How To : Review Suspicious Mining Process

March 27, 2018 Security, Server and Hardware

This is part of command that been used to block fake mining process.

lsof | grep pid

IPtables blocking

iptables -A OUTPUT -p tcp --dport port_no -j DROP

Other steps to prevent

update kernel

review passwd n shadow

review cronjob for each user

review rc.local

Recent Posts