Unable to avoid LFD emails. [Resolved]

Post Reply
Uhl-Services
Junior Member
Posts: 7
Joined: 02 Feb 2015, 20:45
Location: Brno
Contact:
Contact Uhl-Services

Unable to avoid LFD emails. [Resolved]

Post by Uhl-Services »

Time: Sat Jun 25 18:16:39 2016 +0200
PID: 32341 (Parent PID:32341)
Account: rpc
Uptime: 62454 seconds
Executable: /usr/sbin/rpcbind
Command Line (often faked in exploits): /sbin/rpcbind -w

I tried to Add ignore rules here: nano /etc/csf/csf.pignore like this:

pcmd:/sbin/rpcbind -w

cmd:/sbin/rpcbind -w
user:rpc

This still did not stopped the emails to arrive? Anything I miss here? I also tried the exe:/usr/sbin/rpcbind, nothing helped.
Last edited by Uhl-Services on 08 Jul 2016, 23:26, edited 1 time in total.
Top
Sergio
Junior Member
Posts: 1712
Joined: 12 Dec 2006, 14:56

Re: Unable to avoid LFD emails.

Post by Sergio »

As per the lines says:
Executable: /usr/sbin/rpcbind

You should add in csf.pignore:
exe:/usr/sbin/rpcbind
Top
Post Reply

Return to “General Discussion (csf)”