Author Topic: Command Line (often faked in exploits): postgre  (Read 8068 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
Command Line (often faked in exploits): postgre
« on: June 17, 2017, 02:09:25 AM »
Is this normal? I get reports through lfd many times, is this malware injected in postgre?

Code: [Select]
Time: Sat Jun 17 08:20:01 2017 +0700
PID: 2391 (Parent PID:2391)
Account: postgres
Uptime: 141028 seconds


Executable:

/usr/bin/postgres


Command Line (often faked in exploits):

/usr/bin/postmaster -p 5432 -D /var/lib/pgsql/data


Network connections by the process (if any):

tcp: 127.0.0.1:5432 -> 0.0.0.0:0


Files open by the process (if any):

/dev/null


Memory maps by the process (if any):

00400000-00863000 r-xp 00000000 fd:00 10503293 /usr/bin/postgres
00a63000-00a70000 rw-p 00463000 fd:00 10503293 /usr/bin/postgres
00a70000-00ae6000 rw-p 00000000 00:00 0
02172000-0219d000 rw-p 00000000 00:00 0 [heap]