From owner-freebsd-security@FreeBSD.ORG  Sun Jan 15 21:33:09 2006
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
X-Original-To: freebsd-security@freebsd.org
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id E125D16A420
	for <freebsd-security@freebsd.org>;
	Sun, 15 Jan 2006 21:33:09 +0000 (GMT)
	(envelope-from dev@unixdaemon.org)
Received: from ladle.dreamhost.com (ladle.dreamhost.com [205.196.219.4])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 0322143D76
	for <freebsd-security@freebsd.org>;
	Sun, 15 Jan 2006 21:33:04 +0000 (GMT)
	(envelope-from dev@unixdaemon.org)
Received: from [192.168.1.100] (cpe-24-24-83-9.stny.res.rr.com [24.24.83.9])
	by ladle.dreamhost.com (Postfix) with ESMTP id 91391129A83;
	Sun, 15 Jan 2006 13:33:02 -0800 (PST)
From: Dev Tugnait <dev@unixdaemon.org>
To: Gregory Nou <gregorynou@altern.org>
In-Reply-To: <43CABE2A.7000700@altern.org>
References: <1137359877.2822.53.camel@dracula.transylvania.net>
	<43CABE2A.7000700@altern.org>
Content-Type: text/plain
Date: Sun, 15 Jan 2006 16:32:58 -0500
Message-Id: <1137360778.2822.56.camel@dracula.transylvania.net>
Mime-Version: 1.0
X-Mailer: Evolution 2.4.2.1 FreeBSD GNOME Team Port 
Content-Transfer-Encoding: 7bit
Cc: freebsd-security@freebsd.org
Subject: Re: Rogue Processes
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: dev@unixdaemon.org
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 15 Jan 2006 21:33:10 -0000

On Sun, 2006-01-15 at 22:27 +0100, Gregory Nou wrote:
> Dev Tugnait wrote:
> > I seem to notice these two processes running with top. 
> > 
> > Netstat hasn't been issued by me and cant be killed with the START
> > state. Can someone enlighten me on these processes.
> > 
> > FreeBSD dracula.transylvania.net 6.0-RELEASE FreeBSD 6.0-RELEASE #4: Sun
> > Dec  4 00:22:01 EST 2005
> > root@dracula.transylvania.net:/usr/src/sys/i386/compile/BLEACH  i386
> > 
> > The box doesnt run ssh or telnet just postfix relaying to my external
> > webhost. 
> > 
> > 
> > 89290 dark          1  96    0     0K     0K START    0:06  0.00%
> > awt_robot
> > 
> > 10208 dark          1  -8    0     0K     0K START    0:00  3.00%
> > netstat
> > 
> > Thanks
> > 
> 
> I would be tempted to say that awt_robot is the java thing.
> http://java.sun.com/j2se/1.3/docs/api/java/awt/Robot.html
> It's is a class to allow you to program a demo.
> Do you have java installed on this machine ?

Yes killing java fixed that thanks. I still dont know why netstat is
eating my CPU

-- 
Dev Tugnait <dev@unixdaemon.org>