# 1.3 serverlog.md

## 被挖矿攻击

服务器被黑，进程占用率高达99%，查看了一下，是/usr/sbin/bashd的原因，怎么删也删不掉，使用ps查看：\
![](http://image.wenzhihuai.com/images/553ac1ca20170923033013.png)\
stratum+tcp\://get.bi-chi.com:3333 -u 47EAoaBc5TWDZKVaAYvQ7Y4ZfoJMFathAR882gabJ43wHEfxEp81vfJ3J3j6FQGJxJNQTAwvmJYS2Ei8dbkKcwfPFst8FhG

使用top查看：\
![](http://image.wenzhihuai.com/images/20170923033252.png)

![](http://image.wenzhihuai.com/images/20170923034427.png)

![](http://image.wenzhihuai.com/images/20170923040503.png)

启动iptables,参考<http://www.setphp.com/981.html> <http://www.setphp.com/981.html>

```bash
iptables -A INPUT -s xmr.crypto-pool.fr -j DROP
iptables -A OUTPUT -d xmr.crypto-pool.fr -j DROP
```

## 2017-10-02 再次遭到挖矿攻击

## 2017-11-20

19号添加mongodb之后，20号重启了服务器，但是忘记启动mongodb，导致后台一直在重连mongodb，也就导致了服务访问超级超级慢，记住要启动所需要的组件。

## 2017-12-03

![](http://image.wenzhihuai.com/images/20171203010136.png)

## 2017-12-05 wipefs

![](http://image.wenzhihuai.com/images/20171205091617.png)


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://gitbook.wenzhihuai.com/yi-java/serverlog.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.