L in u X ba sics for h acke rs g e t t I n g s t a r t e d w I t h
Download 7.3 Mb. Pdf ko'rish
|
linuxbasicsforhackers
|
Killing Processes
At times, a process will consume way too many system resources, exhibit unusual behavior, or —at worst—freeze. A process that exhibits this type of behavior is often referred to as a rogue process. For you, probably the most problematic symptom will be wasted resources used by the rogue process that could be better allocated to useful processes. Process Management 67 When you identify a problematic process, you may want to stop it with the kill command. There are many different ways to kill a program, and each has its own kill number. The kill command has 64 different kill signals, and each does some thing slightly different. Here, we focus on a few you will likely find most useful. The syntax for the kill command is kill-signal PID , where the signal switch is optional. If you don’t provide a signal flag, it defaults to SIGTERM . Table 61 lists the common kill signals Table 6-1: Commonly Used Kill Signals Signal name Number for option Description SIGHUP 1 This is known as the Hangup (HUP) signal. It stops the des- ignated process and restarts it with the same PID. SIGINT 2 This is the Interrupt (INT) signal. It is a weak kill signal that isn’t guaranteed to work, but it works in most cases. SIGQUIT 3 This is known as the core dump. It terminates the process and saves the process information in memory, and then it saves this information in the current working directory to a file named core. (The reasons for doing this are beyond the scope of this book.) SIGTERM 15 This is the Termination (TERM) signal. It is the kill com- mand’s default kill signal. SIGKILL 9 This is the absolute kill signal. It forces the process to stop by sending the process’s resources to a special device, /dev/null. Using the top command, you can identify which processes are using too many resources; often, those processes will be legitimate, but there may be malicious processes taking resources that you’ll want to kill. If you just want to restart a process with the HUP signal, enter the -1 option with kill , like so: kali >kill -1 6996 In the case of a rogue or a malicious process, you likely want to send the kill -9 signal, the absolute kill signal, to the process. This makes cer tain that the process is terminated. kali >kill -9 6996 If you don’t know a process’s PID, you can use the killall command to kill the process. This command takes the name of the process, instead of the PID, as an argument. |
