how to tell what ran what
Glenn McCalley
techlist at bnetmd.net
Wed Feb 15 13:09:03 PST 2006
> >
> >
> >> Glenn McCalley schrieb:
> >>
> >> > Is there a way to find out -which- -process- calls another process?
> >>
> >> Each process is associated with a parent; look at the ppid column:
> >>
> >> ps axo user,pid,ppid,command
> >>
> >> Björn
> >>
> >>
> > Thanks, I stated the question poorly. My fault.
> > Is historical info available and is it available by file name?
> >
> > I trying to find out (for example) what (unknown) program ran another
> > (known) program between 0900 and 1000 yesterday - something like that.
> >
> > I've got a customer sending our emails that he shouldn't - I don't know
> > which customer it is. The program that sends the mail is running as a
cgi
> > so it all shows up as user "nobody".
> >
> > If I can get a list of what programs, path and file name, called
sendmail
> > over (say) the last 24 hours, one of them should jump off the page with
an
> > unreasonable level of activitiy.
> >
>
> The web server logs don't tell you anything in the URL data? A CGI script
> usually has some parameters which might provide some assistance.
>
> brian
>
>
> --
> Brian Sobolak
> http://www.planetshwoop.com/
>
>
Thanks Brian, that's already tonights project to run through those logs and
see if anything jumps out there. What I think he might be doing is either
POSTing the parameters (which won't show up) or he's loaded a file of email
addresses and just triggers the mailer with a simple cgi request. Either
way he's got to be calling sendmail or mail to get it out the door I
believe.
Thanks!
Glenn.
More information about the freebsd-questions
mailing list