Knowledgebase

Very high loads

Posted by keith007, 12-08-2008, 04:00 PM
Very high loads Hi I have two vps's n ifferent hardware, after my hoster performed an update to node I am now seeing high loads on both vps's When I reboot the problem goes for a while My servers host very little websites and little activity and normally run fine I have notice a process "unhide" running, what is this and where should I start looking for this issue [root@vps ~]# top top - 18:47:59 up 1 day, 6:51, 1 user, load average: 1.96, 1.95, 1.92 Tasks: 62 total, 2 running, 60 sleeping, 0 stopped, 0 zombie Cpu(s): 0.0% us, 2.8% sy, 1.1% ni, 96.0% id, 0.0% wa, 0.0% hi, 0.0% si Mem: 1048576k total, 143908k used, 904668k free, 0k buffers Swap: 0k total, 0k used, 0k free, 0k cached Unknown command - try 'h' for help PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND 23980 root 26 10 1872 876 316 S 2.0 0.1 4:40.86 unhide 1 root 15 0 1644 568 484 S 0.0 0.1 0:03.76 init 1982 root 17 0 6412 1828 1124 S 0.0 0.2 0:00.00 crond 1985 root 18 0 2120 900 784 S 0.0 0.1 0:00.00 run-parts 3228 root 18 0 3252 1028 896 S 0.0 0.1 0:00.00 01-rkhunter 3229 root 18 0 1888 548 460 S 0.0 0.1 0:00.00 awk 3665 apache 15 0 39700 18m 6036 S 0.0 1.8 0:05.14 httpd 5771 apache 15 0 39540 16m 4516 S 0.0 1.6 0:01.14 httpd 7837 root 26 10 11320 9272 976 S 0.0 0.9 0:07.64 rkhunter 9958 apache 15 0 39608 18m 6024 S 0.0 1.8 0:02.84 httpd 11611 root 15 0 8584 2532 1964 S 0.0 0.2 0:00.01 sshd 11831 root 16 0 6144 476 324 S 0.0 0.0 0:00.00 vzctl 11836 root 16 0 2184 1264 1048 S 0.0 0.1 0:00.00 bash 13789 root 16 0 1548 528 436 S 0.0 0.1 0:00.38 syslogd 13794 root 18 0 1484 368 308 S 0.0 0.0 0:00.00 klogd 14022 apache 15 0 39432 15m 3868 S 0.0 1.6 0:00.72 httpd 17612 root 18 0 4056 1052 756 S 0.0 0.1 0:00.00 sshd Regards Keith __________________ Hosting with - 1x Signature, 3xEssential (Servint) support 7/10 server 7/10 Futurehosting 1x elite , support 6/10, server 5/10
Posted by jseymour, 12-08-2008, 04:20 PM
Unhide appears to be a forensics tool for finding hidden processes, looking for rootkits and such. __________________WebServerMastersProactive Support for Sites and ServersOffsite Backup/Support Subscriptions
Posted by keith007, 12-08-2008, 04:23 PM
is over 12hours ok for this process to be running, load is still very high Cheers Keith __________________ Hosting with - 1x Signature, 3xEssential (Servint) support 7/10 server 7/10 Futurehosting 1x elite , support 6/10, server 5/10
Posted by jseymour, 12-08-2008, 04:51 PM
would ask your host what he is doing with those installed inside your vps. That is if you did not install them. __________________WebServerMastersProactive Support for Sites and ServersOffsite Backup/Support Subscriptions
Posted by keith007, 12-08-2008, 05:07 PM
I have remove rkhunter 1.3.2 from the 2 of the servers, as the 3rd is fine and does not have this installed, all are plesk boxes with rkhunter 1.2.8 All I know is the vzzp software has changed on all 3 vps's after a reboot the loads are back to normal, so now i wait till it happens again Many thanks to your help, I will try to post back if it fixes it, otherwise I will pull out some more hair ;-) Keith __________________ Hosting with - 1x Signature, 3xEssential (Servint) support 7/10 server 7/10 Futurehosting 1x elite , support 6/10, server 5/10


Was this answer helpful?

Add to Favourites Add to Favourites

Print this Article Print this Article
Also Read
NEVER GO TO RACK911 [[[]]]!!! PICTURES INCLUDED. (Views: 608)
How do VPS control panels connect to..... (Views: 596)
centos.org down.. (Views: 649)
Grid computing / distrubited computing (Views: 654)
Servint unreachable? (Views: 607)


Language:

Client Menu

 

Client Login

Email

Password

Remember Me

Search



  
 

Clients

Hosting

VPS Hosting

About Us

Contact Us

Copyright © 2015 DC International LLC in partnership with Bragin IT Solutions Inc. - All Rights Reserved.