Старый 12.11.2013, 20:11   #1001
Pashkela
 
Аватар для Pashkela
 
Регистрация: 05.07.2010
Сообщений: 1,243
По умолчанию

А, все понятно, не сработает, ибо:

Цитата:
tmpfs 1.8G 0 1.8G 0% /home/www/cache

tmpfs on /home/www/cache type tmpfs (rw,noexec,nosuid,nodev,noatime,mode=1777)
облом
Pashkela вне форума   Ответить с цитированием
Старый 12.11.2013, 20:17   #1002
d.anon
 
Регистрация: 11.11.2013
Сообщений: 7
Репутация: 0
По умолчанию

да.. не сработало...
d.anon вне форума   Ответить с цитированием
Старый 12.11.2013, 20:20   #1003
Pashkela
 
Аватар для Pashkela
 
Регистрация: 05.07.2010
Сообщений: 1,243
По умолчанию

ну и последняя надежда

сделай

cat /etc/dbus-1/session.conf

надо понять, куда он файло таки пишет, может не в /tmp

важная строчка:

<listen>unix:tmpdir=/tmp</listen>
Pashkela вне форума   Ответить с цитированием
Старый 12.11.2013, 20:23   #1004
d.anon
 
Регистрация: 11.11.2013
Сообщений: 7
Репутация: 0
По умолчанию

да, присутствует эта строчка. и линк dbus-что-то-там на сплойт создавался в /tmp
ty anyway
d.anon вне форума   Ответить с цитированием
Старый 13.11.2013, 03:03   #1005
QaRTiN
 
Регистрация: 22.08.2010
Сообщений: 54
Репутация: 0
По умолчанию

Help me,guys,please

Код:
================================================
uname -a
================================================
Linux *** 2.6.32-358.el6.x86_64 #1 SMP Fri Feb 22 00:31:26 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux

================================================
mount
================================================
/dev/xvda6 on / type ext3 (rw)
proc on /proc type proc (rw)
sysfs on /sys type sysfs (rw)
devpts on /dev/pts type devpts (rw,gid=5,mode=620)
tmpfs on /dev/shm type tmpfs (rw)
/dev/xvda1 on /boot type ext3 (rw)
/dev/xvda2 on /tmp type ext3 (rw)
/dev/xvda3 on /var type ext3 (rw)
/dev/mapper/mysql_vg-mysql_lv on /mysql type ext4 (rw)
none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)
sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw)
/dev/mapper/webcontent_vg-webcontent_lv on /var/www type ext4 (rw)

================================================
df -h
================================================
Filesystem            Size  Used Avail Use% Mounted on
/dev/xvda6            5.9G  1.1G  4.5G  20% /
tmpfs                 1.9G     0  1.9G   0% /dev/shm
/dev/xvda1             97M   29M   64M  31% /boot
/dev/xvda2            2.0G   35M  1.8G   2% /tmp
/dev/xvda3            2.0G  673M  1.2G  36% /var
/dev/mapper/mysql_vg-mysql_lv
                      4.9G  382M  4.3G   9% /mysql
/dev/mapper/webcontent_vg-webcontent_lv
                      4.9G  230M  4.4G   5% /var/www

================================================
ls -la /boot
================================================
total 22548
dr-xr-xr-x.  5 root root     1024 Jul  9 10:55 .
dr-xr-xr-x. 23 root root     4096 Aug  9 03:16 ..
-rw-r--r--.  1 root root      166 Feb 21  2013 .vmlinuz-2.6.32-358.el6.x86_64.hmac
-rw-r--r--.  1 root root  2407466 Feb 21  2013 System.map-2.6.32-358.el6.x86_64
-rw-r--r--.  1 root root   104081 Feb 21  2013 config-2.6.32-358.el6.x86_64
drwxr-xr-x.  3 root root     1024 Jul  9 10:54 efi
drwxr-xr-x.  2 root root     1024 Jul  9 10:56 grub
-rw-r--r--.  1 root root 16214951 Jul  9 10:55 initramfs-2.6.32-358.el6.x86_64.img
drwx------.  2 root root    12288 Jul  9 10:49 lost+found
-rw-r--r--.  1 root root   185734 Feb 21  2013 symvers-2.6.32-358.el6.x86_64.gz
-rwxr-xr-x.  1 root root  4043888 Feb 21  2013 vmlinuz-2.6.32-358.el6.x86_64

================================================
cat /proc/version
================================================
Linux version 2.6.32-358.el6.x86_64 (mockbuild@c6b8.bsys.dev.centos.org) (gcc version 4.4.7 20120313 (Red Hat 4.4.7-3) (GCC) ) #1 SMP Fri Feb 22 00:31:26 UTC 2013

================================================
pwd
================================================
/var/www/html/***

================================================
id
================================================
uid=48(apache) gid=48(apache) groups=48(apache)

================================================
whoami
================================================
apache

================================================
cat /etc/passwd
================================================
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
abrt:x:173:173::/etc/abrt:/sbin/nologin
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
saslauth:x:499:76:"Saslauthd user":/var/empty/saslauth:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
tcpdump:x:72:72::/:/sbin/nologin
rpc:x:32:32:Rpcbind Daemon:/var/cache/rpcbind:/sbin/nologin
hacluster:x:498:499:heartbeat user:/var/lib/heartbeat/cores/hacluster:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
mysql:x:27:27:MySQL Server:/var/lib/mysql:/bin/bash
apache:x:48:48:Apache:/var/www:/sbin/nologin

================================================
cat /etc/issue
================================================
CentOS release 6.4 (Final)
Kernel \r on an \m


================================================
cat /etc/issue.net
================================================
CentOS release 6.4 (Final)
Kernel \r on an \m

================================================
cat /proc/sys/vm/mmap_min_addr
================================================
4096

================================================
cat /etc/crontab
================================================
SHELL=/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root
HOME=/

# For details see man 4 crontabs

# Example of job definition:
# .---------------- minute (0 - 59)
# |  .------------- hour (0 - 23)
# |  |  .---------- day of month (1 - 31)
# |  |  |  .------- month (1 - 12) OR jan,feb,mar,apr ...
# |  |  |  |  .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
# |  |  |  |  |
# *  *  *  *  * user-name command to be executed


================================================
ls -la /etc/cron.d
================================================
total 20
drwxr-xr-x.  2 root root 4096 Jul  9 10:54 .
drwxr-xr-x. 86 root root 4096 Nov 11 03:38 ..
-rw-r--r--.  1 root root  113 Jul 19  2011 0hourly
-rw-r--r--.  1 root root  108 Dec  6  2012 raid-check
-rw-r--r--.  1 root root  235 Jun 22  2012 sysstat

================================================
ls -la /etc/cron.hourly
================================================
total 12
drwxr-xr-x.  2 root root 4096 Jul  9 10:53 .
drwxr-xr-x. 86 root root 4096 Nov 11 03:38 ..
-rwxr-xr-x.  1 root root  424 Jul 19  2011 0anacron

================================================
ls -la /etc/cron.monthly
================================================
total 12
drwxr-xr-x.  2 root root 4096 Jul  9 10:54 .
drwxr-xr-x. 86 root root 4096 Nov 11 03:38 ..
-rwxr-xr-x.  1 root root  111 Aug 23  2010 readahead-monthly.cron

================================================
ls -la /etc/cron.weekly
================================================
total 8
drwxr-xr-x.  2 root root 4096 Sep 26  2011 .
drwxr-xr-x. 86 root root 4096 Nov 11 03:38 ..

================================================
ls -la /etc
================================================
total 1688
drwxr-xr-x. 86 root root   4096 Nov 11 03:38 .
dr-xr-xr-x. 23 root root   4096 Aug  9 03:16 ..
-rw-------.  1 root root      0 Jul  9 10:51 .pwd.lock
drwxr-xr-x.  5 root root   4096 Jul  9 10:52 ConsoleKit
-rw-r--r--.  1 root root   4439 Apr 17  2012 DIR_COLORS
-rw-r--r--.  1 root root   5139 Apr 17  2012 DIR_COLORS.256color
-rw-r--r--.  1 root root   4113 Apr 17  2012 DIR_COLORS.lightbgcolor
drwxr-xr-x.  3 root root   4096 Feb 22  2013 NetworkManager
drwxr-xr-x.  4 root root   4096 Jul  9 10:53 X11
drwxr-xr-x.  3 root root   4096 Jul  9 10:52 abrt
drwxr-xr-x.  4 root root   4096 Jul  9 10:54 acpi
-rw-r--r--.  1 root root     18 Jul  9 10:56 adjtime
-rw-r--r--.  1 root root   1512 Jan 12  2010 aliases
-rw-r--r--   1 root root  12288 Jul  9 11:10 aliases.db
drwxr-xr-x.  2 root root   4096 Jul  9 10:54 alsa
drwxr-xr-x.  2 root root   4096 Jul  9 10:53 alternatives
-rw-r--r--.  1 root root    541 Jul 19  2011 anacrontab
-rw-r--r--.  1 root root    148 May 14  2009 asound.conf
-rw-r--r--.  1 root root      1 Jan 30  2012 at.deny
drwxr-x---.  3 root root   4096 Jul  9 10:54 audisp
drwxr-x---.  2 root root   4096 Jul  9 10:54 audit
drwxr-xr-x.  2 root root   4096 Jul  9 10:54 bash_completion.d
-rw-r--r--.  1 root root   2681 Oct 15  2012 bashrc
drwxr-xr-x.  2 root root   4096 Jul 10 14:52 blkid
-rw-r--r--.  1 root root     27 Feb 25  2013 centos-release
drwxr-xr-x.  2 root root   4096 Jun 22  2012 chkconfig.d
drwxr-xr-x.  2 root root   4096 Jul  9 10:54 cron.d
drwxr-xr-x.  2 root root   4096 Jul  9 10:54 cron.daily
-rw-r--r--.  1 root root      0 Jul 19  2011 cron.deny
drwxr-xr-x.  2 root root   4096 Jul  9 10:53 cron.hourly
drwxr-xr-x.  2 root root   4096 Jul  9 10:54 cron.monthly
drwxr-xr-x.  2 root root   4096 Sep 26  2011 cron.weekly
-rw-r--r--.  1 root root    457 Sep 26  2011 crontab
-rw-r--r--.  1 root root      0 Jul  9 10:50 crypttab
-rw-r--r--.  1 root root   1602 Oct 15  2012 csh.cshrc
-rw-r--r--.  1 root root    794 Oct 15  2012 csh.login
drwxr-xr-x.  4 root root   4096 Jul  9 10:51 dbus-1
drwxr-xr-x.  2 root root   4096 Jul  9 10:51 default
drwxr-xr-x.  2 root root   4096 Jul  9 10:52 depmod.d
drwxr-x---.  3 root root   4096 Jul  9 10:53 dhcp
-rw-r--r--.  1 root root    519 Feb 22  2013 dracut.conf
drwxr-xr-x.  2 root root   4096 Feb 22  2013 dracut.conf.d
-rw-r--r--.  1 root root      0 Oct 15  2012 environment
-rw-r--r--.  1 root root     28 May 10  2012 ethers
drwxr-xr-x.  2 root root   4096 Jul  9 10:52 event.d
-rw-r--r--.  1 root root      0 Jan 12  2010 exports
lrwxrwxrwx.  1 root root     56 Jul  9 10:52 favicon.png -> /usr/share/icons/hicolor/16x16/apps/system-logo-icon.png
-rw-r--r--.  1 root root     64 Oct 15  2012 filesystems
drwxr-xr-x.  4 root root   4096 Jul  9 10:52 fonts
-rw-r--r--.  1 root root     20 Jun 22  2012 fprintd.conf
-rw-r--r--   1 root root   1181 Jul 10 14:52 fstab
-rw-r--r--.  1 root root      0 Feb 21  2013 gai.conf
drwxr-xr-x   7 root root   4096 Jul 12 09:31 gconf
drwxr-xr-x.  2 root root   4096 Apr 16  2012 gcrypt
drwxr-xr-x   3 root root   4096 Jul 12 09:31 ghostscript
drwxr-xr-x.  2 root root   4096 Nov 11  2010 gnupg
-rw-r--r--   1 root root    670 Jul 10 14:51 group
-rw-------.  1 root root    657 Jul  9 13:32 group-
lrwxrwxrwx.  1 root root     22 Jul  9 10:56 grub.conf -> ../boot/grub/grub.conf
----------   1 root root    548 Jul 10 14:51 gshadow
-rw-------.  1 root root    537 Jul  9 13:32 gshadow-
-rw-r--r--   1 root root    801 Jul 19  2011 gssapi_mech.conf
drwxr-xr-x.  3 root root   4096 Jul  9 10:53 gtk-2.0
drwxr-xr-x   4 root root   4096 Jul 10 15:57 ha.d
drwxr-xr-x.  3 root root   4096 Jul  9 10:53 hal
-rw-r--r--.  1 root root      9 Oct 15  2012 host.conf
-rw-r--r--   1 root root    356 Jul 10 15:00 hosts
-rw-r--r--.  1 root root    370 Jan 12  2010 hosts.allow
-rw-r--r--.  1 root root    460 Jan 12  2010 hosts.deny
drwxr-xr-x   4 root root   4096 Jul 10 14:51 httpd
-rw-r--r--   1 root root   3581 Feb 21  2013 idmapd.conf
drwxr-xr-x.  2 root root   4096 Jul  9 10:54 init
lrwxrwxrwx.  1 root root     11 Jul  9 10:51 init.d -> rc.d/init.d
-rw-r--r--.  1 root root    884 Jul  9 10:56 inittab
-rw-r--r--.  1 root root    942 Jan 12  2010 inputrc
drwxr-xr-x.  2 root root   4096 Jul  9 10:53 iproute2
-rw-r--r--.  1 root root     47 Feb 25  2013 issue
-rw-r--r--.  1 root root     46 Feb 25  2013 issue.net
drwxr-xr-x.  4 root root   4096 Jul  9 10:54 kdump-adv-conf
-rw-r--r--.  1 root root   6135 Jul  9 10:54 kdump.conf
-rw-r--r--.  1 root root    449 Dec 18  2012 krb5.conf
-rw-r--r--   1 root root  27667 Jul 12 09:31 ld.so.cache
-rw-r--r--.  1 root root     28 May  4  2010 ld.so.conf
drwxr-xr-x.  2 root root   4096 Jul  9 13:32 ld.so.conf.d
-rw-r-----.  1 root root    191 Mar  1  2012 libaudit.conf
drwxr-xr-x.  5 root root   4096 Jul  9 10:52 libreport
-rw-r--r--.  1 root root   2290 Jul  9 10:56 libuser.conf
-rw-r--r--.  1 root root   3519 Jul  9 10:56 localtime
-rw-r--r--.  1 root root   1831 Jul  9 10:56 login.defs
-rw-r--r--.  1 root root    662 Aug 29  2007 logrotate.conf
drwxr-xr-x.  2 root root   4096 Jul 10 14:51 logrotate.d
drwxr-xr-x.  5 root root   4096 Jul  9 10:54 lvm
-rw-r--r--.  1 root root    111 Oct  4  2012 magic
-rw-r--r--.  1 root root   1909 Aug 22  2010 mail.rc
-rw-r--r--   1 root root    272 Nov 17  2009 mailcap
drwxr-xr-x.  2 root root   4096 Jul  9 10:52 makedev.d
-rw-r--r--.  1 root root   4940 Feb 21  2013 man.config
-rw-r--r--   1 root root  43591 Sep 23  2011 mime.types
-rw-r--r--.  1 root root    801 Sep  7  2009 mke2fs.conf
drwxr-xr-x.  2 root root   4096 Jul  9 10:54 modprobe.d
-rw-r--r--.  1 root root      0 Jan 12  2010 motd
-rw-r--r--   1 root root    438 Jul 10 14:52 mtab
-rw-r--r--   1 root root    874 Jul  9 16:45 my.cnf
drwxr-xr-x   3 root root   4096 Jul 12 15:02 nagios
-rw-r--r--.  1 root root   7846 Nov 12  2010 nanorc
-rw-r--r--   1 root root    767 Nov 30  2009 netconfig
-rw-r--r--.  1 root root     58 Feb 22  2013 networks
-rw-r--r--   1 root root   3390 Feb 21  2013 nfsmount.conf
-rw-r--r--.  1 root root   1688 May  4  2010 nsswitch.conf
drwxr-xr-x.  3 root root   4096 Jul  9 10:54 ntp
-rw-r--r--.  1 root root   1877 Jul 10 17:01 ntp.conf
drwxr-xr-x.  3 root root   4096 Jul  9 10:56 openldap
drwxr-xr-x.  2 root root   4096 Sep 23  2011 opt
drwxr-xr-x.  2 root root   4096 Jul  9 10:56 pam.d
drwxr-xr-x.  3 root root   4096 Jul  9 10:53 pango
-rw-r--r--   1 root root   1429 Jul 10 14:51 passwd
-rw-r--r--.  1 root root   1384 Jul  9 13:32 passwd-
drwxr-xr-x.  2 root root   4096 Jul  9 10:53 pcmcia
drwxr-xr-x   2 root root   4096 Jul 12 09:31 php.d
-rw-r--r--   1 root root  69100 Aug 20 07:57 php.ini
-rw-r--r--.  1 root root   2872 Aug 20  2010 pinforc
drwxr-xr-x.  8 root root   4096 Jul  9 10:53 pki
drwxr-xr-x.  2 root root   4096 Jul  9 10:53 plymouth
drwxr-xr-x.  5 root root   4096 Jul  9 10:51 pm
-rw-r--r--.  1 root root    370 Jul 18  2012 pm-utils-hd-apm-restore.conf
drwxr-xr-x.  5 root root   4096 Jul  9 10:52 polkit-1
drwxr-xr-x.  2 root root   4096 Aug 21  2010 popt.d
drwxr-xr-x.  2 root root   4096 Jul 12 17:11 postfix
drwxr-xr-x.  3 root root   4096 Jul  9 10:53 ppp
-rw-r--r--   1 root root 146471 Nov 11 03:38 prelink.cache
-rw-r--r--.  1 root root    789 May 20  2009 prelink.conf
drwxr-xr-x.  2 root root   4096 Dec  7  2011 prelink.conf.d
-rw-r--r--.  1 root root    233 Jan 12  2010 printcap
-rw-r--r--.  1 root root   1796 Oct 15  2012 profile
drwxr-xr-x.  2 root root   4096 Jul  9 10:54 profile.d
-rw-r--r--.  1 root root   6455 Jan 12  2010 protocols
-rw-r--r--.  1 root root    220 Oct 13  2008 quotagrpadmins
-rw-r--r--.  1 root root    259 Nov 20  2012 quotatab
lrwxrwxrwx.  1 root root      7 Jul  9 10:53 rc -> rc.d/rc
drwxr-xr-x. 10 root root   4096 Jul  9 10:53 rc.d
lrwxrwxrwx.  1 root root     13 Jul  9 10:53 rc.local -> rc.d/rc.local
lrwxrwxrwx.  1 root root     15 Jul  9 10:53 rc.sysinit -> rc.d/rc.sysinit
lrwxrwxrwx.  1 root root     10 Jul  9 10:53 rc0.d -> rc.d/rc0.d
lrwxrwxrwx.  1 root root     10 Jul  9 10:53 rc1.d -> rc.d/rc1.d
lrwxrwxrwx.  1 root root     10 Jul  9 10:53 rc2.d -> rc.d/rc2.d
lrwxrwxrwx.  1 root root     10 Jul  9 10:53 rc3.d -> rc.d/rc3.d
lrwxrwxrwx.  1 root root     10 Jul  9 10:53 rc4.d -> rc.d/rc4.d
lrwxrwxrwx.  1 root root     10 Jul  9 10:53 rc5.d -> rc.d/rc5.d
lrwxrwxrwx.  1 root root     10 Jul  9 10:53 rc6.d -> rc.d/rc6.d
-rw-r--r--.  1 root root    966 Aug 23  2010 readahead.conf
lrwxrwxrwx.  1 root root     14 Jul  9 10:53 redhat-release -> centos-release
-rw-r--r--   1 root root   1484 Jun 22  2012 request-key.conf
drwxr-xr-x   2 root root   4096 Jul  9 13:19 request-key.d
-rw-r--r--   1 root root     82 Jul 10 14:59 resolv.conf
-rw-r--r--.  1 root root   1615 May  4  2010 rpc
drwxr-xr-x.  2 root root   4096 Jul  9 10:54 rpm
-rw-r--r--   1 root root    140 Jul 10 16:37 rsyncd.conf
-rw-r--r--.  1 root root   2875 Jan  9  2013 rsyslog.conf
drwxr-xr-x.  2 root root   4096 Feb 22  2013 rsyslog.d
-rw-r--r--.  1 root root    930 Feb 22  2013 rwtab
drwxr-xr-x.  2 root root   4096 Feb 22  2013 rwtab.d
drwxr-xr-x   2 root root   4096 Jul  9 13:19 samba
drwxr-xr-x.  2 root root   4096 Jul  9 10:53 sasl2
drwxr-xr-x.  3 root root   4096 Jul  9 10:54 scl
-rw-------.  1 root root    127 Jul  9 11:10 securetty
drwxr-xr-x.  6 root root   4096 Jul  9 13:19 security
drwxr-xr-x.  3 root root   4096 Jul  9 10:53 selinux
-rw-r--r--   1 root root   6845 Sep 25  2012 sensors3.conf
-rw-r--r--.  1 root root 641020 Oct 15  2012 services
-rw-r--r--.  1 root root    216 Feb 22  2013 sestatus.conf
drwxr-xr-x.  2 root root   4096 Jul  9 10:54 setuptool.d
drwxr-xr-x   2 root root   4096 Jul 12 09:31 sgml
----------   1 root root    769 Jul 10 14:51 shadow
----------.  1 root root    747 Jul  9 13:32 shadow-
-rw-r--r--.  1 root root     61 Jul  9 10:54 shells
drwxr-xr-x.  2 root root   4096 Jul  9 10:51 skel
-rw-r--r--.  1 root root   6717 Feb 21  2013 smartd.conf
drwxr-xr-x.  2 root root   4096 Jul  9 10:54 snmp
-rw-r--r--.  1 root root    260 Feb 22  2013 sos.conf
drwxr-xr-x.  2 root root   4096 Jul  9 11:10 ssh
drwxr-xr-x.  2 root root   4096 Jul  9 10:56 ssh2
drwxr-xr-x.  2 root root   4096 Jul  9 10:51 ssl
-rw-r--r--.  1 root root    212 Feb 22  2013 statetab
drwxr-xr-x.  2 root root   4096 Feb 22  2013 statetab.d
-rw-r-----.  1 root root   3181 Jan 23  2013 sudo-ldap.conf
-rw-r-----.  1 root root   1786 Sep 25  2012 sudo.conf
-r--r-----.  1 root root   4002 Mar  1  2012 sudoers
drwxr-x---.  2 root root   4096 Feb 22  2013 sudoers.d
drwxr-xr-x.  7 root root   4096 Jul 12 15:02 sysconfig
-rw-r--r--.  1 root root   1150 Feb 22  2013 sysctl.conf
lrwxrwxrwx.  1 root root     14 Jul  9 10:53 system-release -> centos-release
-rw-r--r--.  1 root root     25 Feb 25  2013 system-release-cpe
drwxr-xr-x.  2 root root   4096 Aug 18  2010 terminfo
drwxr-xr-x.  4 root root   4096 Jul  9 10:53 udev
-rw-r--r--.  1 root root    473 Sep 24  2012 updatedb.conf
-rw-r--r--.  1 root root   1962 Feb 17  2012 vimrc
-rw-r--r--.  1 root root   1962 Feb 17  2012 virc
-rw-r--r--.  1 root root   3008 Nov 20  2012 warnquota.conf
-rw-r--r--.  1 root root   4479 Oct 10  2012 wgetrc
drwxr-xr-x.  3 root root   4096 Jul  9 10:51 xdg
-rw-------.  1 root root   1001 Feb 21  2013 xinetd.conf
drwxr-xr-x.  2 root root   4096 Jul 15 15:13 xinetd.d
drwxr-xr-x.  5 root root   4096 Jul  9 10:52 yum
-rw-r--r--.  1 root root    969 Feb 22  2013 yum.conf
drwxr-xr-x.  2 root root   4096 Jul  9 13:19 yum.repos.d

================================================
ls -la --full-time /lib
================================================
total 44
dr-xr-xr-x. 10 root root 4096 2013-07-09 10:54:43.000000000 -0400 .
dr-xr-xr-x. 23 root root 4096 2013-08-09 03:16:01.000000000 -0400 ..
drwxr-xr-x.  3 root root 4096 2013-07-09 10:54:43.000000000 -0400 alsa
drwxr-xr-x.  3 root root 4096 2013-07-09 10:53:16.000000000 -0400 crda
drwxr-xr-x. 43 root root 4096 2013-07-09 10:54:58.000000000 -0400 firmware
drwxr-xr-x.  6 root root 4096 2013-07-09 10:53:05.000000000 -0400 kbd
dr-xr-xr-x.  3 root root 4096 2013-07-09 10:53:40.000000000 -0400 modules
drwxr-xr-x.  2 root root 4096 2013-02-21 19:16:00.000000000 -0500 security
drwxr-xr-x.  6 root root 4096 2013-07-09 10:51:08.000000000 -0400 terminfo
drwxr-xr-x.  5 root root 4096 2013-07-09 12:22:26.000000000 -0400 udev

================================================
ls -la --full-time /lib64
================================================
total 20740
dr-xr-xr-x.  9 root root   12288 2013-07-21 03:11:04.000000000 -0400 .
dr-xr-xr-x. 23 root root    4096 2013-08-09 03:16:01.000000000 -0400 ..
-rw-r--r--.  1 root root      65 2012-06-22 03:35:49.000000000 -0400 .libcryptsetup.so.1.1.0.hmac
-rw-r--r--.  1 root root      65 2012-06-22 03:35:49.000000000 -0400 .libcryptsetup.so.1.hmac
-rw-r--r--.  1 root root      65 2011-12-07 14:13:53.000000000 -0500 .libfipscheck.so.1.1.0.hmac
lrwxrwxrwx.  1 root root      27 2013-07-09 10:52:42.000000000 -0400 .libfipscheck.so.1.hmac -> .libfipscheck.so.1.1.0.hmac
-rw-r--r--.  1 root root      65 2012-04-16 09:21:17.000000000 -0400 .libgcrypt.so.11.hmac
drwxr-xr-x.  2 root root    4096 2013-07-09 12:22:24.000000000 -0400 dbus-1
drwxr-xr-x.  2 root root    4096 2013-07-09 10:53:13.000000000 -0400 device-mapper
-rwxr-xr-x   1 root root  156872 2013-02-21 08:12:45.000000000 -0500 ld-2.12.so
lrwxrwxrwx.  1 root root      10 2013-07-09 10:51:25.000000000 -0400 ld-linux-x86-64.so.2 -> ld-2.12.so
-rwxr-xr-x.  1 root root    8488 2013-02-21 08:12:45.000000000 -0500 libBrokenLocale-2.12.so
lrwxrwxrwx.  1 root root      23 2013-07-09 10:51:25.000000000 -0400 libBrokenLocale.so.1 -> libBrokenLocale-2.12.so
-rwxr-xr-x.  1 root root   21928 2013-02-21 08:12:45.000000000 -0500 libSegFault.so
lrwxrwxrwx.  1 root root      15 2013-07-09 10:51:30.000000000 -0400 libacl.so.1 -> libacl.so.1.1.0
-rwxr-xr-x   1 root root   33816 2011-12-07 11:53:53.000000000 -0500 libacl.so.1.1.0
lrwxrwxrwx.  1 root root      22 2013-07-09 10:52:32.000000000 -0400 libaio.so.1 -> /lib64/libaio.so.1.0.1
-rwxr-xr-x.  1 root root    3944 2010-08-22 17:08:18.000000000 -0400 libaio.so.1.0.0
-rwxr-xr-x   1 root root    5624 2010-08-22 17:08:18.000000000 -0400 libaio.so.1.0.1
-rwxr-xr-x.  1 root root   19368 2013-02-21 08:12:45.000000000 -0500 libanl-2.12.so
lrwxrwxrwx.  1 root root      14 2013-07-09 10:51:25.000000000 -0400 libanl.so.1 -> libanl-2.12.so
lrwxrwxrwx.  1 root root      18 2013-07-09 10:52:29.000000000 -0400 libasound.so.2 -> libasound.so.2.0.0
-rwxr-xr-x   1 root root  963768 2011-12-07 13:22:39.000000000 -0500 libasound.so.2.0.0
lrwxrwxrwx.  1 root root      16 2013-07-09 10:51:27.000000000 -0400 libattr.so.1 -> libattr.so.1.1.0
-rwxr-xr-x   1 root root   21152 2011-09-23 14:53:58.000000000 -0400 libattr.so.1.1.0
lrwxrwxrwx.  1 root root      17 2013-07-09 10:51:29.000000000 -0400 libaudit.so.1 -> libaudit.so.1.0.0
-rwxr-xr-x   1 root root  115536 2012-06-22 05:43:22.000000000 -0400 libaudit.so.1.0.0
lrwxrwxrwx.  1 root root      19 2013-07-09 10:51:29.000000000 -0400 libauparse.so.0 -> libauparse.so.0.0.0
-rwxr-xr-x   1 root root   62392 2012-06-22 05:43:22.000000000 -0400 libauparse.so.0.0.0
lrwxrwxrwx.  1 root root      17 2013-07-09 10:51:38.000000000 -0400 libblkid.so.1 -> libblkid.so.1.1.0
-rwxr-xr-x   1 root root  138616 2013-02-22 00:02:20.000000000 -0500 libblkid.so.1.1.0
lrwxrwxrwx.  1 root root      15 2013-07-09 10:51:35.000000000 -0400 libbz2.so.1 -> libbz2.so.1.0.4
-rwxr-xr-x   1 root root   69976 2011-06-24 21:45:55.000000000 -0400 libbz2.so.1.0.4
-rwxr-xr-x   1 root root 1922152 2013-02-21 08:12:46.000000000 -0500 libc-2.12.so
lrwxrwxrwx.  1 root root      12 2013-07-09 10:51:25.000000000 -0400 libc.so.6 -> libc-2.12.so
lrwxrwxrwx.  1 root root      18 2013-07-09 10:51:40.000000000 -0400 libcap-ng.so.0 -> libcap-ng.so.0.0.0
-rwxr-xr-x.  1 root root   18672 2011-06-24 23:49:32.000000000 -0400 libcap-ng.so.0.0.0
lrwxrwxrwx.  1 root root      14 2013-07-09 10:51:28.000000000 -0400 libcap.so.2 -> libcap.so.2.16
-rwxr-xr-x   1 root root   19016 2011-12-07 15:04:01.000000000 -0500 libcap.so.2.16
-rwxr-xr-x.  1 root root  197064 2013-02-21 08:12:45.000000000 -0500 libcidn-2.12.so
lrwxrwxrwx.  1 root root      15 2013-07-09 10:51:25.000000000 -0400 libcidn.so.1 -> libcidn-2.12.so
lrwxrwxrwx.  1 root root      17 2013-07-09 10:51:30.000000000 -0400 libcom_err.so.2 -> libcom_err.so.2.1
-rwxr-xr-x   1 root root   17256 2013-02-21 18:50:58.000000000 -0500 libcom_err.so.2.1
-rwxr-xr-x   1 root root   43392 2013-02-21 08:12:45.000000000 -0500 libcrypt-2.12.so
lrwxrwxrwx.  1 root root      16 2013-07-09 10:51:25.000000000 -0400 libcrypt.so.1 -> libcrypt-2.12.so
lrwxrwxrwx.  1 root root      22 2013-07-09 10:53:13.000000000 -0400 libcryptsetup.so.1 -> libcryptsetup.so.1.1.0
-rwxr-xr-x   1 root root   97072 2012-06-22 03:35:48.000000000 -0400 libcryptsetup.so.1.1.0
-rwxr-xr-x   1 root root 1525256 2012-04-04 09:42:11.000000000 -0400 libdb-4.7.so
lrwxrwxrwx.  1 root root      18 2013-07-09 10:51:29.000000000 -0400 libdbus-1.so.3 -> libdbus-1.so.3.4.0
-rwxr-xr-x   1 root root  268232 2012-09-13 13:04:29.000000000 -0400 libdbus-1.so.3.4.0
-rwxr-xr-x.  1 root root    7168 2013-02-22 01:21:39.000000000 -0500 libdevmapper-event-lvm2.so.2.02
lrwxrwxrwx.  1 root root      46 2013-07-09 10:53:13.000000000 -0400 libdevmapper-event-lvm2mirror.so -> device-mapper/libdevmapper-event-lvm2mirror.so
lrwxrwxrwx.  1 root root      44 2013-07-09 10:53:13.000000000 -0400 libdevmapper-event-lvm2raid.so -> device-mapper/libdevmapper-event-lvm2raid.so
lrwxrwxrwx.  1 root root      48 2013-07-09 10:53:13.000000000 -0400 libdevmapper-event-lvm2snapshot.so -> device-mapper/libdevmapper-event-lvm2snapshot.so
lrwxrwxrwx.  1 root root      44 2013-07-09 10:53:13.000000000 -0400 libdevmapper-event-lvm2thin.so -> device-mapper/libdevmapper-event-lvm2thin.so
-rwxr-xr-x   1 root root   24184 2013-02-22 01:21:39.000000000 -0500 libdevmapper-event.so.1.02
-rwxr-xr-x   1 root root  237264 2013-02-22 01:21:39.000000000 -0500 libdevmapper.so.1.02
-rwxr-xr-x   1 root root   22536 2013-02-21 08:12:45.000000000 -0500 libdl-2.12.so
lrwxrwxrwx.  1 root root      13 2013-07-09 10:51:25.000000000 -0400 libdl.so.2 -> libdl-2.12.so
lrwxrwxrwx.  1 root root      34 2013-07-09 10:53:12.000000000 -0400 libdmraid-events-isw.so -> libdmraid-events-isw.so.1.0.0.rc16
lrwxrwxrwx.  1 root root      34 2013-07-09 10:53:12.000000000 -0400 libdmraid-events-isw.so.1 -> libdmraid-events-isw.so.1.0.0.rc16
-rwxr-xr-x.  1 root root   23784 2012-06-22 03:58:31.000000000 -0400 libdmraid-events-isw.so.1.0.0.rc16
lrwxrwxrwx.  1 root root      23 2013-07-09 10:53:12.000000000 -0400 libdmraid.so -> libdmraid.so.1.0.0.rc16
lrwxrwxrwx.  1 root root      23 2013-07-09 10:53:12.000000000 -0400 libdmraid.so.1 -> libdmraid.so.1.0.0.rc16
-rwxr-xr-x   1 root root  219584 2012-06-22 03:58:31.000000000 -0400 libdmraid.so.1.0.0.rc16
lrwxrwxrwx.  1 root root      13 2013-07-09 10:51:44.000000000 -0400 libe2p.so.2 -> libe2p.so.2.3
-rwxr-xr-x   1 root root   30552 2013-02-21 18:50:58.000000000 -0500 libe2p.so.2.3
lrwxrwxrwx.  1 root root      17 2013-07-09 10:51:36.000000000 -0400 libexpat.so.1 -> libexpat.so.1.5.2
-rwxr-xr-x   1 root root  167648 2012-06-13 11:01:40.000000000 -0400 libexpat.so.1.5.2
lrwxrwxrwx.  1 root root      16 2013-07-09 10:51:44.000000000 -0400 libext2fs.so.2 -> libext2fs.so.2.4
-rwxr-xr-x   1 root root  204296 2013-02-21 18:50:58.000000000 -0500 libext2fs.so.2.4
lrwxrwxrwx.  1 root root      21 2013-07-09 10:52:42.000000000 -0400 libfipscheck.so.1 -> libfipscheck.so.1.1.0
-rwxr-xr-x   1 root root   12688 2011-12-07 14:13:53.000000000 -0500 libfipscheck.so.1.1.0
-rw-r--r--.  1 root root     478 2011-12-07 19:27:00.000000000 -0500 libfreebl3.chk
-rwxr-xr-x   1 root root  386040 2011-12-07 19:27:00.000000000 -0500 libfreebl3.so
-rwxr-xr-x   1 root root   93224 2013-02-21 10:36:28.000000000 -0500 libgcc_s-4.4.7-20120601.so.1
lrwxrwxrwx.  1 root root      28 2013-07-09 10:51:05.000000000 -0400 libgcc_s.so.1 -> libgcc_s-4.4.7-20120601.so.1
lrwxrwxrwx.  1 root root      19 2013-07-09 10:51:41.000000000 -0400 libgcrypt.so.11 -> libgcrypt.so.11.5.3
-rwxr-xr-x   1 root root  481064 2012-04-16 09:21:17.000000000 -0400 libgcrypt.so.11.5.3
lrwxrwxrwx.  1 root root      22 2013-07-09 10:51:32.000000000 -0400 libgio-2.0.so.0 -> libgio-2.0.so.0.2200.5
-rwxr-xr-x   1 root root  698064 2012-06-22 02:17:18.000000000 -0400 libgio-2.0.so.0.2200.5
lrwxrwxrwx.  1 root root      23 2013-07-09 10:51:32.000000000 -0400 libglib-2.0.so.0 -> libglib-2.0.so.0.2200.5
-rwxr-xr-x   1 root root  939360 2012-06-22 02:17:18.000000000 -0400 libglib-2.0.so.0.2200.5
lrwxrwxrwx.  1 root root      26 2013-07-09 10:51:32.000000000 -0400 libgmodule-2.0.so.0 -> libgmodule-2.0.so.0.2200.5
-rwxr-xr-x   1 root root   14392 2012-06-22 02:17:18.000000000 -0400 libgmodule-2.0.so.0.2200.5
lrwxrwxrwx.  1 root root      26 2013-07-09 10:51:32.000000000 -0400 libgobject-2.0.so.0 -> libgobject-2.0.so.0.2200.5
-rwxr-xr-x   1 root root  283584 2012-06-22 02:17:18.000000000 -0400 libgobject-2.0.so.0.2200.5
lrwxrwxrwx.  1 root root      21 2013-07-09 10:51:41.000000000 -0400 libgpg-error.so.0 -> libgpg-error.so.0.5.0
-rwxr-xr-x   1 root root   16656 2011-12-07 12:37:21.000000000 -0500 libgpg-error.so.0.5.0
lrwxrwxrwx.  1 root root      21 2013-07-09 10:52:34.000000000 -0400 libgssapi_krb5.so.2 -> libgssapi_krb5.so.2.2
-rwxr-xr-x   1 root root  280520 2013-02-21 23:29:15.000000000 -0500 libgssapi_krb5.so.2.2
lrwxrwxrwx   1 root root      19 2013-07-09 13:19:44.000000000 -0400 libgssglue.so.1 -> libgssglue.so.1.0.0
-rwxr-xr-x   1 root root   36584 2011-07-19 04:22:02.000000000 -0400 libgssglue.so.1.0.0
lrwxrwxrwx.  1 root root      16 2013-07-09 10:52:34.000000000 -0400 libgssrpc.so.4 -> libgssrpc.so.4.1
-rwxr-xr-x.  1 root root  131384 2013-02-21 23:29:15.000000000 -0500 libgssrpc.so.4.1
lrwxrwxrwx.  1 root root      26 2013-07-09 10:51:32.000000000 -0400 libgthread-2.0.so.0 -> libgthread-2.0.so.0.2200.5
-rwxr-xr-x   1 root root   19920 2012-06-22 02:17:18.000000000 -0400 libgthread-2.0.so.0.2200.5
lrwxrwxrwx.  1 root root      16 2013-07-09 10:51:40.000000000 -0400 libidn.so.11 -> libidn.so.11.6.1
-rwxr-xr-x   1 root root  209120 2010-08-23 20:51:20.000000000 -0400 libidn.so.11.6.1
lrwxrwxrwx.  1 root root      34 2013-07-09 10:53:07.000000000 -0400 libip4tc.so.0 -> /etc/alternatives/libip4tc0.x86_64
lrwxrwxrwx.  1 root root      23 2013-07-09 10:53:07.000000000 -0400 libip4tc.so.0-1.4.7 -> libip4tc.so.0.0.0-1.4.7
lrwxrwxrwx.  1 root root      36 2013-07-09 10:53:07.000000000 -0400 libip4tc.so.0.0.0 -> /etc/alternatives/libip4tc000.x86_64
-rwxr-xr-x   1 root root   28544 2013-02-21 20:45:53.000000000 -0500 libip4tc.so.0.0.0-1.4.7
lrwxrwxrwx.  1 root root      34 2013-07-09 10:53:07.000000000 -0400 libip6tc.so.0 -> /etc/alternatives/libip6tc0.x86_64
lrwxrwxrwx.  1 root root      23 2013-07-09 10:53:07.000000000 -0400 libip6tc.so.0-1.4.7 -> libip6tc.so.0.0.0-1.4.7
lrwxrwxrwx.  1 root root      36 2013-07-09 10:53:07.000000000 -0400 libip6tc.so.0.0.0 -> /etc/alternatives/libip6tc000.x86_64
-rwxr-xr-x   1 root root   30376 2013-02-21 20:45:53.000000000 -0500 libip6tc.so.0.0.0-1.4.7
lrwxrwxrwx.  1 root root      32 2013-07-09 10:53:07.000000000 -0400 libipq.so.0 -> /etc/alternatives/libipq0.x86_64
lrwxrwxrwx.  1 root root      21 2013-07-09 10:53:07.000000000 -0400 libipq.so.0-1.4.7 -> libipq.so.0.0.0-1.4.7
lrwxrwxrwx.  1 root root      34 2013-07-09 10:53:07.000000000 -0400 libipq.so.0.0.0 -> /etc/alternatives/libipq000.x86_64
-rwxr-xr-x.  1 root root    9280 2013-02-21 20:45:53.000000000 -0500 libipq.so.0.0.0-1.4.7
lrwxrwxrwx.  1 root root      33 2013-07-09 10:53:07.000000000 -0400 libiptc.so.0 -> /etc/alternatives/libiptc0.x86_64
lrwxrwxrwx.  1 root root      22 2013-07-09 10:53:07.000000000 -0400 libiptc.so.0-1.4.7 -> libiptc.so.0.0.0-1.4.7
lrwxrwxrwx.  1 root root      35 2013-07-09 10:53:07.000000000 -0400 libiptc.so.0.0.0 -> /etc/alternatives/libiptc000.x86_64
-rwxr-xr-x.  1 root root    3680 2013-02-21 20:45:53.000000000 -0500 libiptc.so.0.0.0-1.4.7
-rwxr-xr-x   1 root root   34880 2010-08-18 10:30:25.000000000 -0400 libiw.so.29
lrwxrwxrwx.  1 root root      18 2013-07-09 10:52:34.000000000 -0400 libk5crypto.so.3 -> libk5crypto.so.3.1
-rwxr-xr-x   1 root root  177520 2013-02-21 23:29:15.000000000 -0500 libk5crypto.so.3.1
lrwxrwxrwx.  1 root root      18 2013-07-09 10:52:34.000000000 -0400 libkeyutils.so.1 -> libkeyutils.so.1.3
-rwxr-xr-x   1 root root   12592 2012-06-22 02:20:37.000000000 -0400 libkeyutils.so.1.3
lrwxrwxrwx.  1 root root      14 2013-07-09 10:52:34.000000000 -0400 libkrb5.so.3 -> libkrb5.so.3.3
-rwxr-xr-x   1 root root  944712 2013-02-21 23:29:15.000000000 -0500 libkrb5.so.3.3
lrwxrwxrwx.  1 root root      21 2013-07-09 10:52:34.000000000 -0400 libkrb5support.so.0 -> libkrb5support.so.0.1
-rwxr-xr-x   1 root root   46368 2013-02-21 23:29:15.000000000 -0500 libkrb5support.so.0.1
lrwxrwxrwx.  1 root root      20 2013-07-09 10:52:31.000000000 -0400 liblber-2.4.so.2 -> liblber-2.4.so.2.5.6
-rwxr-xr-x   1 root root   63304 2013-02-21 20:53:16.000000000 -0500 liblber-2.4.so.2.5.6
lrwxrwxrwx.  1 root root      20 2013-07-09 10:52:31.000000000 -0400 libldap-2.4.so.2 -> libldap-2.4.so.2.5.6
-rwxr-xr-x   1 root root  317168 2013-02-21 20:53:16.000000000 -0500 libldap-2.4.so.2.5.6
lrwxrwxrwx.  1 root root      22 2013-07-09 10:52:31.000000000 -0400 libldap_r-2.4.so.2 -> libldap_r-2.4.so.2.5.6
-rwxr-xr-x.  1 root root  335264 2013-02-21 20:53:16.000000000 -0500 libldap_r-2.4.so.2.5.6
lrwxrwxrwx.  1 root root      20 2013-07-09 10:52:31.000000000 -0400 libldif-2.4.so.2 -> libldif-2.4.so.2.5.6
-rwxr-xr-x.  1 root root   18736 2013-02-21 20:53:16.000000000 -0500 libldif-2.4.so.2.5.6
-rwxr-xr-x.  1 root root  686720 2013-02-22 01:21:38.000000000 -0500 liblvm2app.so.2.2
-rwxr-xr-x.  1 root root  972304 2013-02-22 01:21:39.000000000 -0500 liblvm2cmd.so.2.02
-rwxr-xr-x   1 root root  598680 2013-02-21 08:12:46.000000000 -0500 libm-2.12.so
lrwxrwxrwx.  1 root root      12 2013-07-09 10:51:25.000000000 -0400 libm.so.6 -> libm-2.12.so
lrwxrwxrwx.  1 root root      17 2013-07-09 10:53:08.000000000 -0400 libmount.so.1 -> libmount.so.1.1.0
-rwxr-xr-x   1 root root   68304 2013-02-22 00:02:20.000000000 -0500 libmount.so.1.1.0
lrwxrwxrwx.  1 root root      17 2013-07-09 10:51:27.000000000 -0400 libncurses.so.5 -> libncurses.so.5.7
-rwxr-xr-x   1 root root  142536 2010-08-18 11:42:28.000000000 -0400 libncurses.so.5.7
lrwxrwxrwx.  1 root root      18 2013-07-09 10:51:27.000000000 -0400 libncursesw.so.5 -> libncursesw.so.5.7
-rwxr-xr-x   1 root root  195616 2010-08-18 11:42:28.000000000 -0400 libncursesw.so.5.7
lrwxrwxrwx.  1 root root      20 2013-07-09 10:52:05.000000000 -0400 libnih-dbus.so.1 -> libnih-dbus.so.1.0.0
-rwxr-xr-x.  1 root root   39896 2011-12-07 12:40:52.000000000 -0500 libnih-dbus.so.1.0.0
lrwxrwxrwx.  1 root root      15 2013-07-09 10:52:05.000000000 -0400 libnih.so.1 -> libnih.so.1.0.0
-rwxr-xr-x.  1 root root  101920 2011-12-07 12:40:52.000000000 -0500 libnih.so.1.0.0
lrwxrwxrwx.  1 root root      12 2013-07-09 10:51:42.000000000 -0400 libnl.so.1 -> libnl.so.1.1
-rwxr-xr-x   1 root root  340072 2011-07-19 14:32:50.000000000 -0400 libnl.so.1.1
-rwxr-xr-x   1 root root  116368 2013-02-21 08:12:46.000000000 -0500 libnsl-2.12.so
lrwxrwxrwx.  1 root root      14 2013-07-09 10:51:25.000000000 -0400 libnsl.so.1 -> libnsl-2.12.so
-rwxr-xr-x   1 root root  243096 2013-02-21 18:45:30.000000000 -0500 libnspr4.so
-rwxr-xr-x.  1 root root   42808 2013-02-21 08:12:45.000000000 -0500 libnss_compat-2.12.so
lrwxrwxrwx.  1 root root      21 2013-07-09 10:51:25.000000000 -0400 libnss_compat.so.2 -> libnss_compat-2.12.so
-rwxr-xr-x.  1 root root   27424 2013-02-21 08:12:46.000000000 -0500 libnss_dns-2.12.so
lrwxrwxrwx.  1 root root      18 2013-07-09 10:51:25.000000000 -0400 libnss_dns.so.2 -> libnss_dns-2.12.so
-rwxr-xr-x.  1 root root   65928 2013-02-21 08:12:45.000000000 -0500 libnss_files-2.12.so
lrwxrwxrwx.  1 root root      20 2013-07-09 10:51:25.000000000 -0400 libnss_files.so.2 -> libnss_files-2.12.so
-rwxr-xr-x.  1 root root   24152 2013-02-21 08:12:45.000000000 -0500 libnss_hesiod-2.12.so
lrwxrwxrwx.  1 root root      21 2013-07-09 10:51:25.000000000 -0400 libnss_hesiod.so.2 -> libnss_hesiod-2.12.so
-rwxr-xr-x.  1 root root   52560 2013-02-21 08:12:45.000000000 -0500 libnss_nis-2.12.so
lrwxrwxrwx.  1 root root      18 2013-07-09 10:51:25.000000000 -0400 libnss_nis.so.2 -> libnss_nis-2.12.so
-rwxr-xr-x.  1 root root   61712 2013-02-21 08:12:45.000000000 -0500 libnss_nisplus-2.12.so
lrwxrwxrwx.  1 root root      22 2013-07-09 10:51:25.000000000 -0400 libnss_nisplus.so.2 -> libnss_nisplus-2.12.so
-rwxr-xr-x   1 root root   24128 2013-02-21 23:09:21.000000000 -0500 libnss_winbind.so.2
-rwxr-xr-x   1 root root 1677808 2013-02-21 23:09:21.000000000 -0500 libnss_wins.so.2
lrwxrwxrwx.  1 root root      16 2013-07-09 10:52:19.000000000 -0400 libpam.so.0 -> libpam.so.0.82.2
-rwxr-xr-x   1 root root   58480 2013-02-21 19:16:03.000000000 -0500 libpam.so.0.82.2
lrwxrwxrwx.  1 root root      21 2013-07-09 10:52:19.000000000 -0400 libpam_misc.so.0 -> libpam_misc.so.0.82.0
-rwxr-xr-x   1 root root   17248 2013-02-21 19:16:03.000000000 -0500 libpam_misc.so.0.82.0
lrwxrwxrwx.  1 root root      17 2013-07-09 10:52:19.000000000 -0400 libpamc.so.0 -> libpamc.so.0.82.1
-rwxr-xr-x.  1 root root   14528 2013-02-21 19:16:03.000000000 -0500 libpamc.so.0.82.1
lrwxrwxrwx.  1 root root      22 2013-07-09 10:54:29.000000000 -0400 libparted-2.1.so.0 -> libparted-2.1.so.0.0.0
-rwxr-xr-x   1 root root  504224 2013-02-21 18:11:17.000000000 -0500 libparted-2.1.so.0.0.0
lrwxrwxrwx.  1 root root      16 2013-07-09 10:51:40.000000000 -0400 libpci.so.3 -> libpci.so.3.1.10
-rwxr-xr-x   1 root root   51472 2013-02-21 17:31:11.000000000 -0500 libpci.so.3.1.10
lrwxrwxrwx.  1 root root      16 2013-07-09 10:51:43.000000000 -0400 libpcre.so.0 -> libpcre.so.0.0.1
-rwxr-xr-x   1 root root  183816 2012-09-07 07:03:38.000000000 -0400 libpcre.so.0.0.1
-rwxr-xr-x   1 root root   21256 2013-02-21 18:45:30.000000000 -0500 libplc4.so
-rwxr-xr-x   1 root root   17096 2013-02-21 18:45:30.000000000 -0500 libplds4.so
lrwxrwxrwx.  1 root root      27 2013-07-09 10:52:33.000000000 -0400 libply-splash-core.so.2 -> libply-splash-core.so.2.0.0
-rwxr-xr-x   1 root root   72896 2013-02-22 20:06:19.000000000 -0500 libply-splash-core.so.2.0.0
lrwxrwxrwx.  1 root root      15 2013-07-09 10:52:33.000000000 -0400 libply.so.2 -> libply.so.2.0.0
-rwxr-xr-x   1 root root   92288 2013-02-22 20:06:19.000000000 -0500 libply.so.2.0.0
lrwxrwxrwx.  1 root root      16 2013-07-09 10:51:29.000000000 -0400 libpopt.so.0 -> libpopt.so.0.0.0
-rwxr-xr-x   1 root root   38808 2010-08-21 01:30:58.000000000 -0400 libpopt.so.0.0.0
-rwxr-xr-x   1 root root   65608 2012-11-15 08:54:14.000000000 -0500 libproc-3.2.8.so
lrwxrwxrwx.  1 root root      16 2013-07-09 10:51:46.000000000 -0400 libproc.so -> libproc-3.2.8.so
-rwxr-xr-x   1 root root  145720 2013-02-21 08:12:46.000000000 -0500 libpthread-2.12.so
lrwxrwxrwx.  1 root root      18 2013-07-09 10:51:25.000000000 -0400 libpthread.so.0 -> libpthread-2.12.so
lrwxrwxrwx.  1 root root      18 2013-07-09 10:51:36.000000000 -0400 libreadline.so.6 -> libreadline.so.6.0
-rwxr-xr-x   1 root root  272008 2012-06-22 02:54:32.000000000 -0400 libreadline.so.6.0
-rwxr-xr-x   1 root root  113952 2013-02-21 08:12:45.000000000 -0500 libresolv-2.12.so
lrwxrwxrwx.  1 root root      17 2013-07-09 10:51:25.000000000 -0400 libresolv.so.2 -> libresolv-2.12.so
-rwxr-xr-x   1 root root   47064 2013-02-21 08:12:45.000000000 -0500 librt-2.12.so
lrwxrwxrwx.  1 root root      13 2013-07-09 10:51:25.000000000 -0400 librt.so.1 -> librt-2.12.so
-rwxr-xr-x   1 root root  124624 2012-06-22 03:51:44.000000000 -0400 libselinux.so.1
-rwxr-xr-x.  1 root root  201824 2013-02-21 19:21:47.000000000 -0500 libsemanage.so.1
-rwxr-xr-x   1 root root  251112 2011-12-07 13:01:08.000000000 -0500 libsepol.so.1
lrwxrwxrwx.  1 root root      12 2013-07-09 10:52:04.000000000 -0400 libss.so.2 -> libss.so.2.0
-rwxr-xr-x   1 root root   29656 2013-02-21 18:50:58.000000000 -0500 libss.so.2.0
-rwxr-xr-x.  1 root root   34008 2013-02-21 08:12:46.000000000 -0500 libthread_db-1.0.so
lrwxrwxrwx.  1 root root      19 2013-07-09 10:51:25.000000000 -0400 libthread_db.so.1 -> libthread_db-1.0.so
lrwxrwxrwx.  1 root root      15 2013-07-09 10:51:27.000000000 -0400 libtinfo.so.5 -> libtinfo.so.5.7
-rwxr-xr-x   1 root root  138280 2010-08-18 11:42:28.000000000 -0400 libtinfo.so.5.7
lrwxrwxrwx   1 root root      18 2013-07-09 13:19:44.000000000 -0400 libtirpc.so.1 -> libtirpc.so.1.0.10
-rwxr-xr-x   1 root root  161984 2011-12-07 14:32:04.000000000 -0500 libtirpc.so.1.0.10
lrwxrwxrwx.  1 root root      16 2013-07-09 10:51:42.000000000 -0400 libudev.so.0 -> libudev.so.0.5.1
-rwxr-xr-x   1 root root   57552 2013-02-22 00:22:19.000000000 -0500 libudev.so.0.5.1
-rwxr-xr-x   1 root root   17520 2013-02-21 08:12:45.000000000 -0500 libutil-2.12.so
lrwxrwxrwx.  1 root root      15 2013-07-09 10:51:25.000000000 -0400 libutil.so.1 -> libutil-2.12.so
lrwxrwxrwx.  1 root root      16 2013-07-09 10:51:38.000000000 -0400 libuuid.so.1 -> libuuid.so.1.3.0
-rwxr-xr-x   1 root root   18936 2013-02-22 00:02:20.000000000 -0500 libuuid.so.1.3.0
lrwxrwxrwx.  1 root root      16 2013-07-09 10:51:36.000000000 -0400 libwrap.so.0 -> libwrap.so.0.7.6
-rwxr-xr-x   1 root root   43256 2011-12-07 12:45:47.000000000 -0500 libwrap.so.0.7.6
lrwxrwxrwx.  1 root root      36 2013-07-09 10:53:07.000000000 -0400 libxtables.so.4 -> /etc/alternatives/libxtables4.x86_64
lrwxrwxrwx.  1 root root      25 2013-07-09 10:53:07.000000000 -0400 libxtables.so.4-1.4.7 -> libxtables.so.4.0.0-1.4.7
lrwxrwxrwx.  1 root root      38 2013-07-09 10:53:07.000000000 -0400 libxtables.so.4.0.0 -> /etc/alternatives/libxtables400.x86_64
-rwxr-xr-x   1 root root   34616 2013-02-21 20:45:53.000000000 -0500 libxtables.so.4.0.0-1.4.7
lrwxrwxrwx.  1 root root      13 2013-07-09 10:51:28.000000000 -0400 libz.so.1 -> libz.so.1.2.3
-rwxr-xr-x   1 root root   91096 2013-02-21 18:02:16.000000000 -0500 libz.so.1.2.3
drwxr-xr-x.  2 root root    4096 2013-07-09 10:53:21.000000000 -0400 rsyslog
drwxr-xr-x.  2 root root    4096 2013-07-09 10:51:25.000000000 -0400 rtkaio
drwxr-xr-x.  3 root root    4096 2013-07-09 13:19:45.000000000 -0400 security
dr-xr-xr-x.  2 root root    4096 2011-09-23 07:50:20.000000000 -0400 tls
lrwxrwxrwx.  1 root root      36 2013-07-09 10:53:07.000000000 -0400 xtables -> /etc/alternatives/lib-xtables.x86_64
drwxr-xr-x.  2 root root    4096 2013-07-09 10:53:22.000000000 -0400 xtables-1.4.7

================================================
cat /proc/cpuinfo
================================================
processor	: 0
vendor_id	: GenuineIntel
cpu family	: 6
model		: 44
model name	: Intel(R) Xeon(R) CPU           E5620  @ 2.40GHz
stepping	: 2
cpu MHz		: 2393.998
cache size	: 12288 KB
fpu		: yes
fpu_exception	: yes
cpuid level	: 10
wp		: yes
flags		: fpu tsc msr pae cx8 cmov pat clflush mmx fxsr sse sse2 ss syscall nx lm rep_good unfair_spinlock pni pclmulqdq vmx ssse3 cx16 sse4_1 sse4_2 popcnt aes hypervisor lahf_lm tpr_shadow vnmi flexpriority ept vpid
bogomips	: 4787.99
clflush size	: 64
cache_alignment	: 64
address sizes	: 40 bits physical, 48 bits virtual
power management:

processor	: 1
vendor_id	: GenuineIntel
cpu family	: 6
model		: 44
model name	: Intel(R) Xeon(R) CPU           E5620  @ 2.40GHz
stepping	: 2
cpu MHz		: 2393.998
cache size	: 12288 KB
fpu		: yes
fpu_exception	: yes
cpuid level	: 10
wp		: yes
flags		: fpu tsc msr pae cx8 cmov pat clflush mmx fxsr sse sse2 ss syscall nx lm rep_good unfair_spinlock pni pclmulqdq vmx ssse3 cx16 sse4_1 sse4_2 popcnt aes hypervisor lahf_lm tpr_shadow vnmi flexpriority ept vpid
bogomips	: 4787.99
clflush size	: 64
cache_alignment	: 64
address sizes	: 40 bits physical, 48 bits virtual
power management:


================================================
ls -la /libexec
================================================

================================================
php -v
================================================
PHP 5.3.3 (cli) (built: Feb 22 2013 02:51:11) 
Copyright (c) 1997-2010 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2010 Zend Technologies

================================================
perl -v
================================================

This is perl, v5.10.1 (*) built for x86_64-linux-thread-multi

Copyright 1987-2009, Larry Wall

Perl may be copied only under the terms of either the Artistic License or the
GNU General Public License, which may be found in the Perl 5 source kit.

Complete documentation for Perl, including FAQ lists, should be found on
this system using "man perl" or "perldoc perl".  If you have access to the
Internet, point your browser at http://www.perl.org/, the Perl Home Page.


================================================
ls -la /usr/sbin/wicd
================================================

================================================
env
================================================
HOSTNAME=***
TERM=screen
SHELL=/bin/bash
HISTSIZE=1000
SSH_CLIENT=10.50.99.99 40651 22
SSH_TTY=/dev/pts/0
USER=root
LS_COLORS=rs=0:di=01;34:ln=01;36:mh=00:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:mi=01;05;37;41:su=37;41:sg=30;43:ca=30;41:tw=30;42:ow=34;42:st=37;44:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arj=01;31:*.taz=01;31:*.lzh=01;31:*.lzma=01;31:*.tlz=01;31:*.txz=01;31:*.zip=01;31:*.z=01;31:*.Z=01;31:*.dz=01;31:*.gz=01;31:*.lz=01;31:*.xz=01;31:*.bz2=01;31:*.tbz=01;31:*.tbz2=01;31:*.bz=01;31:*.tz=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.rar=01;31:*.ace=01;31:*.zoo=01;31:*.cpio=01;31:*.7z=01;31:*.rz=01;31:*.jpg=01;35:*.jpeg=01;35:*.gif=01;35:*.bmp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.svg=01;35:*.svgz=01;35:*.mng=01;35:*.pcx=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.m2v=01;35:*.mkv=01;35:*.ogm=01;35:*.mp4=01;35:*.m4v=01;35:*.mp4v=01;35:*.vob=01;35:*.qt=01;35:*.nuv=01;35:*.wmv=01;35:*.asf=01;35:*.rm=01;35:*.rmvb=01;35:*.flc=01;35:*.avi=01;35:*.fli=01;35:*.flv=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.yuv=01;35:*.cgm=01;35:*.emf=01;35:*.axv=01;35:*.anx=01;35:*.ogv=01;35:*.ogx=01;35:*.aac=01;36:*.au=01;36:*.flac=01;36:*.mid=01;36:*.midi=01;36:*.mka=01;36:*.mp3=01;36:*.mpc=01;36:*.ogg=01;36:*.ra=01;36:*.wav=01;36:*.axa=01;36:*.oga=01;36:*.spx=01;36:*.xspf=01;36:
MAIL=/var/spool/mail/root
PATH=/sbin:/usr/sbin:/bin:/usr/bin
PWD=/var/www/html/***
LANG=C
HISTCONTROL=ignoredups
SHLVL=5
HOME=/root
LOGNAME=root
SSH_CONNECTION=10.50.99.99 40651 10.30.1.105 22
LESSOPEN=|/usr/bin/lesspipe.sh %s
G_BROKEN_FILENAMES=1
_=/bin/env

================================================
ps -aux
================================================
USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
root         1  0.0  0.0  19356  1588 ?        Ss   Jul09   0:00 /sbin/init
root         2  0.0  0.0      0     0 ?        S    Jul09   0:00 [kthreadd]
root         3  0.0  0.0      0     0 ?        S    Jul09   0:11 [migration/0]
root         4  0.0  0.0      0     0 ?        S    Jul09   0:02 [ksoftirqd/0]
root         5  0.0  0.0      0     0 ?        S    Jul09   0:00 [migration/0]
root         6  0.0  0.0      0     0 ?        S    Jul09   0:11 [watchdog/0]
root         7  0.0  0.0      0     0 ?        S    Jul09   0:29 [migration/1]
root         8  0.0  0.0      0     0 ?        S    Jul09   0:00 [migration/1]
root         9  0.0  0.0      0     0 ?        S    Jul09   0:03 [ksoftirqd/1]
root        10  0.0  0.0      0     0 ?        S    Jul09   0:11 [watchdog/1]
root        11  0.0  0.0      0     0 ?        S    Jul09   9:35 [events/0]
root        12  0.0  0.0      0     0 ?        S    Jul09   7:55 [events/1]
root        13  0.0  0.0      0     0 ?        S    Jul09   0:00 [cgroup]
root        14  0.0  0.0      0     0 ?        S    Jul09   0:00 [khelper]
root        15  0.0  0.0      0     0 ?        S    Jul09   0:00 [netns]
root        16  0.0  0.0      0     0 ?        S    Jul09   0:00 [async/mgr]
root        17  0.0  0.0      0     0 ?        S    Jul09   0:00 [pm]
root        18  0.0  0.0      0     0 ?        S    Jul09   0:00 [xenwatch]
root        19  0.0  0.0      0     0 ?        S    Jul09   0:00 [xenbus]
root        20  0.0  0.0      0     0 ?        S    Jul09   0:32 [sync_supers]
root        21  0.0  0.0      0     0 ?        S    Jul09   0:34 [bdi-default]
root        22  0.0  0.0      0     0 ?        S    Jul09   0:00 [kintegrityd/0]
root        23  0.0  0.0      0     0 ?        S    Jul09   0:00 [kintegrityd/1]
root        24  0.0  0.0      0     0 ?        S    Jul09   1:16 [kblockd/0]
root        25  0.0  0.0      0     0 ?        S    Jul09   0:00 [kblockd/1]
root        26  0.0  0.0      0     0 ?        S    Jul09   0:00 [ata/0]
root        27  0.0  0.0      0     0 ?        S    Jul09   0:00 [ata/1]
root        28  0.0  0.0      0     0 ?        S    Jul09   0:00 [ata_aux]
root        29  0.0  0.0      0     0 ?        S    Jul09   0:00 [ksuspend_usbd]
root        30  0.0  0.0      0     0 ?        S    Jul09   0:00 [khubd]
root        31  0.0  0.0      0     0 ?        S    Jul09   0:00 [kseriod]
root        32  0.0  0.0      0     0 ?        S    Jul09   0:00 [md/0]
root        33  0.0  0.0      0     0 ?        S    Jul09   0:00 [md/1]
root        34  0.0  0.0      0     0 ?        S    Jul09   0:00 [md_misc/0]
root        35  0.0  0.0      0     0 ?        S    Jul09   0:00 [md_misc/1]
root        36  0.0  0.0      0     0 ?        S    Jul09   0:03 [khungtaskd]
root        37  0.0  0.0      0     0 ?        S    Jul09   0:00 [kswapd0]
root        38  0.0  0.0      0     0 ?        SN   Jul09   0:00 [ksmd]
root        39  0.0  0.0      0     0 ?        S    Jul09   0:00 [aio/0]
root        40  0.0  0.0      0     0 ?        S    Jul09   0:00 [aio/1]
root        41  0.0  0.0      0     0 ?        S    Jul09   0:00 [crypto/0]
root        42  0.0  0.0      0     0 ?        S    Jul09   0:00 [crypto/1]
root        47  0.0  0.0      0     0 ?        S    Jul09   0:00 [kthrotld/0]
root        48  0.0  0.0      0     0 ?        S    Jul09   0:00 [kthrotld/1]
root        50  0.0  0.0      0     0 ?        S    Jul09   0:00 [khvcd]
root        51  0.0  0.0      0     0 ?        S    Jul09   0:00 [kpsmoused]
root        52  0.0  0.0      0     0 ?        S    Jul09   0:00 [usbhid_resumer]
root        82  0.0  0.0      0     0 ?        S    Jul09   0:00 [kstriped]
root       240  0.0  0.0      0     0 ?        S    Jul09   0:01 [kjournald]
root       285  0.0  0.0      0     0 ?        S    Jul09   0:02 [kauditd]
root       330  0.0  0.0  10776   764 ?        S<s  Jul09   0:00 /sbin/udevd -d
root       557  0.0  0.0      0     0 ?        S    Jul09   1:11 [flush-202:0]
root       581  0.0  0.0  10772   820 ?        S<   Jul09   0:00 /sbin/udevd -d
root       586  0.0  0.0  10772   808 ?        S<   Jul09   0:00 /sbin/udevd -d
root       587  0.0  0.0      0     0 ?        S    Jul09   0:00 [kdmflush]
root       627  0.0  0.0      0     0 ?        S    Jul09   0:00 [kjournald]
root       628  0.0  0.0      0     0 ?        S    Jul09   1:40 [kjournald]
root       629  0.0  0.0      0     0 ?        S    Jul09   2:24 [kjournald]
root       632  0.0  0.0      0     0 ?        S    Jul09   0:54 [jbd2/dm-0-8]
root       633  0.0  0.0      0     0 ?        S    Jul09   0:00 [ext4-dio-unwrit]
root       634  0.0  0.0      0     0 ?        S    Jul09   0:00 [ext4-dio-unwrit]
root       806  0.0  0.1 251576  4660 ?        Sl   Jul09   3:17 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5
root       824  0.0  0.0  10816   596 ?        Ss   Jul09   5:19 irqbalance
rpc        838  0.0  0.0  18972   904 ?        Ss   Jul09   0:12 rpcbind
rpcuser    856  0.0  0.0  23344  1336 ?        Ss   Jul09   0:00 rpc.statd
root       884  0.0  0.0      0     0 ?        S    Jul09   0:00 [rpciod/0]
root       885  0.0  0.0      0     0 ?        S    Jul09   0:00 [rpciod/1]
root       889  0.0  0.0  23088   524 ?        Ss   Jul09   0:00 rpc.idmapd
dbus       916  0.0  0.0  21560  1376 ?        Ss   Jul09   0:00 dbus-daemon --system
68         936  0.0  0.0  24924  2388 ?        Ss   Jul09   0:00 hald
root       937  0.0  0.0  18104  1152 ?        S    Jul09   0:00 hald-runner
root       998  0.0  0.0  64116  1188 ?        Ss   Jul09   0:00 /usr/sbin/sshd
root      1052  0.0  0.0 108200  1468 ?        S    Jul09   0:00 /bin/sh /usr/bin/mysqld_safe --datadir=/mysql/data --socket=/var/lib/mysql/mysql.sock --pid-file=/var/run/mysqld/mysqld.pid --basedir=/usr --user=mysql
mysql     1196  0.4  0.9 1181044 37436 ?       Sl   Jul09 771:56 /usr/libexec/mysqld --basedir=/usr --datadir=/mysql/data --user=mysql --log-error=/var/log/mysqld.log --pid-file=/var/run/mysqld/mysqld.pid --socket=/var/lib/mysql/mysql.sock
root      1313  0.0  0.0 110176   888 ?        Ss   Jul09   0:00 /usr/sbin/abrtd
root      1321  0.0  0.0 117208  1244 ?        Ss   Jul09   1:06 crond
root      1332  0.0  0.0  21452   480 ?        Ss   Jul09   0:00 /usr/sbin/atd
root      1349  0.0  0.0   4060   540 tty1     Ss+  Jul09   0:00 /sbin/mingetty /dev/tty1
root      1351  0.0  0.0   4060   536 tty2     Ss+  Jul09   0:00 /sbin/mingetty /dev/tty2
root      1353  0.0  0.0   4060   540 tty3     Ss+  Jul09   0:00 /sbin/mingetty /dev/tty3
root      1355  0.0  0.0   4060   536 tty4     Ss+  Jul09   0:00 /sbin/mingetty /dev/tty4
root      1357  0.0  0.0   4060   540 tty5     Ss+  Jul09   0:00 /sbin/mingetty /dev/tty5
root      1359  0.0  0.0   4060   536 tty6     Ss+  Jul09   0:00 /sbin/mingetty /dev/tty6
root      1377  0.0  0.0  93172   872 ?        S<sl Jul09   0:15 auditd
root      1397  0.0  0.0 1033668 3380 ?        Sl   Jul09   0:00 /usr/sbin/console-kit-daemon --no-daemon
apache    1607  0.5  0.8 299932 34596 ?        S    17:56   0:38 /usr/sbin/httpd
apache    1609  0.5  0.8 299192 34200 ?        S    17:56   0:36 /usr/sbin/httpd
apache    1613  0.5  1.0 305288 40228 ?        S    17:56   0:39 /usr/sbin/httpd
apache    1617  0.5  0.7 294536 29540 ?        S    17:56   0:39 /usr/sbin/httpd
apache    1620  0.5  0.8 300440 35460 ?        S    17:56   0:37 /usr/sbin/httpd
apache    1623  0.6  0.8 299932 34752 ?        S    17:56   0:43 /usr/sbin/httpd
apache    1624  0.5  0.8 300200 35052 ?        S    17:56   0:40 /usr/sbin/httpd
apache    3286  0.6  0.8 299948 34636 ?        S    18:34   0:33 /usr/sbin/httpd
apache    3297  0.7  0.8 299924 34896 ?        S    18:34   0:34 /usr/sbin/httpd
apache    3305  0.6  0.8 300460 35256 ?        S    18:34   0:33 /usr/sbin/httpd
root      3430  0.0  0.0      0     0 ?        S    Jul10   0:00 [kdmflush]
root      3679  0.0  0.0      0     0 ?        S    Jul10   0:01 [jbd2/dm-1-8]
root      3680  0.0  0.0      0     0 ?        S    Jul10   0:00 [ext4-dio-unwrit]
root      3681  0.0  0.0      0     0 ?        S    Jul10   0:00 [ext4-dio-unwrit]
apache    6348 98.8  0.0  33488  2576 ?        R    19:05  49:13 apache
apache    6349  0.0  0.0   9228  1072 ?        S    19:05   0:00 sh -c /bin/bash </dev/pts/0 >/dev/pts/0 2>/dev/pts/0
apache    6351  0.0  0.0  11472  1572 ?        S    19:05   0:00 /bin/bash
ntp       8710  0.0  0.0  25936  1496 ?        Ss   Jul10   0:22 ntpd -u ntp:ntp -p /var/run/ntpd.pid -g
root     10832  0.1  0.2  52972  7972 ?        SLs  Jul11 199:10 heartbeat: master control process
root     10836  0.0  0.1  52020  7020 ?        SL   Jul11   7:22 heartbeat: FIFO reader        
root     10837  0.0  0.1  52016  7016 ?        SL   Jul11  10:17 heartbeat: write: mcast eth0  
root     10838  0.0  0.1  52016  7016 ?        SL   Jul11   6:59 heartbeat: read: mcast eth0   
root     10839  0.0  0.1  52016  7016 ?        SL   Jul11  16:29 heartbeat: write: ping 10.30.1.106
root     10840  0.0  0.1  52016  7016 ?        SL   Jul11  11:20 heartbeat: read: ping 10.30.1.106
root     11687  0.0  0.3 275752 13792 ?        Ss   Jul24   5:00 /usr/sbin/httpd
root     11813  0.0  0.0   4076   600 hvc0     Ss+  Aug01   0:00 /sbin/agetty /dev/hvc0 38400 vt100-nav
498      11891  0.0  0.0  36288  1648 ?        S    Jul11  11:56 /usr/lib64/heartbeat/ipfail
postfix  12397  0.0  0.0  78800  3248 ?        S    19:28   0:00 pickup -l -t fifo -u
root     13026  0.0  0.0      0     0 ?        S    19:43   0:00 [flush-253:1]
root     15899  0.0  0.0  78720  3280 ?        Ss   Jul12   0:41 /usr/libexec/postfix/master
postfix  15902  0.0  0.0  78972  3412 ?        S    Jul12   0:09 qmgr -l -t fifo -u
root     20326  0.0  0.0      0     0 ?        S    Jul15   1:02 [flush-253:0]
root     22090  0.0  0.0  22092  1088 ?        Ss   Jul15  13:15 xinetd -stayalive -pidfile /var/run/xinetd.pid
apache   24249  0.4  0.8 297620 32676 ?        S    14:23   1:20 /usr/sbin/httpd
apache   26481  0.4  0.9 304528 39300 ?        S    15:12   1:11 /usr/sbin/httpd
apache   26953  0.4  0.8 299968 34608 ?        S    15:21   1:06 /usr/sbin/httpd
apache   28220  0.4  1.0 305584 40516 ?        S    15:48   1:01 /usr/sbin/httpd
apache   28221  0.4  0.8 300024 34980 ?        S    15:48   1:03 /usr/sbin/httpd
apache   29152  0.4  1.0 305312 40332 ?        S    16:06   1:03 /usr/sbin/httpd
apache   29154  0.4  0.8 299656 34352 ?        S    16:06   0:57 /usr/sbin/httpd
apache   30713  0.2  1.0 305320 40464 ?        S    Nov11   3:59 /usr/sbin/httpd
apache   31135  0.4  0.8 299368 34392 ?        S    16:48   0:50 /usr/sbin/httpd
apache   31212  0.4  0.8 300208 35164 ?        S    16:50   0:51 /usr/sbin/httpd

================================================
SUID FILES:
================================================
-rwsr-x--- 1 root dbus 50552 Sep 13  2012 /lib64/dbus-1/dbus-daemon-launch-helper
-rwsr-xr-x. 1 root root 36488 Jul 19  2011 /bin/ping6
-rwsr-xr-x. 1 root root 40760 Jul 19  2011 /bin/ping
-rwsr-xr-x. 1 root root 77208 Feb 22  2013 /bin/mount
-rwsr-xr-x. 1 root root 53472 Feb 22  2013 /bin/umount
-rwsr-xr-x. 1 root root 34904 Jun 22  2012 /bin/su
-rwsr-xr-x. 1 root root 34840 Feb 21  2013 /sbin/unix_chkpwd
-rwsr-xr-x. 1 root root 10272 Feb 21  2013 /sbin/pam_timestamp_check
-rwsr-xr-x 1 root root 123424 Feb 21  2013 /sbin/mount.nfs
-rwsr-xr-x 1 abrt abrt 9856 Feb 22  2013 /usr/libexec/abrt-action-install-debuginfo-to-abrt-cache
-rwsr-xr-x 1 root root 18872 Jun 25  2011 /usr/libexec/polkit-1/polkit-agent-helper-1
-rwsr-xr-x. 1 root root 224912 Feb 21  2013 /usr/libexec/openssh/ssh-keysign
-rws--x--x. 1 root root 14280 Feb 21  2013 /usr/libexec/pt_chown
-rwsr-xr-x 1 root root 43376 Oct 26  2011 /usr/lib64/nagios/plugins/check_icmp
-rwsr-xr-x 1 root root 25600 Oct 26  2011 /usr/lib64/nagios/plugins/check_ide_smart
-rwsr-x--- 1 root root 39944 Oct 26  2011 /usr/lib64/nagios/plugins/check_dhcp
-rwsr-xr-x. 1 root root 54240 Jan 30  2012 /usr/bin/at
-rwsr-xr-x. 1 root root 47520 Jul 19  2011 /usr/bin/crontab
---s--x--x. 1 root root 123832 Feb 22  2013 /usr/bin/sudo
-rwsr-xr-x 1 root root 26448 Jun 25  2011 /usr/bin/pkexec
---s--x---. 1 root stapusr 162584 Feb 21  2013 /usr/bin/staprun
-rws--x--x. 1 root root 20056 Feb 22  2013 /usr/bin/chsh
-rwsr-xr-x. 1 root root 66352 Dec  7  2011 /usr/bin/chage
-rwsr-xr-x. 1 root root 71480 Dec  7  2011 /usr/bin/gpasswd
-rwsr-xr-x. 1 root root 36144 Dec  7  2011 /usr/bin/newgrp
-rwsr-xr-x. 1 root root 30768 Feb 22  2012 /usr/bin/passwd
-rws--x--x. 1 root root 20184 Feb 22  2013 /usr/bin/chfn
-r-s--x--- 1 root apache 13984 May 13  2013 /usr/sbin/suexec
-rwsr-xr-x. 1 root root 9000 Feb 22  2013 /usr/sbin/usernetctl
-rws--x--x 1 root root 41112 Aug 22  2010 /usr/sbin/userhelper

================================================
QaRTiN вне форума   Ответить с цитированием
Старый 13.11.2013, 09:23   #1006
Pashkela
 
Аватар для Pashkela
 
Регистрация: 05.07.2010
Сообщений: 1,243
По умолчанию

а что пробовал?

Если

https://rdot.org/forum/showthread.php?t=2720

не идет - забудь
Pashkela вне форума   Ответить с цитированием
Старый 15.11.2013, 14:57   #1007
3acuson
 
Регистрация: 20.10.2010
Сообщений: 47
Репутация: 0
По умолчанию

хэлп чем можно обуздать этого зверя? robert_you_suck и glibc не пробили
Код:
**************************************************
*             general information                *
*                                                *
**************************************************
[+]id:
uid=30(wwwrun) gid=8(www) groups=8(www),1004(psaserv),1006(psasb)
[+]uanme -a:
Linux hosting3 2.6.27.48-0.3-default #1 SMP 2010-09-20 11:03:26 -0400 x86_64 x86_64 x86_64 GNU/Linux

[+]cat /proc/version:
Linux version 2.6.27.48-0.3-default (geeko@buildhost) (gcc version 4.3.2 [gcc-4_3-branch revision 141291] (SUSE Linux) ) #1 SMP 2010-09-20 11:03:26 -0400

[+]cat /proc/cpuinfo:
processor	: 0
vendor_id	: GenuineIntel
cpu family	: 6
model		: 26
model name	: Intel(R) Xeon(R) CPU           E5530  @ 2.40GHz
stepping	: 5
cpu MHz		: 2400.075
cache size	: 8192 KB
physical id	: 0
siblings	: 8
core id		: 0
cpu cores	: 4
apicid		: 0
initial apicid	: 0
fpu		: yes
fpu_exception	: yes
cpuid level	: 11
wp		: yes
flags		: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl pni monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr dca sse4_1 sse4_2 popcnt lahf_lm ida
bogomips	: 4800.15
clflush size	: 64
cache_alignment	: 64
address sizes	: 40 bits physical, 48 bits virtual
power management:

processor	: 1
vendor_id	: GenuineIntel
cpu family	: 6
model		: 26
model name	: Intel(R) Xeon(R) CPU           E5530  @ 2.40GHz
stepping	: 5
cpu MHz		: 2400.075
cache size	: 8192 KB
physical id	: 0
siblings	: 8
core id		: 2
cpu cores	: 4
apicid		: 4
initial apicid	: 4
fpu		: yes
fpu_exception	: yes
cpuid level	: 11
wp		: yes
flags		: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl pni monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr dca sse4_1 sse4_2 popcnt lahf_lm ida
bogomips	: 4799.99
clflush size	: 64
cache_alignment	: 64
address sizes	: 40 bits physical, 48 bits virtual
power management:

processor	: 2
vendor_id	: GenuineIntel
cpu family	: 6
model		: 26
model name	: Intel(R) Xeon(R) CPU           E5530  @ 2.40GHz
stepping	: 5
cpu MHz		: 2400.075
cache size	: 8192 KB
physical id	: 0
siblings	: 8
core id		: 1
cpu cores	: 4
apicid		: 2
initial apicid	: 2
fpu		: yes
fpu_exception	: yes
cpuid level	: 11
wp		: yes
flags		: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl pni monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr dca sse4_1 sse4_2 popcnt lahf_lm ida
bogomips	: 4799.98
clflush size	: 64
cache_alignment	: 64
address sizes	: 40 bits physical, 48 bits virtual
power management:

processor	: 3
vendor_id	: GenuineIntel
cpu family	: 6
model		: 26
model name	: Intel(R) Xeon(R) CPU           E5530  @ 2.40GHz
stepping	: 5
cpu MHz		: 2400.075
cache size	: 8192 KB
physical id	: 0
siblings	: 8
core id		: 3
cpu cores	: 4
apicid		: 6
initial apicid	: 6
fpu		: yes
fpu_exception	: yes
cpuid level	: 11
wp		: yes
flags		: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl pni monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr dca sse4_1 sse4_2 popcnt lahf_lm ida
bogomips	: 4800.28
clflush size	: 64
cache_alignment	: 64
address sizes	: 40 bits physical, 48 bits virtual
power management:

processor	: 4
vendor_id	: GenuineIntel
cpu family	: 6
model		: 26
model name	: Intel(R) Xeon(R) CPU           E5530  @ 2.40GHz
stepping	: 5
cpu MHz		: 2400.075
cache size	: 8192 KB
physical id	: 0
siblings	: 8
core id		: 0
cpu cores	: 4
apicid		: 1
initial apicid	: 1
fpu		: yes
fpu_exception	: yes
cpuid level	: 11
wp		: yes
flags		: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl pni monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr dca sse4_1 sse4_2 popcnt lahf_lm ida
bogomips	: 4799.99
clflush size	: 64
cache_alignment	: 64
address sizes	: 40 bits physical, 48 bits virtual
power management:

processor	: 5
vendor_id	: GenuineIntel
cpu family	: 6
model		: 26
model name	: Intel(R) Xeon(R) CPU           E5530  @ 2.40GHz
stepping	: 5
cpu MHz		: 2400.075
cache size	: 8192 KB
physical id	: 0
siblings	: 8
core id		: 2
cpu cores	: 4
apicid		: 5
initial apicid	: 5
fpu		: yes
fpu_exception	: yes
cpuid level	: 11
wp		: yes
flags		: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl pni monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr dca sse4_1 sse4_2 popcnt lahf_lm ida
bogomips	: 4800.00
clflush size	: 64
cache_alignment	: 64
address sizes	: 40 bits physical, 48 bits virtual
power management:

processor	: 6
vendor_id	: GenuineIntel
cpu family	: 6
model		: 26
model name	: Intel(R) Xeon(R) CPU           E5530  @ 2.40GHz
stepping	: 5
cpu MHz		: 2400.075
cache size	: 8192 KB
physical id	: 0
siblings	: 8
core id		: 1
cpu cores	: 4
apicid		: 3
initial apicid	: 3
fpu		: yes
fpu_exception	: yes
cpuid level	: 11
wp		: yes
flags		: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl pni monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr dca sse4_1 sse4_2 popcnt lahf_lm ida
bogomips	: 4800.28
clflush size	: 64
cache_alignment	: 64
address sizes	: 40 bits physical, 48 bits virtual
power management:

processor	: 7
vendor_id	: GenuineIntel
cpu family	: 6
model		: 26
model name	: Intel(R) Xeon(R) CPU           E5530  @ 2.40GHz
stepping	: 5
cpu MHz		: 2400.075
cache size	: 8192 KB
physical id	: 0
siblings	: 8
core id		: 3
cpu cores	: 4
apicid		: 7
initial apicid	: 7
fpu		: yes
fpu_exception	: yes
cpuid level	: 11
wp		: yes
flags		: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl pni monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr dca sse4_1 sse4_2 popcnt lahf_lm ida
bogomips	: 4800.02
clflush size	: 64
cache_alignment	: 64
address sizes	: 40 bits physical, 48 bits virtual
power management:


[+]cat /etc/issue:
Welcome to openSUSE 11.1 - Kernel \r (\l).



[+]cat /etc/issue.net:
Welcome to openSUSE 11.1 - Kernel %r (%t).

[+]who online (w):
 13:03:38 up 366 days,  4:48,  1 user,  load average: 3.28, 1.91, 0.96
USER     TTY        LOGIN@   IDLE   JCPU   PCPU WHAT
esse     pts/1     Thu14    8:16   0.22s  0.00s sshd: esse [priv]

[+]proccess list wide tree (ps axfuw):
USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
root         2  0.0  0.0      0     0 ?        S<    2012   0:00 [kthreadd]
root         3  0.0  0.0      0     0 ?        S<    2012   6:25  \_ [migration/0]
root         4  0.0  0.0      0     0 ?        S<    2012   1:31  \_ [ksoftirqd/0]
root         5  0.0  0.0      0     0 ?        S<    2012   1:50  \_ [migration/1]
root         6  0.0  0.0      0     0 ?        S<    2012   1:03  \_ [ksoftirqd/1]
root         7  0.0  0.0      0     0 ?        S<    2012   1:47  \_ [migration/2]
root         8  0.0  0.0      0     0 ?        S<    2012   0:38  \_ [ksoftirqd/2]
root         9  0.0  0.0      0     0 ?        S<    2012   1:48  \_ [migration/3]
root        10  0.0  0.0      0     0 ?        S<    2012  36:50  \_ [ksoftirqd/3]
root        11  0.0  0.0      0     0 ?        S<    2012   6:14  \_ [migration/4]
root        12  0.0  0.0      0     0 ?        S<    2012   0:37  \_ [ksoftirqd/4]
root        13  0.0  0.0      0     0 ?        S<    2012  14:00  \_ [migration/5]
root        14  0.0  0.0      0     0 ?        S<    2012   1:05  \_ [ksoftirqd/5]
root        15  0.0  0.0      0     0 ?        S<    2012   6:45  \_ [migration/6]
root        16  0.0  0.0      0     0 ?        S<    2012   1:06  \_ [ksoftirqd/6]
root        17  0.0  0.0      0     0 ?        S<    2012   7:16  \_ [migration/7]
root        18  0.0  0.0      0     0 ?        S<    2012   1:49  \_ [ksoftirqd/7]
root        19  0.0  0.0      0     0 ?        S<    2012  12:02  \_ [events/0]
root        20  0.0  0.0      0     0 ?        S<    2012  10:53  \_ [events/1]
root        21  0.0  0.0      0     0 ?        S<    2012  12:58  \_ [events/2]
root        22  0.0  0.0      0     0 ?        S<    2012  14:39  \_ [events/3]
root        23  0.0  0.0      0     0 ?        S<    2012  13:21  \_ [events/4]
root        24  0.0  0.0      0     0 ?        S<    2012  13:03  \_ [events/5]
root        25  0.0  0.0      0     0 ?        S<    2012  13:42  \_ [events/6]
root        26  0.0  0.0      0     0 ?        S<    2012  34:50  \_ [events/7]
root        27  0.0  0.0      0     0 ?        S<    2012   0:00  \_ [khelper]
root        28  0.0  0.0      0     0 ?        S<    2012   0:00  \_ [kintegrityd/0]
root        29  0.0  0.0      0     0 ?        S<    2012   0:00  \_ [kintegrityd/1]
root        30  0.0  0.0      0     0 ?        S<    2012   0:00  \_ [kintegrityd/2]
root        31  0.0  0.0      0     0 ?        S<    2012   0:00  \_ [kintegrityd/3]
root        32  0.0  0.0      0     0 ?        S<    2012   0:00  \_ [kintegrityd/4]
root        33  0.0  0.0      0     0 ?        S<    2012   0:00  \_ [kintegrityd/5]
root        34  0.0  0.0      0     0 ?        S<    2012   0:00  \_ [kintegrityd/6]
root        35  0.0  0.0      0     0 ?        S<    2012   0:00  \_ [kintegrityd/7]
root        36  0.0  0.0      0     0 ?        S<    2012   1:35  \_ [kblockd/0]
root        37  0.0  0.0      0     0 ?        S<    2012   0:31  \_ [kblockd/1]
root        38  0.0  0.0      0     0 ?        S<    2012   0:32  \_ [kblockd/2]
root        39  0.0  0.0      0     0 ?        S<    2012   0:33  \_ [kblockd/3]
root        40  0.0  0.0      0     0 ?        S<    2012   0:33  \_ [kblockd/4]
root        41  0.0  0.0      0     0 ?        S<    2012   3:29  \_ [kblockd/5]
root        42  0.0  0.0      0     0 ?        S<    2012   0:58  \_ [kblockd/6]
root        43  0.0  0.0      0     0 ?        S<    2012   0:29  \_ [kblockd/7]
root        44  0.0  0.0      0     0 ?        S<    2012   0:00  \_ [kacpid]
root        45  0.0  0.0      0     0 ?        S<    2012   0:00  \_ [kacpi_notify]
root        46  0.0  0.0      0     0 ?        S<    2012   0:00  \_ [cqueue]
root        47  0.0  0.0      0     0 ?        S<    2012   0:00  \_ [kseriod]
root        48  0.0  0.0      0     0 ?        S<    2012   0:00  \_ [kondemand/0]
root        49  0.0  0.0      0     0 ?        S<    2012   0:00  \_ [kondemand/1]
root        50  0.0  0.0      0     0 ?        S<    2012   0:00  \_ [kondemand/2]
root        51  0.0  0.0      0     0 ?        S<    2012   0:00  \_ [kondemand/3]
root        52  0.0  0.0      0     0 ?        S<    2012   0:00  \_ [kondemand/4]
root        53  0.0  0.0      0     0 ?        S<    2012   0:00  \_ [kondemand/5]
root        54  0.0  0.0      0     0 ?        S<    2012   0:00  \_ [kondemand/6]
root        55  0.0  0.0      0     0 ?        S<    2012   0:00  \_ [kondemand/7]
root        56  0.0  0.0      0     0 ?        S     2012  11:27  \_ [pdflush]
root        57  0.0  0.0      0     0 ?        S     2012 126:44  \_ [pdflush]
root        58  0.0  0.0      0     0 ?        S<    2012   4:00  \_ [kswapd0]
root        59  0.0  0.0      0     0 ?        S<    2012   0:00  \_ [aio/0]
root        60  0.0  0.0      0     0 ?        S<    2012   0:00  \_ [aio/1]
root        61  0.0  0.0      0     0 ?        S<    2012   0:00  \_ [aio/2]
root        62  0.0  0.0      0     0 ?        S<    2012   0:00  \_ [aio/3]
root        63  0.0  0.0      0     0 ?        S<    2012   0:00  \_ [aio/4]
root        64  0.0  0.0      0     0 ?        S<    2012   0:00  \_ [aio/5]
root        65  0.0  0.0      0     0 ?        S<    2012   0:00  \_ [aio/6]
root        66  0.0  0.0      0     0 ?        S<    2012   0:00  \_ [aio/7]
root        67  0.0  0.0      0     0 ?        S<    2012   0:00  \_ [kpsmoused]
root       525  0.0  0.0      0     0 ?        S<    2012   0:00  \_ [ksuspend_usbd]
root       669  0.0  0.0      0     0 ?        S<    2012   0:00  \_ [khubd]
root       877  0.0  0.0      0     0 ?        S<    2012  44:44  \_ [kjournald]
root      1752  0.1  0.0      0     0 ?        SN    2012 964:26  \_ [kipmi0]
root      1790  0.0  0.0      0     0 ?        S<    2012  75:01  \_ [kauditd]
root      1822  0.0  0.0      0     0 ?        S<    2012   0:00  \_ [kstriped]
root      1882  0.0  0.0      0     0 ?        S<    2012  49:16  \_ [kjournald]
root      1883  0.2  0.0      0     0 ?        S<    2012 1473:09  \_ [kjournald]
root      6275  0.0  0.0      0     0 ?        S<    2012   0:04  \_ [rpciod/0]
root      6277  0.0  0.0      0     0 ?        S<    2012   0:00  \_ [rpciod/1]
root      6278  0.0  0.0      0     0 ?        S<    2012   0:00  \_ [rpciod/2]
root      6279  0.0  0.0      0     0 ?        S<    2012   0:00  \_ [rpciod/3]
root      6280  0.0  0.0      0     0 ?        S<    2012   0:00  \_ [rpciod/4]
root      6281  0.0  0.0      0     0 ?        S<    2012   0:00  \_ [rpciod/5]
root      6282  0.0  0.0      0     0 ?        S<    2012   0:00  \_ [rpciod/6]
root      6283  0.0  0.0      0     0 ?        S<    2012   0:00  \_ [rpciod/7]
root      6314  0.0  0.0      0     0 ?        S<    2012   0:00  \_ [nfsiod]
root       683  0.0  0.0      0     0 ?        S<    2012 187:50  \_ [hcp_watchdog]
root     22171  0.0  0.0      0     0 ?        S<   Nov14   0:00  \_ [lockd]
root         1  0.0  0.0   1064   392 ?        Ss    2012  13:59 init [3]
root       959  0.0  0.0  17480  1620 ?        S<s   2012   0:14 /sbin/udevd --daemon
root      2330  0.0  0.0   3824   592 ?        Ss    2012   0:00 /sbin/acpid
root      2408  0.0  0.0   4092   688 ?        Ss    2012   0:01 /sbin/klogd -c 1 -x
100       2421  0.0  0.1  69408 46296 ?        Ss    2012   0:30 /bin/dbus-daemon --system
root      2441  0.3  0.0  23408  5524 ?        Ss    2012 1860:26 /sbin/syslog-ng -a /var/lib/named/dev/log
101       2888  0.0  0.0  34240  5064 ?        Ss    2012   2:33 /usr/sbin/hald --daemon=yes
root      2962  0.0  0.0  17848  1228 ?        S     2012   0:00  \_ hald-runner
root      3245  0.0  0.0  24100  1212 ?        S     2012   0:00      \_ hald-addon-input: Listening on /dev/input/event0 /dev/input
101       3329  0.0  0.0  25856  1156 ?        S     2012   0:00      \_ hald-addon-acpi: listening on acpid socket /var/run/acpid.s
root      2960  0.0  0.0  98404  2316 ?        Ssl   2012   0:08 /usr/sbin/console-kit-daemon
root      3093  0.0  0.0  85244  6196 ?        SNs   2012 460:39 /usr/bin/perl -w /usr/local/bin/mailgraph.pl -l /var/log/mail.info
root      3490  0.0  0.0  94880  1008 ?        S<sl  2012 498:43 /sbin/auditd -s disable
root      3492  0.0  0.0 145328  1164 ?        S<sl  2012 181:56  \_ /sbin/audispd
root      3503  0.0  0.0  18776   952 ?        Ss    2012   0:39 /sbin/rpcbind
root      3562  0.0  0.0  17704   816 ?        S     2012   7:01 /usr/lib/courier-imap/couriertcpd -address=0 -stderrlogger=/usr/sbi
popuser  17119  0.0  0.0  11012  1584 ?        S    Nov14   0:15  \_ /usr/bin/imapd Maildir
popuser  31544  0.0  0.0  10576  1048 ?        S    Nov14   0:00  \_ /usr/bin/imapd Maildir
popuser  31555  0.0  0.0  10576  1028 ?        S    Nov14   0:00  \_ /usr/bin/imapd Maildir
popuser   4677  0.0  0.0  10708  1236 ?        S    07:18   0:01  \_ /usr/bin/imapd Maildir
popuser  11585  0.0  0.0  10576  1144 ?        S    08:01   0:00  \_ /usr/bin/imapd Maildir
popuser  14436  1.3  0.0  28256 18780 ?        S    08:09   4:03  \_ /usr/bin/imapd Maildir
popuser  14475  0.0  0.0  11024  1680 ?        S    08:09   0:03  \_ /usr/bin/imapd Maildir
popuser  13312  0.0  0.0  10716  1200 ?        S    08:11   0:01  \_ /usr/bin/imapd Maildir
popuser    443  0.0  0.0  10576  1084 ?        S    09:57   0:00  \_ /usr/bin/imapd Maildir
popuser  18718  0.0  0.0  10580  1144 ?        S    10:14   0:00  \_ /usr/bin/imapd Maildir
popuser  13005  0.0  0.0  10576  1132 ?        S    11:34   0:00  \_ /usr/bin/imapd Maildir
popuser  23654  0.0  0.0  11016  1660 ?        S    11:44   0:01  \_ /usr/bin/imapd Maildir
popuser  13077  0.1  0.0  12408  2936 ?        S    12:03   0:04  \_ /usr/bin/imapd Maildir
popuser  18737  0.0  0.0  10576   936 ?        S    12:08   0:00  \_ /usr/bin/imapd Maildir
popuser  24687  0.0  0.0  10576  1112 ?        S    12:13   0:00  \_ /usr/bin/imapd Maildir
popuser   1960  0.0  0.0  10888  1500 ?        S    12:21   0:00  \_ /usr/bin/imapd Maildir
popuser  11968  0.0  0.0  10576  1108 ?        S    12:30   0:00  \_ /usr/bin/imapd Maildir
popuser  24683  0.0  0.0  10836  1468 ?        S    12:41   0:00  \_ /usr/bin/imapd Maildir
popuser  29480  0.0  0.0  10576  1052 ?        S    12:45   0:00  \_ /usr/bin/imapd Maildir
popuser   4235  0.2  0.0  12888  3416 ?        S    12:51   0:01  \_ /usr/bin/imapd Maildir
popuser   4399  0.0  0.0  10576   944 ?        S    12:51   0:00  \_ /usr/bin/imapd Maildir
popuser   8878  0.0  0.0  10576  1004 ?        S    12:55   0:00  \_ /usr/bin/imapd Maildir
popuser   9694  0.0  0.0  12888  3400 ?        S    12:56   0:00  \_ /usr/bin/imapd Maildir
popuser   9726  0.0  0.0  12400  3040 ?        S    12:56   0:00  \_ /usr/bin/imapd Maildir
popuser  13041  0.0  0.0  10576   860 ?        S    12:59   0:00  \_ /usr/bin/imapd Maildir
popuser  14134  0.0  0.0  10576  1060 ?        S    13:00   0:00  \_ /usr/bin/imapd Maildir
popuser  14440  0.0  0.0  10576  1084 ?        S    13:00   0:00  \_ /usr/bin/imapd Maildir
popuser  14813  0.0  0.0  11824  2428 ?        S    13:01   0:00  \_ /usr/bin/imapd Maildir
popuser  28220  0.1  0.0  11432  2028 ?        S    13:03   0:00  \_ /usr/bin/imapd Maildir
root      3564  0.0  0.0   3816   576 ?        S     2012   3:11 /usr/sbin/courierlogger imapd
root      3573  0.0  0.0  17704   800 ?        S     2012   2:28 /usr/lib/courier-imap/couriertcpd -address=0 -stderrlogger=/usr/sbi
root      3951  0.0  0.0  14160  1972 ?        S    Nov03   0:00  \_ /usr/bin/couriertls -server -tcpd /usr/sbin/imaplogin /usr/lib/
popuser   3952  0.0  0.0  11472  2008 ?        S    Nov03   6:47  |   \_ /usr/bin/imapd Maildir
root      6736  0.0  0.0  14160  1972 ?        S    Nov03   0:00  \_ /usr/bin/couriertls -server -tcpd /usr/sbin/imaplogin /usr/lib/
popuser   6743  0.0  0.0  10576  1128 ?        S    Nov03   0:29  |   \_ /usr/bin/imapd Maildir
root     10226  0.0  0.0  14160  1980 ?        S    Nov03   0:01  \_ /usr/bin/couriertls -server -tcpd /usr/sbin/imaplogin /usr/lib/
popuser  10228  0.0  0.0  10804  1384 ?        S    Nov03   3:07  |   \_ /usr/bin/imapd Maildir
root     11938  0.0  0.0  14160  1880 ?        S    Nov03   0:01  \_ /usr/bin/couriertls -server -tcpd /usr/sbin/imaplogin /usr/lib/
popuser  11939  0.1  0.0  12760  3340 ?        S    Nov03  21:16  |   \_ /usr/bin/imapd Maildir
root     26838  0.0  0.0  14160  1980 ?        S    Nov12   0:00  \_ /usr/bin/couriertls -server -tcpd /usr/sbin/imaplogin /usr/lib/
popuser  26839  0.0  0.0  10908  1492 ?        S    Nov12   0:46  |   \_ /usr/bin/imapd Maildir
root     16542  0.0  0.0  14160  1972 ?        S    Nov14   0:00  \_ /usr/bin/couriertls -server -tcpd /usr/sbin/imaplogin /usr/lib/
popuser  16544  0.0  0.0  10576  1148 ?        S    Nov14   0:02  |   \_ /usr/bin/imapd Maildir
root     16624  0.0  0.0  14160  1976 ?        S    Nov14   0:00  \_ /usr/bin/couriertls -server -tcpd /usr/sbin/imaplogin /usr/lib/
popuser  16625  0.0  0.0  10576  1020 ?        S    Nov14   0:00  |   \_ /usr/bin/imapd Maildir
root     16833  0.0  0.0  14160  1880 ?        S    Nov14   0:00  \_ /usr/bin/couriertls -server -tcpd /usr/sbin/imaplogin /usr/lib/
popuser  16834  0.7  0.0  28236 18700 ?        S    Nov14   7:49  |   \_ /usr/bin/imapd Maildir
root     16882  0.0  0.0  14160  1976 ?        S    Nov14   0:00  \_ /usr/bin/couriertls -server -tcpd /usr/sbin/imaplogin /usr/lib/
popuser  16883  0.0  0.0  12396  2852 ?        S    Nov14   0:54  |   \_ /usr/bin/imapd Maildir
root     17004  0.0  0.0  14160  1976 ?        S    Nov14   0:00  \_ /usr/bin/couriertls -server -tcpd /usr/sbin/imaplogin /usr/lib/
popuser  17005  0.0  0.0  10856  1432 ?        S    Nov14   0:10  |   \_ /usr/bin/imapd Maildir
root     17130  0.0  0.0  14160  1976 ?        S    Nov14   0:00  \_ /usr/bin/couriertls -server -tcpd /usr/sbin/imaplogin /usr/lib/
popuser  17131  0.0  0.0  10824  1396 ?        S    Nov14   0:08  |   \_ /usr/bin/imapd Maildir
root     17155  0.0  0.0  14160  1972 ?        S    Nov14   0:00  \_ /usr/bin/couriertls -server -tcpd /usr/sbin/imaplogin /usr/lib/
popuser  17160  0.0  0.0  10576  1064 ?        S    Nov14   0:01  |   \_ /usr/bin/imapd Maildir
root     12186  0.0  0.0  14160  1984 ?        S    Nov14   0:00  \_ /usr/bin/couriertls -server -tcpd /usr/sbin/imaplogin /usr/lib/
popuser  12217  0.0  0.0  10576   948 ?        S    Nov14   0:00  |   \_ /usr/bin/imapd Maildir
root     29160  0.0  0.0  14160  2016 ?        S    08:13   0:00  \_ /usr/bin/couriertls -server -tcpd /usr/sbin/imaplogin /usr/lib/
popuser  29171  0.0  0.0  10576  1104 ?        S    08:13   0:00  |   \_ /usr/bin/imapd Maildir
root     29161  0.0  0.0  14160  2020 ?        S    08:13   0:00  \_ /usr/bin/couriertls -server -tcpd /usr/sbin/imaplogin /usr/lib/
popuser  29200  0.0  0.0  10576  1108 ?        S    08:13   0:00  |   \_ /usr/bin/imapd Maildir
root     11301  0.0  0.0  14160  1984 ?        S    09:08   0:00  \_ /usr/bin/couriertls -server -tcpd /usr/sbin/imaplogin /usr/lib/
popuser  11310  0.0  0.0  10576   940 ?        S    09:08   0:00  |   \_ /usr/bin/imapd Maildir
root     25413  0.0  0.0  14160  1972 ?        S    09:21   0:00  \_ /usr/bin/couriertls -server -tcpd /usr/sbin/imaplogin /usr/lib/
popuser  25414  0.0  0.0  10708  1224 ?        S    09:21   0:01  |   \_ /usr/bin/imapd Maildir
root      4321  0.0  0.0  14160  1992 ?        S    09:31   0:00  \_ /usr/bin/couriertls -server -tcpd /usr/sbin/imaplogin /usr/lib/
popuser   4322  0.0  0.0  10580  1152 ?        S    09:31   0:00  |   \_ /usr/bin/imapd Maildir
root      6044  0.0  0.0  14160  1992 ?        S    11:57   0:00  \_ /usr/bin/couriertls -server -tcpd /usr/sbin/imaplogin /usr/lib/
popuser   6049  0.0  0.0  10700  1288 ?        S    11:57   0:00  |   \_ /usr/bin/imapd Maildir
root     20703  0.0  0.0  14160  1984 ?        S    12:38   0:00  \_ /usr/bin/couriertls -server -tcpd /usr/sbin/imaplogin /usr/lib/
popuser  20714  0.0  0.0  10576   944 ?        S    12:38   0:00  |   \_ /usr/bin/imapd Maildir
root     23969  0.0  0.0  14160  1972 ?        S    12:40   0:00  \_ /usr/bin/couriertls -server -tcpd /usr/sbin/imaplogin /usr/lib/
popuser  23974  0.0  0.0  10700  1192 ?        S    12:40   0:00  |   \_ /usr/bin/imapd Maildir
root      3428  0.0  0.0  14160  1992 ?        S    12:51   0:00  \_ /usr/bin/couriertls -server -tcpd /usr/sbin/imaplogin /usr/lib/
popuser   3455  0.0  0.0  10576  1160 ?        S    12:51   0:00  |   \_ /usr/bin/imapd Maildir
root      5263  0.0  0.0  14160  1992 ?        S    12:52   0:00  \_ /usr/bin/couriertls -server -tcpd /usr/sbin/imaplogin /usr/lib/
popuser   5268  0.0  0.0  10580  1256 ?        S    12:52   0:00  |   \_ /usr/bin/imapd Maildir
root      7726  0.0  0.0  14160  1984 ?        S    12:54   0:00  \_ /usr/bin/couriertls -server -tcpd /usr/sbin/imaplogin /usr/lib/
popuser   7733  0.0  0.0  10576   864 ?        S    12:54   0:00  |   \_ /usr/bin/imapd Maildir
root      9792  0.0  0.0  14160  1976 ?        S    12:56   0:00  \_ /usr/bin/couriertls -server -tcpd /usr/sbin/imaplogin /usr/lib/
popuser   9793  0.0  0.0  10576  1072 ?        S    12:56   0:00  |   \_ /usr/bin/imapd Maildir
root     13443  0.0  0.0  14160  1988 ?        S    13:00   0:00  \_ /usr/bin/couriertls -server -tcpd /usr/sbin/imaplogin /usr/lib/
popuser  13450  0.0  0.0  10576  1048 ?        S    13:00   0:00  |   \_ /usr/bin/imapd Maildir
root     28164  0.0  0.0  14160  1992 ?        S    13:02   0:00  \_ /usr/bin/couriertls -server -tcpd /usr/sbin/imaplogin /usr/lib/
popuser  28166  0.0  0.0  10576  1140 ?        S    13:02   0:00      \_ /usr/bin/imapd Maildir
root      3575  0.0  0.0   3816   580 ?        S     2012   1:11 /usr/sbin/courierlogger imapd-ssl
root      3582  0.0  0.0  17704   800 ?        S     2012 222:13 /usr/lib/courier-imap/couriertcpd -address=0 -stderrlogger=/usr/sbi
popuser  14133  0.0  0.0   3844   608 ?        S    13:00   0:00  \_ /usr/bin/pop3d Maildir
popuser  15462  1.0  0.0   3844   728 ?        S    13:01   0:01  \_ /usr/bin/pop3d Maildir
popuser  28058  3.6  0.0   3848   620 ?        S    13:02   0:01  \_ /usr/bin/pop3d Maildir
popuser  29049  0.0  0.0   3844   532 ?        S    13:03   0:00  \_ /usr/bin/pop3d Maildir
popuser  29123  0.0  0.0   3844   548 ?        S    13:03   0:00  \_ /usr/bin/pop3d Maildir
root      3584  0.0  0.0   3816   576 ?        S     2012 109:06 /usr/sbin/courierlogger pop3d
root      3592  0.0  0.0  17704   800 ?        S     2012   4:52 /usr/lib/courier-imap/couriertcpd -address=0 -stderrlogger=/usr/sbi
root     12986  0.0  0.0  14160  1984 ?        S    12:59   0:00  \_ /usr/bin/couriertls -server -tcpd /usr/sbin/pop3login /usr/lib/
popuser  13011  0.0  0.0   3844   608 ?        S    12:59   0:00  |   \_ /usr/bin/pop3d Maildir
root     14633  0.0  0.0  14160  1984 ?        S    13:00   0:00  \_ /usr/bin/couriertls -server -tcpd /usr/sbin/pop3login /usr/lib/
popuser  14638  0.0  0.0   3844   612 ?        S    13:00   0:00  |   \_ /usr/bin/pop3d Maildir
root     14870  0.0  0.0  14160  1984 ?        S    13:01   0:00  \_ /usr/bin/couriertls -server -tcpd /usr/sbin/pop3login /usr/lib/
popuser  14875  0.0  0.0   3844   612 ?        S    13:01   0:00      \_ /usr/bin/pop3d Maildir
root      3594  0.0  0.0   3816   580 ?        S     2012   2:30 /usr/sbin/courierlogger pop3d-ssl
root      3625  0.0  0.0   8908   512 ?        Ss    2012 229:55 /usr/sbin/irqbalance
root      3654  0.0  0.0  71320  2856 ?        Ss    2012   0:00 /usr/sbin/cupsd
root      4143  0.0  0.0  32336  9020 ?        Ss    2012  20:34 /usr/sbin/munin-node
ntp       4155  0.0  0.0  19884  1332 ?        Ss    2012  11:02 /usr/sbin/ntpd -p /var/run/ntp/ntpd.pid -g -u ntp:ntp -i /var/lib/n
1000      4241  0.0  0.3 181468 146056 ?       S     2012  45:13 /usr/sbin/sw-cp-serverd -f /etc/sw-cp-server/config
root     27790  0.0  0.0 191044 10296 ?        Ss   13:02   0:00  \_ /usr/bin/sw-engine-cgi -c /usr/local/psa/admin/conf/php.ini -d
psaadm   27806  0.0  0.0 191256  3844 ?        S    13:02   0:00      \_ /usr/bin/sw-engine-cgi -c /usr/local/psa/admin/conf/php.ini
psaadm   27807  0.0  0.0 191256  3844 ?        S    13:02   0:00      \_ /usr/bin/sw-engine-cgi -c /usr/local/psa/admin/conf/php.ini
psaadm   27808  0.4  0.0 197224 25492 ?        S    13:02   0:00      \_ /usr/bin/sw-engine-cgi -c /usr/local/psa/admin/conf/php.ini
root      4270  0.0  0.0  15624   988 ?        Ss    2012   2:05 /usr/sbin/xinetd -pidfile /var/run/xinetd.init.pid
root      4327  0.0  0.0  59084  1632 ?        Sl    2012   1:14 /usr/sbin/ypbind
named     4376  0.0  0.0 214948 32808 ?        Ssl   2012   1:11 /usr/sbin/named -t /var/lib/named -u named
root      4963  0.0  0.0  11228  1516 ?        S     2012   0:00 /bin/sh /usr/bin/mysqld_safe --mysqld=mysqld --user=mysql --pid-fil
mysql     5008  0.5  0.1 516316 71260 ?        Sl    2012 3057:59  \_ /usr/sbin/mysqld --basedir=/usr --datadir=/var/lib/mysql --use
postgres  5163  0.0  0.0  97716  4440 ?        Ss    2012   3:05 /usr/bin/postmaster -D /var/lib/pgsql/data
postgres  5217  0.0  0.0  59352  1220 ?        Ss    2012   5:48  \_ postgres: logger process
postgres  5236  0.0  0.0  97716  1532 ?        Ss    2012  28:42  \_ postgres: writer process
postgres  5237  0.0  0.0  97716  1288 ?        Ss    2012  19:41  \_ postgres: wal writer process
postgres  5238  0.0  0.0  97824  1672 ?        Ss    2012   5:26  \_ postgres: autovacuum launcher process
postgres  5239  0.0  0.0  59348  1316 ?        Ss    2012   4:19  \_ postgres: stats collector process
root      5352  0.0  0.1 101796 45096 ?        Ss    2012  59:14 /usr/sbin/spamd --username=popuser --daemonize --nouser-config --he
popuser  10631  0.2  0.1 111672 54988 ?        S    11:04   0:17  \_ spamd child
popuser  11449  0.0  0.1 102480 45624 ?        S    12:30   0:00  \_ spamd child
root      5641  0.0  0.0  14608   736 ?        Ss    2012   3:33 /usr/sbin/cron
mailman   5807  0.0  0.0  90112  8340 ?        Ss    2012   0:00 /usr/bin/python /usr/lib/mailman/bin/mailmanctl --quiet --stale-loc
mailman   5826  0.0  0.0  81064 10236 ?        S     2012  52:48  \_ /usr/bin/python /usr/lib/mailman/bin/qrunner --runner=ArchRunne
mailman   5827  0.0  0.0  81164 10296 ?        S     2012  58:03  \_ /usr/bin/python /usr/lib/mailman/bin/qrunner --runner=BounceRun
mailman   5828  0.0  0.0  81116 10220 ?        S     2012  51:50  \_ /usr/bin/python /usr/lib/mailman/bin/qrunner --runner=CommandRu
mailman   5829  0.0  0.0  81788 10596 ?        S     2012  52:47  \_ /usr/bin/python /usr/lib/mailman/bin/qrunner --runner=IncomingR
mailman   5830  0.0  0.0  81136 10292 ?        S     2012  52:52  \_ /usr/bin/python /usr/lib/mailman/bin/qrunner --runner=NewsRunne
mailman   5831  0.0  0.0  84812 13404 ?        S     2012  62:11  \_ /usr/bin/python /usr/lib/mailman/bin/qrunner --runner=OutgoingR
mailman   5832  0.0  0.0  81588 10564 ?        S     2012  56:58  \_ /usr/bin/python /usr/lib/mailman/bin/qrunner --runner=VirginRun
mailman   5833  0.0  0.0  81132 10232 ?        S     2012   0:03  \_ /usr/bin/python /usr/lib/mailman/bin/qrunner --runner=RetryRunn
tomcat    5925  0.0  0.2 9705144 90860 ?       Sl    2012 232:46 /usr/lib64/jvm/java/bin/java -classpath :/usr/share/tomcat6/bin/boo
root      6264  0.0  0.0   8248   756 ?        Ss    2012   0:00 rpc.statd --no-notify
root     22155  0.0  0.0   4316   728 tty1     Ss+   2012   0:01 /sbin/mingetty --noclear tty1
root     22156  0.0  0.0   4316   708 tty2     Ss+   2012   0:00 /sbin/mingetty tty2
root     22157  0.0  0.0   4316   728 tty3     Ss+   2012   0:00 /sbin/mingetty tty3
root     22158  0.0  0.0   4316   712 tty4     Ss+   2012   0:00 /sbin/mingetty tty4
root     22159  0.0  0.0   4316   708 tty5     Ss+   2012   0:00 /sbin/mingetty tty5
root     22160  0.0  0.0   4316   712 tty6     Ss+   2012   0:00 /sbin/mingetty tty6
root     22161  0.0  0.0 155872 12716 ?        Ss    2012  12:14 /usr/bin/sw-engine -c /usr/local/psa/admin/conf/php.ini /usr/local/
root     22162  0.0  0.0  43136  6000 ?        Ssl   2012 115:29 /usr/local/psa/admin/bin/modules/watchdog/monit -Ic /usr/local/psa/
root       685  0.3  0.3 493556 139548 ?       Ssl   2012 1912:08 /usr/sbin/r1soft/bin/cdp -s -c /usr/sbin/r1soft/conf/agent_config
root     12157  0.0  0.0  89532  1548 ?        Ssl  Jan05   4:35 /usr/sbin/automount -p /var/run/automount.pid
root     14028  0.1  0.0 347004  5560 ?        Ssl  Jun21 260:07 /usr/sbin/nscd
nagios   12437  0.0  0.0  18664   884 ?        Ss   Aug19   6:03 /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
root     10077  0.0  0.0  37732  2244 ?        Ss   Oct31   6:36 /usr/lib/postfix/master
postfix  15390  0.0  0.0  39924  2636 ?        S    Nov13   0:27  \_ qmgr -l -t fifo -u
postfix  15397  0.0  0.0  41784  2424 ?        S    Nov13   0:12  \_ tlsmgr -l -t unix -u
postfix  13281  0.0  0.0  39684  2268 ?        S    Nov14   0:05  \_ anvil -l -t unix -u
postfix  20093  0.0  0.0  41448  4344 ?        S    11:13   0:02  \_ trivial-rewrite -n rewrite -t unix -u
postfix  22622  0.0  0.0  39580  2204 ?        S    11:15   0:00  \_ proxymap -t unix -u
postfix  32096  0.0  0.0  39576  2140 ?        S    11:23   0:00  \_ spawn -n 127.0.0.1:10025 -t inet user=mhandlers-user argv=/usr/
postfix   6485  0.0  0.0  39576  2144 ?        S    11:29   0:00  \_ spawn -n 127.0.0.1:10027 -t inet user=mhandlers-user argv=/usr/
postfix  31259  0.0  0.0  42680  3592 ?        S    11:51   0:00  \_ cleanup -z -t unix -u
postfix  31264  0.0  0.0  39576  2140 ?        S    11:51   0:00  \_ spawn -n 127.0.0.1:10027 -t inet user=mhandlers-user argv=/usr/
31       14799  0.0  0.0  11720  1144 ?        Ss   12:04   0:00  |   \_ /usr/lib64/plesk-9.0/postfix-queue 127.0.0.1 10026 before-r
postfix  14790  0.0  0.0  87696  6484 ?        S    12:04   0:00  \_ smtpd -n smtp -t inet -u -o stress  -o smtpd_proxy_filter 127.0
postfix  14797  0.0  0.0  39576  2144 ?        S    12:04   0:00  \_ spawn -n 127.0.0.1:10025 -t inet user=mhandlers-user argv=/usr/
31       14798  0.0  0.0  11720  1144 ?        Ss   12:04   0:00  |   \_ /usr/lib64/plesk-9.0/postfix-queue 127.0.0.1 10027 before-q
postfix  14800  0.0  0.0  84828  5392 ?        S    12:04   0:00  \_ smtpd -n 127.0.0.1:10026 -t inet -u -o smtpd_client_restriction
postfix  13740  0.0  0.0  39576  2116 ?        S    12:32   0:00  \_ spawn -n 127.0.0.1:10027 -t inet user=mhandlers-user argv=/usr/
postfix  19468  0.0  0.0  39576  2108 ?        S    12:36   0:00  \_ spawn -n 127.0.0.1:10027 -t inet user=mhandlers-user argv=/usr/
postfix  28566  0.0  0.0  42684  3592 ?        S    12:45   0:00  \_ cleanup -z -t unix -u
postfix  28904  0.0  0.0  39576  2108 ?        S    12:45   0:00  \_ spawn -n 127.0.0.1:10025 -t inet user=mhandlers-user argv=/usr/
postfix  28906  0.0  0.0  39576  2108 ?        S    12:45   0:00  \_ spawn -n 127.0.0.1:10027 -t inet user=mhandlers-user argv=/usr/
postfix  28910  0.0  0.0  42676  3592 ?        S    12:45   0:00  \_ cleanup -z -t unix -u
postfix    880  0.0  0.0  44324  3440 ?        S    12:48   0:00  \_ smtp -t unix -u
postfix   3688  0.0  0.0  39588  2232 ?        S    12:51   0:00  \_ pipe -n plesk_virtual -t unix flags=DORhu user=popuser popuser
postfix  10147  0.0  0.0  42684  3556 ?        S    12:57   0:00  \_ cleanup -z -t unix -u
postfix  11048  0.0  0.0  39588  2236 ?        S    12:58   0:00  \_ pipe -n plesk_virtual -t unix flags=DORhu user=popuser popuser
postfix  11058  0.0  0.0  39580  2192 ?        S    12:58   0:00  \_ pickup -l -t fifo -u -o content_filter smtp:127.0.0.1:10027
postfix  11059  0.0  0.0  42680  3516 ?        S    12:58   0:00  \_ cleanup -z -t unix -u
postfix  11086  0.0  0.0  42688  3596 ?        S    12:58   0:00  \_ cleanup -z -t unix -u
postfix  11132  0.0  0.0  39576  2112 ?        S    12:58   0:00  \_ spawn -n 127.0.0.1:10027 -t inet user=mhandlers-user argv=/usr/
postfix  11384  0.0  0.0  39576  2108 ?        S    12:58   0:00  \_ spawn -n 127.0.0.1:10025 -t inet user=mhandlers-user argv=/usr/
postfix  12836  0.0  0.0  44332  3352 ?        S    12:59   0:00  \_ smtp -t unix -u
postfix  14099  0.0  0.0  43980  2920 ?        S    13:00   0:00  \_ smtp -t unix -u
postfix  14102  0.0  0.0  43980  2924 ?        S    13:00   0:00  \_ smtp -t unix -u
postfix  14104  0.0  0.0  39576  2108 ?        S    13:00   0:00  \_ spawn -n 127.0.0.1:10027 -t inet user=mhandlers-user argv=/usr/
postfix  27743  0.0  0.0  87540  6448 ?        S    13:02   0:00  \_ smtpd -n smtp -t inet -u -o stress  -o smtpd_proxy_filter 127.0
postfix  28561  0.0  0.0  91708  6104 ?        S    13:03   0:00  \_ smtpd -n smtp -t inet -u -o stress  -o smtpd_proxy_filter 127.0
postfix  28725  0.1  0.0  84828  5408 ?        S    13:03   0:00  \_ smtpd -n 127.0.0.1:10026 -t inet -u -o smtpd_client_restriction
postfix  29115  3.0  0.0  87540  6280 ?        S    13:03   0:00  \_ smtpd -n smtp -t inet -u -o stress  -o smtpd_proxy_filter 127.0
root      2533  0.0  0.0  51728  1208 ?        Ss   Oct31   0:05 /usr/sbin/sshd -o PidFile=/var/run/sshd.init.pid
root     22153  0.0  0.0  94040  3608 ?        Ss   Nov14   0:00  \_ sshd: esse [priv]
esse     22173  0.0  0.0  94168  1980 ?        S    Nov14   0:00      \_ sshd: esse@pts/1
esse     22175  0.0  0.0  13876  2856 pts/1    Ss   Nov14   0:00          \_ -bash
root     22875  0.0  0.0  67880  2592 pts/1    S    Nov14   0:00              \_ su
root     23235  0.0  0.0  13744  2904 pts/1    S+   Nov14   0:00                  \_ bash
root     18318  0.0  0.0  68136  6992 ?        SNl  Nov13   1:52 /usr/sbin/snmpd -r -A -LF d /var/log/net-snmpd.log -p /var/run/snmp
root     31025  0.0  0.2 471512 100392 ?       Ss   Nov14   0:28 /usr/sbin/httpd2-prefork -f /etc/apache2/httpd.conf -DSSL
wwwrun   25882  0.0  0.2 469912 88944 ?        S    Nov14   0:00  \_ /usr/sbin/httpd2-prefork -f /etc/apache2/httpd.conf -DSSL
10047    29368  0.0  0.0 182488 31736 ?        S    Nov14   0:04  |   \_ /usr/bin/php-cgi5
10270     6806  1.1  0.0 182280 30076 ?        S    11:29   1:06  |   \_ /usr/bin/php-cgi5
10270    27663  4.7  0.0 170236 19244 ?        S    13:02   0:03  |   \_ /usr/bin/php-cgi5
10270    27664  2.8  0.0 170232 19244 ?        S    13:02   0:01  |   \_ /usr/bin/php-cgi5
10270    29072 33.0  0.0 169700 18640 ?        S    13:03   0:00  |   \_ /usr/bin/php-cgi5
wwwrun   29272  0.0  0.3 494988 117928 ?       S    Nov14   0:01  \_ /usr/sbin/httpd2-prefork -f /etc/apache2/httpd.conf -DSSL
wwwrun    2029  0.0  0.3 495772 119124 ?       S    Nov14   0:02  \_ /usr/sbin/httpd2-prefork -f /etc/apache2/httpd.conf -DSSL
wwwrun   30801  0.0  0.3 489928 113192 ?       S    Nov14   0:02  \_ /usr/sbin/httpd2-prefork -f /etc/apache2/httpd.conf -DSSL
wwwrun    5620  0.0  0.2 475612 98300 ?        S    11:28   0:00  \_ /usr/sbin/httpd2-prefork -f /etc/apache2/httpd.conf -DSSL
wwwrun   14257  1.7  0.3 513608 137028 ?       S    13:00   0:03  \_ /usr/sbin/httpd2-prefork -f /etc/apache2/httpd.conf -DSSL
wwwrun   14415  0.0  0.2 471784 91928 ?        S    13:00   0:00  \_ /usr/sbin/httpd2-prefork -f /etc/apache2/httpd.conf -DSSL
wwwrun   14731  0.1  0.2 484040 106876 ?       S    13:01   0:00  \_ /usr/sbin/httpd2-prefork -f /etc/apache2/httpd.conf -DSSL
wwwrun   15296  0.0  0.2 472900 94828 ?        S    13:01   0:00  \_ /usr/sbin/httpd2-prefork -f /etc/apache2/httpd.conf -DSSL
wwwrun   27723  0.0  0.2 471652 91688 ?        S    13:02   0:00  \_ /usr/sbin/httpd2-prefork -f /etc/apache2/httpd.conf -DSSL
wwwrun   27733  0.1  0.2 475016 95020 ?        S    13:02   0:00  \_ /usr/sbin/httpd2-prefork -f /etc/apache2/httpd.conf -DSSL
wwwrun   29141  0.0  0.0  11696  1432 ?        S    13:03   0:00  |   \_ sh -c sh new_check_server.sh 2>&1
wwwrun   29143  0.0  0.0  11700  1488 ?        S    13:03   0:00  |       \_ sh new_check_server.sh
wwwrun   29151  0.0  0.0   4844  1180 ?        R    13:03   0:00  |           \_ ps axfuw
wwwrun   27745  0.0  0.2 471648 91740 ?        S    13:02   0:00  \_ /usr/sbin/httpd2-prefork -f /etc/apache2/httpd.conf -DSSL
wwwrun   27749  0.7  0.3 496108 118680 ?       S    13:02   0:00  \_ /usr/sbin/httpd2-prefork -f /etc/apache2/httpd.conf -DSSL
wwwrun   27768  0.4  0.3 494468 111436 ?       S    13:02   0:00  \_ /usr/sbin/httpd2-prefork -f /etc/apache2/httpd.conf -DSSL
wwwrun   27769  0.0  0.2 471644 91740 ?        S    13:02   0:00  \_ /usr/sbin/httpd2-prefork -f /etc/apache2/httpd.conf -DSSL
wwwrun   28018  0.5  0.2 485260 107560 ?       S    13:02   0:00  \_ /usr/sbin/httpd2-prefork -f /etc/apache2/httpd.conf -DSSL
wwwrun   28031  0.0  0.2 471652 91740 ?        S    13:02   0:00  \_ /usr/sbin/httpd2-prefork -f /etc/apache2/httpd.conf -DSSL
wwwrun   28032  0.0  0.2 471652 91724 ?        S    13:02   0:00  \_ /usr/sbin/httpd2-prefork -f /etc/apache2/httpd.conf -DSSL
wwwrun   28033  0.0  0.2 471652 91740 ?        S    13:02   0:00  \_ /usr/sbin/httpd2-prefork -f /etc/apache2/httpd.conf -DSSL
wwwrun   28057  0.7  0.3 512824 134436 ?       R    13:02   0:00  \_ /usr/sbin/httpd2-prefork -f /etc/apache2/httpd.conf -DSSL
wwwrun   28117  0.0  0.2 471656 93332 ?        S    13:02   0:00  \_ /usr/sbin/httpd2-prefork -f /etc/apache2/httpd.conf -DSSL
wwwrun   28118  0.0  0.2 471656 93328 ?        S    13:02   0:00  \_ /usr/sbin/httpd2-prefork -f /etc/apache2/httpd.conf -DSSL
wwwrun   28119  0.0  0.2 471656 92728 ?        S    13:02   0:00  \_ /usr/sbin/httpd2-prefork -f /etc/apache2/httpd.conf -DSSL
root      4680  0.0  0.0  14160  2008 ?        S    07:18   0:00 couriertls -localfd=4 -tcpd -server
root     11588  0.0  0.0  14160  2012 ?        S    08:01   0:00 couriertls -localfd=4 -tcpd -server
root     14497  0.0  0.0  14160  1988 ?        S    08:09   0:00 couriertls -localfd=4 -tcpd -server
root     14499  0.0  0.0  14160  1988 ?        S    08:09   0:00 couriertls -localfd=4 -tcpd -server
root     14699  0.0  0.0  14160  2008 ?        S    08:11   0:00 couriertls -localfd=4 -tcpd -server
root     18720  0.0  0.0  14160  1964 ?        S    10:14   0:00 couriertls -localfd=4 -tcpd -server
root      8880  0.0  0.0  14160  1996 ?        S    12:55   0:00 couriertls -localfd=4 -tcpd -server
root     14815  0.0  0.0  14160  1988 ?        S    13:01   0:00 couriertls -localfd=4 -tcpd -server
root     15485  0.4  0.0  14160  1984 ?        S    13:01   0:00 couriertls -localfd=4 -tcpd -server

[+]mount:
/dev/cciss/c0d0p2 on / type ext3 (rw,acl,user_xattr)
proc on /proc type proc (rw)
sysfs on /sys type sysfs (rw)
debugfs on /sys/kernel/debug type debugfs (rw)
udev on /dev type tmpfs (rw)
devpts on /dev/pts type devpts (rw,mode=0620,gid=5)
/dev/cciss/c0d1p1 on /srv type ext3 (rw,acl,user_xattr)
/dev/cciss/c0d2p1 on /var type ext3 (rw,acl,user_xattr)
securityfs on /sys/kernel/security type securityfs (rw)
none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)
proc on /var/lib/ntp/proc type proc (ro)
/proc on /var/lib/named/proc type none (ro,bind)
tmpfs on /usr/local/psa/handlers/before-local type tmpfs (rw)
tmpfs on /usr/local/psa/handlers/before-queue type tmpfs (rw)
tmpfs on /usr/local/psa/handlers/before-remote type tmpfs (rw)
tmpfs on /usr/local/psa/handlers/info type tmpfs (rw)
tmpfs on /usr/local/psa/handlers/spool type tmpfs (rw,mode=0770,gid=30)
192.168.171.91:/home/esse on /home/esse type nfs (rw,addr=192.168.171.91,nfsvers=2,proto=tcp,mountproto=udp)
192.168.171.91:/home/swagner on /home/swagner type nfs (rw,addr=192.168.171.91,nfsvers=2,proto=tcp,mountproto=udp)
192.168.171.91:/home/ajutzy on /home/ajutzy type nfs (rw,addr=192.168.171.91,nfsvers=2,proto=tcp,mountproto=udp)

[+]df -h
Filesystem            Size  Used Avail Use% Mounted on
/dev/cciss/c0d0p2     133G  9.2G  117G   8% /
udev                   18G  124K   18G   1% /dev
/dev/cciss/c0d1p1     1.1T  124G  921G  12% /srv
/dev/cciss/c0d2p1     550G  150G  374G  29% /var
tmpfs                  18G     0   18G   0% /usr/local/psa/handlers/before-local
tmpfs                  18G     0   18G   0% /usr/local/psa/handlers/before-queue
tmpfs                  18G     0   18G   0% /usr/local/psa/handlers/before-remote
tmpfs                  18G   35M   18G   1% /usr/local/psa/handlers/info
tmpfs                  18G     0   18G   0% /usr/local/psa/handlers/spool
192.168.171.91:/home/esse
                      7.9G  5.7G  1.9G  76% /home/esse
192.168.171.91:/home/swagner
                      7.9G  5.7G  1.9G  76% /home/swagner
192.168.171.91:/home/ajutzy
                      7.9G  5.7G  1.9G  76% /home/ajutzy

[+]cat /etc/fstab
/dev/cciss/c0d0p1    swap                 swap       defaults              0 0
/dev/cciss/c0d0p2    /                    ext3       acl,user_xattr        1 1
/dev/cciss/c0d1p1    /srv                 ext3       acl,user_xattr        1 2
/dev/cciss/c0d2p1    /var                 ext3       acl,user_xattr        1 2
proc                 /proc                proc       defaults              0 0
sysfs                /sys                 sysfs      noauto                0 0
debugfs              /sys/kernel/debug    debugfs    noauto                0 0
usbfs                /proc/bus/usb        usbfs      noauto                0 0
devpts               /dev/pts             devpts     mode=0620,gid=5       0 0
**************************************************
*             security fails                     *
*                                                *
**************************************************
[+]mmap_min_addr:
65536
[+]Parse /etc for Writeable files
[+] check /etc/shadow PERM
-rw-r----- 1 root shadow 49K Nov 14 14:12 /etc/shadow
[+] check /etc/passwd PERM
-rw-r--r-- 1 root root 42K Nov 12 14:44 /etc/passwd
[+]FHS root (ls -lha /):
total 212K
drwxr-xr-x  22 root root 4.0K Nov 14 23:13 .
drwxr-xr-x  22 root root 4.0K Nov 14 23:13 ..
drwxr-xr-x   2 root root 4.0K Oct 12  2010 bin
drwxr-xr-x   3 root root 4.0K Oct 12  2010 boot
drwxr-xr-x  13 root root 4.1K Nov 14 23:36 dev
drwxr-xr-x 102 root root  12K Nov 15 13:01 etc
drwxr-xr-x   5 root root    0 Nov 14 16:31 home
drwxr-xr-x  11 root root 4.0K Nov 26  2012 lib
drwxr-xr-x   7 root root 4.0K Oct 12  2010 lib64
drwx------   2 root root  16K Oct  8  2010 lost+found
drwxr-xr-x   2 root root 4.0K Dec  3  2008 media
drwxr-xr-x   4 root root 4.0K Feb  9  2011 migration
drwxr-xr-x   2 root root 4.0K Dec  3  2008 mnt
drwxr-xr-x   5 root root 4.0K Nov 26  2012 opt
dr-xr-xr-x 350 root root    0 Nov 14  2012 proc
drwx------  12 root root 4.0K Nov 14 14:08 root
drwxr-xr-x   3 root root  12K Aug  4  2011 sbin
drwxr-xr-x   7 root root 4.0K Nov 14 23:00 srv
drwxr-xr-x  12 root root    0 Nov 14  2012 sys
drwxrwxrwt  17 root root 112K Nov 15 13:03 tmp
drwxr-xr-x  14 root root 4.0K Nov 26  2012 usr
drwxr-xr-x  21 root root 4.0K Nov 14 23:15 var
[+]Search core dumps...
which: no pulseaudio in (/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin)
Sudo version 1.6.9p17
which: no staprun in (/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin)
which: no pkexec in (/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin)
**************************************************
*             av, firewalls                      *
*                                                *
**************************************************
chkrootkit:
rkhunter: /usr/bin/rkhunter /etc/rkhunter.conf /usr/lib64/rkhunter /usr/share/man/man8/rkhunter.8.gz
clamav: /usr/include/clamav.h
iptables v1.4.2-rc1: can't initialize iptables table `filter': Permission denied (you must be root)
Perhaps iptables or your kernel needs to be upgraded.
**************************************************
*             Usefull                            *
*                                                *
**************************************************
[+] Python
Python 2.6
[+] Php
PHP 5.2.14 with Suhosin-Patch 0.9.7 (cli) (built: Sep 28 2010 07:46:38)
Copyright (c) 1997-2009 The PHP Group
Zend Engine v2.2.0, Copyright (c) 1998-2010 Zend Technologies
    with the ionCube PHP Loader v3.3.20, Copyright (c) 2002-2010, by ionCube Ltd.
[+] Perl

This is perl, v5.10.0 built for x86_64-linux-thread-multi

Copyright 1987-2007, Larry Wall

Perl may be copied only under the terms of either the Artistic License or the
GNU General Public License, which may be found in the Perl 5 source kit.

Complete documentation for Perl, including FAQ lists, should be found on
this system using "man perl" or "perldoc perl".  If you have access to the
Internet, point your browser at http://www.perl.org/, the Perl Home Page.

[+]gcc -v
Using built-in specs.
Target: x86_64-suse-linux
Configured with: ../configure --prefix=/usr --infodir=/usr/share/info --mandir=/usr/share/man --libdir=/usr/lib64 --libexecdir=/usr/lib64 --enable-languages=c,c++,objc,fortran,obj-c++,java,ada --enable-checking=release --with-gxx-include-dir=/usr/include/c++/4.3 --enable-ssp --disable-libssp --with-bugurl=http://bugs.opensuse.org/ --with-pkgversion='SUSE Linux' --disable-libgcj --disable-libmudflap --with-slibdir=/lib64 --with-system-zlib --enable-__cxa_atexit --enable-libstdcxx-allocator=new --disable-libstdcxx-pch --enable-version-specific-runtime-libs --program-suffix=-4.3 --enable-linux-futex --without-system-libunwind --with-cpu=generic --build=x86_64-suse-linux
Thread model: posix
gcc version 4.3.2 [gcc-4_3-branch revision 141291] (SUSE Linux)
[+]Ruby -v
ruby 1.8.7 (2008-08-11 patchlevel 72) [x86_64-linux]
**************************************************
*             users info                         *
*                                                *
**************************************************
[+] All users:

root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/bin/bash
daemon:x:2:2:Daemon:/sbin:/bin/bash
lp:x:4:7:Printing daemon:/var/spool/lpd:/bin/bash
mail:x:8:12:Mailer daemon:/var/spool/clientmqueue:/bin/false
games:x:12:100:Games account:/var/games:/bin/bash
wwwrun:x:30:8:WWW daemon apache:/var/lib/wwwrun:/bin/false
ftp:x:40:49:FTP account:/srv/ftp:/bin/bash
nobody:x:65534:65533:nobody:/var/lib/nobody:/bin/bash
messagebus:*:100:101:User for D-Bus:/var/run/dbus:/bin/false
haldaemon:*:101:102:User for haldaemon:/var/run/hald:/bin/false
sshd:*:71:65:SSH daemon:/var/lib/sshd:/bin/false
ntp:x:74:103:NTP daemon:/var/lib/ntp:/bin/false
postfix:x:51:51:Postfix Daemon:/var/spool/postfix:/bin/false
uuidd:x:102:104:User for uuidd:/var/run/uuidd:/bin/false
at:x:25:25:Batch jobs daemon:/var/spool/atjobs:/bin/bash
polkituser:x:103:105:PolicyKit:/var/run/PolicyKit:/bin/false
suse-ncc:x:104:106:Novell Customer Center User:/var/lib/YaST2/suse-ncc-fakehome:/bin/bash
sw-cp-server:x:1000:1000::/:/bin/true
mysql:x:60:107:MySQL database admin:/var/lib/mysql:/bin/false
psaadm:x:1001:1001:Plesk user:/usr/local/psa/admin:/sbin/nologin
popuser:x:110:30:POP3 service user:/var/qmail/popuser:/sbin/nologin
mhandlers-user:x:31:30:mail handlers user:/:/sbin/nologin
named:x:44:44:Name server daemon:/var/lib/named:/bin/false
psaftp:x:1002:1003:anonftp psa user:/:/sbin/nologin
postgres:x:26:26:PostgreSQL Server:/var/lib/pgsql:/bin/bash
tomcat:x:111:108:Apache Tomcat:/usr/share/tomcat6:/bin/sh
mailman:x:72:67:GNU mailing list manager:/var/lib/mailman:/bin/bash
man:x:13:62:Manual pages viewer:/var/cache/man:/bin/bash
news:x:9:13:News system:/etc/news:/bin/bash
uucp:x:10:14:Unix-to-Unix CoPy system:/etc/uucp:/bin/bash
nagios:x:112:109:User for Nagios:/var/tmp:/bin/false
+::::::

[+]Chek HOMEs for users with UID>500:

[+]check perm nobody(uid=65534;gid=65533) HOME=/var/lib/nobody:
drwxr-xr-x 2 nobody root 4.0K 2008-12-03 11:23:40.000000000 +0100 /var/lib/nobody
[+]check perm sw-cp-server(uid=1000;gid=1000) HOME=/:
drwxr-xr-x 22 root root 4.0K 2013-11-14 23:13:47.000000000 +0100 /
[+]check perm psaadm(uid=1001;gid=1001) HOME=/usr/local/psa/admin:
drwxr-xr-x 19 root root 4.0K 2013-11-13 03:14:08.000000000 +0100 /usr/local/psa/admin
[+]check perm psaftp(uid=1002;gid=1003) HOME=/:
drwxr-xr-x 22 root root 4.0K 2013-11-14 23:13:47.000000000 +0100 /
**************************************************
*             library info                       *
*                                                *
**************************************************
[+]LIBC:
2009-09-08 /lib/libc-2.9.so
[+]ALL from /lib /lib64 (sort -u):

-r-xr-xr-x  1 root root  11K 2010-08-12 15:51:46.000000000 +0200 libdevmapper-event-lvm2mirror.so.2.02
-r-xr-xr-x  1 root root  11K 2010-08-12 15:51:46.000000000 +0200 libdevmapper-event-lvm2snapshot.so.2.02
-r-xr-xr-x  1 root root  19K 2008-12-09 20:13:51.000000000 +0100 libdevmapper-event.so.1.02
-r-xr-xr-x  1 root root  96K 2008-12-09 20:13:51.000000000 +0100 libdevmapper.so.1.02
-r-xr-xr-x  1 root root 578K 2010-08-12 15:51:47.000000000 +0200 liblvm2cmd.so.2.02
-rw-r--r--  1 root root  19K 2009-01-14 13:57:58.000000000 +0100 libattr.so.1.1.0
-rw-r--r--  1 root root  44K 2008-12-03 11:49:04.000000000 +0100 libpci.so.3.0.1
-rwxr-xr-x  1 root root   82 2008-12-03 10:21:51.000000000 +0100 cpp
-rwxr-xr-x  1 root root  11K 2008-12-03 11:24:07.000000000 +0100 libkeyutils-1.2.so
-rwxr-xr-x  1 root root  11K 2008-12-03 15:17:37.000000000 +0100 libimmunix.so.1.0.2
-rwxr-xr-x  1 root root  11K 2009-09-08 18:51:14.000000000 +0200 libutil-2.9.so
-rwxr-xr-x  1 root root  14K 2009-09-08 20:57:59.000000000 +0200 libSegFault.so
-rwxr-xr-x  1 root root  14K 2009-09-08 20:57:59.000000000 +0200 libanl-2.9.so
-rwxr-xr-x  1 root root  14K 2009-09-08 20:58:00.000000000 +0200 libdl-2.9.so
-rwxr-xr-x  1 root root  14K 2009-09-08 20:58:00.000000000 +0200 libmemusage.so
-rwxr-xr-x  1 root root  15K 2008-12-03 12:40:54.000000000 +0100 libpam_misc.so.0.81.3
-rwxr-xr-x  1 root root  15K 2008-12-03 12:40:54.000000000 +0100 libpamc.so.0.81.0
-rwxr-xr-x  1 root root  15K 2008-12-09 20:14:10.000000000 +0100 libgpg-error.so.0.4.0
-rwxr-xr-x  1 root root  15K 2009-09-08 18:51:15.000000000 +0200 libanl-2.9.so
-rwxr-xr-x  1 root root  15K 2009-09-08 18:51:16.000000000 +0200 libdl-2.9.so
-rwxr-xr-x  1 root root  15K 2009-10-09 14:05:28.000000000 +0200 libcom_err.so.2.1
-rwxr-xr-x  1 root root  18K 2009-09-08 20:58:00.000000000 +0200 libnss_hesiod-2.9.so
-rwxr-xr-x  1 root root  19K 2008-12-03 12:08:41.000000000 +0100 libcap.so.2.11
-rwxr-xr-x  1 root root  19K 2009-09-08 18:51:14.000000000 +0200 libSegFault.so
-rwxr-xr-x  1 root root  19K 2009-09-08 18:51:17.000000000 +0200 libnss_hesiod-2.9.so
-rwxr-xr-x  1 root root  19K 2009-09-08 18:51:20.000000000 +0200 libmemusage.so
-rwxr-xr-x  1 root root  19K 2009-10-09 14:05:27.000000000 +0200 libuuid.so.1.2
-rwxr-xr-x  1 root root  22K 2009-09-08 20:58:00.000000000 +0200 libnss_dns-2.9.so
-rwxr-xr-x  1 root root  23K 2008-12-03 11:36:19.000000000 +0100 libxcrypt.so.2.0.0
-rwxr-xr-x  1 root root  23K 2009-09-08 18:51:17.000000000 +0200 libnss_dns-2.9.so
-rwxr-xr-x  1 root root  27K 2009-10-09 14:05:28.000000000 +0200 libss.so.2.0
-rwxr-xr-x  1 root root  28K 2009-10-09 14:05:28.000000000 +0200 libe2p.so.2.3
-rwxr-xr-x  1 root root  30K 2009-09-08 20:58:00.000000000 +0200 libnss_compat-2.9.so
-rwxr-xr-x  1 root root  30K 2009-09-08 20:58:00.000000000 +0200 libthread_db-1.0.so
-rwxr-xr-x  1 root root  31K 2009-09-08 18:51:14.000000000 +0200 libthread_db-1.0.so
-rwxr-xr-x  1 root root  31K 2010-01-15 15:27:35.000000000 +0100 libacl.so.1.1.0
-rwxr-xr-x  1 root root  32K 2009-09-08 18:51:18.000000000 +0200 libnss_compat-2.9.so
-rwxr-xr-x  1 root root  35K 2008-12-03 12:13:06.000000000 +0100 libhistory.so.5.2
-rwxr-xr-x  1 root root  35K 2009-09-08 20:58:00.000000000 +0200 librt-2.9.so
-rwxr-xr-x  1 root root  35K 2010-06-10 01:28:39.000000000 +0200 libpopt.so.0.0.0
-rwxr-xr-x  1 root root  36K 2009-09-08 18:51:16.000000000 +0200 librt-2.9.so
-rwxr-xr-x  1 root root  38K 2009-09-08 20:58:00.000000000 +0200 libnss_nis-2.9.so
-rwxr-xr-x  1 root root  39K 2008-12-03 11:51:04.000000000 +0100 libgssglue.so.1.0.0
-rwxr-xr-x  1 root root  39K 2008-12-03 15:17:37.000000000 +0100 libapparmor.so.1.0.2
-rwxr-xr-x  1 root root  39K 2009-04-14 12:16:31.000000000 +0200 libvolume_id.so.1.0.1
-rwxr-xr-x  1 root root  42K 2008-12-03 12:10:58.000000000 +0100 libwrap.so.0.7.6
-rwxr-xr-x  1 root root  42K 2009-09-08 20:58:00.000000000 +0200 libnss_files-2.9.so
-rwxr-xr-x  1 root root  43K 2009-09-08 18:51:15.000000000 +0200 libnss_nis-2.9.so
-rwxr-xr-x  1 root root  47K 2008-12-03 11:29:58.000000000 +0100 libsysfs.so.2.0.1
-rwxr-xr-x  1 root root  47K 2009-09-08 18:51:15.000000000 +0200 libnss_files-2.9.so
-rwxr-xr-x  1 root root  50K 2009-09-08 20:58:00.000000000 +0200 libnss_nisplus-2.9.so
-rwxr-xr-x  1 root root  51K 2008-12-03 12:40:54.000000000 +0100 libpam.so.0.81.12
-rwxr-xr-x  1 root root  51K 2008-12-09 20:15:17.000000000 +0100 libauparse.so.0.0.0
-rwxr-xr-x  1 root root  51K 2009-09-08 18:51:16.000000000 +0200 libnss_nisplus-2.9.so
-rwxr-xr-x  1 root root  51K 2009-10-09 14:05:28.000000000 +0200 libblkid.so.1.0
-rwxr-xr-x  1 root root  54K 2008-12-03 08:35:40.000000000 +0100 libgcc_s.so.1
-rwxr-xr-x  1 root root  56K 2008-12-03 12:38:42.000000000 +0100 libcryptsetup.so.0.0.0
-rwxr-xr-x  1 root root  58K 2009-09-08 20:58:00.000000000 +0200 libcrypt-2.9.so
-rwxr-xr-x  1 root root  59K 2009-09-08 18:51:16.000000000 +0200 libcrypt-2.9.so
-rwxr-xr-x  1 root root  62K 2010-09-22 01:35:08.000000000 +0200 libbz2.so.1.0.5
-rwxr-xr-x  1 root root  74K 2009-09-08 20:58:00.000000000 +0200 libresolv-2.9.so
-rwxr-xr-x  1 root root  83K 2009-09-08 18:51:15.000000000 +0200 libresolv-2.9.so
-rwxr-xr-x  1 root root  86K 2009-09-08 20:58:00.000000000 +0200 libnsl-2.9.so
-rwxr-xr-x  1 root root  87K 2008-12-03 10:52:50.000000000 +0100 libz.so.1.2.3
-rwxr-xr-x  1 root root  88K 2009-09-08 18:51:18.000000000 +0200 libnsl-2.9.so
-rwxr-xr-x  1 root root  91K 2008-12-03 12:09:39.000000000 +0100 libnet.so.0.0.0
-rwxr-xr-x  1 root root  95K 2008-12-03 08:35:40.000000000 +0100 libgcc_s.so.1
-rwxr-xr-x  1 root root 1.4M 2009-09-08 18:51:19.000000000 +0200 libc-2.9.so
-rwxr-xr-x  1 root root 1.4M 2009-09-08 20:58:00.000000000 +0200 libc-2.9.so
-rwxr-xr-x  1 root root 103K 2008-12-09 20:15:17.000000000 +0100 libaudit.so.0.0.0
-rwxr-xr-x  1 root root 112K 2008-12-03 10:57:25.000000000 +0100 libselinux.so.1
-rwxr-xr-x  1 root root 118K 2009-09-08 20:58:00.000000000 +0200 libpthread-2.9.so
-rwxr-xr-x  1 root root 123K 2009-09-08 20:57:59.000000000 +0200 ld-2.9.so
-rwxr-xr-x  1 root root 125K 2009-09-08 18:51:20.000000000 +0200 ld-2.9.so
-rwxr-xr-x  1 root root 128K 2009-09-08 18:51:17.000000000 +0200 libpthread-2.9.so
-rwxr-xr-x  1 root root 135K 2008-12-03 11:49:52.000000000 +0100 liblzo2.so.2.0.0
-rwxr-xr-x  1 root root 153K 2008-12-03 11:58:32.000000000 +0100 libtirpc.so.1.0.9
-rwxr-xr-x  1 root root 159K 2009-09-08 20:58:00.000000000 +0200 libm-2.9.so
-rwxr-xr-x  1 root root 167K 2010-01-11 02:16:40.000000000 +0100 libexpat.so.1.5.2
-rwxr-xr-x  1 root root 182K 2009-09-08 20:58:00.000000000 +0200 libcidn-2.9.so
-rwxr-xr-x  1 root root 186K 2009-10-09 14:05:28.000000000 +0200 libext2fs.so.2.4
-rwxr-xr-x  1 root root 187K 2009-09-08 18:51:14.000000000 +0200 libcidn-2.9.so
-rwxr-xr-x  1 root root 2.0M 2010-09-14 13:38:38.000000000 +0200 libnss_wins.so.2
-rwxr-xr-x  1 root root 231K 2008-12-03 10:55:21.000000000 +0100 libsepol.so.1
-rwxr-xr-x  1 root root 239K 2008-12-03 03:51:33.000000000 +0100 libncurses.so.5.6
-rwxr-xr-x  1 root root 248K 2009-04-02 18:27:14.000000000 +0200 libdbus-1.so.3.4.0
-rwxr-xr-x  1 root root 258K 2008-12-03 12:13:06.000000000 +0100 libreadline.so.5.2
-rwxr-xr-x  1 root root 267K 2008-12-03 13:12:42.000000000 +0100 libntfs-3g.so.40.0.0
-rwxr-xr-x  1 root root 288K 2008-12-03 09:23:57.000000000 +0100 libncurses.so.5.6
-rwxr-xr-x  1 root root 291K 2008-12-03 03:51:33.000000000 +0100 libncursesw.so.5.6
-rwxr-xr-x  1 root root 336K 2008-12-03 09:23:57.000000000 +0100 libncursesw.so.5.6
-rwxr-xr-x  1 root root 343K 2009-09-08 18:51:18.000000000 +0200 libm-2.9.so
-rwxr-xr-x  1 root root 413K 2008-12-09 20:29:30.000000000 +0100 libgcrypt.so.11.4.4
-rwxr-xr-x  1 root root 5.5K 2008-12-03 11:30:54.000000000 +0100 libaio.so.1.0.1
-rwxr-xr-x  1 root root 5.6K 2009-09-08 20:57:59.000000000 +0200 libBrokenLocale-2.9.so
-rwxr-xr-x  1 root root 5.6K 2009-09-08 20:58:00.000000000 +0200 libpcprofile.so
-rwxr-xr-x  1 root root 6.2K 2008-12-03 11:45:58.000000000 +0100 libnscd.so.1.0.2
-rwxr-xr-x  1 root root 6.3K 2009-09-08 18:51:20.000000000 +0200 libBrokenLocale-2.9.so
-rwxr-xr-x  1 root root 6.4K 2009-09-08 18:51:18.000000000 +0200 libpcprofile.so
-rwxr-xr-x  1 root root 9.7K 2009-09-08 20:58:00.000000000 +0200 libutil-2.9.so
/lib/:
/lib64/:
drwxr-xr-x  2 root root 4.0K 2010-10-08 15:18:51.000000000 +0200 xcrypt
drwxr-xr-x  2 root root 4.0K 2010-10-08 15:19:23.000000000 +0200 lsb
drwxr-xr-x  2 root root 4.0K 2010-10-08 15:20:14.000000000 +0200 kexec-tools
drwxr-xr-x  2 root root 4.0K 2010-10-08 15:20:29.000000000 +0200 apparmor
drwxr-xr-x  2 root root 4.0K 2010-10-12 08:47:45.000000000 +0200 multipath
drwxr-xr-x  2 root root 4.0K 2010-10-12 08:48:20.000000000 +0200 YaST
drwxr-xr-x  3 root root 4.0K 2010-10-08 15:20:42.000000000 +0200 cryptsetup
drwxr-xr-x  3 root root 4.0K 2010-10-12 08:48:34.000000000 +0200 ast
drwxr-xr-x  3 root root 4.0K 2010-10-12 08:48:40.000000000 +0200 dbus-1
drwxr-xr-x  3 root root 4.0K 2010-10-12 08:49:45.000000000 +0200 firmware
drwxr-xr-x  3 root root 4.0K 2011-03-10 11:57:07.000000000 +0100 security
drwxr-xr-x  4 root root 4.0K 2009-02-05 17:37:23.000000000 +0100 udev
drwxr-xr-x  7 root root 4.0K 2010-04-15 18:20:54.000000000 +0200 mkinitrd
drwxr-xr-x  7 root root 4.0K 2010-10-12 08:48:40.000000000 +0200 .
drwxr-xr-x  8 root root 4.0K 2011-10-10 10:23:38.000000000 +0200 modules
drwxr-xr-x 11 root root 4.0K 2012-11-26 09:44:11.000000000 +0100 .
drwxr-xr-x 22 root root 4.0K 2013-11-14 23:13:47.000000000 +0100 ..
lrwxrwxrwx  1 root root    3 2010-10-12 08:48:34.000000000 +0200 ksh -> ast
lrwxrwxrwx  1 root root    9 2010-10-12 08:45:38.000000000 +0200 ld-linux-x86-64.so.2 -> ld-2.9.so
lrwxrwxrwx  1 root root    9 2010-10-12 08:45:40.000000000 +0200 ld-linux.so.2 -> ld-2.9.so
lrwxrwxrwx  1 root root   11 2010-10-12 08:45:38.000000000 +0200 libc.so.6 -> libc-2.9.so
lrwxrwxrwx  1 root root   11 2010-10-12 08:45:39.000000000 +0200 libm.so.6 -> libm-2.9.so
lrwxrwxrwx  1 root root   11 2010-10-12 08:45:40.000000000 +0200 libc.so.6 -> libc-2.9.so
lrwxrwxrwx  1 root root   11 2010-10-12 08:45:40.000000000 +0200 libm.so.6 -> libm-2.9.so
lrwxrwxrwx  1 root root   12 2010-10-12 08:45:39.000000000 +0200 libdl.so.2 -> libdl-2.9.so
lrwxrwxrwx  1 root root   12 2010-10-12 08:45:39.000000000 +0200 librt.so.1 -> librt-2.9.so
lrwxrwxrwx  1 root root   12 2010-10-12 08:45:40.000000000 +0200 libdl.so.2 -> libdl-2.9.so
lrwxrwxrwx  1 root root   12 2010-10-12 08:45:40.000000000 +0200 librt.so.1 -> librt-2.9.so
lrwxrwxrwx  1 root root   12 2010-10-12 08:46:32.000000000 +0200 libss.so.2 -> libss.so.2.0
lrwxrwxrwx  1 root root   13 2010-10-08 15:18:57.000000000 +0200 libz.so.1 -> libz.so.1.2.3
lrwxrwxrwx  1 root root   13 2010-10-12 08:45:38.000000000 +0200 libanl.so.1 -> libanl-2.9.so
lrwxrwxrwx  1 root root   13 2010-10-12 08:45:39.000000000 +0200 libnsl.so.1 -> libnsl-2.9.so
lrwxrwxrwx  1 root root   13 2010-10-12 08:45:40.000000000 +0200 libanl.so.1 -> libanl-2.9.so
lrwxrwxrwx  1 root root   13 2010-10-12 08:45:40.000000000 +0200 libnsl.so.1 -> libnsl-2.9.so
lrwxrwxrwx  1 root root   13 2010-10-12 08:47:39.000000000 +0200 libe2p.so.2 -> libe2p.so.2.3
lrwxrwxrwx  1 root root   14 2010-10-08 15:19:06.000000000 +0200 libcap.so.2 -> libcap.so.2.11
lrwxrwxrwx  1 root root   14 2010-10-12 08:45:39.000000000 +0200 libcidn.so.1 -> libcidn-2.9.so
lrwxrwxrwx  1 root root   14 2010-10-12 08:45:39.000000000 +0200 libutil.so.1 -> libutil-2.9.so
lrwxrwxrwx  1 root root   14 2010-10-12 08:45:40.000000000 +0200 libcidn.so.1 -> libcidn-2.9.so
lrwxrwxrwx  1 root root   14 2010-10-12 08:45:40.000000000 +0200 libutil.so.1 -> libutil-2.9.so
lrwxrwxrwx  1 root root   14 2010-10-12 08:46:32.000000000 +0200 libuuid.so.1 -> libuuid.so.1.2
lrwxrwxrwx  1 root root   15 2010-10-08 15:18:58.000000000 +0200 libaio.so.1 -> libaio.so.1.0.1
lrwxrwxrwx  1 root root   15 2010-10-08 15:19:20.000000000 +0200 libnet.so.0 -> libnet.so.0.0.0
lrwxrwxrwx  1 root root   15 2010-10-08 15:20:08.000000000 +0200 libpci.so.3 -> libpci.so.3.0.1
lrwxrwxrwx  1 root root   15 2010-10-12 08:45:39.000000000 +0200 libcrypt.so.1 -> libcrypt-2.9.so
lrwxrwxrwx  1 root root   15 2010-10-12 08:45:40.000000000 +0200 libcrypt.so.1 -> libcrypt-2.9.so
lrwxrwxrwx  1 root root   15 2010-10-12 08:45:57.000000000 +0200 libbz2.so.1 -> libbz2.so.1.0.5
lrwxrwxrwx  1 root root   15 2010-10-12 08:47:34.000000000 +0200 libacl.so.1 -> libacl.so.1.1.0
lrwxrwxrwx  1 root root   15 2010-10-12 08:47:38.000000000 +0200 libblkid.so.1 -> libblkid.so.1.0
lrwxrwxrwx  1 root root   16 2010-10-08 15:18:53.000000000 +0200 liblzo2.so.2 -> liblzo2.so.2.0.0
lrwxrwxrwx  1 root root   16 2010-10-08 15:18:53.000000000 +0200 libnscd.so.1 -> libnscd.so.1.0.2
lrwxrwxrwx  1 root root   16 2010-10-08 15:18:57.000000000 +0200 libwrap.so.0 -> libwrap.so.0.7.6
lrwxrwxrwx  1 root root   16 2010-10-12 08:45:39.000000000 +0200 libresolv.so.2 -> libresolv-2.9.so
lrwxrwxrwx  1 root root   16 2010-10-12 08:45:40.000000000 +0200 libresolv.so.2 -> libresolv-2.9.so
lrwxrwxrwx  1 root root   16 2010-10-12 08:45:59.000000000 +0200 libpopt.so.0 -> libpopt.so.0.0.0
lrwxrwxrwx  1 root root   16 2010-10-12 08:46:58.000000000 +0200 libattr.so.1 -> libattr.so.1.1.0
lrwxrwxrwx  1 root root   16 2010-10-12 08:47:39.000000000 +0200 libext2fs.so.2 -> libext2fs.so.2.4
lrwxrwxrwx  1 root root   17 2010-10-08 15:18:53.000000000 +0200 libncurses.so.5 -> libncurses.so.5.6
lrwxrwxrwx  1 root root   17 2010-10-08 15:19:03.000000000 +0200 libaudit.so.0 -> libaudit.so.0.0.0
lrwxrwxrwx  1 root root   17 2010-10-08 15:19:06.000000000 +0200 libhistory.so.5 -> libhistory.so.5.2
lrwxrwxrwx  1 root root   17 2010-10-08 15:19:18.000000000 +0200 libtirpc.so.1 -> libtirpc.so.1.0.9
lrwxrwxrwx  1 root root   17 2010-10-08 15:19:22.000000000 +0200 libsysfs.so.2 -> libsysfs.so.2.0.1
lrwxrwxrwx  1 root root   17 2010-10-08 15:19:27.000000000 +0200 libpam.so.0 -> libpam.so.0.81.12
lrwxrwxrwx  1 root root   17 2010-10-08 15:19:27.000000000 +0200 libpamc.so.0 -> libpamc.so.0.81.0
lrwxrwxrwx  1 root root   17 2010-10-08 15:19:30.000000000 +0200 libncurses.so.5 -> libncurses.so.5.6
lrwxrwxrwx  1 root root   17 2010-10-12 08:45:39.000000000 +0200 libnss_dns.so.2 -> libnss_dns-2.9.so
lrwxrwxrwx  1 root root   17 2010-10-12 08:45:39.000000000 +0200 libnss_nis.so.2 -> libnss_nis-2.9.so
lrwxrwxrwx  1 root root   17 2010-10-12 08:45:39.000000000 +0200 libpthread.so.0 -> libpthread-2.9.so
lrwxrwxrwx  1 root root   17 2010-10-12 08:45:40.000000000 +0200 libnss_dns.so.2 -> libnss_dns-2.9.so
lrwxrwxrwx  1 root root   17 2010-10-12 08:45:40.000000000 +0200 libnss_nis.so.2 -> libnss_nis-2.9.so
lrwxrwxrwx  1 root root   17 2010-10-12 08:45:40.000000000 +0200 libpthread.so.0 -> libpthread-2.9.so
lrwxrwxrwx  1 root root   17 2010-10-12 08:46:31.000000000 +0200 libexpat.so.1 -> libexpat.so.1.5.2
lrwxrwxrwx  1 root root   17 2010-10-12 08:46:32.000000000 +0200 libcom_err.so.2 -> libcom_err.so.2.1
lrwxrwxrwx  1 root root   18 2010-10-08 15:18:51.000000000 +0200 libxcrypt.so.2 -> libxcrypt.so.2.0.0
lrwxrwxrwx  1 root root   18 2010-10-08 15:18:53.000000000 +0200 libncursesw.so.5 -> libncursesw.so.5.6
lrwxrwxrwx  1 root root   18 2010-10-08 15:18:58.000000000 +0200 libkeyutils.so.1 -> libkeyutils-1.2.so
lrwxrwxrwx  1 root root   18 2010-10-08 15:19:06.000000000 +0200 libreadline.so.5 -> libreadline.so.5.2
lrwxrwxrwx  1 root root   18 2010-10-08 15:19:30.000000000 +0200 libncursesw.so.5 -> libncursesw.so.5.6
lrwxrwxrwx  1 root root   18 2010-10-12 08:46:00.000000000 +0200 liblvm2cmd.so -> liblvm2cmd.so.2.02
lrwxrwxrwx  1 root root   18 2010-10-12 08:48:40.000000000 +0200 libdbus-1.so.3 -> libdbus-1.so.3.4.0
lrwxrwxrwx  1 root root   19 2010-10-08 15:18:54.000000000 +0200 libgssglue.so.1 -> libgssglue.so.1.0.0
lrwxrwxrwx  1 root root   19 2010-10-08 15:19:03.000000000 +0200 libauparse.so.0 -> libauparse.so.0.0.0
lrwxrwxrwx  1 root root   19 2010-10-08 15:19:22.000000000 +0200 libimmunix.so.1 -> libimmunix.so.1.0.2
lrwxrwxrwx  1 root root   19 2010-10-08 15:19:31.000000000 +0200 libgcrypt.so.11 -> libgcrypt.so.11.4.4
lrwxrwxrwx  1 root root   19 2010-10-12 08:45:39.000000000 +0200 libnss_files.so.2 -> libnss_files-2.9.so
lrwxrwxrwx  1 root root   19 2010-10-12 08:45:39.000000000 +0200 libthread_db.so.1 -> libthread_db-1.0.so
lrwxrwxrwx  1 root root   19 2010-10-12 08:45:40.000000000 +0200 libnss_files.so.2 -> libnss_files-2.9.so
lrwxrwxrwx  1 root root   19 2010-10-12 08:45:40.000000000 +0200 libthread_db.so.1 -> libthread_db-1.0.so
lrwxrwxrwx  1 root root   20 2010-10-08 15:19:16.000000000 +0200 libntfs-3g.so.40 -> libntfs-3g.so.40.0.0
lrwxrwxrwx  1 root root   20 2010-10-08 15:19:22.000000000 +0200 libapparmor.so.1 -> libapparmor.so.1.0.2
lrwxrwxrwx  1 root root   20 2010-10-12 08:45:39.000000000 +0200 libnss_compat.so.2 -> libnss_compat-2.9.so
lrwxrwxrwx  1 root root   20 2010-10-12 08:45:39.000000000 +0200 libnss_hesiod.so.2 -> libnss_hesiod-2.9.so
lrwxrwxrwx  1 root root   20 2010-10-12 08:45:40.000000000 +0200 libnss_compat.so.2 -> libnss_compat-2.9.so
lrwxrwxrwx  1 root root   20 2010-10-12 08:45:40.000000000 +0200 libnss_hesiod.so.2 -> libnss_hesiod-2.9.so
lrwxrwxrwx  1 root root   21 2010-10-08 15:19:20.000000000 +0200 libgpg-error.so.0 -> libgpg-error.so.0.4.0
lrwxrwxrwx  1 root root   21 2010-10-08 15:19:27.000000000 +0200 libpam_misc.so.0 -> libpam_misc.so.0.81.3
lrwxrwxrwx  1 root root   21 2010-10-08 15:20:23.000000000 +0200 libdmraid-events.so -> libdmraid-events.so.0
lrwxrwxrwx  1 root root   21 2010-10-12 08:45:39.000000000 +0200 libnss_nisplus.so.2 -> libnss_nisplus-2.9.so
lrwxrwxrwx  1 root root   21 2010-10-12 08:45:40.000000000 +0200 libnss_nisplus.so.2 -> libnss_nisplus-2.9.so
lrwxrwxrwx  1 root root   21 2010-10-12 08:46:55.000000000 +0200 libvolume_id.so.1 -> libvolume_id.so.1.0.1
lrwxrwxrwx  1 root root   22 2010-10-08 15:20:12.000000000 +0200 libcryptsetup.so.0 -> libcryptsetup.so.0.0.0
lrwxrwxrwx  1 root root   22 2010-10-12 08:45:38.000000000 +0200 libBrokenLocale.so.1 -> libBrokenLocale-2.9.so
lrwxrwxrwx  1 root root   22 2010-10-12 08:45:40.000000000 +0200 libBrokenLocale.so.1 -> libBrokenLocale-2.9.so
lrwxrwxrwx  1 root root   37 2010-10-12 08:46:00.000000000 +0200 libdevmapper-event-lvm2mirror.so -> libdevmapper-event-lvm2mirror.so.2.02
lrwxrwxrwx  1 root root   39 2010-10-12 08:46:00.000000000 +0200 libdevmapper-event-lvm2snapshot.so -> libdevmapper-event-lvm2snapshot.so.2.02
total 3.2M
total 9.5M
**************************************************
*             crontab info                       *
*                                                *
**************************************************
[+]List of CRON tabs:
468928    4 -rw-r--r--   1 root     root           79 Oct  1  2008 /etc/cron.d/suse-awstats
468289    4 -rw-r--r--   1 root     root         1706 Nov 14  2012 /etc/cron.d/mailman
468675    4 -rw-r--r--   1 root     root           58 Oct  8  2010 /etc/cron.d/novell.com-suse_register
470249    4 -rw-r--r--   1 root     root           77 Sep 12 17:30 /etc/cron.d/maldet_pub
470048    4 -rw-r--r--   1 root     root           45 Oct 21  2010 /etc/cron.d/munin-node
467858    4 -rwxr-xr-x   1 root     root          566 Jul 23  2004 /etc/cron.daily/suse.de-check-battery
467859    4 -rwxr-xr-x   1 root     root         1314 Jul 27  2005 /etc/cron.daily/suse.de-clean-tmp
469921    4 -rwxr-xr-x   1 root     root         1538 Dec  3  2008 /etc/cron.daily/suse.de-updatedb
467657    4 -rwxr--r--   1 root     root         1693 Dec  3  2008 /etc/cron.daily/suse-do_mandb
468314    4 -rwxr-xr-x   1 root     root          587 Dec  3  2008 /etc/cron.daily/logrotate
468318    4 -rwxr-xr-x   1 root     root           42 Dec  3  2008 /etc/cron.daily/suse.de-update-preload
467860    4 -rwxr-xr-x   1 root     root          371 Sep  1  2003 /etc/cron.daily/suse.de-cron-local
467856    4 -rwxr-xr-x   1 root     root         1875 Sep  1  2003 /etc/cron.daily/suse.de-backup-rc.config
470123    4 -rwxr-xr-x   1 root     root         1943 Sep 12 17:30 /etc/cron.daily/maldet
467601    4 -rwxr--r--   1 root     root          948 Dec  3  2008 /etc/cron.daily/suse-clean_catman
467857    4 -rwxr-xr-x   1 root     root         2059 Sep  8  2003 /etc/cron.daily/suse.de-backup-rpmdb
470144    4 -rwxr-x---   1 root     root         1998 Jan  5  2011 /etc/cron.daily/suse.de-rkhunter
467839    4 -rw-------   1 root     root           11 Feb 19  2010 /etc/cron.deny
467091    4 -rwxr-xr-x   1 root     root           71 Dec  3  2008 /etc/cron.hourly/mcelog
470146    4 -rw-r--r--   1 root     root          660 Feb 16  2011 /etc/crontab

[+]List of USER CRON tabs:
find: `/var/spool/cron': Permission denied
=====================================
== READ cronfile: /etc/cron.d/suse-awstats
#update reports every 6 hour
0    */6 * * *     root  /usr/sbin/awstats-update
== end of /etc/cron.d/suse-awstats
=====================================
=====================================
== READ cronfile: /etc/cron.d/mailman
#
# if you want to make changes to this file, please modify
# /usr/lib/mailman/cron/crontab and restart mailman
#
# At 8AM every day, mail reminders to admins as to pending requests.
# They are less likely to ignore these reminders if they're mailed
# early in the morning, but of course, this is local time... ;)
0 8 * * * mailman /usr/bin/python -S /usr/lib/mailman/cron/checkdbs
#
# At 9AM, send notifications to disabled members that are due to be
# reminded to re-enable their accounts.
0 9 * * * mailman /usr/bin/python -S /usr/lib/mailman/cron/disabled
#
# Noon, mail digests for lists that do periodic as well as threshhold delivery.
0 12 * * * mailman /usr/bin/python -S /usr/lib/mailman/cron/senddigests
#
# 5 AM on the first of each month, mail out password reminders.
0 5 1 * * mailman /usr/bin/python -S /usr/lib/mailman/cron/mailpasswds
#
# Every 5 mins, try to gate news to mail.  You can comment this one out
# if you don't want to allow gating, or don't have any going on right now,
# or want to exclusively use a callback strategy instead of polling.
0,5,10,15,20,25,30,35,40,45,50,55 * * * * mailman /usr/bin/python -S /usr/lib/mailman/cron/gate_news
#
# At 3:27am every night, regenerate the gzip'd archive file.  Only
# turn this on if the internal archiver is used and
# GZIP_ARCHIVE_TXT_FILES is false in mm_cfg.py
27 3 * * * mailman /usr/bin/python -S /usr/lib/mailman/cron/nightly_gzip
#
# At 4:30AM daily, cull old entries from the 'bad' and 'shunt' queues.
30 4 * * * mailman /usr/bin/python -S /usr/lib/mailman/cron/cull_bad_shunt
#
# At 3:57am every night, reprocess archives that have been edited.
57 3 * * * mailman /usr/bin/python -S /usr/lib/mailman/cron/nightly_archives
== end of /etc/cron.d/mailman
=====================================
=====================================
== READ cronfile: /etc/cron.d/novell.com-suse_register
21 13 08 * * /usr/lib/suseRegister/bin/cron_suse_register
== end of /etc/cron.d/novell.com-suse_register
=====================================
=====================================
== READ cronfile: /etc/cron.d/maldet_pub
*/10 * * * * root /usr/local/maldetect/maldet --mkpubpaths >> /dev/null 2>&1
== end of /etc/cron.d/maldet_pub
=====================================
=====================================
== READ cronfile: /etc/cron.d/munin-node
#
# cron-jobs for munin-node
#

MAILTO=root

== end of /etc/cron.d/munin-node
=====================================
=====================================
== READ cronfile: /etc/cron.daily/suse.de-check-battery
#!/bin/sh
#
#
# Copyright (c) 2002 SuSE Linux AG, Nuernberg, Germany.
#
# please send bugfixes or comments to http://www.suse.de/feedback.
#


#
# paranoia settings
#
umask 022

PATH=/sbin:/bin:/usr/sbin:/usr/bin
export PATH

#
# check CMOS Battery
#
test -r /proc/driver/rtc && \
    BATT_STATUS=$(awk '$1 == "batt_status" { print $3 }' /proc/driver/rtc)

test -r /proc/rtc && \
    BATT_STATUS=$(awk '$1 == "batt_status" { print $3 }' /proc/rtc)


test -n "$BATT_STATUS" -a "$BATT_STATUS" != "okay" && \
    echo "CMOS battery empty -- expect problems"

exit 0
== end of /etc/cron.daily/suse.de-check-battery
=====================================
=====================================
== READ cronfile: /etc/cron.daily/suse.de-clean-tmp
#!/bin/sh
#
#
# clean_tmp. This script was split off cron.daily
# Please add your local changes to cron.daily.local
# since this file will be overwritten, when updating your system.
#
# Copyright (c) 1996-2002 SuSE Linux AG, Nuernberg, Germany.
#
# please send bugfixes or comments to http://www.suse.de/feedback.
#
# Author: Burchard Steinbild, 1996
#         Florian La Roche, 1996
#

#
# paranoia settings
#
umask 022

PATH=/sbin:/bin:/usr/sbin:/usr/bin
export PATH
#
# get information from /etc/sysconfig
#
if [ -f /etc/sysconfig/cron ] ; then
    . /etc/sysconfig/cron
fi

#
# Delete apropriate files in tmp directories.
#
OMIT=""
for i in $OWNER_TO_KEEP_IN_TMP ; do
    OMIT="$OMIT  ( ! -user $i )"
done

cleanup_tmp ()
{
  MAX_DAYS=$1
  shift
  DIRS_TO_CLEAR="$@"

  if [ "$MAX_DAYS" -gt 0 ]; then
    for DIR in $DIRS_TO_CLEAR ; do
      test -x /usr/bin/safe-rm && {
      find $DIR/. $OMIT ! -type d ! -type s ! -type p \
        -atime +$MAX_DAYS -exec /usr/bin/safe-rm {} \;
      } || echo "Error: Can not find /usr/bin/safe-rm"
      find $DIR/. -depth -mindepth 1 $OMIT -type d -empty \
        -mtime +$MAX_DAYS -exec /usr/bin/safe-rmdir {} \;
    done
  fi
}

cleanup_tmp ${MAX_DAYS_IN_TMP:-0} ${TMP_DIRS_TO_CLEAR:-/tmp}
cleanup_tmp ${MAX_DAYS_IN_LONG_TMP:-0} ${LONG_TMP_DIRS_TO_CLEAR}

exit 0

== end of /etc/cron.daily/suse.de-clean-tmp
=====================================
=====================================
== READ cronfile: /etc/cron.daily/suse.de-updatedb
#!/bin/sh
#
#
# updatedb. This script was split off cron.daily.
# Please add your local changes to cron.daily.local
# since this file will be overwritten, when updating your system.
#
# Copyright (c) 2003 SuSE Linux AG, Nuernberg, Germany.
#
# Please submit bugfixes or comments via http://www.suse.de/feedback/
#
# Author: Burchard Steinbild <bs@suse.de>, 1996
#         Florian La Roche <florian@suse.de>, 1996
#
#
#


#
# paranoia settings
#
umask 022

PATH=/sbin:/bin:/usr/sbin:/usr/bin
export PATH

#
# get information from /etc/rc.config
#
if [ -f /etc/sysconfig/locate ] ; then
    . /etc/sysconfig/locate
fi

#
# update database for locate
#
if [ -n "$RUN_UPDATEDB" -a "$RUN_UPDATEDB" = "yes" -a \
     -x /usr/bin/updatedb ] ; then

    # avoid error messages from updatedb when using user nobody for find.
    cd /

    PARAMS="`test -n "$RUN_UPDATEDB_AS" && \
            fgrep localuser /usr/bin/updatedb > /dev/null && \
            echo --localuser=$RUN_UPDATEDB_AS`"

    PARAMS="$PARAMS `test -n "$UPDATEDB_PRUNEPATHS" && \
            echo --prunepaths=\'$(eval echo $UPDATEDB_PRUNEPATHS)\'`"

    PARAMS="$PARAMS `test -n "$UPDATEDB_NETUSER" && \
            echo --netuser=$UPDATEDB_NETUSER`"

    PARAMS="$PARAMS `test -n "$UPDATEDB_NETPATHS" && \
            echo --netpaths=\'$(eval echo $UPDATEDB_NETPATHS)\'`"

    PARAMS="$PARAMS `test -n "$UPDATEDB_PRUNEFS" && \
            echo --prunefs=\'$(eval echo $UPDATEDB_PRUNEFS)\'`"

    eval nice -n 19 ionice -c 3 /usr/bin/updatedb $PARAMS 2> /dev/null
fi


exit 0
== end of /etc/cron.daily/suse.de-updatedb
=====================================
=====================================
== READ cronfile: /etc/cron.daily/suse-do_mandb
#!/bin/sh
#
#
# do_mandb. This script was split off cron.daily.
# Please add your local changes to cron.daily.local
# since this file will be overwritten, when updating your system.
#
# Copyright (c) 1996-2002 SuSE GmbH Nuernberg, Germany.
# Copyright (c) 2008 SuSE LINUX Products GmbH Nuernberg, Germany.
#
# please send bugfixes or comments to feedback@suse.de.
#
# Author: Werner Fink <feedback@suse.de>, 2008
#         Burchard Steinbild <feedback@suse.de>, 1996
#         Florian La Roche <feedback@suse.de>, 1996
#

#
# paranoia settings
#
umask 022

PATH=/sbin:/bin:/usr/sbin:/usr/bin
export PATH

#
# get information from /etc/sysconfig/cron
#
if test -f /etc/sysconfig/cron ; then
    . /etc/sysconfig/cron
fi


#
# now we do the man page stuff
#
if test "$REINIT_MANDB" = yes ; then
    if type -p mandb > /dev/null 2>&1 ; then
	typeset -r manpaths=$(manpath -g)
	typeset -i errors=0
	renice   +5 -p $$ > /dev/null || true
	ionice -c 3 -p $$ > /dev/null || true
	unset MANPATH
	IFS=:
	for mp in $manpaths; do
	    test -d "${mp}" || continue
	    cp=$(MANPATH=$mp manpath -qc)
	    test -n "${cp}" || continue
	    test -d "${cp}" || continue
	    db=${cp}/index.db
	    if test -e ${db} ; then
		find $mp -follow -newer $db | read -t 1 line
		test $? -eq 0 || continue
	    fi
	    nice -n 5 ionice -c 3 mandb -qs ${mp} > /dev/null 2>&1 || let errors++
	done
	if test $errors -ne 0 ; then
	    echo There seem to be trouble with mandb.
	    echo
	    echo please run mandb and check the output...
	fi
    fi
    #
    # some applications need whatis database. If makewhatis exists, call it
    #
    if type -p makewhatis > /dev/null 2>&1 ; then
	makewhatis
    fi
fi

exit 0
== end of /etc/cron.daily/suse-do_mandb
=====================================
=====================================
== READ cronfile: /etc/cron.daily/logrotate
#!/bin/sh

# exit immediately if there is another instance running
if checkproc /usr/sbin/logrotate; then
	/bin/logger -t logrotate "ALERT another instance of logrotate is running - exiting"
	exit 1;
fi;

TMPF=`mktemp /tmp/logrotate.XXXXXXXXXX`

/usr/sbin/logrotate /etc/logrotate.conf 2>&1 | tee $TMPF
EXITVALUE=${PIPESTATUS[0]}

if [ $EXITVALUE != 0 ]; then
    # wait a sec, we might just have restarted syslog
    sleep 1
    # tell what went wrong
    /bin/logger -t logrotate "ALERT exited abnormally with [$EXITVALUE]"
    /bin/logger -t logrotate -f $TMPF
fi

rm -f $TMPF
exit 0
== end of /etc/cron.daily/logrotate
=====================================
=====================================
== READ cronfile: /etc/cron.daily/suse.de-update-preload
#!/bin/sh

/usr/bin/update_preload
exit 0
== end of /etc/cron.daily/suse.de-update-preload
=====================================
=====================================
== READ cronfile: /etc/cron.daily/suse.de-cron-local
#!/bin/sh
#
#
# Copyright (c) 2002 SuSE Linux AG, Nuernberg, Germany.
#
# please send bugfixes or comments to http://www.suse.de/feedback.
#


#
# paranoia settings
#
umask 022

PATH=/sbin:/bin:/usr/sbin:/usr/bin
export PATH

# now start the local cron.daily file, if it exists.

if [ -f /root/bin/cron.daily.local ] ; then
    . /root/bin/cron.daily.local
fi

exit 0
== end of /etc/cron.daily/suse.de-cron-local
=====================================
=====================================
== READ cronfile: /etc/cron.daily/suse.de-backup-rc.config
#!/bin/sh
#
#
# backup_rc.config.
#
# Copyright (c) 1996-2002 SuSE Linux AG, Nuernberg, Germany.
#
# please send bugfixes or comments to http://www.suse.de/feedback.
#
# paranoia settings
#
umask 022

PATH=/sbin:/bin:/usr/sbin:/usr/bin
export PATH

#
# get information from /etc/sysconfig
#
if [ -f /etc/sysconfig/backup ] ; then
    . /etc/sysconfig/backup
fi

#
# create backups archive of sysconfig files
#
if test -n "$RCCONFIG_BACKUP_DIR" -a -e /etc/sysconfig ; then
    mkdir -p $RCCONFIG_BACKUP_DIR
    OLD_MD5=""
    ETC_RCCONFIG=""
    test -f /etc/rc.config && ETC_RCCONFIG="/etc/rc.config"
    test -e $RCCONFIG_BACKUP_DIR/sysconfig_recent_md5 && \
        OLD_MD5="`cat $RCCONFIG_BACKUP_DIR/sysconfig_recent_md5`"
    NEW_MD5="`find $ETC_RCCONFIG /etc/sysconfig -type f | xargs cat | md5sum`"
    if test "$OLD_MD5" != "$NEW_MD5" ; then
        DATESTRING=`date +"%Y%m%d"`

        NEWNAME=$RCCONFIG_BACKUP_DIR/sysconfig-$DATESTRING.tar.gz
        NUMBER=2
        while [ -e $NEWNAME ] ; do
            NEWNAME=$RCCONFIG_BACKUP_DIR/sysconfig-$DATESTRING-$NUMBER.tar.gz
            NUMBER=`expr $NUMBER + 1`
        done

        if tar czfp $NEWNAME $ETC_RCCONFIG /etc/sysconfig 2>/dev/null ; then
            echo "$NEW_MD5" > $RCCONFIG_BACKUP_DIR/sysconfig_recent_md5
            test "$MAX_RCCONFIG_BACKUPS" -gt 0 2> /dev/null || MAX_RCCONFIG_BACKUPS=0
            NUMBER=1
            for BACKUPFILE in `ls -1 -t $RCCONFIG_BACKUP_DIR/sysconfig-*` ; do
                if test "$NUMBER" -gt "$MAX_RCCONFIG_BACKUPS" ; then
                    rm -f $BACKUPFILE
                fi
                NUMBER=`expr $NUMBER + 1`
            done
        else
            echo "ERROR!! can not backup sysconfig files"
	    echo "to $RCCONFIG_BACKUP_DIR."
            echo "Maybe there is not enough disk space."
            rm -f $NEWNAME
        fi
    fi
fi

exit 0
== end of /etc/cron.daily/suse.de-backup-rc.config
=====================================
=====================================
== READ cronfile: /etc/cron.daily/maldet
#!/bin/bash

# clear quarantine/session/tmp data every 14 days
/usr/sbin/tmpwatch 336 /usr/local/maldetect/tmp >> /dev/null 2>&1
/usr/sbin/tmpwatch 336 /usr/local/maldetect/sess >> /dev/null 2>&1
/usr/sbin/tmpwatch 336 /usr/local/maldetect/quarantine >> /dev/null 2>&1
/usr/sbin/tmpwatch 336 /usr/local/maldetect/pub/*/ >> /dev/null 2>&1

# check for new release version
/usr/local/maldetect/maldet -d >> /dev/null 2>&1

# check for new definition set
/usr/local/maldetect/maldet -u >> /dev/null 2>&1

# if were running inotify monitoring, send daily hit summary
if [ "$(ps -A --user root -o "comm" | grep inotifywait)" ]; then
        /usr/local/maldetect/maldet --alert-daily >> /dev/null 2>&1
else
	# scan the last 2 days of file changes
	if [ -d "/home/virtual" ] && [ -d "/usr/lib/opcenter" ]; then
		# ensim
	        /usr/local/maldetect/maldet -b -r /home/virtual/?/fst/var/www/html 2 >> /dev/null 2>&1
	        /usr/local/maldetect/maldet -b -r /home/virtual/?/fst/home/?/public_html 2 >> /dev/null 2>&1
	elif [ -d "/etc/psa" ] && [ -d "/var/lib/psa" ]; then
		# psa
		/usr/local/maldetect/maldet -b -r /var/www/vhosts/?/httpdocs 2 >> /dev/null 2>&1
		/usr/local/maldetect/maldet -b -r /var/www/vhosts/?/subdomains/?/httpdocs 2 >> /dev/null 2>&1
	elif [ -d "/usr/local/directadmin" ]; then
		# DirectAdmin
                /usr/local/maldetect/maldet -b -r /var/www/html/?/ 2 >> /dev/null 2>&1
                /usr/local/maldetect/maldet -b -r /home?/?/domains/?/public_html 2 >> /dev/null 2>&1
	else
		# cpanel, interworx and other standard home/user/public_html setups
	        /usr/local/maldetect/maldet -b -r /home?/?/public_html 2 >> /dev/null 2>&1
	fi

	# scan default apache docroot paths
	if [ -d "/var/www/html" ]; then
		/usr/local/maldetect/maldet -b -r /var/www/html 2 >> /dev/null 2>&1
	fi
	if [ -d "/usr/local/apache/htdocs" ]; then
		/usr/local/maldetect/maldet -b -r /usr/local/apache/htdocs 2 >> /dev/null 2>&1
	fi
fi
== end of /etc/cron.daily/maldet
=====================================
=====================================
== READ cronfile: /etc/cron.daily/suse-clean_catman
#!/bin/sh
#
#
# clean_catman. This script was split off cron.daily
# Please add your local changes to cron.daily.local
# since this file will be overwritten, when updating your system.
#
# Copyright (c) 1996-2002 SuSE GmbH Nuernberg, Germany.
#
# please send bugfixes or comments to feedback@suse.de.
#
# Author: Burchard Steinbild <feedback@suse.de>, 1996
#         Florian La Roche   <feedback@suse.de>, 1996
#


#
# paranoia settings
#
umask 022

PATH=/sbin:/bin:/usr/sbin:/usr/bin
export PATH

if [ -f /etc/sysconfig/cron ] ; then
    . /etc/sysconfig/cron
fi

#
# Delete too old preformatted man-pages.
#
if test "$DELETE_OLD_CATMAN" = yes ; then
    if test -z "$CATMAN_ATIME" ; then
	# Default is 7 days
	CATMAN_ATIME=7
    fi
    test -e /var/cache/man -a -x /usr/bin/safe-rm && \
	find /var/cache/man -name '*.gz' -type f -atime +$CATMAN_ATIME  -print0 | \
	xargs --no-run-if-empty --max-lines=200 --null -- /usr/bin/safe-rm
fi

exit 0
== end of /etc/cron.daily/suse-clean_catman
=====================================
=====================================
== READ cronfile: /etc/cron.daily/suse.de-backup-rpmdb
#!/bin/sh
#
#
# backup_rpmdb. This script was split off cron.daily
# Please add your local changes to cron.daily.local
# since this file will be overwritten, when updating your system.
#
# Copyright (c) 1996-2002 SuSE Linux AG, Nuernberg, Germany.
#
# please send bugfixes or comments to http://www.suse.de/feedback.
#
# Author: Burchard Steinbild, 1996
#         Florian La Roche, 1996
#
#
# paranoia settings
#
umask 022

PATH=/sbin:/bin:/usr/sbin:/usr/bin
export PATH

#
# get information from /etc/sysconfig
#
if [ -f /etc/sysconfig/backup ] ; then
    . /etc/sysconfig/backup
fi
#
#
PACKAGEDBFILE=packages.rpm
if test -e /var/lib/rpm/Packages ; then
    PACKAGEDBFILE=Packages
fi
#
# create backups of rpm data base
#
if test -n "$RPMDB_BACKUP_DIR" -a -e /var/lib/rpm/$PACKAGEDBFILE ; then
    mkdir -p $RPMDB_BACKUP_DIR
    OLD_MD5=""
    test -e $RPMDB_BACKUP_DIR/rpmdb_recent_md5 && \
        OLD_MD5="`cat $RPMDB_BACKUP_DIR/rpmdb_recent_md5`"
    NEW_MD5="`cat /var/lib/rpm/$PACKAGEDBFILE | md5sum`"
    if test "$OLD_MD5" != "$NEW_MD5" ; then
        DATESTRING=`date +"%Y%m%d"`

        NEWNAME=$RPMDB_BACKUP_DIR/$PACKAGEDBFILE-$DATESTRING
        NUMBER=2
        while [ -e $NEWNAME -o -e $NEWNAME.gz ] ; do
            NEWNAME=$RPMDB_BACKUP_DIR/$PACKAGEDBFILE-$DATESTRING-$NUMBER
            NUMBER=`expr $NUMBER + 1`
        done

        if gzip -9 < /var/lib/rpm/$PACKAGEDBFILE > $NEWNAME.gz; then
            echo "$NEW_MD5" > $RPMDB_BACKUP_DIR/rpmdb_recent_md5
            test "$MAX_RPMDB_BACKUPS" -gt 0 2> /dev/null || MAX_RPMDB_BACKUPS=0
            NUMBER=1
            for BACKUPFILE in `ls -1 -t $RPMDB_BACKUP_DIR/$PACKAGEDBFILE-*` ; do
                if test "$NUMBER" -gt "$MAX_RPMDB_BACKUPS" ; then
                    rm -f $BACKUPFILE
                fi
                NUMBER=`expr $NUMBER + 1`
            done
        else
            echo "ERROR!! can not backup RPM Database to $RPMDB_BACKUP_DIR."
            echo "Maybe there is not enough disk space."
            rm -f $NEWNAME $NEWNAME.gz
        fi
    fi
fi

exit 0
== end of /etc/cron.daily/suse.de-backup-rpmdb
=====================================
		 ===== File /etc/cron.daily/suse.de-rkhunter dont have READ perm =====
		 ===== File /etc/cron.deny dont have READ perm =====
=====================================
== READ cronfile: /etc/cron.hourly/mcelog
#!/bin/bash
/usr/sbin/mcelog --ignorenodev --filter >> /var/log/mcelog
== end of /etc/cron.hourly/mcelog
=====================================
=====================================
== READ cronfile: /etc/crontab
SHELL=/bin/sh
PATH=/usr/bin:/usr/sbin:/sbin:/bin:/usr/lib/news/bin
MAILTO=root
#
# check scripts in cron.hourly, cron.daily, cron.weekly, and cron.monthly
#
-*/15 * * * *   root  test -x /usr/lib/cron/run-crons && /usr/lib/cron/run-crons >/dev/null 2>&1
#0 2 * * * root /usr/bin/clamscan -r / 2>&1 |grep FOUND|mail -s "VIRENSCAN auf `hostname -f`" andreas.jutzy@artelis.net -c dick.essebaggers@artelis.net,joachim.hoffeld@vsenetip.de
0 23 * * * root /usr/bin/freshclam 2>&1 > /dev/null
0 4 * * * root /var/skripte/find_shells.sh 2>&1 |mail -s "SHELLSCAN auf `hostname -f`" andreas.jutzy@artelis.net -c dick.essebaggers@artelis.net,joachim.hoffeld@vsenetip.de

== end of /etc/crontab
=====================================
**************************************************
*             FIND suid files                    *
*                                                *
**************************************************
-rwsr-x--- 1 root polkituser 11K Feb  3  2009 /usr/lib/PolicyKit/polkit-grant-helper-pam
-rwsr-xr-x 1 polkituser root 23K Feb  3  2009 /usr/lib/PolicyKit/polkit-set-default-helper
-rws--x--- 1 root sw-cp-server 391K Jul  5  2010 /usr/lib64/sw-cp-server/sw-suexec
-r-sr-xr-x 1 root root 275K Jan 20  2011 /usr/lib64/plesk-9.0/autoresponder
-rwsr-xr-x 1 root root 28K Sep  8  2009 /usr/lib64/pt_chown
-rwsr-xr-x 1 root shadow 85K Dec  3  2008 /usr/bin/chage
-rwsr-xr-x 1 root root 19K Dec  3  2008 /usr/bin/newgrp
-rwsr-xr-x 1 root shadow 84K Dec  3  2008 /usr/bin/gpasswd
-rwsr-xr-x 1 root shadow 80K Dec  3  2008 /usr/bin/passwd
-rwsr-xr-x 1 root shadow 76K Dec  3  2008 /usr/bin/chsh
-rwsr-xr-x 1 root shadow 81K Dec  3  2008 /usr/bin/chfn
-rwsr-xr-x 1 root root 162K Mar  1  2010 /usr/bin/sudo
-rwsr-xr-x 1 root shadow 19K Dec  3  2008 /usr/bin/expiry
-rwsr-xr-x 1 root trusted 40K Feb 19  2010 /usr/bin/crontab
-rwsr-xr-x 1 root trusted 52K Dec  3  2008 /usr/bin/at
-rwsr-x--- 1 root popuser 60K Jan 20  2011 /usr/local/psa/handlers/hooks/grey
---s--x--- 1 root psaadm 24K Jan 20  2011 /usr/local/psa/admin/sbin/wrapper
---s--x--- 1 root psaadm 20K Jan 20  2011 /usr/local/psa/admin/sbin/mod_wrapper
-r-s--x--- 1 root www 24K Jan 20  2011 /usr/local/psa/suexec/psa-suexec2
-rwsr-x--- 1 root psacln 20K Jan 20  2011 /usr/local/psa/bin/chrootsh
-r-s--x--- 1 root www 24K Jan 20  2011 /usr/sbin/suexec2
-rwsr-xr-x 1 root root 11K Apr 12  2010 /usr/sbin/zypp-refresh-wrapper
-r-s--x--- 1 root www 24K Oct 29  2010 /usr/sbin/suexec2.saved_by_psa
-rwsr-x--- 1 root messagebus 47K Apr  2  2009 /lib64/dbus-1/dbus-daemon-launch-helper
-rwsr-xr-x 1 root root 36K Dec  3  2008 /bin/su
-rwsr-xr-x 1 root audio 24K Dec  3  2008 /bin/eject
-rwsr-xr-x 1 root root 81K May 28  2010 /bin/mount
-rwsr-xr-x 1 root root 64K May 28  2010 /bin/umount
-rwsr-xr-x 1 root root 40K Dec  3  2008 /bin/ping
-rwsr-xr-x 1 root root 35K Dec  3  2008 /bin/ping6
-rwsr-xr-x 1 root shadow 31K Dec  3  2008 /sbin/unix_chkpwd
-rwsr-xr-x 1 root root 89K Dec  2  2009 /sbin/mount.nfs
-rwsr-xr-x 1 root shadow 11K Dec  3  2008 /sbin/unix2_chkpwd
3acuson вне форума   Ответить с цитированием
Старый 15.11.2013, 18:38   #1008
Pashkela
 
Аватар для Pashkela
 
Регистрация: 05.07.2010
Сообщений: 1,243
По умолчанию

Цитата:
glibc не пробили
там две версии сплойта, обе не пробили?

Должен сработать на

2009-09-08 20:58:00.000000000 +0200 libmemusage.so
Pashkela вне форума   Ответить с цитированием
Старый 15.11.2013, 19:27   #1009
3acuson
 
Регистрация: 20.10.2010
Сообщений: 47
Репутация: 0
По умолчанию

Увы но нет
Код:
sh-3.2$ sh test.sh
System does not appear to be vulnerable
3acuson вне форума   Ответить с цитированием
Старый 15.11.2013, 19:39   #1010
Pashkela
 
Аватар для Pashkela
 
Регистрация: 05.07.2010
Сообщений: 1,243
По умолчанию

кислотных сучек попробуй:

http://www.exploit-db.com/exploits/15024/

или модифицируй

http://www.exploit-db.com/exploits/15704/

и внимательней читай карту раздела:

Цитата:
robert_you_suck
из карты:

Цитата:
CVE-2010-3301 - Linux Kernel x86_64 ia32syscall Emulation Privilege Escalation (robert_you_suck) kernel >=2.6.29
а у тебя:

Цитата:
[+]uanme -a:
Linux hosting3 2.6.27.48-0.3-default #1 SMP 2010-09-20 11:03:26 -0400 x86_64 x86_64 x86_64 GNU/Linux
Pashkela вне форума   Ответить с цитированием
Ответ

Опции темы Поиск в этой теме
Поиск в этой теме:

Расширенный поиск
Опции просмотра

Ваши права в разделе
Вы не можете создавать новые темы
Вы не можете отвечать в темах
Вы не можете прикреплять вложения
Вы не можете редактировать свои сообщения

BB коды Вкл.
Смайлы Вкл.
[IMG] код Вкл.
HTML код Выкл.

Быстрый переход



Powered by vBulletin® Version 3.8.5
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd. Перевод: zCarot