Process List & Security??

VeeJay maanjee at gmail.com
Wed Jan 10 13:12:54 UTC 2007 

Hi

Can some good one at security side look into these running process? And see
if there is a Process some is dangerous/ security breach which a Bad User
has put? Thanks

$ ps xa
  PID  TT  STAT      TIME COMMAND
    0  ??  WLs    0:00.00 [swapper]
    1  ??  ILs    0:00.00 /sbin/init --
    2  ??  DL     0:02.90 [g_event]
    3  ??  DL     0:02.87 [g_up]
    4  ??  DL     0:03.04 [g_down]
    5  ??  DL     0:00.00 [thread taskq]
    6  ??  DL     0:00.00 [acpi_task_0]
    7  ??  DL     0:00.00 [acpi_task_1]
    8  ??  DL     0:00.00 [acpi_task_2]
    9  ??  DL     0:00.00 [kqueue taskq]
   10  ??  RL   2775:10.56 [idle]
   11  ??  WL     0:59.34 [swi4: clock sio]
   12  ??  WL     0:00.00 [swi3: vm]
   13  ??  WL     0:00.10 [swi1: net]
   14  ??  DL     0:02.65 [yarrow]
   15  ??  WL     0:00.00 [swi5: +]
   16  ??  WL     0:00.00 [swi2: cambio]
   17  ??  WL     0:00.00 [swi6: task queue]
   18  ??  WL     0:00.00 [swi6: Giant taskq]
   19  ??  WL     0:00.00 [irq9: acpi0]
   20  ??  WL     0:00.22 [irq16: bce0 em0+]
   21  ??  WL     0:00.32 [irq78: mfi0]
   22  ??  WL     0:00.00 [irq17: em1]
   23  ??  WL     0:00.00 [irq21: uhci0 uhci+]
   24  ??  DL     0:00.01 [usb0]
   25  ??  DL     0:00.00 [usbtask]
   26  ??  WL     0:00.00 [irq20: uhci1]
   27  ??  DL     0:00.01 [usb1]
   28  ??  DL     0:00.01 [usb2]
   29  ??  DL     0:00.01 [usb3]
   30  ??  WL     0:00.00 [irq14: ata0]
   31  ??  WL     0:00.00 [irq15: ata1]
   32  ??  WL     0:00.00 [swi0: sio]
   33  ??  WL     0:00.00 [irq1: atkbd0]
   34  ??  DL     0:00.07 [pagedaemon]
   35  ??  DL     0:00.00 [vmdaemon]
   36  ??  DL     0:01.11 [pagezero]
   37  ??  DL     0:00.30 [bufdaemon]
   38  ??  DL     0:59.50 [syncer]
   39  ??  DL     0:00.29 [vnlru]
   40  ??  DL     0:00.43 [softdepflush]
   41  ??  DL     0:01.41 [schedcpu]
  151  ??  Is     0:00.00 adjkerntz -i
  644  ??  Is     0:00.00 /sbin/devd
  688  ??  Ss     0:00.14 /usr/sbin/syslogd -s
  761  ??  Ss     0:00.09 /usr/sbin/usbd
  809  ??  Is     0:00.06 /usr/sbin/sshd
  815  ??  Ss     0:00.90 sendmail: accepting connections (sendmail)
  819  ??  Is     0:00.02 sendmail: Queue runner at 00:30:00 for
/var/spool/clientmqueue (sendmail)
  825  ??  Is     0:00.22 /usr/sbin/cron -s
 1007  ??  Ss     0:01.10 /usr/local/apache/bin/httpd
 1008  ??  I      0:00.00 /usr/local/apache/bin/httpd
 1009  ??  I      0:00.00 /usr/local/apache/bin/httpd
 1010  ??  I      0:00.00 /usr/local/apache/bin/httpd
 1011  ??  I      0:00.00 /usr/local/apache/bin/httpd
 1012  ??  I      0:00.00 /usr/local/apache/bin/httpd
 1037  ??  I      0:00.00 /usr/local/apache/bin/httpd
 7862  ??  Is     0:00.01 sshd: digill7b [priv] (sshd)
 7866  ??  S      0:00.01 sshd: digill7b at ttyp0 (sshd)
  866  v0  Is+    0:00.00 /usr/libexec/getty Pc ttyv0
  867  v1  Is+    0:00.00 /usr/libexec/getty Pc ttyv1
  868  v2  Is+    0:00.00 /usr/libexec/getty Pc ttyv2
  869  v3  Is+    0:00.00 /usr/libexec/getty Pc ttyv3
  870  v4  Is+    0:00.00 /usr/libexec/getty Pc ttyv4
  871  v5  Is+    0:00.00 /usr/libexec/getty Pc ttyv5
  872  v6  Is+    0:00.00 /usr/libexec/getty Pc ttyv6
  873  v7  Is+    0:00.00 /usr/libexec/getty Pc ttyv7
 7867  p0  Ss     0:00.00 -sh (sh)
 7928  p0  R+     0:00.00 ps xa
 1015  p2- I      0:00.00 /bin/sh /usr/local/mysql/bin/mysqld_safe
 1033  p2- S      0:11.97 /usr/local/mysql/libexec/mysqld
--basedir=/usr/local/mysql --datadir=/var/db/mysql --user=mysql
--pid-file=/var/db/mysql/localhost.maanjee.pid --port=33
$

-- 
Thanks!

BR / vj

More information about the freebsd-questions mailing list