An average day, evening reception when a virtual machine to get Ali cloud cloud shield of the message sent, mining program
I had never come across such a thing, all of a sudden a little ignorant, but also on CentOS operating instructions are not familiar with, record the process, for reference
Enter the topcommand to view CPU occupancy, a CPU utilization of the process called kdevtmpfsi 99%! Than my tomcat server nginx and occupied by the CPU is higher ...
Sao meal decisive operation, by topobtaining an instruction to the pid, direct kill -9 pid(-9 representatives completely remove the program).
Think you're done, you can busy other things, the results soon receive a notification cloud shield, is still mining program, exactly the same program id
It is estimated that there daemon by command systemctl status pidview to have a kinsing process, as well as one of my own installation docker-redis, it is estimated that 6379 port docker-redis was attacked
Check the specified name pid -> ps -aux | grep name
Use docker stop rediscommand to stop redis, killing kdevtmpfsi again, success
If this is not the case I can refer to the following documents
Reference document: https: //blog.csdn.net/Owen_goodman/article/details/103731981
