pdm/security-tools
Public Access
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
94437506facc52d07c17abd0a74ec8618c6b30bb
security-tools/npm_security_check_sys-apps_20260417_215948.log
pdmarf 94437506fa npm config checker
2026-04-18 09:57:36 +01:00

104 lines
5.8 KiB
Plaintext
Raw Blame History

This file contains invisible Unicode characters
This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
==========================================
NPM / Node.js Security Check
==========================================
Hostname : sys-apps
Date : Fri Apr 17 09:59:48 PM UTC 2026
Log file : npm_security_check_sys-apps_20260417_215948.log
==========================================
1. Global npm packages
==========================================
@anthropic-ai/claude-code@2.1.113
✓ No suspicious global packages
==========================================
2. Malicious package names in lock files
==========================================
Scanning 1 lock file(s)...
✓ No known-malicious package names found
==========================================
3. Running Node/Next.js processes
==========================================
root 1915 0.0 0.0 860 508 ? Ss Apr05 0:35 /sbin/tini -- node index.js
root 2398 0.0 0.2 690020 17320 ? Sl Apr05 0:03 node index.js
root 4650 0.0 0.3 1293252 28376 ? Sl Apr05 8:53 node /app/server.js
root 610442 0.0 0.0 2144 1160 ? Ss Apr16 0:00 /usr/bin/dumb-init -- extra/entrypoint.sh node server/server.js
root 610539 0.5 1.8 11513044 153472 ? Ssl Apr16 7:45 node server/server.js
pdm 1369218 0.0 4.1 27768236 341164 ? Ssl Apr05 17:09 node /usr/bin/n8n
pdm 1369306 0.0 1.2 9936264 98028 ? Sl Apr05 11:04 node --disallow-code-generation-from-strings --disable-proto=delete /usr/lib/node_modules/n8n/node_modules/@n8n/task-runner/dist/start.js
pdm 2886551 0.0 0.0 7340 3760 pts/1 S+ 21:59 0:00 bash /home/pdm/security-tools/npm-security-check.sh
pdm 2886715 0.0 0.0 7340 1808 pts/1 S+ 21:59 0:00 bash /home/pdm/security-tools/npm-security-check.sh
✓ PID 1915 runs as root but is inside a Docker container (normal)
✓ PID 2398 runs as root but is inside a Docker container (normal)
✓ PID 4650 runs as root but is inside a Docker container (normal)
✓ PID 610442 runs as root but is inside a Docker container (normal)
✓ PID 610539 runs as root but is inside a Docker container (normal)
==========================================
4. Node process network connections
==========================================
✓ No established TCP connections from node processes
==========================================
5. Known C2 / malware indicators
==========================================
✓ No connections to known C2 infrastructure
==========================================
6. Suspicious process names
==========================================
✓ No suspicious process names
==========================================
7. Suspicious files in /tmp and /dev/shm
==========================================
✓ Temp directory scan complete
==========================================
8. npm configuration
==========================================
prefix=~/.npm-global
✓ .npmrc uses official registry
==========================================
9. Docker containers
==========================================
NAMES IMAGE STATUS
igotify ghcr.io/androidseb25/igotify-notification-assist:latest Up 24 hours
gotify gotify/server Up 24 hours (healthy)
uptime-kuma louislam/uptime-kuma:latest Up 24 hours (healthy)
Shlink-Web shlinkio/shlink-web-client:3.10.1 Up 24 hours
Shlink shlinkio/shlink:stable Up 24 hours
Shlink-DB postgres:17 Up 24 hours
heimdall lscr.io/linuxserver/heimdall:latest Up 24 hours
mermaid ghcr.io/mermaid-js/mermaid-live-editor Up 6 days
netbox-netbox-worker-1 netboxcommunity/netbox:v4.4-3.4.1 Up 12 days (healthy)
netbox-netbox-1 netboxcommunity/netbox:v4.4-3.4.1 Up 12 days (healthy)
netbox-postgres-1 postgres:17-alpine Up 12 days (healthy)
netbox-redis-1 valkey/valkey:8.1-alpine Up 12 days (healthy)
netbox-redis-cache-1 valkey/valkey:8.1-alpine Up 12 days (healthy)
task_server-tasks-1 task_server-tasks Up 12 days
task_server-database-1 postgres:16 Up 12 days
flash_server-flashcards-1 flash_server-flashcards Up 12 days
flash_server-database-1 postgres:16 Up 12 days
mosquitto eclipse-mosquitto:latest Up 12 days
nebula-sync ghcr.io/lovelaze/nebula-sync:latest Up 12 days (healthy)
zigbee2mqtt ghcr.io/koenkk/zigbee2mqtt Up 12 days
portainer portainer/portainer-ce:latest Up 12 days
homarr ghcr.io/ajnart/homarr:latest Up 12 days (healthy)
✓ All containers use named images
==========================================
10. Bash history — suspicious patterns
==========================================
✓ No obviously suspicious history entries
==========================================
SUMMARY
==========================================
Scan completed at: Fri Apr 17 09:59:50 PM UTC 2026
Results saved to : npm_security_check_sys-apps_20260417_215948.log
✓ All checks passed — no indicators of compromise
Reference in New Issue View Git Blame Copy Permalink