Closed. This question is not about programming or software development. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 2 days ago.
Improve this question
I am experiencing a serious issue with my server system. It appears to be under continuous attack by a virus or similar malicious program. I am hoping that someone can offer advice on how to resolve this issue.
The following are the symptoms of the attack:
All CPUs and Memory are being used at 100% capacity by programs that are running from the root user account. These programs have names like "/8912348071fc".
Anydesk is getting installed and running on the server, even though we have uninstalled it many times. It keeps reappearing.
A background search code is running that is trying to find files containing passwords in VNC directories. The code is running with the following command:
/bin/sh -c -ls -a /*/*/*/*/.vnc/*passwd*
We have tried different measures to remove the malicious programs, but nothing seems to work. We need to remove these malicious programs from our server system.
OS: CentOS7
We tried till now:
Stopping the program by killing it
Disable and uninstall (yum remove) anydesk
Stopping malicious unknown program running from root like that
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 7 years ago.
Improve this question
I have Fedora 11 installed on VirtualBox. By accident some files in /var directory were damaged or removed(I don't know what exactly). Now when trying to run Fedora, it goes untill choosing the user and freezes. No reaction at mouse and keyboard clicks. Does anyone have any suppositions how to run it, or at least how to retrieve files from virtual machine? I booted it to the terminal where I updated all what is possible - gnome, etc...But still no result.
It's impossible to know what happened without knowing what got removed. However, a great way to get your files out is using scp. Good examples for this can be found here.
Alternatively, if you've installed the Virtualbox Guest Additions you can use a USB drive to retrieve your files. There's a pretty good tutorial on how to get your USB drive working on VBox here.
If you want my best guess as to what's wrong, something in your /var relating to your GUI got removed, as from what I understand you can still boot to your command line. My suggestion would be to get what you need off the machine using the above tools and get a fresh install.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 years ago.
Improve this question
My question is related to my grade project. Its about mobile video transmission using DVB-H link layer. Its a comprehensive project itself, and there are separate parts. I mainly construct system in Matlab Simulink, but there is one part, responsible for encapsulation/decapsulation of the stream packet, which was designed in Linux environment.
I didn't want to install new OS just for one application, so I run Linux on VMware Player as a virtual machine. So here is my problem - the applications (for encapsulation and decapsulation) won't compile (install) completely. I see mainly missing library problems. I tried to install necessary libraries, but the original application still couldn't see some of them. I feel like I'm missing something small, but clear to rather experienced Linux user. Here is the link to the programs
http://sp.cs.tut.fi/mobile3dtv/download/
"DECAPS - DVB-H Decapsulator Software" is the one (and FATCAPS link is there).
I couldn't find alternative encapsulator/decapsulator in for Windows environment. Its my last and only choice. If please some of the Linux users could try to run them in Linux environment, maybe its because I'm using virtual machine? Its also noted that the application was designed for Debian based systems, but I also did install Debian as a virtual machine and application won't even configure. Please help, guys, I'm really stuck here.
You'll probably need to install the development versions of the libraries -- under Debian, the'll be named the same as the original package, but with a "-dev" suffix.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 9 years ago.
Improve this question
I have installed flashrom software. When i try to run sudo flashrom command it gives me "Could not get I/O privileges (Operation not permitted). You need to be root" error. Also I tried su command to switch root and run again. I also tried sudo -i command to login as root. However any of them did not work
#if defined (__OpenBSD__)
msg_perr("If you are root already please set securelevel=-1 in /etc/rc.securelevel and\n"
"reboot, or reboot into single user mode.\n");
#elif defined(__NetBSD__)
msg_perr("If you are root already please reboot into single user mode or make sure\n"
"that your kernel configuration has the option INSECURE enabled.\n");
#endif
Reading this from the FlashRom.org pastebin site should give some insight.
This is the only file in Flashrom that contains the line, "You must be root"
Therefore, in my opinion, this is the only place the error can be coming from.
I changed secure boot option in bios settings as disabled. So I can run the flashrom program. But it gives this output.
WARNING! You seem to be running flashrom on an unsupported laptop.
Laptops, notebooks and netbooks are difficult to support and we
recommend to use the vendor flashing utility. The embedded controller
(EC) in these machines often interacts badly with flashing. See the
manpage and http://www.flashrom.org/Laptops for details.
If flash is shared with the EC, erase is guaranteed to brick your
laptop and write may brick your laptop. Read and probe may irritate
your EC and cause fan failure, backlight failure and sudden poweroff.
You have been warned.
So there is nothing to do. I have to search another tool to flash my bios
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 9 years ago.
Improve this question
I'm currently doing some database benchmarking on a virtual machine running Ubuntu 12.04. I've noticed that the second time I execute a query it runs significantly faster. This ist most likely due to the OS caching that just keeps all the data in main memory. To keep the cache from screwing up my measurements I thus want to clear it between subsequent runs.
I found the following commands to achieve this on the google:
sync;echo 3 > /proc/sys/vm/drop_caches
and
sysctl -w vm.drop_caches=3
which all yield in a permission denied error even when I'm logged in as root. It seems like it is just not possible to clear the system's cache from the guest system. I guess this is because it uses the hosts cache. As I don't have access to the host I have to find a workaround. Currently I have two ideas.
First idea is to reboot the machine between runs as this clears the cache. As I want to perform a couple dozen runs I really need to automate this. So I could put a program into autostart let it perform a query and reboot and continue with the next query on the next startup. Feels like writing a virus though.
Second idea is to just flood the memory with other data. As my machine has quite a bit of RAM i would e.g. generate some large file of random data an just read it into /dev/null.
So finally my question is, has anyone a better idea to clear the cache, or maybe avoid the usage of the cache all together? Or has anyone some suggestions on how to implement one of my two ideas easily?
Thank you very much in advance,
Antigo
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 9 years ago.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Improve this question
Assume I have a server already functioning and providing an app to users. At one moment, I have to modify some crucial /etc/ configuration files. For example, /etc/security/limits.conf.
After I do the changes, documentation usually suggests rebooting the machine.
reboot
But this would imply that all processes in the server die, am I right? So, basically what will happen to the guys checking my app hosted on the server that I just "rebooted"? I think the service will stop for a while. Is there any other command or alternative less painful to do after changing crucial files?
I'm on CentOS & Nginx.
PD: If somebody could provide also a link to the difference between "shutdown" and "reboot" (because I found only some vague things), that would be great.
Easy part first - if you run shutdown your computer ends up being off. As in no power. As in, very difficult to fix remotely :). Reboot restarts everything.
It is fairly rare to require a reboot under linux - the only reason to reboot that I can think of is if you upgraded the kernel, if your machine is crashing really badly, or if you want to install some types of new hardware (RAM, plug-in cards etc).
Mostly, when you edit "important files in /etc", you can restart just a part of the system. For example, you might need to restart just your webserver.
There is no complete rule. Try googling "reload ". For example, googling "reload /etc/security/limits" suggests logging out, then logging back in.