troubleshooting Question

Something is done via perl on webserver - how can i find the causing script ?

Avatar of loosain
loosain asked on
Apache Web ServerLinux SecurityPerl
4 Comments2 Solutions298 ViewsLast Modified:
Hi,

on a webserver there is something wrong (in my opinion). Perl is using much CPU. If i use lsof on its PID, i get this:

COMMAND PID    USER   FD   TYPE DEVICE SIZE/OFF     NODE NAME
perl    693 uvftpzg  cwd    DIR    8,1     4096        2 /
perl    693 uvftpzg  rtd    DIR    8,1     4096        2 /
perl    693 uvftpzg  txt    REG    8,5  1648400 17983266 /usr/bin/perl
perl    693 uvftpzg  mem    REG    8,5    31512 17796254 /usr/lib/perl5/5.10.0/x86_64-linux-thread-multi/auto/Socket/Socket.so
perl    693 account6663  mem    REG    8,5    27464 51082960 /usr/lib/perl5/5.10.0/x86_64-linux-thread-multi/auto/IO/IO.so
perl    693 account6663  mem    REG    8,1  1495120   783548 /lib64/libc-2.8.so
perl    693 account6663  mem    REG    8,1   142867   783542 /lib64/libpthread-2.8.so
perl    693 account6663  mem    REG    8,1    61240   783534 /lib64/libcrypt-2.8.so
perl    693 account6663  mem    REG    8,1    16040   783530 /lib64/libdl-2.8.so
perl    693 account6663  mem    REG    8,1   380776   783535 /lib64/libm-2.8.so
perl    693 account6663  mem    REG    8,1   131240   783549 /lib64/ld-2.8.so
perl    693 account6663  0r  FIFO    0,5      0t0    84033 pipe
perl    693 account6663  1w  FIFO    0,5      0t0    84034 pipe
perl    693 account6663  2w  FIFO    0,5      0t0    84035 pipe
perl    693 account6663  3u  IPv4 146573      0t0      TCP domainname.com:56158->ns1.openhost.lv:arcp (ESTABLISHED)
perl    693 account6663  187r  FIFO    0,5      0t0     8206 pipe
perl    693 account6663  188w  FIFO    0,5      0t0     8206 pipe
perl    693 account6663  189r  FIFO    0,5      0t0     8207 pipe
perl    693 account6663  190w  FIFO    0,5      0t0     8207 pipe



What exactly does this mean ? I dont know "ns1.openhost.lv:arcp" ...
How can i find out which script is used for this ?


Thanks
ASKER CERTIFIED SOLUTION
Join our community to see this answer!
Unlock 2 Answers and 4 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 2 Answers and 4 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros