WEBVTT 00:01.630 --> 00:08.140 At any given time, a ring system typically has hundreds or sometimes even thousands of processes running 00:08.140 --> 00:08.950 simultaneously. 00:09.730 --> 00:16.120 It processes a simple a program that runs running and using resources. 00:16.390 --> 00:19.830 It includes a terminal web server and running commands. 00:20.080 --> 00:24.310 Any databases in the graphical user interface and much more. 00:24.940 --> 00:31.420 Any good Linux administrator, particularly a hacker, needs to understand how to manage the processor 00:31.750 --> 00:33.640 to optimize their systems. 00:34.090 --> 00:40.180 For example, once a hacker takes control of a target system, they might want to find and stop a certain 00:40.180 --> 00:45.120 processes, like an entourage application or firewall to do so. 00:45.310 --> 00:49.090 The hacker world first need to know how to find the processes. 00:50.320 --> 00:56.740 So the hacker might also want to set the scanning script to run periodically to find vulnerable systems. 00:57.040 --> 01:02.020 So we will also look at how to schedule such a script. 01:02.440 --> 01:06.140 So in this lecture, we will learn the many dos processes. 01:06.610 --> 01:13.870 So first, you will learn to weave and find processes and how to discover which processes are using 01:13.870 --> 01:15.160 the most resources. 01:15.460 --> 01:21.370 Then you will learn to manage persistence by running them in the background, prioritizing them and 01:21.370 --> 01:24.130 killing them if necessary, not loading well. 01:24.550 --> 01:32.470 So finally, you will learn to schedule the processes to run on specified dates and dates at any specific 01:32.470 --> 01:35.350 times, leaving processor processes. 01:36.070 --> 01:39.790 In most cases, the first step in managing processes is to leave. 01:39.790 --> 01:42.160 Word processors are running on your system. 01:42.640 --> 01:49.930 The primary primary tool for leaving processes and one of the Linux administrators best friend, is 01:49.930 --> 01:52.270 P as command here. 01:54.100 --> 02:03.940 So run it in your common line like me and to see what processes are active, the Linux kernel, the 02:03.940 --> 02:11.410 inner core of the operating system that controls nearly everything, assigns a unique process idea to 02:11.410 --> 02:15.080 each process sequentially as the processes are created. 02:15.100 --> 02:20.370 When working with these processes in Linux, you often need to specify their process. 02:20.430 --> 02:21.700 I this year. 02:23.240 --> 02:30.650 So, so it's so far more important to note that the Pearce's idea of the process than the name of this 02:30.650 --> 02:35.270 process or process idea is more important than the name of Perseus. 02:35.870 --> 02:41.090 So all along, the app is common, doesn't really provide you with much information. 02:41.390 --> 02:48.200 So running the command without any options lists the process has started said to be invoked by the currently 02:48.200 --> 02:51.260 logged in user in your case is Carly. 02:52.010 --> 02:53.030 Uh, so. 02:53.180 --> 02:55.250 And what processes are running on the terminal? 02:55.790 --> 02:56.960 So here it. 02:57.320 --> 03:02.090 Simple says that the base shell is open and running and what? 03:02.090 --> 03:04.060 We run the p as com month here. 03:05.630 --> 03:12.860 So we want to we want and need far more information than that particular Windows process, run by other 03:12.860 --> 03:15.110 users and by the system in the background. 03:15.770 --> 03:20.750 Without this information, we know very little to what is actually taking place on our system. 03:21.470 --> 03:24.410 So we're running the command with the options. 03:24.440 --> 03:30.090 Uh, Alex will show our processes running with the system for all users. 03:30.090 --> 03:33.170 See if it's run it p, I'll see it. 03:33.920 --> 03:42.500 So you can see here, we can see all the processes is running here and what process is which user and 03:42.510 --> 03:42.860 present. 03:42.860 --> 03:47.960 Say the old CPU is running these processes here, as you can see here. 03:49.430 --> 03:52.760 We have Carly and Reed here. 03:59.210 --> 03:59.570 So. 04:00.990 --> 04:03.510 Not that you don't prefix these options with a dash. 04:03.930 --> 04:07.560 So everything is in lower case because it is a case sensitive. 04:07.560 --> 04:12.120 As you can see, we have not other than a dash here, and everything is in a lower case. 04:12.120 --> 04:18.270 Because an index is case sensitive, using uppercase options will give significantly different results. 04:18.870 --> 04:26.160 As you can see the common now so many re processes that likely run off the bottom of your screen. 04:26.640 --> 04:28.680 So the first process is in it. 04:29.750 --> 04:30.140 Yes. 04:35.240 --> 04:40.100 So list in the final column here, the last person is the command. 04:40.430 --> 04:42.590 We ran to display. 04:43.740 --> 04:51.080 Our folks here, as you can see here and user, is there one of these Colligan, which is my user account 04:51.120 --> 04:51.390 here? 04:51.840 --> 04:52.470 You know, Linux. 04:53.860 --> 04:56.890 Many of the details and like here, um. 04:57.580 --> 05:06.610 Process idea, CPU time, uh, memory command and so on here may be different on your system, but should 05:06.610 --> 05:09.100 have the same format for our purposes. 05:09.100 --> 05:12.730 Here are the most important columns in this output. 05:13.030 --> 05:18.450 So the user is the user for in the process process. 05:18.460 --> 05:25.930 It is, as you know, as we discussed earlier, this is the process CPU them is them at the present 05:25.930 --> 05:27.070 of the CPU. 05:27.340 --> 05:35.440 This process is using, uh, so memory here is the present of memory this process is using, and the 05:35.440 --> 05:42.890 command is the name of the command that started the process in general to perform any action in a process. 05:43.150 --> 05:45.660 We must specify the process idea. 05:46.270 --> 05:47.040 So let's see. 05:47.040 --> 05:51.040 You have to use these identifiers to our advantage here. 05:52.280 --> 05:52.670 So. 05:54.040 --> 05:55.390 Filtering by process name. 05:56.980 --> 06:00.190 I want look at those pictures. 06:00.700 --> 06:02.300 Yes, see. 06:03.010 --> 06:06.460 So actually in this in this picture, we will do it. 06:06.460 --> 06:08.230 So I am waiting you in this section.