hostnic24
May 2nd, 2017, 13:52
سلام
دیشب روی سرور nginx نصب کردم,از بعد از نصب تا الان شاید بالای 500 تا ایمیل اومده با عنواین زیر
lfd on : Suspicious process running under user nginx
Time: Tue May 2 04:31:09 2017 -0400
PID: 3041 (Parent PID:3039)
Account: nginx
Uptime: 10869 seconds
Executable:
/usr/sbin/nginx
Command Line (often faked in exploits):
nginx: worker process
Network connections by the process (if any):
tcp: 0.0.0.0:80 (http://0.0.0.0:80) -> 0.0.0.0:0 (http://0.0.0.0:0)
tcp: 0.0.0.0:443 (http://0.0.0.0:443) -> 0.0.0.0:0 (http://0.0.0.0:0)
Files open by the process (if any):
/dev/null
/dev/null
/var/log/nginx/error.log
/var/log/nginx/error.log
anon_inode:[eventpoll]
anon_inode:[eventfd]
anon_inode:[eventfd]
/var/log/nginx/access.log
Memory maps by the process (if any):
7fba8052c000-7fba8202c000 rw-p 00000000 00:00 0
7fba8202c000-7fba8522c000 rw-s 00000000 00:04 30608 /dev/zero (deleted)
7fba8522c000-7fba8662c000 rw-s 00000000 00:04 30607 /dev/zero (deleted)
7fba8662c000-7fba87a2c000 rw-s 00000000 00:04 30606 /dev/zero (deleted)
7fba87a2c000-7fba87a50000 r-xp 00000000 fd:02 67155317 /usr/lib64/libselinux.so.1
7fba87a50000-7fba87c4f000 ---p 00024000 fd:02 67155317 /usr/lib64/libselinux.so.1
7fba87c4f000-7fba87c50000 r--p 00023000 fd:02 67155317 /usr/lib64/libselinux.so.1
7fba87c50000-7fba87c51000 rw-p 00024000 fd:02 67155317 /usr/lib64/libselinux.so.1
7fba87c51000-7fba87c53000 rw-p 00000000 00:00 0
7fba87c53000-7fba87c69000 r-xp 00000000 fd:02 67152862 /usr/lib64/libresolv-2.17.so (http://libresolv-2.17.so)
7fba87c69000-7fba87e69000 ---p 00016000 fd:02 67152862 /usr/lib64/libresolv-2.17.so (http://libresolv-2.17.so)
7fba87e69000-7fba87e6a000 r--p 00016000 fd:02 67152862 /usr/lib64/libresolv-2.17.so (http://libresolv-2.17.so)
7fba87e6a000-7fba87e6b000 rw-p 00017000 fd:02 67152862 /usr/lib64/libresolv-2.17.so (http://libresolv-2.17.so)
7fba87e6b000-7fba87e6d000 rw-p 00000000 00:00 0
7fba87e6d000-7fba87e70000 r-xp 00000000 fd:02 67197067 /usr/lib64/libkeyutils.so.1.5
7fba87e70000-7fba8806f000 ---p 00003000 fd:02 67197067 /usr/lib64/libkeyutils.so.1.5
7fba8806f000-7fba88070000 r--p 00002000 fd:02 67197067 /usr/lib64/libkeyutils.so.1.5
7fba88070000-7fba88071000 rw-p 00003000 fd:02 67197067 /usr/lib64/libkeyutils.so.1.5
7fba88071000-7fba8807e000 r-xp 00000000 fd:02 67442197 /usr/lib64/libkrb5support.so.0.1
7fba8807e000-7fba8827e000 ---p 0000d000 fd:02 67442197 /usr/lib64/libkrb5support.so.0.1
7fba8827e000-7fba8827f000 r--p 0000d000 fd:02 67442197 /usr/lib64/libkrb5support.so.0.1
7fba8827f000-7fba88280000 rw-p 0000e000 fd:02 67442197 /usr/lib64/libkrb5support.so.0.1
7fba88280000-7fba882af000 r-xp 00000000 fd:02 67442189 /usr/lib64/libk5crypto.so.3.1
7fba882af000-7fba884ae000 ---p 0002f000 fd:02 67442189 /usr/lib64/libk5crypto.so.3.1
7fba884ae000-7fba884b0000 r--p 0002e000 fd:02 67442189 /usr/lib64/libk5crypto.so.3.1
7fba884b0000-7fba884b1000 rw-p 00030000 fd:02 67442189 /usr/lib64/libk5crypto.so.3.1
7fba884b1000-7fba884b2000 rw-p 00000000 00:00 0
7fba884b2000-7fba884b5000 r-xp 00000000 fd:02 67155403 /usr/lib64/libcom_err.so.2.1
7fba884b5000-7fba886b4000 ---p 00003000 fd:02 67155403 /usr/lib64/libcom_err.so.2.1
7fba886b4000-7fba886b5000 r--p 00002000 fd:02 67155403 /usr/lib64/libcom_err.so.2.1
7fba886b5000-7fba886b6000 rw-p 00003000 fd:02 67155403 /usr/lib64/libcom_err.so.2.1
7fba886b6000-7fba8878c000 r-xp 00000000 fd:02 67442195 /usr/lib64/libkrb5.so.3.3
7fba8878c000-7fba8898c000 ---p 000d6000 fd:02 67442195 /usr/lib64/libkrb5.so.3.3
7fba8898c000-7fba8899a000 r--p 000d6000 fd:02 67442195 /usr/lib64/libkrb5.so.3.3
7fba8899a000-7fba8899d000 rw-p 000e4000 fd:02 67442195 /usr/lib64/libkrb5.so.3.3
7fba8899d000-7fba889e8000 r-xp 00000000 fd:02 67442185 /usr/lib64/libgssapi_krb5.so.2.2
7fba889e8000-7fba88be8000 ---p 0004b000 fd:02 67442185 /usr/lib64/libgssapi_krb5.so.2.2
7fba88be8000-7fba88be9000 r--p 0004b000 fd:02 67442185 /usr/lib64/libgssapi_krb5.so.2.2
7fba88be9000-7fba88beb000 rw-p 0004c000 fd:02 67442185 /usr/lib64/libgssapi_krb5.so.2.2
7fba88beb000-7fba88bed000 r-xp 00000000 fd:02 67153228 /usr/lib64/libfreebl3.so
7fba88bed000-7fba88dec000 ---p 00002000 fd:02 67153228 /usr/lib64/libfreebl3.so
7fba88dec000-7fba88ded000 r--p 00001000 fd:02 67153228 /usr/lib64/libfreebl3.so
7fba88ded000-7fba88dee000 rw-p 00002000 fd:02 67153228 /usr/lib64/libfreebl3.so
7fba88dee000-7fba88fa4000 r-xp 00000000 fd:02 67152834 /usr/lib64/libc-2.17.so (http://libc-2.17.so)
7fba88fa4000-7fba891a4000 ---p 001b6000 fd:02 67152834 /usr/lib64/libc-2.17.so (http://libc-2.17.so)
7fba891a4000-7fba891a8000 r--p 001b6000 fd:02 67152834 /usr/lib64/libc-2.17.so (http://libc-2.17.so)
7fba891a8000-7fba891aa000 rw-p 001ba000 fd:02 67152834 /usr/lib64/libc-2.17.so (http://libc-2.17.so)
7fba891aa000-7fba891af000 rw-p 00000000 00:00 0
7fba891af000-7fba891c4000 r-xp 00000000 fd:02 67155320 /usr/lib64/libz.so.1.2.7
7fba891c4000-7fba893c3000 ---p 00015000 fd:02 67155320 /usr/lib64/libz.so.1.2.7
7fba893c3000-7fba893c4000 r--p 00014000 fd:02 67155320 /usr/lib64/libz.so.1.2.7
7fba893c4000-7fba893c5000 rw-p 00015000 fd:02 67155320 /usr/lib64/libz.so.1.2.7
7fba893c5000-7fba89585000 r-xp 00000000 fd:02 67229289 /usr/lib64/libcrypto.so.1.0.1e
7fba89585000-7fba89785000 ---p 001c0000 fd:02 67229289 /usr/lib64/libcrypto.so.1.0.1e
7fba89785000-7fba8979f000 r--p 001c0000 fd:02 67229289 /usr/lib64/libcrypto.so.1.0.1e
7fba8979f000-7fba897ab000 rw-p 001da000 fd:02 67229289 /usr/lib64/libcrypto.so.1.0.1e
7fba897ab000-7fba897af000 rw-p 00000000 00:00 0
7fba897af000-7fba89813000 r-xp 00000000 fd:02 67442182 /usr/lib64/libssl.so.1.0.1e
7fba89813000-7fba89a12000 ---p 00064000 fd:02 67442182 /usr/lib64/libssl.so.1.0.1e
7fba89a12000-7fba89a16000 r--p 00063000 fd:02 67442182 /usr/lib64/libssl.so.1.0.1e
7fba89a16000-7fba89a1d000 rw-p 00067000 fd:02 67442182 /usr/lib64/libssl.so.1.0.1e
7fba89a1d000-7fba89a7d000 r-xp 00000000 fd:02 67155308 /usr/lib64/libpcre.so.1.2.0
7fba89a7d000-7fba89c7c000 ---p 00060000 fd:02 67155308 /usr/lib64/libpcre.so.1.2.0
7fba89c7c000-7fba89c7d000 r--p 0005f000 fd:02 67155308 /usr/lib64/libpcre.so.1.2.0
7fba89c7d000-7fba89c7e000 rw-p 00060000 fd:02 67155308 /usr/lib64/libpcre.so.1.2.0
7fba89c7e000-7fba89c86000 r-xp 00000000 fd:02 67152838 /usr/lib64/libcrypt-2.17.so (http://libcrypt-2.17.so)
7fba89c86000-7fba89e85000 ---p 00008000 fd:02 67152838 /usr/lib64/libcrypt-2.17.so (http://libcrypt-2.17.so)
7fba89e85000-7fba89e86000 r--p 00007000 fd:02 67152838 /usr/lib64/libcrypt-2.17.so (http://libcrypt-2.17.so)
7fba89e86000-7fba89e87000 rw-p 00008000 fd:02 67152838 /usr/lib64/libcrypt-2.17.so (http://libcrypt-2.17.so)
7fba89e87000-7fba89eb5000 rw-p 00000000 00:00 0
7fba89eb5000-7fba89ecc000 r-xp 00000000 fd:02 67152860 /usr/lib64/libpthread-2.17.so (http://libpthread-2.17.so)
7fba89ecc000-7fba8a0cb000 ---p 00017000 fd:02 67152860 /usr/lib64/libpthread-2.17.so (http://libpthread-2.17.so)
7fba8a0cb000-7fba8a0cc000 r--p 00016000 fd:02 67152860 /usr/lib64/libpthread-2.17.so (http://libpthread-2.17.so)
7fba8a0cc000-7fba8a0cd000 rw-p 00017000 fd:02 67152860 /usr/lib64/libpthread-2.17.so (http://libpthread-2.17.so)
7fba8a0cd000-7fba8a0d1000 rw-p 00000000 00:00 0
7fba8a0d1000-7fba8a0d3000 r-xp 00000000 fd:02 67152840 /usr/lib64/libdl-2.17.so (http://libdl-2.17.so)
7fba8a0d3000-7fba8a2d3000 ---p 00002000 fd:02 67152840 /usr/lib64/libdl-2.17.so (http://libdl-2.17.so)
7fba8a2d3000-7fba8a2d4000 r--p 00002000 fd:02 67152840 /usr/lib64/libdl-2.17.so (http://libdl-2.17.so)
7fba8a2d4000-7fba8a2d5000 rw-p 00003000 fd:02 67152840 /usr/lib64/libdl-2.17.so (http://libdl-2.17.so)
7fba8a2d5000-7fba8a2f5000 r-xp 00000000 fd:02 67152795 /usr/lib64/ld-2.17.so (http://ld-2.17.so)
7fba8a475000-7fba8a4aa000 r--s 00000000 fd:03 67386527 /var/db/nscd/group
7fba8a4aa000-7fba8a4df000 r--s 00000000 fd:03 67386526 /var/db/nscd/passwd
7fba8a4df000-7fba8a4e8000 rw-p 00000000 00:00 0
7fba8a4f1000-7fba8a4f2000 rw-s 00000000 00:0a 16760 /[aio] (deleted)
7fba8a4f2000-7fba8a4f3000 rw-s 00000000 00:04 30611 /dev/zero (deleted)
7fba8a4f3000-7fba8a4f4000 rw-p 00000000 00:00 0
7fba8a4f4000-7fba8a4f5000 r--p 0001f000 fd:02 67152795 /usr/lib64/ld-2.17.so (http://ld-2.17.so)
7fba8a4f5000-7fba8a4f6000 rw-p 00020000 fd:02 67152795 /usr/lib64/ld-2.17.so (http://ld-2.17.so)
7fba8a4f6000-7fba8a4f7000 rw-p 00000000 00:00 0
7fba8a4f7000-7fba8a605000 r-xp 00000000 fd:02 68858866 /usr/sbin/nginx
7fba8a805000-7fba8a807000 r--p 0010e000 fd:02 68858866 /usr/sbin/nginx
7fba8a807000-7fba8a826000 rw-p 00110000 fd:02 68858866 /usr/sbin/nginx
7fba8a826000-7fba8a845000 rw-p 00000000 00:00 0
7fba8ba48000-7fba8bb95000 rw-p 00000000 00:00 0 [heap]
7ffec69bb000-7ffec69dc000 rw-p 00000000 00:00 0 [stack]
7ffec69ea000-7ffec69ec000 r-xp 00000000 00:00 0 [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
lfd on : Excessive resource usage: nginx
Time: Tue May 2 05:00:11 2017 -0400
Account: nginx
Resource: Process Time
Exceeded: 12610 > 1800 (seconds)
Executable: /usr/sbin/nginx
Command Line: nginx: cache manager process
PID: 3056 (Parent PID:3039)
Killed: No
Time: Tue May 2 02:31:06 2017 -0400
Account: nginx
Resource: Process Time
Exceeded: 3664 > 1800 (seconds)
Executable: /usr/sbin/nginx
Command Line: nginx: worker process
PID: 3043 (Parent PID:3039)
Killed: No
دیشب روی سرور nginx نصب کردم,از بعد از نصب تا الان شاید بالای 500 تا ایمیل اومده با عنواین زیر
lfd on : Suspicious process running under user nginx
Time: Tue May 2 04:31:09 2017 -0400
PID: 3041 (Parent PID:3039)
Account: nginx
Uptime: 10869 seconds
Executable:
/usr/sbin/nginx
Command Line (often faked in exploits):
nginx: worker process
Network connections by the process (if any):
tcp: 0.0.0.0:80 (http://0.0.0.0:80) -> 0.0.0.0:0 (http://0.0.0.0:0)
tcp: 0.0.0.0:443 (http://0.0.0.0:443) -> 0.0.0.0:0 (http://0.0.0.0:0)
Files open by the process (if any):
/dev/null
/dev/null
/var/log/nginx/error.log
/var/log/nginx/error.log
anon_inode:[eventpoll]
anon_inode:[eventfd]
anon_inode:[eventfd]
/var/log/nginx/access.log
Memory maps by the process (if any):
7fba8052c000-7fba8202c000 rw-p 00000000 00:00 0
7fba8202c000-7fba8522c000 rw-s 00000000 00:04 30608 /dev/zero (deleted)
7fba8522c000-7fba8662c000 rw-s 00000000 00:04 30607 /dev/zero (deleted)
7fba8662c000-7fba87a2c000 rw-s 00000000 00:04 30606 /dev/zero (deleted)
7fba87a2c000-7fba87a50000 r-xp 00000000 fd:02 67155317 /usr/lib64/libselinux.so.1
7fba87a50000-7fba87c4f000 ---p 00024000 fd:02 67155317 /usr/lib64/libselinux.so.1
7fba87c4f000-7fba87c50000 r--p 00023000 fd:02 67155317 /usr/lib64/libselinux.so.1
7fba87c50000-7fba87c51000 rw-p 00024000 fd:02 67155317 /usr/lib64/libselinux.so.1
7fba87c51000-7fba87c53000 rw-p 00000000 00:00 0
7fba87c53000-7fba87c69000 r-xp 00000000 fd:02 67152862 /usr/lib64/libresolv-2.17.so (http://libresolv-2.17.so)
7fba87c69000-7fba87e69000 ---p 00016000 fd:02 67152862 /usr/lib64/libresolv-2.17.so (http://libresolv-2.17.so)
7fba87e69000-7fba87e6a000 r--p 00016000 fd:02 67152862 /usr/lib64/libresolv-2.17.so (http://libresolv-2.17.so)
7fba87e6a000-7fba87e6b000 rw-p 00017000 fd:02 67152862 /usr/lib64/libresolv-2.17.so (http://libresolv-2.17.so)
7fba87e6b000-7fba87e6d000 rw-p 00000000 00:00 0
7fba87e6d000-7fba87e70000 r-xp 00000000 fd:02 67197067 /usr/lib64/libkeyutils.so.1.5
7fba87e70000-7fba8806f000 ---p 00003000 fd:02 67197067 /usr/lib64/libkeyutils.so.1.5
7fba8806f000-7fba88070000 r--p 00002000 fd:02 67197067 /usr/lib64/libkeyutils.so.1.5
7fba88070000-7fba88071000 rw-p 00003000 fd:02 67197067 /usr/lib64/libkeyutils.so.1.5
7fba88071000-7fba8807e000 r-xp 00000000 fd:02 67442197 /usr/lib64/libkrb5support.so.0.1
7fba8807e000-7fba8827e000 ---p 0000d000 fd:02 67442197 /usr/lib64/libkrb5support.so.0.1
7fba8827e000-7fba8827f000 r--p 0000d000 fd:02 67442197 /usr/lib64/libkrb5support.so.0.1
7fba8827f000-7fba88280000 rw-p 0000e000 fd:02 67442197 /usr/lib64/libkrb5support.so.0.1
7fba88280000-7fba882af000 r-xp 00000000 fd:02 67442189 /usr/lib64/libk5crypto.so.3.1
7fba882af000-7fba884ae000 ---p 0002f000 fd:02 67442189 /usr/lib64/libk5crypto.so.3.1
7fba884ae000-7fba884b0000 r--p 0002e000 fd:02 67442189 /usr/lib64/libk5crypto.so.3.1
7fba884b0000-7fba884b1000 rw-p 00030000 fd:02 67442189 /usr/lib64/libk5crypto.so.3.1
7fba884b1000-7fba884b2000 rw-p 00000000 00:00 0
7fba884b2000-7fba884b5000 r-xp 00000000 fd:02 67155403 /usr/lib64/libcom_err.so.2.1
7fba884b5000-7fba886b4000 ---p 00003000 fd:02 67155403 /usr/lib64/libcom_err.so.2.1
7fba886b4000-7fba886b5000 r--p 00002000 fd:02 67155403 /usr/lib64/libcom_err.so.2.1
7fba886b5000-7fba886b6000 rw-p 00003000 fd:02 67155403 /usr/lib64/libcom_err.so.2.1
7fba886b6000-7fba8878c000 r-xp 00000000 fd:02 67442195 /usr/lib64/libkrb5.so.3.3
7fba8878c000-7fba8898c000 ---p 000d6000 fd:02 67442195 /usr/lib64/libkrb5.so.3.3
7fba8898c000-7fba8899a000 r--p 000d6000 fd:02 67442195 /usr/lib64/libkrb5.so.3.3
7fba8899a000-7fba8899d000 rw-p 000e4000 fd:02 67442195 /usr/lib64/libkrb5.so.3.3
7fba8899d000-7fba889e8000 r-xp 00000000 fd:02 67442185 /usr/lib64/libgssapi_krb5.so.2.2
7fba889e8000-7fba88be8000 ---p 0004b000 fd:02 67442185 /usr/lib64/libgssapi_krb5.so.2.2
7fba88be8000-7fba88be9000 r--p 0004b000 fd:02 67442185 /usr/lib64/libgssapi_krb5.so.2.2
7fba88be9000-7fba88beb000 rw-p 0004c000 fd:02 67442185 /usr/lib64/libgssapi_krb5.so.2.2
7fba88beb000-7fba88bed000 r-xp 00000000 fd:02 67153228 /usr/lib64/libfreebl3.so
7fba88bed000-7fba88dec000 ---p 00002000 fd:02 67153228 /usr/lib64/libfreebl3.so
7fba88dec000-7fba88ded000 r--p 00001000 fd:02 67153228 /usr/lib64/libfreebl3.so
7fba88ded000-7fba88dee000 rw-p 00002000 fd:02 67153228 /usr/lib64/libfreebl3.so
7fba88dee000-7fba88fa4000 r-xp 00000000 fd:02 67152834 /usr/lib64/libc-2.17.so (http://libc-2.17.so)
7fba88fa4000-7fba891a4000 ---p 001b6000 fd:02 67152834 /usr/lib64/libc-2.17.so (http://libc-2.17.so)
7fba891a4000-7fba891a8000 r--p 001b6000 fd:02 67152834 /usr/lib64/libc-2.17.so (http://libc-2.17.so)
7fba891a8000-7fba891aa000 rw-p 001ba000 fd:02 67152834 /usr/lib64/libc-2.17.so (http://libc-2.17.so)
7fba891aa000-7fba891af000 rw-p 00000000 00:00 0
7fba891af000-7fba891c4000 r-xp 00000000 fd:02 67155320 /usr/lib64/libz.so.1.2.7
7fba891c4000-7fba893c3000 ---p 00015000 fd:02 67155320 /usr/lib64/libz.so.1.2.7
7fba893c3000-7fba893c4000 r--p 00014000 fd:02 67155320 /usr/lib64/libz.so.1.2.7
7fba893c4000-7fba893c5000 rw-p 00015000 fd:02 67155320 /usr/lib64/libz.so.1.2.7
7fba893c5000-7fba89585000 r-xp 00000000 fd:02 67229289 /usr/lib64/libcrypto.so.1.0.1e
7fba89585000-7fba89785000 ---p 001c0000 fd:02 67229289 /usr/lib64/libcrypto.so.1.0.1e
7fba89785000-7fba8979f000 r--p 001c0000 fd:02 67229289 /usr/lib64/libcrypto.so.1.0.1e
7fba8979f000-7fba897ab000 rw-p 001da000 fd:02 67229289 /usr/lib64/libcrypto.so.1.0.1e
7fba897ab000-7fba897af000 rw-p 00000000 00:00 0
7fba897af000-7fba89813000 r-xp 00000000 fd:02 67442182 /usr/lib64/libssl.so.1.0.1e
7fba89813000-7fba89a12000 ---p 00064000 fd:02 67442182 /usr/lib64/libssl.so.1.0.1e
7fba89a12000-7fba89a16000 r--p 00063000 fd:02 67442182 /usr/lib64/libssl.so.1.0.1e
7fba89a16000-7fba89a1d000 rw-p 00067000 fd:02 67442182 /usr/lib64/libssl.so.1.0.1e
7fba89a1d000-7fba89a7d000 r-xp 00000000 fd:02 67155308 /usr/lib64/libpcre.so.1.2.0
7fba89a7d000-7fba89c7c000 ---p 00060000 fd:02 67155308 /usr/lib64/libpcre.so.1.2.0
7fba89c7c000-7fba89c7d000 r--p 0005f000 fd:02 67155308 /usr/lib64/libpcre.so.1.2.0
7fba89c7d000-7fba89c7e000 rw-p 00060000 fd:02 67155308 /usr/lib64/libpcre.so.1.2.0
7fba89c7e000-7fba89c86000 r-xp 00000000 fd:02 67152838 /usr/lib64/libcrypt-2.17.so (http://libcrypt-2.17.so)
7fba89c86000-7fba89e85000 ---p 00008000 fd:02 67152838 /usr/lib64/libcrypt-2.17.so (http://libcrypt-2.17.so)
7fba89e85000-7fba89e86000 r--p 00007000 fd:02 67152838 /usr/lib64/libcrypt-2.17.so (http://libcrypt-2.17.so)
7fba89e86000-7fba89e87000 rw-p 00008000 fd:02 67152838 /usr/lib64/libcrypt-2.17.so (http://libcrypt-2.17.so)
7fba89e87000-7fba89eb5000 rw-p 00000000 00:00 0
7fba89eb5000-7fba89ecc000 r-xp 00000000 fd:02 67152860 /usr/lib64/libpthread-2.17.so (http://libpthread-2.17.so)
7fba89ecc000-7fba8a0cb000 ---p 00017000 fd:02 67152860 /usr/lib64/libpthread-2.17.so (http://libpthread-2.17.so)
7fba8a0cb000-7fba8a0cc000 r--p 00016000 fd:02 67152860 /usr/lib64/libpthread-2.17.so (http://libpthread-2.17.so)
7fba8a0cc000-7fba8a0cd000 rw-p 00017000 fd:02 67152860 /usr/lib64/libpthread-2.17.so (http://libpthread-2.17.so)
7fba8a0cd000-7fba8a0d1000 rw-p 00000000 00:00 0
7fba8a0d1000-7fba8a0d3000 r-xp 00000000 fd:02 67152840 /usr/lib64/libdl-2.17.so (http://libdl-2.17.so)
7fba8a0d3000-7fba8a2d3000 ---p 00002000 fd:02 67152840 /usr/lib64/libdl-2.17.so (http://libdl-2.17.so)
7fba8a2d3000-7fba8a2d4000 r--p 00002000 fd:02 67152840 /usr/lib64/libdl-2.17.so (http://libdl-2.17.so)
7fba8a2d4000-7fba8a2d5000 rw-p 00003000 fd:02 67152840 /usr/lib64/libdl-2.17.so (http://libdl-2.17.so)
7fba8a2d5000-7fba8a2f5000 r-xp 00000000 fd:02 67152795 /usr/lib64/ld-2.17.so (http://ld-2.17.so)
7fba8a475000-7fba8a4aa000 r--s 00000000 fd:03 67386527 /var/db/nscd/group
7fba8a4aa000-7fba8a4df000 r--s 00000000 fd:03 67386526 /var/db/nscd/passwd
7fba8a4df000-7fba8a4e8000 rw-p 00000000 00:00 0
7fba8a4f1000-7fba8a4f2000 rw-s 00000000 00:0a 16760 /[aio] (deleted)
7fba8a4f2000-7fba8a4f3000 rw-s 00000000 00:04 30611 /dev/zero (deleted)
7fba8a4f3000-7fba8a4f4000 rw-p 00000000 00:00 0
7fba8a4f4000-7fba8a4f5000 r--p 0001f000 fd:02 67152795 /usr/lib64/ld-2.17.so (http://ld-2.17.so)
7fba8a4f5000-7fba8a4f6000 rw-p 00020000 fd:02 67152795 /usr/lib64/ld-2.17.so (http://ld-2.17.so)
7fba8a4f6000-7fba8a4f7000 rw-p 00000000 00:00 0
7fba8a4f7000-7fba8a605000 r-xp 00000000 fd:02 68858866 /usr/sbin/nginx
7fba8a805000-7fba8a807000 r--p 0010e000 fd:02 68858866 /usr/sbin/nginx
7fba8a807000-7fba8a826000 rw-p 00110000 fd:02 68858866 /usr/sbin/nginx
7fba8a826000-7fba8a845000 rw-p 00000000 00:00 0
7fba8ba48000-7fba8bb95000 rw-p 00000000 00:00 0 [heap]
7ffec69bb000-7ffec69dc000 rw-p 00000000 00:00 0 [stack]
7ffec69ea000-7ffec69ec000 r-xp 00000000 00:00 0 [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
lfd on : Excessive resource usage: nginx
Time: Tue May 2 05:00:11 2017 -0400
Account: nginx
Resource: Process Time
Exceeded: 12610 > 1800 (seconds)
Executable: /usr/sbin/nginx
Command Line: nginx: cache manager process
PID: 3056 (Parent PID:3039)
Killed: No
Time: Tue May 2 02:31:06 2017 -0400
Account: nginx
Resource: Process Time
Exceeded: 3664 > 1800 (seconds)
Executable: /usr/sbin/nginx
Command Line: nginx: worker process
PID: 3043 (Parent PID:3039)
Killed: No