Check whether there is a mining Trojan horse on the website
and find the whole system of Yudian terminal in the proct
and then choose to apply for the use of Tencent Yudian, and then use the virus killing function to kill the virus
a new customer recently consulted with sine security company, saying that his server often fails to open the website of the card, and the remote connection to the server is extremely slow. Sometimes the Ping value reaches 300-500, and he often switches. After listening to the customer's words,
will generally judge that he has been attacked by CC + DDoS mixed traffic, It's strange to say that there is no traffic attack on the computer room. It's not a traffic attack, but it also causes the server card and website to fail to open. What kind of attack is this? In order to solve the problem of
client server card, we immediately arranged a security engineer to carry out security detection and deployment on his Linux server
{rrrrrrr}
mining Trojan horse is also designed. If the mining process is forced to stop by customers, it will automatically start to continue mining to achieve uninterrupted mining.
careful inspection shows that it is through setting the hourly task plan, remotely downloading shell mining Trojan horse, and then executing, Check whether the current process exists or not. If not, start the Trojan horse to mine
a detailed security inspection was carried out on the client's Linux server. It was found that fortunately, there was no encrypted server data, and the worm was infected with the disease through the security detection and analysis of our security engineers, we found that the server uses Apache Tomcat environment, the open architecture of the platform is JSP + Oracle database, and Apache Tomcat uses the version of 2016, which leads to the serious remote command execution vulnerability of Apache, Through this vulnerability, the intruder can directly invade the server and get the administrator permission of the server,
virus. If the data was encrypted, the loss would be great. The client was a platform, and the client's data was very important. After finding out the mining Trojan horse,
do customers need to know how the server is attacked? Was the Trojan horse uploaded? It can prevent the attack
in the later stage
sine security engineer immediately repairs the Apache vulnerability and clears the Trojan horse. So far, the problem has been solved, the client server
runs stably, and the network station opens normally
1. The computer runs abnormally slowly
2. The computer crashes abnormally / gets stuck
3. Nothing is turned on, but the CPU occupancy rate is very high
4. The network is slow and a large number of network requests appear
observation on December 30, 19
core I3
4160
Intel
core I3
4160 processor parameters:
1.
applicable type: desktop<
2.
CPU series: core I3<
3.
CPU main frequency: 3.6ghz<
4.
slot type: LGA
1150<
5.
number of pins: 1150pin<
6.
number of cores: double cores<
7.
number of threads: four threads.
Celeron g18xx, Pentium g3xxx, i3-4xxx, i5-4xxx and i7-4xxx processors supporting LGA 1150 interface
Intel Core i34160:
the main reason is that H81 is the motherboard with lga1150 interface, and any processor with lga1150 interface can be used. However, H81 is a low-end motherboard, so it is not necessary to configure a good processor. It is recommended to use Intel Core i34160
among them, Intel Core i34160 processor parameters:
applicable type: desktop
CPU series: core I3
CPU main frequency: 3.6ghz
slot type: lga1150
number of pins: 1150pin
number of cores: double cores
number of threads: four threads
H81 motherboard:
the new generation H81 motherboard of Intel platform adopts the new LG a1150 processor interface, and H81 can be said to be the most entry-level proct of the platform. The H81 motherboard does not follow the old path of H61 failure. The H81 motherboard also has mainstream interfaces such as USB3.0 and sata3.0. The H81 motherboard is similar to the H61 motherboard of 6 series, mainly in the expansion interface has shrunk, but H81 is commendable for its usb3. O and sata3. 0 mainstream interface. In terms of functions, H81 does not provide disk array, intelligent response, quick start and other functional support, and the support for AHCI is only limited to hardware. Intel's RST driver cannot be installed. However, the current win7 and win8 systems all have their own AHCI driver, and the performance is also good, so it should not be a big problem