[SAC] High load "geotools" job on osgeo6: cryptonight at work

Alex M tech_dev at wildintellect.com
Wed May 9 16:52:31 PDT 2018

On 05/09/2018 12:20 PM, Markus Neteler wrote:
> Hi,
> for now I put te job to "sleep" using
> kill -SIGSTOP 23401
> Like that the traces are still there while it cannot continue to mine coins.
> I suggest to
> - force password reset of all logins on osgeo6 (how?)
> - check who was on the machine
>    May  8 2018, 23:07 server time to install the thing
> - eventually get rid of it
> Opinions?
> Markus

The most likely entry point is via a website, what php based websites
are being run on osgeo6 right now? What web services run under the
geotools user?


More information about the Sac mailing list