Author Topic: Command Line (often faked in exploits): (Read 14576 times)

lolite · « **on:** October 19, 2015, 01:50:24 AM »

why error :
Command Line (often faked in exploits):

/usr/sbin/mysqld --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib64/mysql/plugin --user=mysql --log-error=/var/lib/mysql/xxxx.xxxx.err.com.err --pid-file=/var/lib/mysql/xxxx.xxxx.com.pid --wsrep_start_position=00000000-0000-0000-0000-000000000000:-1

regular_text: /dev/null
regular_text: /var/lib/mysql/xxxx.xxxx.err
regular_text: /var/lib/mysql/xxxx.xxxx.com.err
regular_text: /var/lib/mysql/ibdata1
regular_text: /tmp/ibOrSrco (deleted)
regular_text: /tmp/ibmSAwg0 (deleted)
regular_text: /tmp/ib2SrBkC (deleted)
regular_text: /tmp/ib2cdVtQ (deleted)
regular_text: /var/lib/mysql/ib_logfile0

Administrator · « **Reply #1 on:** October 19, 2015, 05:06:42 AM »

and this notifications is where ?

lolite · « **Reply #2 on:** October 20, 2015, 02:46:13 AM »

The notification sent in my email report

Administrator · « **Reply #3 on:** October 20, 2015, 05:44:24 AM »

you should check with your system admin if that is a valid mysql process and if it is then you can whitelist it in
/etc/csf/csf.pignore

lolite · « **Reply #4 on:** October 23, 2015, 03:01:15 AM »

I have to check the directory / usr / sbin / mysqld but not in /etc/csf/csf.pignore
if I could ask for a description of the details because I am still a newbie, please help thanks before

Igor S. · « **Reply #5 on:** November 10, 2015, 07:30:31 AM »

Hello.

He is meant you should the line /usr/sbin/mysqld in your /etc/csf.pignore .
Also can you write here full message?

Control Web Panel

Author Topic: Command Line (often faked in exploits): (Read 14576 times)

Command Line (often faked in exploits):

Re: Command Line (often faked in exploits):

Re: Command Line (often faked in exploits):

Re: Command Line (often faked in exploits):

Re: Command Line (often faked in exploits):

Re: Command Line (often faked in exploits):