Hi.
I am using directadmin on Centos64bit.
When i am using Filezilla FTP client for upload/download to my users public_html ,LFD send me this email:
What is this problem? How i can solve it?
I am using directadmin on Centos64bit.
When i am using Filezilla FTP client for upload/download to my users public_html ,LFD send me this email:
lfd on server11.***.org: Suspicious process running under user *****
Time: Mon Nov 28 09:02:32 2011 -0500
PID: 21185
Account: *******
Uptime: 67 seconds
Executable:
/usr/sbin/pure-ftpd
Command Line (often faked in exploits):
pure-ftpd (IDLE)
Network connections by the process (if any):
tcp: 0.0.0.0:21 -> 0.0.0.0:0
tcp6: 0.0.0.0:21 -> 0.0.0.0:0
tcp: *.*.*.*:21 -> *.*.*.*:64297
tcp: *.*.*.*:35008 -> 0.0.0.0:0
Files open by the process (if any):
/dev/null
/dev/null
/dev/null
/var/run/pure-ftpd/client-00021185
/var/log/pureftpd.log
Memory maps by the process (if any):
00400000-0041c000 r-xp 00000000 03:05 36162122 /usr/sbin/pure-ftpd
0061c000-0061e000 rw-p 0001c000 03:05 36162122 /usr/sbin/pure-ftpd
0061e000-00636000 rw-p 0061e000 00:00 0
02caf000-02cee000 rw-p 02caf000 00:00 0 [heap]
3b15e00000-3b15e1c000 r-xp 00000000 03:05 34177049 /lib64/ld-2.5.so
3b1601c000-3b1601d000 r--p 0001c000 03:05 34177049 /lib64/ld-2.5.so
3b1601d000-3b1601e000 rw-p 0001d000 03:05 34177049 /lib64/ld-2.5.so
3b16200000-3b1634e000 r-xp 00000000 03:05 34177344 /lib64/libc-2.5.so
3b1634e000-3b1654e000 ---p 0014e000 03:05 34177344 /lib64/libc-2.5.so
3b1654e000-3b16552000 r--p 0014e000 03:05 34177344 /lib64/libc-2.5.so
3b16552000-3b16553000 rw-p 00152000 03:05 34177344 /lib64/libc-2.5.so
3b16553000-3b16558000 rw-p 3b16553000 00:00 0
3b16600000-3b16602000 r-xp 00000000 03:05 34177350 /lib64/libdl-2.5.so
3b16602000-3b16802000 ---p 00002000 03:05 34177350 /lib64/libdl-2.5.so
3b16802000-3b16803000 r--p 00002000 03:05 34177350 /lib64/libdl-2.5.so
3b16803000-3b16804000 rw-p 00003000 03:05 34177350 /lib64/libdl-2.5.so
3b17200000-3b17215000 r-xp 00000000 03:05 34177354 /lib64/libselinux.so.1
3b17215000-3b17415000 ---p 00015000 03:05 34177354 /lib64/libselinux.so.1
3b17415000-3b17417000 rw-p 00015000 03:05 34177354 /lib64/libselinux.so.1
3b17417000-3b17418000 rw-p 3b17417000 00:00 0
3b17600000-3b1763b000 r-xp 00000000 03:05 34177353 /lib64/libsepol.so.1
3b1763b000-3b1783b000 ---p 0003b000 03:05 34177353 /lib64/libsepol.so.1
3b1783b000-3b1783c000 rw-p 0003b000 03:05 34177353 /lib64/libsepol.so.1
3b1783c000-3b17846000 rw-p 3b1783c000 00:00 0
3b17e00000-3b17e09000 r-xp 00000000 03:05 34177360 /lib64/libcrypt-2.5.so
3b17e09000-3b18008000 ---p 00009000 03:05 34177360 /lib64/libcrypt-2.5.so
3b18008000-3b18009000 r--p 00008000 03:05 34177360 /lib64/libcrypt-2.5.so
3b18009000-3b1800a000 rw-p 00009000 03:05 34177360 /lib64/libcrypt-2.5.so
3b1800a000-3b18038000 rw-p 3b1800a000 00:00 0
3b19200000-3b1922c000 r-xp 00000000 03:05 36145106 /usr/lib64/libgssapi_krb5.so.2.2
3b1922c000-3b1942c000 ---p 0002c000 03:05 36145106 /usr/lib64/libgssapi_krb5.so.2.2
3b1942c000-3b1942e000 rw-p 0002c000 03:05 36145106 /usr/lib64/libgssapi_krb5.so.2.2
3b1a600000-3b1a602000 r-xp 00000000 03:05 34177351 /lib64/libkeyutils-1.2.so
3b1a602000-3b1a801000 ---p 00002000 03:05 34177351 /lib64/libkeyutils-1.2.so
3b1a801000-3b1a802000 rw-p 00001000 03:05 34177351 /lib64/libkeyutils-1.2.so
3b1aa00000-3b1aa11000 r-xp 00000000 03:05 34177352 /lib64/libresolv-2.5.so
3b1aa11000-3b1ac11000 ---p 00011000 03:05 34177352 /lib64/libresolv-2.5.so
3b1ac11000-3b1ac12000 r--p 00011000 03:05 34177352 /lib64/libresolv-2.5.so
3b1ac12000-3b1ac13000 rw-p 00012000 03:05 34177352 /lib64/libresolv-2.5.so
3b1ac13000-3b1ac15000 rw-p 3b1ac13000 00:00 0
3b1b200000-3b1b202000 r-xp 00000000 03:05 34177355 /lib64/libcom_err.so.2.1
3b1b202000-3b1b401000 ---p 00002000 03:05 34177355 /lib64/libcom_err.so.2.1
3b1b401000-3b1b402000 rw-p 00001000 03:05 34177355 /lib64/libcom_err.so.2.1
3b1b600000-3b1b692000 r-xp 00000000 03:05 36145105 /usr/lib64/libkrb5.so.3.3
3b1b692000-3b1b891000 ---p 00092000 03:05 36145105 /usr/lib64/libkrb5.so.3.3
3b1b891000-3b1b895000 rw-p 00091000 03:05 36145105 /usr/lib64/libkrb5.so.3.3
3b1be00000-3b1be24000 r-xp 00000000 03:05 36145104 /usr/lib64/libk5crypto.so.3.1
3b1be24000-3b1c023000 ---p 00024000 03:05 36145104 /usr/lib64/libk5crypto.so.3.1
3b1c023000-3b1c025000 rw-p 00023000 03:05 36145104 /usr/lib64/libk5crypto.so.3.1
3b1c600000-3b1c608000 r-xp 00000000 03:05 36145103 /usr/lib64/libkrb5support.so.0.1
3b1c608000-3b1c807000 ---p 00008000 03:05 36145103 /usr/lib64/libkrb5support.so.0.1
3b1c807000-3b1c808000 rw-p 00007000 03:05 36145103 /usr/lib64/libkrb5support.so.0.1
2b73012bc000-2b73012be000 rw-p 2b73012bc000 00:00 0
2b73012be000-2b73012bf000 r--p 00000000 03:05 36148932 /usr/share/locale/en_GB/LC_MESSAGES/libc.mo
2b73012bf000-2b73012c6000 r--s 00000000 03:05 36241665 /usr/lib64/gconv/gconv-modules.cache
2b73012c6000-2b73012c7000 rw-s 00000000 03:05 3181402 /var/run/pure-ftpd/client-00021185
2b73012ca000-2b7301310000 r-xp 00000000 03:05 34177223 /lib64/libssl.so.0.9.8e
2b7301310000-2b7301510000 ---p 00046000 03:05 34177223 /lib64/libssl.so.0.9.8e
2b7301510000-2b7301516000 rw-p 00046000 03:05 34177223 /lib64/libssl.so.0.9.8e
2b7301516000-2b7301643000 r-xp 00000000 03:05 34177221 /lib64/libcrypto.so.0.9.8e
2b7301643000-2b7301842000 ---p 0012d000 03:05 34177221 /lib64/libcrypto.so.0.9.8e
2b7301842000-2b7301863000 rw-p 0012c000 03:05 34177221 /lib64/libcrypto.so.0.9.8e
2b7301863000-2b730186a000 rw-p 2b7301863000 00:00 0
2b730186a000-2b7301880000 r-xp 00000000 03:05 36160437 /usr/local/lib/libz.so.1.2.3
2b7301880000-2b7301a7f000 ---p 00016000 03:05 36160437 /usr/local/lib/libz.so.1.2.3
2b7301a7f000-2b7301a80000 rw-p 00015000 03:05 36160437 /usr/local/lib/libz.so.1.2.3
2b7301a80000-2b7301a84000 rw-p 2b7301a80000 00:00 0
2b7301a84000-2b730505c000 r--p 00000000 03:05 36162142 /usr/lib/locale/locale-archive
2b7305068000-2b7305072000 r-xp 00000000 03:05 34177050 /lib64/libnss_files-2.5.so
2b7305072000-2b7305271000 ---p 0000a000 03:05 34177050 /lib64/libnss_files-2.5.so
2b7305271000-2b7305272000 r--p 00009000 03:05 34177050 /lib64/libnss_files-2.5.so
2b7305272000-2b7305273000 rw-p 0000a000 03:05 34177050 /lib64/libnss_files-2.5.so
7fff780c2000-7fff780d7000 rw-p 7ffffffe9000 00:00 0 [stack]
7fff781bc000-7fff781bf000 r-xp 7fff781bc000 00:00 0 [vdso]
ffffffffff600000-ffffffffffe00000 ---p 00000000 00:00 0 [vsyscall]
What is this problem? How i can solve it?
