Ensures system security by monitoring processes running in Linux

Article Title: ensures system security by monitoring the running processes of Linux. Linux is a technology channel of the IT lab in China. Including desktop applications, Linux system management, kernel research, embedded systems, open-source, and other basic classification Linux systems provide who, w, ps, top, and other system calls to view process information, by using these system calls, we can clearly understand the running status and survival status of processes, and take appropriate measures to ensure the security of the Linux system.
　
1. who command: this command is mainly used to view the current online user information. The system administrator can use the who command to monitor what every login user is doing at this moment.
　
2. w command: this command is also used to display the user login to the system, but unlike who, w command is more powerful, it not only shows who has logged on to the system, it can also display the work that these users are currently working on. The w command is an enhanced version of the who command.
　
3. ps command: this command is the most basic and powerful process view command. It can be used to determine which processes are running and running, whether the processes are terminated, whether the processes are dead, and which processes are occupying excessive resources. The ps command can monitor the working status of background processes, because background processes do not communicate with standard input/output devices such as the screen keyboard. To detect the situation, you can use the ps command. The following is an example of a ps command.
　
　　

$ Ps x PID TTY STAT TIME COMMAND 5800 ttyp0 S-bash 5813 ttyp1 S-bash 5921 ttyp0 S man ps 5922 ttyp0 S sh-c/usr/bin/gunzip-c/var/catman/cat1/ps.1.gz/ 5923 ttyp0 S/usr/bin/gunzip-c/var/catman/cat1/ps.1.gz 5924 ttyp0 S/usr/bin/less-is5941 ttyp1 R ps x

　
4. top command: the basic functions of top command and ps command are the same. The current process and status of the system are displayed, but top command is a dynamic display process, you can press the buttons to refresh the current status. If you execute this command on the foreground, it excludes the foreground until the user terminates the program. More accurately, the top command provides real-time monitoring of the status of the system processor. It displays the list of CPU-most "sensitive" tasks in the system. This command can sort tasks by CPU usage, memory usage, and execution time, and many of its features can be set through interactive commands or in a custom file. The following is an example of a top command:
　
　　

Pm up 7 min, 4 user, load average: 0.07, 0.09, 0.06 29 processes: 28 sleeping, 1 running, 0 zombie, 0 stopped CPU states: 4.5% user, 3.6% system, 0.0% nice, 91.9% idle Mem: 38916 K av, 18564 K used, 20352 K free, 11660 K shrd, 1220 K buff Swap: 33228 K av, 0 K used, 33228 K free, 11820 K cached Pid user pri ni size rss share stat lib % CPU % MEM TIME COMMAND 363 root 14 0 708 708 552 R 0 8.1 1.8 0: 00 top 1 root 0 0 404 404 344 S 0 0.0 0: 03 init 2 root 0 0 0 0 SW 0 0.0 0.0 kflushd 3 root-12-12 0 0 0 SW