Cpu 100%

Hi guys,

I’m new here as I’m new in FreePBX.

I’ve been using this IPBX software for one year and now I have the following problem:

top - 16:13:07 up 5:11, 1 user, load average: 3.13, 3.61, 3.17
Tasks: 127 total, 1 running, 126 sleeping, 0 stopped, 0 zombie
Cpu(s): 99.2%us, 0.7%sy, 0.0%ni, 0.0%id, 0.0%wa, 0.0%hi, 0.2%si, 0.0%st
Mem: 1929504k total, 546468k used, 1383036k free, 8236k buffers
Swap: 785400k total, 189280k used, 596120k free, 74488k cached

29712 nagios 20 0 47480 42m 400 S 196.1 2.2 20:27.23 .HOLDMYWEEVE
14582 asterisk 20 0 89680 15m 4788 S 1.7 0.8 3:00.04 asterisk
31 root 20 0 0 0 0 D 0.3 0.0 0:51.53 khubd
1 root 20 0 2900 536 428 S 0.0 0.0 0:00.81 init
2 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kthreadd

An user called “nagios” is using 196.1% of my CPU. The command is .HOLDMYWEEVE and I don’t know how to fix this!

When I reboot the server, the problem gone, but it comes back after a time.

Could you help me?


Take a look at this.


Thank you Alan!

I did the steps.

I had the same issue happen to me today on my Linode. I had setup the latest distro of freepbx using centos 6 64bit image. Thought I had committed and saved the iptables, upon restarting, iptables were not saved, a week or two later box gets hacked, as ports were wide open. The nagios user was using up my entire CPU running a program called w00t or wOOt. I would stop the PID but it came back, I eventually killed off the nagios user then after discovering my ports were wide open, decided it was best to kill off the box and start from scratch.

Thanks for posting this, I’m sure others will be affected.

There is lot of this about. That nagios user is wide open. Unless you are actually using nrpe for monitoring stop it as per the security notice.