ConfigServer Community Forum

Peer support forums for ConfigServer Scripts
https://mail.forum.configserver.com/

What is wrong here with ConfigServer Security & Firewall

https://mail.forum.configserver.com/viewtopic.php?t=10105

Page 1 of 1

What is wrong here with ConfigServer Security & Firewall

Posted: 06 Mar 2017, 14:18
by john01
ConfigServer Security & Firewall - csf v10.02

it takes ages before I get access to Config Server Security and Firewall settings.

My Mail Queue Administration remains flooded.
Finally after much searching, I had to suddenly enter an email address to LF_ALERT_FROM = mymail@new.us

Now I'm not getting emails in on Mail Queue Administration, but in my private mail box.

The information stated therein is the following;

Code: Select all

This message was created automatically by mail delivery software.

A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:

  root@AHV-ID-2679.vps.awcloud.nl
    Unrouteable address



Reporting-MTA: dns; AHV-ID-2679.vps.awcloud.nl

Action: failed
Final-Recipient: rfc822;root@AHV-ID-2679.vps.awcloud.nl
Status: 5.0.0


ForwardedMessage.eml
Subject: 
lfd on AHV-ID-2679.vps.awcloud.nl: Suspicious process running under user avahi
From: 
mymail@new.us
Date: 
6-3-2017 15:07
To: 
root@AHV-ID-2679.vps.awcloud.nl

Time:    Mon Mar  6 14:07:02 2017 +0000
PID:     616 (Parent PID:616)
Account: avahi
Uptime:  66708 seconds


Executable:

/usr/sbin/avahi-daemon


Command Line (often faked in exploits):

avahi-daemon: running [AHV-ID-2679.local]


Network connections by the process (if any):

udp: 0.0.0.0:5353 -> 0.0.0.0:0
udp: 0.0.0.0:54413 -> 0.0.0.0:0


Files open by the process (if any):

/dev/null
anon_inode:inotify


Memory maps by the process (if any):

7f7f3c9f5000-7f7f3ca01000 r-xp 00000000 fd:01 134468983                  /usr/lib64/libnss_files-2.17.so
7f7f3ca01000-7f7f3cc00000 ---p 0000c000 fd:01 134468983                  /usr/lib64/libnss_files-2.17.so
7f7f3cc00000-7f7f3cc01000 r--p 0000b000 fd:01 134468983                  /usr/lib64/libnss_files-2.17.so
7f7f3cc01000-7f7f3cc02000 rw-p 0000c000 fd:01 134468983                  /usr/lib64/libnss_files-2.17.so
7f7f3cc02000-7f7f3cc08000 rw-p 00000000 00:00 0 
7f7f3cc08000-7f7f3cc0f000 r-xp 00000000 fd:01 134616122                  /usr/lib64/librt-2.17.so
7f7f3cc0f000-7f7f3ce0e000 ---p 00007000 fd:01 134616122                  /usr/lib64/librt-2.17.so
7f7f3ce0e000-7f7f3ce0f000 r--p 00006000 fd:01 134616122                  /usr/lib64/librt-2.17.so
7f7f3ce0f000-7f7f3ce10000 rw-p 00007000 fd:01 134616122                  /usr/lib64/librt-2.17.so
7f7f3ce10000-7f7f3ce14000 r-xp 00000000 fd:01 134418622                  /usr/lib64/libattr.so.1.1.0
7f7f3ce14000-7f7f3d013000 ---p 00004000 fd:01 134418622                  /usr/lib64/libattr.so.1.1.0
7f7f3d013000-7f7f3d014000 r--p 00003000 fd:01 134418622                  /usr/lib64/libattr.so.1.1.0
7f7f3d014000-7f7f3d015000 rw-p 00004000 fd:01 134418622                  /usr/lib64/libattr.so.1.1.0
7f7f3d015000-7f7f3d1cb000 r-xp 00000000 fd:01 134361215                  /usr/lib64/libc-2.17.so
7f7f3d1cb000-7f7f3d3cb000 ---p 001b6000 fd:01 134361215                  /usr/lib64/libc-2.17.so
7f7f3d3cb000-7f7f3d3cf000 r--p 001b6000 fd:01 134361215                  /usr/lib64/libc-2.17.so
7f7f3d3cf000-7f7f3d3d1000 rw-p 001ba000 fd:01 134361215                  /usr/lib64/libc-2.17.so
7f7f3d3d1000-7f7f3d3d6000 rw-p 00000000 00:00 0 
7f7f3d3d6000-7f7f3d3ed000 r-xp 00000000 fd:01 134603391                  /usr/lib64/libpthread-2.17.so
7f7f3d3ed000-7f7f3d5ec000 ---p 00017000 fd:01 134603391                  /usr/lib64/libpthread-2.17.so
7f7f3d5ec000-7f7f3d5ed000 r--p 00016000 fd:01 134603391                  /usr/lib64/libpthread-2.17.so
7f7f3d5ed000-7f7f3d5ee000 rw-p 00017000 fd:01 134603391                  /usr/lib64/libpthread-2.17.so
7f7f3d5ee000-7f7f3d5f2000 rw-p 00000000 00:00 0 
7f7f3d5f2000-7f7f3d638000 r-xp 00000000 fd:01 134372538                  /usr/lib64/libdbus-1.so.3.7.4
7f7f3d638000-7f7f3d838000 ---p 00046000 fd:01 134372538                  /usr/lib64/libdbus-1.so.3.7.4
7f7f3d838000-7f7f3d839000 r--p 00046000 fd:01 134372538                  /usr/lib64/libdbus-1.so.3.7.4
7f7f3d839000-7f7f3d83a000 rw-p 00047000 fd:01 134372538                  /usr/lib64/libdbus-1.so.3.7.4
7f7f3d83a000-7f7f3d83c000 r-xp 00000000 fd:01 134372575                  /usr/lib64/libdl-2.17.so
7f7f3d83c000-7f7f3da3c000 ---p 00002000 fd:01 134372575                  /usr/lib64/libdl-2.17.so
7f7f3da3c000-7f7f3da3d000 r--p 00002000 fd:01 134372575                  /usr/lib64/libdl-2.17.so
7f7f3da3d000-7f7f3da3e000 rw-p 00003000 fd:01 134372575                  /usr/lib64/libdl-2.17.so
7f7f3da3e000-7f7f3da42000 r-xp 00000000 fd:01 134418626                  /usr/lib64/libcap.so.2.22
7f7f3da42000-7f7f3dc41000 ---p 00004000 fd:01 134418626                  /usr/lib64/libcap.so.2.22
7f7f3dc41000-7f7f3dc42000 r--p 00003000 fd:01 134418626                  /usr/lib64/libcap.so.2.22
7f7f3dc42000-7f7f3dc43000 rw-p 00004000 fd:01 134418626                  /usr/lib64/libcap.so.2.22
7f7f3dc43000-7f7f3dc6a000 r-xp 00000000 fd:01 134689906                  /usr/lib64/libexpat.so.1.6.0
7f7f3dc6a000-7f7f3de6a000 ---p 00027000 fd:01 134689906                  /usr/lib64/libexpat.so.1.6.0
7f7f3de6a000-7f7f3de6c000 r--p 00027000 fd:01 134689906                  /usr/lib64/libexpat.so.1.6.0
7f7f3de6c000-7f7f3de6d000 rw-p 00029000 fd:01 134689906                  /usr/lib64/libexpat.so.1.6.0
7f7f3de6d000-7f7f3de73000 r-xp 00000000 fd:01 134468940                  /usr/lib64/libdaemon.so.0.5.0
7f7f3de73000-7f7f3e072000 ---p 00006000 fd:01 134468940                  /usr/lib64/libdaemon.so.0.5.0
7f7f3e072000-7f7f3e073000 r--p 00005000 fd:01 134468940                  /usr/lib64/libdaemon.so.0.5.0
7f7f3e073000-7f7f3e074000 rw-p 00006000 fd:01 134468940                  /usr/lib64/libdaemon.so.0.5.0
7f7f3e074000-7f7f3e0a8000 r-xp 00000000 fd:01 134560345                  /usr/lib64/libavahi-core.so.7.0.2
7f7f3e0a8000-7f7f3e2a7000 ---p 00034000 fd:01 134560345                  /usr/lib64/libavahi-core.so.7.0.2
7f7f3e2a7000-7f7f3e2a8000 r--p 00033000 fd:01 134560345                  /usr/lib64/libavahi-core.so.7.0.2
7f7f3e2a8000-7f7f3e2a9000 rw-p 00034000 fd:01 134560345                  /usr/lib64/libavahi-core.so.7.0.2
7f7f3e2a9000-7f7f3e2b5000 r-xp 00000000 fd:01 134796594                  /usr/lib64/libavahi-common.so.3.5.3
7f7f3e2b5000-7f7f3e4b4000 ---p 0000c000 fd:01 134796594                  /usr/lib64/libavahi-common.so.3.5.3
7f7f3e4b4000-7f7f3e4b5000 r--p 0000b000 fd:01 134796594                  /usr/lib64/libavahi-common.so.3.5.3
7f7f3e4b5000-7f7f3e4b6000 rw-p 0000c000 fd:01 134796594                  /usr/lib64/libavahi-common.so.3.5.3
7f7f3e4b6000-7f7f3e4d6000 r-xp 00000000 fd:01 134361204                  /usr/lib64/ld-2.17.so
7f7f3e6c5000-7f7f3e6cc000 rw-p 00000000 00:00 0 
7f7f3e6d4000-7f7f3e6d5000 rw-p 00000000 00:00 0 
7f7f3e6d5000-7f7f3e6d6000 r--p 0001f000 fd:01 134361204                  /usr/lib64/ld-2.17.so
7f7f3e6d6000-7f7f3e6d7000 rw-p 00020000 fd:01 134361204                  /usr/lib64/ld-2.17.so
7f7f3e6d7000-7f7f3e6d8000 rw-p 00000000 00:00 0 
7f7f3e6d8000-7f7f3e6f7000 r-xp 00000000 fd:01 134560346                  /usr/sbin/avahi-daemon
7f7f3e8f6000-7f7f3e8f8000 r--p 0001e000 fd:01 134560346                  /usr/sbin/avahi-daemon
7f7f3e8f8000-7f7f3e8f9000 rw-p 00020000 fd:01 134560346                  /usr/sbin/avahi-daemon
7f7f3fda1000-7f7f3fdc2000 rw-p 00000000 00:00 0                          [heap]
7ffc11adf000-7ffc11b00000 rw-p 00000000 00:00 0                          [stack]
7ffc11b11000-7ffc11b13000 r-xp 00000000 00:00 0                          [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0                  [vsyscall]




What this is going on.

Re: What is wrong here with ConfigServer Security & Firewall

Posted: 08 Mar 2017, 16:22
by john01
Problem solve after a upgrade
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited