pdm/security-tools
Public Access
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
94437506facc52d07c17abd0a74ec8618c6b30bb
security-tools/npm-security-check-cron.log
pdmarf 94437506fa npm config checker
2026-04-18 09:57:36 +01:00

105 lines
6.0 KiB
Plaintext
Raw Blame History

This file contains invisible Unicode characters
This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
==========================================
NPM / Node.js Security Check
==========================================
Hostname : sys-apps
Date : Sat Apr 18 08:00:01 AM UTC 2026
Log file : npm_security_check_sys-apps_20260418_080001.log
==========================================
1. Global npm packages
==========================================
@anthropic-ai/claude-code@2.1.113
✓ No suspicious global packages
==========================================
2. Malicious package names in lock files
==========================================
Scanning 1 lock file(s)...
✓ No known-malicious package names found
==========================================
3. Running Node/Next.js processes
==========================================
root 1915 0.0 0.0 860 508 ? Ss Apr05 0:36 /sbin/tini -- node index.js
root 2398 0.0 0.2 690020 17264 ? Sl Apr05 0:03 node index.js
root 4650 0.0 0.3 1288132 25096 ? Sl Apr05 9:02 node /app/server.js
root 610442 0.0 0.0 2144 1160 ? Ss Apr16 0:00 /usr/bin/dumb-init -- extra/entrypoint.sh node server/server.js
root 610539 0.5 1.8 11512020 154144 ? Ssl Apr16 10:24 node server/server.js
pdm 1369218 0.0 4.1 27772588 336188 ? Ssl Apr05 17:29 node /usr/bin/n8n
pdm 1369306 0.0 1.1 9936264 96216 ? Sl Apr05 11:18 node --disallow-code-generation-from-strings --disable-proto=delete /usr/lib/node_modules/n8n/node_modules/@n8n/task-runner/dist/start.js
pdm 3861265 0.0 0.0 2800 1856 ? Ss 08:00 0:00 /bin/sh -c /home/pdm/security-tools/npm-security-check.sh >> /home/pdm/security-tools/npm-security-check-cron.log 2>&1
pdm 3861266 0.0 0.0 7340 3732 ? S 08:00 0:00 bash /home/pdm/security-tools/npm-security-check.sh
pdm 3864276 0.0 0.0 7340 1912 ? S 08:01 0:00 bash /home/pdm/security-tools/npm-security-check.sh
✓ PID 1915 runs as root but is inside a Docker container (normal)
✓ PID 2398 runs as root but is inside a Docker container (normal)
✓ PID 4650 runs as root but is inside a Docker container (normal)
✓ PID 610442 runs as root but is inside a Docker container (normal)
✓ PID 610539 runs as root but is inside a Docker container (normal)
==========================================
4. Node process network connections
==========================================
✓ No established TCP connections from node processes
==========================================
5. Known C2 / malware indicators
==========================================
✓ No connections to known C2 infrastructure
==========================================
6. Suspicious process names
==========================================
✓ No suspicious process names
==========================================
7. Suspicious files in /tmp and /dev/shm
==========================================
✓ Temp directory scan complete
==========================================
8. npm configuration
==========================================
prefix=~/.npm-global
✓ .npmrc uses official registry
==========================================
9. Docker containers
==========================================
NAMES IMAGE STATUS
igotify ghcr.io/androidseb25/igotify-notification-assist:latest Up 34 hours
gotify gotify/server Up 34 hours (healthy)
uptime-kuma louislam/uptime-kuma:latest Up 34 hours (healthy)
Shlink-Web shlinkio/shlink-web-client:3.10.1 Up 34 hours
Shlink shlinkio/shlink:stable Up 34 hours
Shlink-DB postgres:17 Up 34 hours
heimdall lscr.io/linuxserver/heimdall:latest Up 34 hours
mermaid ghcr.io/mermaid-js/mermaid-live-editor Up 6 days
netbox-netbox-worker-1 netboxcommunity/netbox:v4.4-3.4.1 Up 13 days (healthy)
netbox-netbox-1 netboxcommunity/netbox:v4.4-3.4.1 Up 13 days (healthy)
netbox-postgres-1 postgres:17-alpine Up 13 days (healthy)
netbox-redis-1 valkey/valkey:8.1-alpine Up 13 days (healthy)
netbox-redis-cache-1 valkey/valkey:8.1-alpine Up 13 days (healthy)
task_server-tasks-1 task_server-tasks Up 13 days
task_server-database-1 postgres:16 Up 13 days
flash_server-flashcards-1 flash_server-flashcards Up 13 days
flash_server-database-1 postgres:16 Up 13 days
mosquitto eclipse-mosquitto:latest Up 13 days
nebula-sync ghcr.io/lovelaze/nebula-sync:latest Up 13 days (healthy)
zigbee2mqtt ghcr.io/koenkk/zigbee2mqtt Up 13 days
portainer portainer/portainer-ce:latest Up 13 days
homarr ghcr.io/ajnart/homarr:latest Up 13 days (healthy)
✓ All containers use named images
==========================================
10. Bash history — suspicious patterns
==========================================
✓ No obviously suspicious history entries
==========================================
SUMMARY
==========================================
Scan completed at: Sat Apr 18 08:01:50 AM UTC 2026
Results saved to : npm_security_check_sys-apps_20260418_080001.log
✓ All checks passed — no indicators of compromise
Reference in New Issue View Git Blame Copy Permalink