View All Products
Compute
Storage
Databases
Networking
Developer Tools
Delivery
Security
Services
Industries
Pricing
Community
Engage With Us
Community Questions Regularly Freezing
Log in to Ask a Question

Regularly Freezing

development

One of my linodes started an interesting new trend about a week ago: freezing up and running the CPU hard. During these times, the linode is unresponsive via http and ssh. My temporary fix each time is to reboot the linode from my manager.linode dashboard. This is how it typically looks from the dashboard:

~~![](<URL url=)https://i.imgur.com/MUhzWqH.png" />

Is there a system log I can check that would help determine the cause? I'm running Debian GNU/Linux 6.0~~

1 Reply

This can be a sign that you are compromised. To determine if this is the case, you may want to audit the following log files and writable directories:

  • "/var/log/auth.log": You may have fallen victim to a SSH brute force attack.

  • "last": You can cross reference recent account logins with the brute force attempts in "/var/log/auth.log".

  • /tmp: This directory is often used by attackers to store their files in.

  • Web server logs: You may have installed a vulnerable script or web application.

  • "ps aux": Check for foreign processes.

If you do find that your system has been compromised, I'd strongly suggest completely redeploying your Linode as it is often very difficult to determine the full scope of an attack. If downtime is a concern to you, the following guide will assist you with safely recovering your data and redeploying your Linode with minimal downtime:

  • https://www.linode.com/docs/security/re … ompromise/">https://www.linode.com/docs/security/recovering-from-a-system-compromise/

If you do not want to spin up a new Linode as advised in the above guide, you can simply deploy a new distribution and mount your old disk images within it to copy your data over. You will first need to free up some space to deploy the new distribution. You can do this by resizing your existing disk image:

  • https://www.linode.com/docs/migrate-to- … t-account/">https://www.linode.com/docs/migrate-to-linode/disk-images/copying-a-disk-image-to-a-different-account/

You can then deploy your new distribution and attach your old disk images to it:

  • Select the "Deploy a Linux Distribution" link on your dashboard.

  • Choose your desired distribution, fill in the the required values, and then click on "Deploy".

  • Return to the dashboard and select your new configuration profile.

  • Attach your old disk image to the drive setup of your new deployment.

  • Boot into your new deployment and mount your old disk image.

  • Copy your data.

Once you have redeployed your Linode, I'd also recommend implementing some of the security measures advised in our "Security Basics" guide to minimize the risks of a security breach in the future:

  • https://www.linode.com/docs/security/li … ty-basics/">https://www.linode.com/docs/security/linux-security-basics/

I hope that you have found this information helpful. Please keep us updated on your progress and findings.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct