Is there an ntop virus for Linux?
Ryan Rix
phrkonaleash at gmail.com
Wed Jul 29 09:40:52 MST 2009
Mark Phillips wrote:
> Whenever I start my Debian Lenny testing laptop a process called ntop starts
> and quickly consumes 99% of my cpu. If I kill the process, nothing happens.
> If I run ntop from the command line, it does what the man page says it does,
> and hardly consumes any resources at all. There is an ntop in /etc/init.d/,
> and when I run /etc/init.s/ntop it consumes very few resources - the script
> calls /usr/sbin/ntop. There are no entries in the /var/log/ntop/access.log
> file.
>
> My questions are:
>
> Do I have a virus masquerading as ntop, and if so how do I remove it? I
> googled "linux ntop virus" and did not come up with anything useful.
>
> Can I just remove ntop from /etc/init.d/ ?
>
> How do I find out if another startup program needs ntop?
>
> Is ntop necessary at startup?
>
Are you monitoring your network usage?
if not, probably safe to remove the /etc/rc.d/ hooks for it for the
runlevel you are booting into.
/etc/rc.d/rc5/XX-ntop <-- look for something like that if you are
booting into runlevel 5 (full desktop)
all in all, removing init.d scripts is a bad idea.
If the init scripts in debian use LSB, the headers will tell you which
(if any) require ntop.
Does ps -aux list any options for ntop when it's run from init?
Ryan
More information about the PLUG-discuss
mailing list