Fermé

Spam detect/fix/terminate.

We have receiving something like that on server.

Its on WHM, and same on different accounts in same server.

Need to find the reason, and fix.

Time: Tue Aug 2 09:17:27 2022 +0100

PID: 26355 (Parent PID:24019)

Account: eds

Uptime: 26542 seconds

Executable:

/usr/local/cpanel/3rdparty/perl/532/bin/perl

Command Line (often faked in exploits):

spamd child

Network connections by the process (if any):

tcp: [login to view URL] -> [login to view URL]

udp: [login to view URL] -> 5.9.124.53:24441

udp: [login to view URL] -> 1.1.1.1:53

tcp: [login to view URL] -> [login to view URL]

Files open by the process (if any):

/dev/null

/usr/local/cpanel/logs/spamd_error_log

/usr/local/cpanel/logs/spamd_error_log

/usr/local/cpanel/3rdparty/perl/532/bin/spamd

/home/eds/.razor/[login to view URL]

/var/cpanel/locale/[login to view URL]

/usr/local/cpanel/3rdparty/perl/532/lib/perl5/cpanel_lib/Net/DNS/Resolver/[login to view URL]

Memory maps by the process (if any):

00400000-00402000 r-xp 00000000 09:02 1349599744 /usr/local/cpanel/3rdparty/perl/532/bin/perl

00601000-00602000 r--p 00001000 09:02 1349599744 /usr/local/cpanel/3rdparty/perl/532/bin/perl

00602000-00603000 rw-p 00002000 09:02 1349599744 /usr/local/cpanel/3rdparty/perl/532/bin/perl

00603000-07728000 rw-p 00000000 00:00 0 [heap]

07728000-09855000 rw-p 00000000 00:00 0 [heap]

1535dda72000-1535ddaab000 r-xp 00000000 09:02 1612095914 /usr/local/cpanel/3rdparty/perl/532/lib/perl5/cpanel_lib/x86_64-linux-64int/auto/Encode/Byte/[login to view URL]

1535ddaab000-1535ddcaa000 ---p 00039000 09:02 1612095914 /usr/local/cpanel/3rdparty/perl/532/lib/perl5/cpanel_lib/x86_64-linux-64int/auto/Encode/Byte/[login to view URL]

1535ddcaa000-1535ddcc9000 r--p 00038000 09:02 1612095914 /usr/local/cpanel/3rdparty/perl/532/lib/perl5/cpanel_lib/x86_64-linux-64int/auto/Encode/Byte/[login to view URL]

1535ddcc9000-1535ddcca000 rw-p 00057000 09:02 1612095914 /usr/local/cpanel/3rdparty/perl/532/lib/perl5/cpanel_lib/x86_64-linux-64int/auto/Encode/Byte/[login to view URL]

1535ddcca000-1535ddcce000 r-xp 00000000 09:02 1611767430 /usr/local/cpanel/3rdparty/perl/532/lib/perl5/532/x86_64-linux-64int/auto/mro/[login to view URL]

1535ddcce000-1535ddecd000 ---p 00004000 09:02 1611767430 /usr/local/cpanel/3rdparty/perl/532/lib/perl5/532/x86_64-linux-64int/auto/mro/[login to view URL]

1535ddecd000-1535ddece000 r--p 00003000 09:02 1611767430 /usr/local/cpanel/3rdparty/perl/532/lib/perl5/532/x86_64-linux-64int/auto/mro/[login to view URL]

1535ddece000-1535ddecf000 rw-p 00004000 09:02 1611767430 /usr/local/cpanel/3rdparty/perl/532/lib/perl5/532/x86_64-linux-64int/auto/mro/[login to view URL]

1535ddecf000-1535de092000 r-xp 00000000 09:02 1349599617

Compétences : Linux, PHP, Perl, Ubuntu, Administration Système

Concernant le client :
( 34 commentaires ) Jelgava, Latvia

Nº du projet : #34269635

23 freelances font une offre moyenne de 124 € pour ce travail

gursukh

Hello, I can help you with the website spam fix. I read through the job details extremely carefully and I am confident I can exceed your expectations. I have long experience with right skills to work on this project. Plus

%bids___i_sum_sub_32% %project_currencyDetails_sign_sub_33% EUR en 1 jour
(417 Commentaires)
7.8
vili1977

Hello. I wouldl ike to help you with fixing issue with perl trojan, I have expeirence. Please read my feedbadks. Thank you.

%bids___i_sum_sub_32% %project_currencyDetails_sign_sub_33% EUR en 1 jour
(1193 Commentaires)
7.8
(102 Commentaires)
7.9
seefattechnologi

Hello , Greetings !! ----Provide to you full satisfaction with my work-----I can fix this issue quickly Definitely, I will do this task effectively . I have 7 years of experience as a web designer/full stack dev Plus

%bids___i_sum_sub_35% %project_currencyDetails_sign_sub_36% EUR en 4 jours
(80 Commentaires)
7.6
(216 Commentaires)
7.4
(611 Commentaires)
7.6
(182 Commentaires)
7.5
kuldeepvk

Hi, I will scan complete server and remove all malware and vulnerabilities from server and implement securities on server. I have 10 years of experience in hosting and server work.I will enable 2 way authentication,i Plus

%bids___i_sum_sub_32% %project_currencyDetails_sign_sub_33% EUR en 1 jour
(632 Commentaires)
7.4
(95 Commentaires)
7.1
(74 Commentaires)
6.3
(58 Commentaires)
6.0
(61 Commentaires)
5.6
rhlmeena35

Hi, i understood your project details very well and i can finish the same in your timeline. come over chat to discuss further

%bids___i_sum_sub_32% %project_currencyDetails_sign_sub_33% EUR en 1 jour
(91 Commentaires)
5.6
mohitcloudoserv

Hello, I'm an expert. I have more than 7+ years of experience as a Linux System Admin. I have excellent knowledge and exp of WHM. I can help you right away in resolving this issue. Ping me asap, and let's discuss this! Plus

%bids___i_sum_sub_32% %project_currencyDetails_sign_sub_33% EUR en 1 jour
(31 Commentaires)
4.9
kushalghimire2

hello it looks like your SPAMD process is leaving too many memory footprints we can use jailshell and other methods to fix this please message me and i can start working right away on this hoping to hear from you

%bids___i_sum_sub_35% %project_currencyDetails_sign_sub_36% EUR en 7 jours
(19 Commentaires)
4.2
ayesharifatmed

Hello There! This is Ayesha Siddiqua. Nice to meet with you. I am an M.B.B.S doctor. I have completed my graduation from North Bengal Medical College under Rajshahi University. A versatile and professional Web & Mob Plus

%bids___i_sum_sub_35% %project_currencyDetails_sign_sub_36% EUR en 2 jours
(9 Commentaires)
3.7
devastatingram

Hi There, I've understood your requirement and would love to work with you. however i have some questions regarding this project, so requesting you to please text me so we can make my thoughts clear and work on your pr Plus

%bids___i_sum_sub_35% %project_currencyDetails_sign_sub_36% EUR en 3 jours
(1 Évaluation)
1.9
GMS02

Hi, I can help you to trace the issue and can give a proper solution for the same. I have 10 years of hands on experience in Linux cpanel servers. Please ping me with the details so that I can help you.

%bids___i_sum_sub_32% %project_currencyDetails_sign_sub_33% EUR en 1 jour
(3 Commentaires)
1.5
anamali7886

Hello, I am a Full-Stack developer with over 3+ years of experience in web development (PHP - Laravel, E-Commerce, word press and CI, NodeJS, HTML, Python, CSS, React Js, React Native, Mobile App Development, Kotlin, Plus

%bids___i_sum_sub_35% %project_currencyDetails_sign_sub_36% EUR en 2 jours
(1 Évaluation)
1.2
sajjadsab

Hi there, I can fix this Server WHM/cPanel error with perfect testing the task. I read all Your error and description. I will give you dedicated support. Please chat with me for further discussion. Thank You.

%bids___i_sum_sub_32% %project_currencyDetails_sign_sub_33% EUR en 1 jour
(1 Évaluation)
0.0