dhis2-devs team mailing list archive

Thread
Date

Re: Server processor use 100%

To: Hannan Khan <hannank@xxxxxxxxx>
From: Bob Jolliffe <bobjolliffe@xxxxxxxxx>
Date: Mon, 10 Jul 2017 15:21:08 +0100
Cc: Lars Helge Øverland <larshelge@xxxxxxxxx>, "dhis2-users@xxxxxxxxxxxxxxxxxxx" <dhis2-users@xxxxxxxxxxxxxxxxxxx>, DHIS 2 developers <dhis2-devs@xxxxxxxxxxxxxxxxxxx>, Morten Olav Hansen <mortenoh@xxxxxxxxx>
In-reply-to: <CACd=f9eqtg7uGN_GAonz=KnRhHhtdpJ_Hcqfb_RQDVfFZAB_nQ@mail.gmail.com>

Sorry that should have been 'ls -la /tmp'

On 10 July 2017 at 10:50, Bob Jolliffe <bobjolliffe@xxxxxxxxx> wrote:

> Hi Hannan
>
> There is no circumstance that tomcat user should be running the sshd
> command.  It could be this machine has been compromised.  Unless you have
> some strange setup that you are logging in as tomcat user.
>
> Please contact me directly if you want me to check.
>
> Meanwhile you might want to have a look in /tmp directory and tomcat8 home
> directory to see if there are any strange files there:
>
> ls -ls /tmp
>
> You might find that there is a rogue sshd program that has been installed
> there.  Note that if you are running a very old war file your risk of
> compromise is very high.
>
> Bob
>
> On 10 July 2017 at 05:09, Hannan Khan <hannank@xxxxxxxxx> wrote:
>
>> Dear Experts
>>
>> I have an wired situation. one of our DHIS2 server running older war
>> files (version 16), the OS was outdated and we have to upgrade the OS.
>> After installing new OS Ubuntu 16.04 LTS all necessary component Java 8 and
>> Tomcat 7 was installed by after running war file (version 16) after few
>> minutes the tomcat7 is not operational as the processor use is 100%. there
>> is only 1 user logged in and the application server using 2 processor and
>> DB server is separate.
>>
>> After trying several times I remove tomcat7 and install tomcat 8 with
>> same war file, but situation is same. I called it wired as the db size is
>> quite small, user is only few and the listing showing SSHD command by
>> tomcat8 user is using 100% processor.
>>
>> Any idea about the under line reason? need urgent help. Thank you all in
>> advance.
>>
>> Regards
>>
>> Muhammad Abdul Hannan Khan
>> Team Leader
>> Support to the National HMIS
>> MIS, Director General of Health Service
>> Ministry of Health and Family Welfare
>>
>> T +880-2- 58816459 <+880%202-58816459>, 58816412 ext 118
>> F +88 02 58813 875
>> M+88 01819 239 241
>> M+88 01534 312 066
>> E hannank@xxxxxxxxx
>> S hannan.khan.dhaka
>> B hannan-tech.blogspot.com
>> L https://bd.linkedin.com/in/hannankhan
>>
>>
>>
>>
>

Follow ups

Re: Server processor use 100%
From: Hannan Khan, 2017-07-13

References

Server processor use 100%
From: Hannan Khan, 2017-07-10
Re: Server processor use 100%
From: Bob Jolliffe, 2017-07-10