How can I find hidden processes on my Linux server?

In this tutorial you will learn how to check the HIDDEN PROCESSES ON A LINUX SERVER using LINUX COMMANDS

 

The tutorial will assume you have already accessed your shell and logged into the relevant user using an SSH tool (ex:Putty)

 

  • The following command can be used to list all running processes, whether they show up in ‘top’ or 
    not.

mypid=`sysctl kernel.pid_max | cut -d " " -f3`; for rkit in `seq 1 $mypid`; do \
test -f /proc/$rkit/cmdline && (echo -n "[$rkit] "; strings /proc/$rkit/cmdline; echo); done 

 

  • Using this from a ssh will print out quite a bit of information, so it is suggested that you pipe it to a file. 
  • Use the command ' cat processes.txt ' to view the printed out file containing the information of all the processes.

 

mypid=`sysctl kernel.pid_max | cut -d " " -f3`; for rkit in `seq 1 $mypid`; do \
test -f /proc/$rkit/cmdline && (echo -n "[$rkit] "; strings /proc/$rkit/cmdline; echo) >> /root/processes.txt; done
 



This command show you  anything hidden by a root kit, or other users for that matter

Please note that all of the above command goes on one line

The \ character is there to split the line on your screen only, and should be removed if you paste this into an ssh session

VISUAL GUIDE

 

LIST ALL HIDDEN PROCESSES:

PRINT OUT THE INFORMATION INTO A FILE:

VIEWING THE PRINTED FILE USING THE CAT COMMAND:

  • 72 Users Found This Useful
Was this answer helpful?

Related Articles

How do I remove all the messages from the Exim queue?

In this tutorial you will learn how to REMOVE ALL THE MESSAGES FROM EXIM QUEUE using LINUX...

Linux Disk Commands

In this tutorial you will learn how to check the DISK USAGE of DIRECTORIES using LINUX COMMANDS...

How can I check how much of my hard disk is being used on my Linux server?

In this tutorial you will learn how to check the HARD DISK USAGE OF YOUR LINUX SERVER using LINUX...