Closed zj1244 closed 6 years ago
使用命令daemon -uninstall后,查看进程,还是会有daemon和agent,只有syshook_execve是卸载了 [root@localhost ~]# ps -ef | grep 192.168 root 7610 1 0 07:45 ? 00:00:00 /usr/yulong-hids/daemon -netloc 192.168.47.104 root 7616 7610 2 07:45 ? 00:04:45 /usr/yulong-hids/agent 192.168.47.104 root 8619 8578 0 11:35 pts/0 00:00:00 grep --color=auto 192.168 [root@localhost ~]# /usr/yulong-hids/daemon -uninstall 2018/11/01 11:35:20 Uninstall completed [root@localhost ~]# ps -ef | grep 192.168 root 7610 1 0 07:45 ? 00:00:00 /usr/yulong-hids/daemon -netloc 192.168.47.104 root 7616 7610 2 07:45 ? 00:04:45 /usr/yulong-hids/agent 192.168.47.104 root 8643 8578 0 11:35 pts/0 00:00:00 grep --color=auto 192.168 [root@localhost ~]# [root@localhost ~]# [root@localhost ~]# lsmod| grep syshook_execve [root@localhost ~]#
我弄错了,这个命令不会杀了进程,只是会删除服务和syshook
zj1244
commented
6 years ago zj1244
commented
6 years ago
使用命令daemon -uninstall后,查看进程,还是会有daemon和agent,只有syshook_execve是卸载了 [root@localhost ~]# ps -ef | grep 192.168 root 7610 1 0 07:45 ? 00:00:00 /usr/yulong-hids/daemon -netloc 192.168.47.104 root 7616 7610 2 07:45 ? 00:04:45 /usr/yulong-hids/agent 192.168.47.104 root 8619 8578 0 11:35 pts/0 00:00:00 grep --color=auto 192.168 [root@localhost ~]# /usr/yulong-hids/daemon -uninstall 2018/11/01 11:35:20 Uninstall completed [root@localhost ~]# ps -ef | grep 192.168 root 7610 1 0 07:45 ? 00:00:00 /usr/yulong-hids/daemon -netloc 192.168.47.104 root 7616 7610 2 07:45 ? 00:04:45 /usr/yulong-hids/agent 192.168.47.104 root 8643 8578 0 11:35 pts/0 00:00:00 grep --color=auto 192.168 [root@localhost ~]# [root@localhost ~]# [root@localhost ~]# lsmod| grep syshook_execve [root@localhost ~]#