打印

紧急求救！我系统是不是中招了阿？咋个办？

wuyuhua_2000

初来乍到

Rank: 1

注册用户

帖子: 22
精华: 0
积分: 3
在线时间: 5 小时

发短消息
加为好友
当前离线

21楼 大中小发表于 2007-9-23 08:57 只看该作者

引用:

原帖由 Roc.Ken 于 2007-9-23 01:53 发表

说明他们还在通过 httpd 执行脚本, 先把相关的程序 kill 掉:
pkill -9 perl
pkill -9 udp.pl

不知你 apache 编译时使用了哪些参数?

./configure --prefix=/usr/local/httpd --enable-so　　　　　　

TOP

wuyuhua_2000

初来乍到

Rank: 1

注册用户

帖子: 22
精华: 0
积分: 3
在线时间: 5 小时

发短消息
加为好友
当前离线

22楼 大中小发表于 2007-9-23 09:00 只看该作者

引用:

原帖由 Roc.Ken 于 2007-9-23 01:53 发表

WINSCP的确好用, 我是最近才发现的.

昨天我也下了一个用了哈
确实好有，不过目录权限控制还在学习中，能够控制用户访问哪些目录就好了　　　　　　

TOP

wuyuhua_2000

初来乍到

Rank: 1

注册用户

帖子: 22
精华: 0
积分: 3
在线时间: 5 小时

发短消息
加为好友
当前离线

23楼 大中小发表于 2007-9-23 09:24 只看该作者

1、安裝作業系統時候
關閉了不必要的服務 (anacron apmd atd autofs cups gpm kudzu named netfs  nfs nfslock portmap ntpd  postfix sendmail  smb  xfs  chargen chargen-udp  daytime daytime-udp krb5-telnet gssftp xinetd)

2、安裝了iptables，我是用gShield來配置的防火牆
iptablse –L 顯示的資訊如下：

[root@server admin]# /sbin/iptables -L
Chain INPUT (policy DROP)
target    prot opt source             destination
loopback all  --  anywhere          anywhere
BLACKLIST  all  --  66.45.237.220       anywhere
RESERVED all  --  10.0.0.0/8          anywhere
RESERVED all  --  172.16.0.0/12       anywhere
RESERVED all  --  192.168.0.0/16    anywhere
RESERVED all  --  ALL-SYSTEMS.MCAST.NET  anywhere
RESERVED all  --  ALL-ROUTERS.MCAST.NET  anywhere
RESERVED all  --  DVMRP.MCAST.NET    anywhere
RESERVED all  --  OSPF-ALL.MCAST.NET anywhere
RESERVED all  --  OSPF-DSIG.MCAST.NET  anywhere
RESERVED all  --  RIP2-ROUTERS.MCAST.NET  anywhere
RESERVED all  --  PIM-ROUTERS.MCAST.NET  anywhere
RESERVED all  --  ALL-CBT-ROUTERS.MCAST.NET  anywhere
MULTICAST  all  --  ALL-SYSTEMS.MCAST.NET  anywhere
MULTICAST  all  --  ALL-ROUTERS.MCAST.NET  anywhere
MULTICAST  all  --  DVMRP.MCAST.NET    anywhere
MULTICAST  all  --  OSPF-ALL.MCAST.NET anywhere
MULTICAST  all  --  OSPF-DSIG.MCAST.NET  anywhere
MULTICAST  all  --  RIP2-ROUTERS.MCAST.NET  anywhere
MULTICAST  all  --  PIM-ROUTERS.MCAST.NET  anywhere
MULTICAST  all  --  ALL-CBT-ROUTERS.MCAST.NET  anywhere
ACCEPT    icmp --  anywhere          anywhere          icmp destination-unreachable
ACCEPT    icmp --  anywhere          anywhere          icmp time-exceeded
ACCEPT    icmp --  anywhere          anywhere          icmp echo-reply
DROPICMP icmp --  anywhere          anywhere
ACCEPT    udp  --  anywhere          anywhere          udp spts:32769:65535 dpts:traceroute:33523
ADMIN    all  --  221.10.254.40       anywhere
DNS       udp  --  ns.sc.cninfo.net    anywhere          udp spt:domain
DNS       udp  --  221.10.254.231    anywhere          udp spt:domain
PUBLIC    tcp  --  anywhere          www.****.com    tcp dpt:ftp
PUBLIC    tcp  --  anywhere          www.****.com    tcp dpt:ftp-data
PUBLIC    tcp  --  anywhere          www.****.com    tcp dpt:http
PUBLIC    udp  --  anywhere          www.****.com    udp dpt:http
PUBLIC    tcp  --  anywhere          www.****.com    tcp dpt:https
PUBLIC    udp  --  anywhere          www.****.com    udp dpt:https
PUBLIC    udp  --  anywhere          www.****.com    udp dpt:domain
PUBLIC    tcp  --  anywhere          www.****.com    tcp dpt:ssh
PUBLIC    udp  --  anywhere          www.****.com    udp dpt:ssh
PUBLIC    tcp  --  anywhere          www.****.com    tcp dpt:auth
PUBLIC    udp  --  anywhere          www.****.com    udp dpt:auth
PUBLIC    tcp  --  anywhere          www.****.com    tcp dpt:mysql
PUBLIC    udp  --  anywhere          www.****.com    udp dpt:mysql
CLOSED    tcp  --  anywhere          www.****.com    tcp dpt:32775
CLOSED    udp  --  anywhere          www.****.com    udp dpt:32775
HIGHPORT tcp  --  anywhere          anywhere          tcp dpts:1024:65535
HIGHPORT udp  --  anywhere          anywhere          udp dpts:1024:65535
OPENPORT tcp  --  anywhere          anywhere          tcp dpt:http
OPENPORT udp  --  anywhere          anywhere          udp dpt:http
OPENPORT tcp  --  anywhere          anywhere          tcp dpt:81
OPENPORT udp  --  anywhere          anywhere          udp dpt:81
OPENPORT tcp  --  anywhere          anywhere          tcp dpt:ftp
OPENPORT udp  --  anywhere          anywhere          udp dpt:ftp
OPENPORT tcp  --  anywhere          anywhere          tcp dpt:ssh
OPENPORT udp  --  anywhere          anywhere          udp dpt:ssh
OPENPORT tcp  --  anywhere          anywhere          tcp dpt:mysql
OPENPORT udp  --  anywhere          anywhere          udp dpt:mysql
OPENPORT tcp  --  anywhere          anywhere          tcp dpt:webcache
OPENPORT udp  --  anywhere          anywhere          udp dpt:webcache
OPENPORT tcp  --  anywhere          anywhere          tcp dpt:rsync
OPENPORT udp  --  anywhere          anywhere          udp dpt:rsync
SCAN    tcp  --  anywhere          anywhere          tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,PSH,ACK,URG state INVALID,NEW,RELATED,UNTRACKED
SCAN    tcp  --  anywhere          anywhere          tcp flags:FIN,SYN,RST,PSH,ACK,URG/NONE state INVALID,NEW,RELATED,UNTRACKED
SCAN    tcp  --  anywhere          anywhere          tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN state INVALID,NEW,RELATED,UNTRACKED
STATEFUL all  --  anywhere          anywhere

Chain FORWARD (policy DROP)
target    prot opt source             destination
BLACKLIST  all  --  66.45.237.220       anywhere
SCAN    tcp  --  anywhere          anywhere          tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,PSH,ACK,URG
SCAN    tcp  --  anywhere          anywhere          tcp flags:FIN,SYN,RST,PSH,ACK,URG/NONE
BLOCK_OUT  tcp  --  anywhere          anywhere          tcp dpt:netbios-ns
BLOCK_OUT  udp  --  anywhere          anywhere          udp dpt:netbios-ns
BLOCK_OUT  tcp  --  anywhere          anywhere          tcp dpt:netbios-dgm
BLOCK_OUT  udp  --  anywhere          anywhere          udp dpt:netbios-dgm
BLOCK_OUT  tcp  --  anywhere          anywhere          tcp dpt:netbios-ssn
BLOCK_OUT  udp  --  anywhere          anywhere          udp dpt:netbios-ssn
STATEFUL all  --  anywhere          anywhere

Chain OUTPUT (policy ACCEPT)
target    prot opt source             destination
loopback all  --  anywhere          anywhere
DROP    icmp --  anywhere          anywhere          state INVALID
BLOCK_OUT  tcp  --  anywhere          anywhere          tcp dpt:netbios-ns
BLOCK_OUT  udp  --  anywhere          anywhere          udp dpt:netbios-ns
BLOCK_OUT  tcp  --  anywhere          anywhere          tcp dpt:netbios-dgm
BLOCK_OUT  udp  --  anywhere          anywhere          udp dpt:netbios-dgm
BLOCK_OUT  tcp  --  anywhere          anywhere          tcp dpt:netbios-ssn
BLOCK_OUT  udp  --  anywhere          anywhere          udp dpt:netbios-ssn

Chain ACCEPTnLOG (0 references)
target    prot opt source             destination
LOG       all  --  anywhere          anywhere          LOG level warning prefix `gShield (accept) '
ACCEPT    all  --  anywhere          anywhere

Chain ADMIN (1 references)
target    prot opt source             destination
DROP    all  --  anywhere          anywhere          MAC ! 00

0:B7:27:62:0A
ACCEPT    all  --  anywhere          anywhere

Chain BLACKLIST (2 references)
target    prot opt source             destination
LOG       all  --  anywhere          anywhere          LOG level warning prefix `gShield (blacklisted drop) '
DROP    all  --  anywhere          anywhere

Chain BLOCK_OUT (12 references)
target    prot opt source             destination
DROP    all  --  anywhere          anywhere

Chain CLIENT (0 references)
target    prot opt source             destination
ACCEPT    all  --  anywhere          anywhere

Chain CLOSED (2 references)
target    prot opt source             destination
LOG       all  --  anywhere          anywhere          LOG level warning prefix `gShield (closed port drop) '
DROP    tcp  --  anywhere          anywhere
DROP    udp  --  anywhere          anywhere
DROP    all  --  anywhere          anywhere

Chain DHCP (0 references)
target    prot opt source             destination
LOG       all  --  anywhere          anywhere          LOG level warning prefix `gShield (DHCP accept) '
ACCEPT    all  --  anywhere          anywhere

Chain DMZ (0 references)
target    prot opt source             destination
LOG       all  --  anywhere          anywhere          LOG level warning prefix `gShield (DMZ drop) '
DROP    all  --  anywhere          anywhere

Chain DNS (2 references)
target    prot opt source             destination
ACCEPT    all  --  anywhere          anywhere

Chain DROPICMP (1 references)
target    prot opt source             destination
DROP    all  --  anywhere          anywhere

Chain DROPnLOG (1 references)
target    prot opt source             destination
DROP    udp  --  anywhere          anywhere          udp dpts:netbios-ns:netbios-ssn
ACCEPT    tcp  --  anywhere          anywhere          tcp spt:http dpts:1024:65535 flags:!SYN,RST,ACK/SYN
DROP    udp  --  anywhere          255.255.255.255    udp spt:bootps dpt:bootpc
QUEUE    all  --  anywhere          anywhere          limit: avg 20/min burst 5
DROP    tcp  --  anywhere          anywhere
DROP    udp  --  anywhere          anywhere

Chain HIGHPORT (2 references)
target    prot opt source             destination
ACCEPT    all  --  anywhere          anywhere

Chain MON_OUT (0 references)
target    prot opt source             destination
ACCEPT    all  --  anywhere          anywhere

Chain MULTICAST (8 references)
target    prot opt source             destination
DROP    all  --  anywhere          anywhere

Chain OPENPORT (14 references)
target    prot opt source             destination
ACCEPT    all  --  anywhere          anywhere

Chain PUBLIC (13 references)
target    prot opt source             destination
ACCEPT    all  --  anywhere          anywhere　　　　　　

TOP

wuyuhua_2000

初来乍到

Rank: 1

注册用户

帖子: 22
精华: 0
积分: 3
在线时间: 5 小时

发短消息
加为好友
当前离线

24楼 大中小发表于 2007-9-23 09:25 只看该作者

Chain RESERVED (11 references)
target    prot opt source             destination
DROP    tcp  --  anywhere          anywhere
DROP    udp  --  anywhere          anywhere
DROP    all  --  anywhere          anywhere

Chain SCAN (5 references)
target    prot opt source             destination
LOG       all  --  anywhere          anywhere          LOG level warning prefix `gShield (possible port scan) '
DROP    all  --  anywhere          anywhere

Chain SERVICEDROP (0 references)
target    prot opt source             destination
LOG       all  --  anywhere          anywhere          LOG level warning prefix `gShield (service drop) '
DROP    tcp  --  anywhere          anywhere
DROP    udp  --  anywhere          anywhere
DROP    all  --  anywhere          anywhere

Chain STATEFUL (2 references)
target    prot opt source             destination
ACCEPT    all  --  anywhere          anywhere          state RELATED,ESTABLISHED
ACCEPT    all  --  anywhere          anywhere          state NEW
DROPnLOG all  --  anywhere          anywhere

Chain loopback (2 references)
target    prot opt source             destination
ACCEPT    all  --  anywhere          anywhere

3、apache編譯的時候參數如下：./configure --prefix=/usr/local/httpd --enable-so

4、apache下面就只有一個廣告管理系統(openads)、日誌分析(awstats、webalizer)　　　　　　

TOP

Roc.Ken

版主

Rank: 7 Rank: 7 Rank: 7

帖子: 6249
精华: 90
积分: 359
在线时间: 556 小时

发短消息
加为好友
当前离线

25楼 大中小发表于 2007-9-23 12:26 只看该作者

检查apache中的异常日志, 还有系统中的 /var/log/messages, /var/log/xferlog 看是对方是如何放入这些脚本的,然后对症下药　　　　　　

Advance Monitor - Linux Monitoring Solution

TOP

bwb

A pilgrim

超级版主

Rank: 8 Rank: 8

管理团队成员

帖子: 12026
精华: 5
积分: 684
在线时间: 1376 小时

发短消息
加为好友
当前在线

26楼 大中小发表于 2007-9-23 13:26 只看该作者

引用:

原帖由 Roc.Ken 于 2007-9-23 12:26 发表
检查apache中的异常日志, 还有系统中的 /var/log/messages, /var/log/xferlog 看是对方是如何放入这些脚本的,然后对症下药

同意！
斩草除根。　　　　　　

林子大了，什么鸟都有......

TOP

wuyuhua_2000

初来乍到

Rank: 1

注册用户

帖子: 22
精华: 0
积分: 3
在线时间: 5 小时

发短消息
加为好友
当前离线

27楼 大中小发表于 2007-9-23 22:17 只看该作者

引用:

原帖由 Roc.Ken 于 2007-9-23 12:26 发表
检查apache中的异常日志, 还有系统中的 /var/log/messages, /var/log/xferlog 看是对方是如何放入这些脚本的,然后对症下药

检查过了，没有任何异常！郁闷！　　　　　　

TOP

bwb

A pilgrim

超级版主

Rank: 8 Rank: 8

管理团队成员

帖子: 12026
精华: 5
积分: 684
在线时间: 1376 小时

发短消息
加为好友
当前在线

28楼 大中小发表于 2007-9-23 22:28 只看该作者

apache的日志查了吗？
一般在/var/log/httpd 下　　　　　　

林子大了，什么鸟都有......

TOP

wuyuhua_2000

初来乍到

Rank: 1

注册用户

帖子: 22
精华: 0
积分: 3
在线时间: 5 小时

发短消息
加为好友
当前离线

29楼 大中小发表于 2007-9-24 09:42 只看该作者

引用:

原帖由 bwb 于 2007-9-23 22:28 发表
apache的日志查了吗？
一般在/var/log/httpd 下

以前没有看，不看不知道，一看吓一跳啊，帮我看看这个怎么分析阿！

[Mon Jul 16 13:03:57 2007] [notice] Apache/2.0.49 (Unix) configured -- resuming normal operations
[Mon Jul 16 13:04:13 2007] [notice] caught SIGTERM, shutting down
[Tue Jul 17 01:09:42 2007] [notice] Apache configured -- resuming normal operations
[Tue Jul 17 01:46:47 2007] [warn] pid file /usr/local/httpd/logs/httpd.pid overwritten -- Unclean shutdown of previous Apache run?
[Tue Jul 17 01:46:47 2007] [notice] Apache configured -- resuming normal operations

sh: lynx: command not found
  % Total % Received % Xferd  Average Speed Time Time    Time  Current
                              Dload  Upload Total Spent Left  Speed

67  4040 67  2757 0    0 712    0  0:00:05  0:00:03  0:00:02 712
100  4040  100  4040 0    0 961    0  0:00:04  0:00:04 --:--:--  3829
sh: fetch: command not found
--11:03:04--  http://198.78.81.43/pbnet/check-ok
         => `check-ok'
Connecting to 198.78.81.43:80... 已连接。
已发出 HTTP 请求，正在等待回应... 404 Object Not Found
11:03:05 错误 404：Object Not Found。

[Fri Jul 27 17:01:45 2007] [notice] SIGHUP received.  Attempting to restart
[Fri Jul 27 17:01:45 2007] [notice] Apache configured -- resuming normal operations
--23:12:19--  http://zetoo.host.sk/cycomm.tar.gz
         => `cycomm.tar.gz'
正在解析主机 zetoo.host.sk... 62.168.109.150
Connecting to zetoo.host.sk|62.168.109.150|:80... 失败：没有到主机的路由。
tar: cycomm.tar.gz：无法 open: 没有那个文件或目录
tar: 错误是不可恢复的：现在退出
tar: Child returned status 2
tar: Error exit delayed from previous errors
sh: cycomm/cycomm: 没有那个文件或目录
--23:12:41--  http://zetoo.host.sk/cycomm.tar.gz
         => `cycomm.tar.gz'
正在解析主机 zetoo.host.sk... 62.168.109.150
Connecting to zetoo.host.sk|62.168.109.150|:80... 失败：没有到主机的路由。
tar: cycomm.tar.gz：无法 open: 没有那个文件或目录
tar: 错误是不可恢复的：现在退出
tar: Child returned status 2
tar: Error exit delayed from previous errors
sh: cycomm/cycomm: 没有那个文件或目录
--23:14:56--  http://www.geocities.com/ins1dez/bind.tar.gz
         => `bind.tar.gz'
正在解析主机 www.geocities.com... 66.218.77.68
Connecting to www.geocities.com|66.218.77.68|:80... 已连接。
已发出 HTTP 请求，正在等待回应... 200 OK
长度：17,528 (17K) [application/x-gzip]

0K .......... 100% 37.79 KB/s

23:14:57 (37.79 KB/s) - `bind.tar.gz' saved [17528/17528]

--23:15:37--  http://www.geocities.com/ins1dez/bind.tar.gz
         => `bind.tar.gz'
正在解析主机 www.geocities.com... 66.218.77.68
Connecting to www.geocities.com|66.218.77.68|:80... 已连接。
已发出 HTTP 请求，正在等待回应... 200 OK
长度：17,528 (17K) [application/x-gzip]

0K ..........100% 37.95 KB/s

23:15:38 (37.95 KB/s) - `bind.tar.gz' saved [17528/17528]

Warning: bad syntax, perhaps a bogus '-'? See /usr/share/doc/procps-3.2.3/FAQ
Warning: bad syntax, perhaps a bogus '-'? See /usr/share/doc/procps-3.2.3/FAQ
--23:17:45--  http://casperel.3x.ro/linux.tgz
         => `linux.tgz'
正在解析主机 casperel.3x.ro... 81.180.102.160
Connecting to casperel.3x.ro|81.180.102.160|:80... 已连接。
已发出 HTTP 请求，正在等待回应... 200 OK
长度：838,376 (819K) [application/x-tar]

0K.......... 6% 25.33 KB/s
50K..........12% 25.87 KB/s
  100K..........18% 13.54 KB/s
  150K..........24% 14.61 KB/s
  200K..........30% 9.03 KB/s
  250K..........36% 9.47 KB/s
  300K..........42% 6.63 KB/s
  350K .........--23:18:18--  http://casperel.3x.ro/linux.tgz
         => `linux.tgz'
正在解析主机 casperel.3x.ro... . ............... .......... ....81.180.102.160
Connecting to casperel.3x.ro|81.180.102.160|:80... ...... 48% 12.69 KB/s
  400K ....已连接。
已发出 HTTP 请求，正在等待回应... ...... ....200 OK
长度：838,376 (819K) [application/x-tar]

0K .............. 54% 14.57 KB/s
  450K ............. .........  6% 12.81 KB/s
50K ............... ........... .Warning: bad syntax, perhaps a bogus '-'? See /usr/share/doc/procps-3.2.3/FAQ
.. ................... ....... 61% 10.31 KB/s
  500K ..................12% 7.32 KB/s...
  100K .............  18% 4.91 KB/s
  150K ............... .....Warning: bad syntax, perhaps a bogus '-'? See /usr/share/doc/procps-3.2.3/FAQ
............. ............. 24% 14.90 KB/s
  200K ..... 67% 3.02 KB/s
  550K ............30% 19.82 KB/s
  250K .............  69% 6.18 KB/s

23:18:49 (9.30 KB/s) - Connection closed at byte 582267. 重试中。

... .......... ...--23:18:50--  http://casperel.3x.ro/linux.tgz
  (尝试次数： 2) => `linux.tgz'
Connecting to casperel.3x.ro|81.180.102.160|:80... ....... ...已连接。
已发出 HTTP 请求，正在等待回应... ....... ....206 Partial Content
长度：838,376 (819K), 256,109 (250K) remaining [application/x-tar]

   [ 正跳过 550K ]
  550K ,,,,,,,,,, ,,,,,,,,.. ....... 36% 17.78 KB/s
  300K .................. 42% 16.86 KB/s..
  350K ................. 73% 8.24 KB/s
  600K ... ........... 79% 12.64 KB/s
  650K ............ 48% 9.34 KB/s
  400K ........  54% 14.68 KB/s
  450K . ................. ... 85% 10.30 KB/s
  700K ........ 61% 24.16 KB/s.
  500K ........67% 23.16 KB/s
  550K ............... 91% 11.21 KB/s.....
  750K ....... 73% 11.79 KB/s
  600K ........ 97% 6.93 KB/s..
  800K ........ 79% 9.11 KB/s
  650K ..                                  100% 9.77 KB/s

23:19:17 (9.54 KB/s) - `linux.tgz' saved [838376/838376]

.............. ......sh: line 0: kill: (2846) - 没有那个进程
sh: line 0: kill: (2847) - 没有那个进程
Warning: bad syntax, perhaps a bogus '-'? See /usr/share/doc/procps-3.2.3/FAQ
--07:43:07--  http://www.swellchina.com/apache1
         => `apache1'
正在解析主机 www.swellchina.com... 210.51.168.31
Connecting to www.swellchina.com|210.51.168.31|:80... 已连接。
已发出 HTTP 请求，正在等待回应... 200 OK
长度：35,369 (35K) [application/octet-stream]

0K ............... .......... ....                100% 97.31 KB/s

07:43:10 (97.31 KB/s) - `apache1' saved [35369/35369]

sh: fetch: command not found
  % Total % Received % Xferd  Average Speed Time Time    Time  Current
                              Dload  Upload Total Spent Left  Speed

  2 35369 2 826 0    0 1373    0  0:00:25 --:--:--  0:00:25  1373
100 35369  100 35369 0    0  36950    0 --:--:-- --:--:-- --:--:-- 97304
--07:43:11--  http://www.swellchina.com/apache3
         => `apache3'
正在解析主机 www.swellchina.com... 210.51.168.31
Connecting to www.swellchina.com|210.51.168.31|:80... 已连接。
已发出 HTTP 请求，正在等待回应... 200 OK
长度：27,152 (27K) [application/octet-stream]

0K ............... ......                         100% 89.24 KB/s

07:43:12 (89.24 KB/s) - `apache3' saved [27152/27152]

sh: fetch: command not found
  % Total % Received % Xferd  Average Speed Time Time    Time  Current
                              Dload  Upload Total Spent Left  Speed

  2 27152 2 827 0    0 918    0  0:00:29 --:--:--  0:00:29 918
  6 27152 6  1899 0    0 1980    0  0:00:13 --:--:--  0:00:13 18169
100 27152  100 27152 0    0  22713    0  0:00:01  0:00:01 --:--:-- 89237
sh: ./apache3: /libexec/ld-elf.so.1: bad ELF interpreter: 没有那个文件或目录　　　　　　

TOP

wuyuhua_2000

初来乍到

Rank: 1

注册用户

帖子: 22
精华: 0
积分: 3
在线时间: 5 小时

发短消息
加为好友
当前离线

30楼 大中小发表于 2007-9-24 09:43 只看该作者

php.cgi: no process killed
[Mon Jul 30 17:26:11 2007] [notice] SIGHUP received.  Attempting to restart
[Mon Jul 30 17:26:11 2007] [notice] Apache configured -- resuming normal operations
[Tue Jul 31 17:19:50 2007] [notice] SIGHUP received.  Attempting to restart
[Tue Jul 31 17:19:50 2007] [notice] Apache configured -- resuming normal operations
Warning: bad syntax, perhaps a bogus '-'? See /usr/share/doc/procps-3.2.3/FAQ
Warning: bad syntax, perhaps a bogus '-'? See /usr/share/doc/procps-3.2.3/FAQ
Warning: bad syntax, perhaps a bogus '-'? See /usr/share/doc/procps-3.2.3/FAQ
[Wed Aug 01 17:43:24 2007] [notice] SIGHUP received.  Attempting to restart
[Wed Aug 01 17:43:24 2007] [notice] Apache configured -- resuming normal operations
[Thu Aug 02 17:15:42 2007] [notice] SIGHUP received.  Attempting to restart
[Fri Aug 10 17:43:30 2007] [notice] SIGHUP received.  Attempting to restart
[Fri Aug 10 17:43:30 2007] [notice] Apache configured -- resuming normal operations
  % Total % Received % Xferd  Average Speed Time Time    Time  Current
                              Dload  Upload Total Spent Left  Speed

  3 29111 3  1174 0    0 780    0  0:00:37  0:00:01  0:00:36 780
13 29111 13  3840 0    0 1709    0  0:00:17  0:00:02  0:00:15  3592
68 29111 68 19836 0    0 5342    0  0:00:05  0:00:03  0:00:02  8455
100 29111  100 29111 0    0 7638    0  0:00:03  0:00:03 --:--:-- 12120
--20:18:12--  http://88.80.13.53/~jason/sess_316928e0d260556eaccb6627f2ed657b
         => `sess_316928e0d260556eaccb6627f2ed657b.1'
Connecting to 88.80.13.53:80... 已连接。
已发出 HTTP 请求，正在等待回应... 200 OK
长度：29,111 (28K) [application/octet-stream]

0K ..........100% 11.99 KB/s

20:18:16 (11.99 KB/s) - `sess_316928e0d260556eaccb6627f2ed657b.1' saved [29111/29111]

  % Total % Received % Xferd  Average Speed Time Time    Time  Current
                              Dload  Upload Total Spent Left  Speed

  3 29111 3  1174 0    0 783    0  0:00:37  0:00:01  0:00:36 783
curl: (23) Failed writing body
--21:59:43--  http://88.80.13.53/~jason/sess_316928e0d260556eaccb6627f2ed657b
         => `sess_316928e0d260556eaccb6627f2ed657b.2'
Connecting to 88.80.13.53:80... 已连接。
已发出 HTTP 请求，正在等待回应... 200 OK
长度：29,111 (28K) [application/octet-stream]

0K ..........100% 12.42 KB/s

21:59:47 (12.42 KB/s) - `sess_316928e0d260556eaccb6627f2ed657b.2' saved [29111/29111]

  % Total % Received % Xferd  Average Speed Time Time    Time  Current
                              Dload  Upload Total Spent Left  Speed

  3 29111 3  1174 0    0 794    0  0:00:36  0:00:01  0:00:35 794
curl: (23) Failed writing body
--22:02:41--  http://88.80.13.53/~jason/sess_316928e0d260556eaccb6627f2ed657b
         => `sess_316928e0d260556eaccb6627f2ed657b.3'
Connecting to 88.80.13.53:80... 已连接。
已发出 HTTP 请求，正在等待回应... 200 OK
长度：29,111 (28K) [application/octet-stream]

0K ..........100% 12.38 KB/s

22:02:45 (12.38 KB/s) - `sess_316928e0d260556eaccb6627f2ed657b.3' saved [29111/29111]

  % Total % Received % Xferd  Average Speed Time Time    Time  Current
                              Dload  Upload Total Spent Left  Speed

  3 29111 3  1174 0    0 795    0  0:00:36  0:00:01  0:00:35 795
curl: (23) Failed writing body
--22:04:44--  http://88.80.13.53/~jason/sess_316928e0d260556eaccb6627f2ed657b
         => `sess_316928e0d260556eaccb6627f2ed657b.4'
Connecting to 88.80.13.53:80... 已连接。
已发出 HTTP 请求，正在等待回应... 200 OK
长度：29,111 (28K) [application/octet-stream]

0K ..........100% 12.19 KB/s

22:04:47 (12.19 KB/s) - `sess_316928e0d260556eaccb6627f2ed657b.4' saved [29111/29111]

  % Total % Received % Xferd  Average Speed Time Time    Time  Current
                              Dload  Upload Total Spent Left  Speed

  3 29111 3  1174 0    0 804    0  0:00:36  0:00:01  0:00:35 804
curl: (23) Failed writing body
--22:05:25--  http://88.80.13.53/~jason/sess_316928e0d260556eaccb6627f2ed657b
         => `sess_316928e0d260556eaccb6627f2ed657b.5'
Connecting to 88.80.13.53:80... 已连接。
已发出 HTTP 请求，正在等待回应... 200 OK
长度：29,111 (28K) [application/octet-stream]

0K ..........100% 9.63 KB/s

22:05:32 (9.63 KB/s) - `sess_316928e0d260556eaccb6627f2ed657b.5' saved [29111/29111]

  % Total % Received % Xferd  Average Speed Time Time    Time  Current
                              Dload  Upload Total Spent Left  Speed

  3 29111 3  1174 0    0 807    0  0:00:36  0:00:01  0:00:35 807
curl: (23) Failed writing body
--22:06:12--  http://88.80.13.53/~jason/sess_316928e0d260556eaccb6627f2ed657b
         => `sess_316928e0d260556eaccb6627f2ed657b.6'
Connecting to 88.80.13.53:80... 已连接。
已发出 HTTP 请求，正在等待回应... 200 OK
长度：29,111 (28K) [application/octet-stream]

0K ..........100% 5.89 KB/s

22:06:18 (5.89 KB/s) - `sess_316928e0d260556eaccb6627f2ed657b.6' saved [29111/29111]

  % Total % Received % Xferd  Average Speed Time Time    Time  Current
                              Dload  Upload Total Spent Left  Speed

  3 29111 3  1174 0    0 814    0  0:00:35  0:00:01  0:00:34 814
curl: (23) Failed writing body
--22:07:02--  http://88.80.13.53/~jason/sess_316928e0d260556eaccb6627f2ed657b
         => `sess_316928e0d260556eaccb6627f2ed657b.7'
Connecting to 88.80.13.53:80... 已连接。
已发出 HTTP 请求，正在等待回应... 200 OK
长度：29,111 (28K) [application/octet-stream]

0K ..........100% 12.24 KB/s

22:07:06 (12.24 KB/s) - `sess_316928e0d260556eaccb6627f2ed657b.7' saved [29111/29111]

  % Total % Received % Xferd  Average Speed Time Time    Time  Current
                              Dload  Upload Total Spent Left  Speed

  3 29111 3  1174 0    0 263    0  0:01:50  0:00:04  0:01:46 263
curl: (23) Failed writing body
--22:14:33--  http://88.80.13.53/~jason/sess_316928e0d260556eaccb6627f2ed657b
         => `sess_316928e0d260556eaccb6627f2ed657b.8'
Connecting to 88.80.13.53:80... 已连接。
已发出 HTTP 请求，正在等待回应... 200 OK
长度：29,111 (28K) [application/octet-stream]

0K ..........100% 12.70 KB/s

22:14:37 (12.70 KB/s) - `sess_316928e0d260556eaccb6627f2ed657b.8' saved [29111/29111]

  % Total % Received % Xferd  Average Speed Time Time    Time  Current
                              Dload  Upload Total Spent Left  Speed

  0    0 0    0 0    0    0    0 --:--:--  0:00:01 --:--:--    0
  0    0 0    0 0    0    0    0 --:--:--  0:00:02 --:--:--    0
  0    0 0    0 0    0    0    0 --:--:--  0:00:03 --:--:--    0
22 29111 22  6506 0    0 1259    0  0:00:23  0:00:05  0:00:18  1964
26 29111 26  7839 0    0 1304    0  0:00:22  0:00:06  0:00:16  1886
36 29111 36 10505 0    0 1526    0  0:00:19  0:00:06  0:00:13  2089
58 29111 58 17170 0    0 1997    0  0:00:14  0:00:08  0:00:06  2989
72 29111 72 21169 0    0 2241    0  0:00:12  0:00:09  0:00:03  3786
91 29111 91 26501 0    0 2577    0  0:00:11  0:00:10  0:00:01  3908
100 29111  100 29111 0    0 2826    0  0:00:10  0:00:10 --:--:--  4958
--10:16:49--  http://88.80.13.53/~jason/sess_316928e0d260556eaccb6627f2ed657b
         => `sess_316928e0d260556eaccb6627f2ed657b.9'
Connecting to 88.80.13.53:80... 已连接。
已发出 HTTP 请求，正在等待回应... 200 OK
长度：29,111 (28K) [application/octet-stream]

0K ..........100% 10.84 KB/s

10:16:53 (10.84 KB/s) - `sess_316928e0d260556eaccb6627f2ed657b.9' saved [29111/29111]

[Mon Aug 13 17:41:16 2007] [notice] SIGHUP received.  Attempting to restart
[Mon Aug 13 17:41:17 2007] [notice] Apache configured -- resuming normal operations
Warning: bad syntax, perhaps a bogus '-'? See /usr/share/doc/procps-3.2.3/FAQ
Warning: bad syntax, perhaps a bogus '-'? See /usr/share/doc/procps-3.2.3/FAQ　　　　　　

TOP