How can I find hidden processes on my Linux server? Print

In this tutorial you will learn how to check the HIDDEN PROCESSES ON A LINUX SERVER using LINUX COMMANDS

The tutorial will assume you have already accessed your shell and logged into the relevant user using an SSH tool (ex:Putty)

• The following command can be used to list all running processes, whether they show up in ‘top’ or 
  not.
  
  

mypid=`sysctl kernel.pid_max | cut -d " " -f3`; for rkit in `seq 1 $mypid`; do \
test -f /proc/$rkit/cmdline && (echo -n "[$rkit] "; strings /proc/$rkit/cmdline; echo); done 

• Using this from a ssh will print out quite a bit of information, so it is suggested that you pipe it to a file. 
• Use the command ' cat processes.txt ' to view the printed out file containing the information of all the processes.

mypid=`sysctl kernel.pid_max | cut -d " " -f3`; for rkit in `seq 1 $mypid`; do \
test -f /proc/$rkit/cmdline && (echo -n "[$rkit] "; strings /proc/$rkit/cmdline; echo) >> /root/processes.txt; done

This command show you  anything hidden by a root kit, or other users for that matter

Please note that all of the above command goes on one line

The \ character is there to split the line on your screen only, and should be removed if you paste this into an ssh session

VISUAL GUIDE

LIST ALL HIDDEN PROCESSES:

PRINT OUT THE INFORMATION INTO A FILE:

VIEWING THE PRINTED FILE USING THE CAT COMMAND: