EXE:/usr/bin/icecast CMD:/usr/bin/icecast -c /home/streampacserv/public_html/icecast_streampacserv.xml
Mar 20 08:00:27 nu lfd[5519]: *User Processing* PID:5645 Kill:0 User:wdbxconf Time:40514 EXE:/usr/bin/bash CMD:-bash
Mar 20 09:00:29 nu lfd[24000]: *Suspicious Process* PID:15358 PPID:15358 User:streampacserv Uptime:2007670 secs EXE:/usr/bin/icecast CMD:/usr/bin/icecast -c /home/streampacserv/public_html/icecast_streampacserv.xml
Mar 20 09:00:30 nu lfd[24000]: *User Processing* PID:5645 Kill:0 User:wdbxconf Time:44116 EXE:/usr/bin/bash CMD:-bash
------

i'm sure i've done something wrong... but i can't figure out what it is.

any help would be greatly appreciated.

O.
Top
miguelandroidcsf
Junior Member
Posts: 6
Joined: 17 Apr 2020, 10:43

Re: not ignoring processes and users in pignore

Post by miguelandroidcsf »

Use this way

CMD:/usr/bin/icecast -c /home/streampacserv/public_html/icecast_streampacserv.xml
Top
omaclay
Junior Member
Posts: 2
Joined: 24 Mar 2022, 13:30

Re: not ignoring processes and users in pignore

Post by omaclay »

??? what is the difference?
what about the user ignore? and the puser ignore?
it seems that nothing is being ignored.

O.
Top
Post Reply

Return to “General Discussion (csf)”