Hi Joh,
Here is a condensed version of top without
the redundancies:
USER SHARE TIME COMMAND
nsatgn 1064 0:00 top
root 300 7:51 init
root 0 1:41 kflushd
root 0 7:05 kupdate
root 0 0:00 kpiod
root 0 3:53 kswapd
root 0 0:00 mdrecoveryd
rpc 248 0:00 portmap
nobody 0 0:03 identd
nobody 0 0:06 identd <defunct>
daemon 56 0:00 atd
root 120 0:02 crond
root 0 0:00 mingetty
postgres 348 0:51 postmaster
nsamain 6880 0:00 nsamain
nsaerc 27M 0:01 nsaerc
root 420 9:58 master
postfix 1328 2:25 qmgr
nsatgn 48M 0:02 nsatgn
root 1028 0:00 xinetd
root 668 0:00 in.telnetd
root 1392 0:00 bash
root 616 0:14 syslogd
root 820 0:00 klogd
postfix 812 0:00 pickup
postgres 5208 1:02 postmaster
I killed the identd but it won't die!
kill -9 349
the prompt returns and running top again and it's still there.
Now a hint that a cracker may be at work.. 😟 The RH7.0 server
has been up for 208 days, yet the files in /etc/rc3.d are ALL
timestamped earlier today except for ...postgres and s99local.
The files in other directories rc1..2..4..5..6 are all dated
with the server birthdate. I don't see anything else out
of the ordinary but I may not be looking in the right places...
So now onto doing an extensive backup...... for the worst case...
Any suggestions for making a backup, that will be easy to
restore?
I've backed up the pg data but what about a complicated virtual system (Jerry's)... I'm tarring the whole /web tree that contains the multiple systems and.... oops tar just crashed... on /web due to:
tar: Error exit delayed from previous errors
The tar file got to 139 Megabytes before failing... I guess I'll have to do it in pieces....
-Bob