On one of my servers, I am noticing two suspicious process in my top list.  They are sucking cpu
 
============================
 3955 nobody    25   0   876  552   384 R    23.0  0.0 370:20   0 perl dor.pl 202.152.162.197
 4342 nobody    25   0   880  688   384 R    21.0  0.0 380:41   0 perl dor.pl 200.202.206.247
============================
 
I kill them but they come back.  Any idea what they could be?

Yes, I updated the slocate database and found psybnc, eggdrop, and other parasite bot servers running in 777ed folders. They\'re dead now. For good practice guys, run the following from time to time...


[indent]locate irc

locate eggdrop
locate bnc
locate BNC
locate ptlink
locate *****X
locate guardservices
locate psyBNC
locate .rhosts

[/indent]