1、问题重述
我的CloudCone机子由于不明原因被关机,直至手动重启
2、排除问题
首先查看服务器的流量,毕竟我的博客在这上面 也许是DDOS。结果一无所获,流量正常、磁盘IO正常、就是某个时间段cpu负载极高
360截图20201202090027911.jpg
3、判断不是挖矿。但是不放心,下载了linux 的开源杀毒软件clamav
链接如下:
https://www.cnblogs.com/hftian/p/11711701.html
4、要查明关机原因,去 /var/log 目录下 看看 messages文件里的log吧。

cat /var/log/messages

寻找与cpu高负载时刻对应的日志还有关机时刻的日志

Dec  2 06:20:51 v2ray pure-ftpd: ([email protected]) [INFO] New connection from 213.108.133.150
Dec  2 06:20:56 v2ray pure-ftpd: ([email protected]) [WARNING] Authentication failed for user [root]
Dec  2 06:20:56 v2ray pure-ftpd: ([email protected]) [INFO] Logout.
Dec  2 06:21:05 v2ray systemd: Created slice User Slice of ccagent.
Dec  2 06:21:05 v2ray systemd: Started Session 399 of user ccagent.
Dec  2 06:21:11 v2ray systemd: Removed slice User Slice of ccagent.
Dec  2 06:22:07 v2ray systemd: Created slice User Slice of ccagent.
Dec  2 06:22:07 v2ray systemd: Started Session 400 of user ccagent.
Dec  2 06:22:21 v2ray systemd: Removed slice User Slice of ccagent.
Dec  2 06:23:09 v2ray systemd: Created slice User Slice of ccagent.
Dec  2 06:23:09 v2ray systemd: Started Session 401 of user ccagent.
Dec  2 06:23:31 v2ray systemd: Removed slice User Slice of ccagent.
Dec  2 06:24:13 v2ray systemd: Created slice User Slice of ccagent.
Dec  2 06:24:15 v2ray systemd: Started Session 402 of user ccagent.
Dec  2 06:24:38 v2ray kernel: mysqld invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0
Dec  2 06:24:39 v2ray kernel: mysqld cpuset=/ mems_allowed=0
Dec  2 08:07:49 v2ray kernel: Linux version 4.19.8-1.el7.elrepo.x86_64 (mockbuild@Build64R7) (gcc version 4.8.5 20150623 (Red Hat 4.8.5-36) (GCC)) #1 SMP Sat Dec 8 10:07:47 EST 2018

大致判定是Mysql被kill 掉了 同时还发现一个有人试图登录我的FTP

最后修改:2024 年 02 月 14 日
© 允许规范转载
如果觉得我的文章对你有用,请随意赞赏