Merhaba arkadaşlar,
sunucumdan anlık 800 mbit kadar saldırı yapılmaktadır.
Bu konuda yardımcı olabilecek kimse var mı acaba ?
teşekkürler.
ps -x çıktısı :
root@ns1 [~]# ps -x
Warning: bad syntax, perhaps a bogus '-'? See /usr/share/doc/procps-3.2.8/FAQ
PID TTY STAT TIME COMMAND
1 ? Ss 0:01 /sbin/init
2 ? S 0:00 [kthreadd]
3 ? S 0:00 [migration/0]
4 ? S 0:06 [ksoftirqd/0]
5 ? S 0:00 [stopper/0]
6 ? S 0:00 [watchdog/0]
7 ? S 0:00 [migration/1]
8 ? S 0:00 [stopper/1]
9 ? S 0:05 [ksoftirqd/1]
10 ? S 0:00 [watchdog/1]
11 ? S 0:00 [migration/2]
12 ? S 0:00 [stopper/2]
13 ? S 0:06 [ksoftirqd/2]
14 ? S 0:00 [watchdog/2]
15 ? S 0:00 [migration/3]
16 ? S 0:00 [stopper/3]
17 ? S 0:06 [ksoftirqd/3]
18 ? S 0:00 [watchdog/3]
19 ? S 0:00 [migration/4]
20 ? S 0:00 [stopper/4]
21 ? S 0:07 [ksoftirqd/4]
22 ? S 0:00 [watchdog/4]
23 ? S 0:00 [migration/5]
24 ? S 0:00 [stopper/5]
25 ? S 0:06 [ksoftirqd/5]
26 ? S 0:00 [watchdog/5]
27 ? S 0:00 [migration/6]
28 ? S 0:00 [stopper/6]
29 ? S 0:06 [ksoftirqd/6]
30 ? S 0:00 [watchdog/6]
31 ? S 0:00 [migration/7]
32 ? S 0:00 [stopper/7]
33 ? S 0:05 [ksoftirqd/7]
34 ? S 0:00 [watchdog/7]
35 ? S 0:00 [events/0]
36 ? S 0:00 [events/1]
37 ? S 0:00 [events/2]
38 ? S 0:00 [events/3]
39 ? S 0:00 [events/4]
40 ? S 0:00 [events/5]
41 ? S 0:00 [events/6]
42 ? S 0:00 [events/7]
43 ? S 0:00 [events/0]
44 ? S 0:00 [events/1]
45 ? S 0:00 [events/2]
46 ? S 0:00 [events/3]
47 ? S 0:00 [events/4]
48 ? S 0:00 [events/5]
49 ? S 0:00 [events/6]
50 ? S 0:00 [events/7]
51 ? S 0:00 [events_long/0]
52 ? S 0:00 [events_long/1]
53 ? S 0:00 [events_long/2]
54 ? S 0:00 [events_long/3]
55 ? S 0:00 [events_long/4]
56 ? S 0:00 [events_long/5]
57 ? S 0:00 [events_long/6]
58 ? S 0:00 [events_long/7]
59 ? S 0:00 [events_power_ef]
60 ? S 0:00 [events_power_ef]
61 ? S 0:00 [events_power_ef]
62 ? S 0:00 [events_power_ef]
63 ? S 0:00 [events_power_ef]
64 ? S 0:00 [events_power_ef]
65 ? S 0:00 [events_power_ef]
66 ? S 0:00 [events_power_ef]
67 ? S 0:00 [cgroup]
68 ? S 0:00 [khelper]
69 ? S 0:00 [netns]
70 ? S 0:00 [async/mgr]
71 ? S 0:00 [pm]
72 ? S 0:00 [sync_supers]
73 ? S 0:00 [bdi-default]
74 ? S 0:00 [kintegrityd/0]
75 ? S 0:00 [kintegrityd/1]
76 ? S 0:00 [kintegrityd/2]
77 ? S 0:00 [kintegrityd/3]
78 ? S 0:00 [kintegrityd/4]
79 ? S 0:00 [kintegrityd/5]
80 ? S 0:00 [kintegrityd/6]
81 ? S 0:00 [kintegrityd/7]
82 ? S 0:00 [kblockd/0]
83 ? S 0:00 [kblockd/1]
84 ? S 0:00 [kblockd/2]
85 ? S 0:00 [kblockd/3]
86 ? S 0:00 [kblockd/4]
87 ? S 0:00 [kblockd/5]
88 ? S 0:00 [kblockd/6]
89 ? S 0:00 [kblockd/7]
90 ? S 0:00 [kacpid]
91 ? S 0:00 [kacpi_notify]
92 ? S 0:00 [kacpi_hotplug]
93 ? S 0:00 [ata_aux]
94 ? S 0:00 [ata_sff/0]
95 ? S 0:00 [ata_sff/1]
96 ? S 0:00 [ata_sff/2]
97 ? S 0:00 [ata_sff/3]
98 ? S 0:00 [ata_sff/4]
99 ? S 0:00 [ata_sff/5]
100 ? S 0:00 [ata_sff/6]
101 ? S 0:00 [ata_sff/7]
102 ? S 0:00 [ksuspend_usbd]
103 ? S 0:00 [khubd]
104 ? S 0:00 [kseriod]
105 ? S 0:00 [md/0]
106 ? S 0:00 [md/1]
107 ? S 0:00 [md/2]
108 ? S 0:00 [md/3]
109 ? S 0:00 [md/4]
110 ? S 0:00 [md/5]
111 ? S 0:00 [md/6]
112 ? S 0:00 [md/7]
113 ? S 0:00 [md_misc/0]
114 ? S 0:00 [md_misc/1]
115 ? S 0:00 [md_misc/2]
116 ? S 0:00 [md_misc/3]
117 ? S 0:00 [md_misc/4]
118 ? S 0:00 [md_misc/5]
119 ? S 0:00 [md_misc/6]
120 ? S 0:00 [md_misc/7]
121 ? S 0:00 [linkwatch]
122 ? S 0:00 [khungtaskd]
123 ? S 0:00 [kswapd0]
124 ? SN 0:00 [ksmd]
125 ? SN 0:00 [khugepaged]
126 ? S 0:00 [aio/0]
127 ? S 0:00 [aio/1]
128 ? S 0:00 [aio/2]
129 ? S 0:00 [aio/3]
130 ? S 0:00 [aio/4]
131 ? S 0:00 [aio/5]
132 ? S 0:00 [aio/6]
133 ? S 0:00 [aio/7]
134 ? S 0:00 [crypto/0]
135 ? S 0:00 [crypto/1]
136 ? S 0:00 [crypto/2]
137 ? S 0:00 [crypto/3]
138 ? S 0:00 [crypto/4]
139 ? S 0:00 [crypto/5]
140 ? S 0:00 [crypto/6]
141 ? S 0:00 [crypto/7]
148 ? S 0:00 [kthrotld/0]
149 ? S 0:00 [kthrotld/1]
150 ? S 0:00 [kthrotld/2]
151 ? S 0:00 [kthrotld/3]
152 ? S 0:00 [kthrotld/4]
153 ? S 0:00 [kthrotld/5]
154 ? S 0:00 [kthrotld/6]
155 ? S 0:00 [kthrotld/7]
157 ? S 0:00 [kpsmoused]
158 ? S 0:00 [usbhid_resumer]
159 ? S 0:00 [deferwq]
192 ? S 0:00 [kdmremove]
193 ? S 0:00 [kstriped]
328 ? S 0:00 [mpt_poll_0]
329 ? S 0:00 [mpt/0]
335 ? S 0:00 [scsi_eh_0]
378 ? S 0:00 [scsi_eh_1]
379 ? S 0:00 [usb-storage]
381 ? S 0:00 [scsi_eh_2]
382 ? S 0:00 [usb-storage]
431 ? S 0:00 [kdmflush]
433 ? S 0:00 [kdmflush]
457 ? S 0:00 [jbd2/dm-0-8]
458 ? S 0:00 [ext4-dio-unwrit]
578 ? S<s 0:00 /sbin/udevd -d
966 ? SN 0:00 [kipmi0]
1045 ? S 0:00 [jbd2/sda1-8]
1046 ? S 0:00 [ext4-dio-unwrit]
1048 ? S 0:00 [flush-253:0]
1211 ? S 0:00 [kauditd]
1516 ? S<sl 0:00 auditd
1621 ? Sl 0:00 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5
1655 ? Ss 0:00 irqbalance --pid=/var/run/irqbalance.pid
1783 ? Ss 0:00 cupsd -C /etc/cups/cupsd.conf
1815 ? Ss 0:00 /usr/sbin/acpid
1828 ? S 0:00 hald-runner
1860 ? S 0:00 hald-addon-input: Listening on /dev/input/event2 /dev/input/event0
1897 ? Ssl 0:00 automount --pid-file /var/run/autofs.pid
2044 ? Ss 0:00 /usr/sbin/mcelog --daemon
2061 ? Ss 0:00 /usr/sbin/sshd
2072 ? S 0:00 /bin/sh /usr/bin/mysqld_safe --datadir=/var/lib/mysql --pid-file=/v
2250 ? Ss 0:00 /usr/sbin/dovecot
2266 ? S 0:00 dovecot/log
2270 ? S 0:00 dovecot/config
2285 ? Ss 0:03 /usr/local/cpanel/3rdparty/perl/514/bin/spamd --daemonize --allowed
2287 ? S 0:00 spamd child
2288 ? S 0:00 spamd child
2315 ? Ss 0:00 /usr/sbin/abrtd
2336 ? Ss 0:00 pure-ftpd (SERVER)
2338 ? S 0:00 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/local/cpanel/bin
2350 ? Ss 0:01 crond
2357 ? Ssl 133:03 ps -ef
2395 ? Ss 0:00 /usr/sbin/atd
2549 ? S 0:00 cpsrvd (SSL) - waiting for connections
2555 ? S 0:00 queueprocd - wait to process a task
2590 ? S 0:00 tailwatchd
2607 ? S 0:00 cPhulkd - processor
2700 ? S 0:00 cpdavd - accepting connections on 2077, 2078, 2079, and 2080
2709 ? SN 0:00 cpanellogd - sleeping for logs
2741 ? Ss 0:00 /usr/sbin/certmonger -S -p /var/run/certmonger.pid
2768 tty1 Ss+ 0:00 /sbin/mingetty /dev/tty1
2770 tty2 Ss+ 0:00 /sbin/mingetty /dev/tty2
2772 tty3 Ss+ 0:00 /sbin/mingetty /dev/tty3
2775 tty4 Ss+ 0:00 /sbin/mingetty /dev/tty4
2777 tty5 Ss+ 0:00 /sbin/mingetty /dev/tty5
2779 tty6 Ss+ 0:00 /sbin/mingetty /dev/tty6
2791 ? S< 0:00 /sbin/udevd -d
2792 ? S< 0:00 /sbin/udevd -d
7406 ? Ss 0:00 sshd: root@pts/0
7471 pts/0 Ss+ 0:00 -bash
8322 ? Ss 0:00 sshd: root@pts/1
8341 pts/1 Ss 0:00 -bash
8559 ? Ss 0:00 /usr/local/apache/bin/httpd -k start
8568 ? S 0:00 /usr/local/cpanel/3rdparty/bin/perl /usr/local/cpanel/bin/leechprot
9398 ? Ss 0:00 ifconfig
9402 ? Ss 0:00 sh
9405 ? Ss 0:00 ifconfig eth0
9406 ? Ss 0:00 who
9407 ? Ss 0:00 gnome-terminal
9408 pts/1 R+ 0:00 ps -x