1
00:00:01,290 --> 00:00:08,880
Hackers often need to move process, and an operating system like color is ideal for this.

2
00:00:09,330 --> 00:00:17,370
The hackers maybe have a port scanner running while running a vulnerability scanner and an exploit similar

3
00:00:17,370 --> 00:00:18,380
to the here.

4
00:00:19,110 --> 00:00:26,040
So this requires that the hacker managed his processes efficiently to based your system resources and

5
00:00:26,040 --> 00:00:27,120
complete the tasks.

6
00:00:27,570 --> 00:00:31,470
In his lecture, you will show how to manage multiple processes.

7
00:00:32,640 --> 00:00:36,480
So changing processes priority with nice.

8
00:00:37,110 --> 00:00:44,580
You don't often hear the word nice used in the context of hackers, but there you will.

9
00:00:44,940 --> 00:00:52,320
So the nice command is used to influence the privacy of persons to the kernel, as you saw when we ran

10
00:00:52,320 --> 00:00:53,760
the P.S. command.

11
00:00:54,880 --> 00:00:55,300
You're.

12
00:00:56,450 --> 00:00:57,620
Yes, comment here.

13
00:00:58,200 --> 00:01:03,200
Uh, numerous numerous businesses run on the system at once and um.

14
00:01:04,610 --> 00:01:10,580
And all of them are contending for available the resources, the colonel will have a final say over

15
00:01:10,580 --> 00:01:12,860
the priority of princesses.

16
00:01:13,190 --> 00:01:21,950
But you can use the nice and nice to suggest that the princess should be evaluated in priority.

17
00:01:22,670 --> 00:01:28,940
So the idea behind the use of the term nice is that when you use it, you are reminding how nice you

18
00:01:28,940 --> 00:01:29,390
will be.

19
00:01:29,690 --> 00:01:35,990
Others and users if you is using the most of the system resources, you know, and it's being very nice

20
00:01:36,440 --> 00:01:44,500
device from nice range from minus twelve or twenty to plus nineteen.

21
00:01:45,620 --> 00:01:48,950
So which are being the default value here?

22
00:01:49,280 --> 00:01:49,970
Yeah, so.

23
00:01:50,660 --> 00:01:53,120
So if.

24
00:01:54,280 --> 00:01:54,880
Bold.

25
00:01:58,740 --> 00:01:59,430
Zero, you.

26
00:02:02,500 --> 00:02:02,890
So.

27
00:02:04,860 --> 00:02:13,700
A high nice value translates to a low priority and a low nice value translates to high priority.

28
00:02:14,010 --> 00:02:22,200
We are not being so nice to the users and other users and processes, so when a person is startled,

29
00:02:22,200 --> 00:02:25,620
it inherits the nice value of its parent process.

30
00:02:26,280 --> 00:02:33,120
So the owner of the process can lower the priority of the person but cannot incur its priority.

31
00:02:33,570 --> 00:02:41,220
Of course, the super user route users can arbitrarily set a nice value, whether they please.

32
00:02:41,730 --> 00:02:50,400
So when you start in process, you can set the priority level with a nice command and then after the

33
00:02:50,400 --> 00:02:56,010
priority after the process has started running with the really nice comment.

34
00:02:56,350 --> 00:02:57,270
Really nice.

35
00:02:58,110 --> 00:02:58,680
Very nice.

36
00:02:58,730 --> 00:02:58,980
Yeah.

37
00:03:00,230 --> 00:03:02,930
So once absolute value for niceness.

38
00:03:03,500 --> 00:03:05,740
So let's look at an example, demonstrate this.

39
00:03:06,680 --> 00:03:12,440
So for demonstration purposes, let's assume we have a person's name, slow process that's located in

40
00:03:12,440 --> 00:03:17,510
this scene at being slow process here.

41
00:03:17,840 --> 00:03:26,610
So if you want it to speed up its completion, we called start the process with the nice command here

42
00:03:26,610 --> 00:03:33,680
in nice minus and minus 10 being a slow process here.

43
00:03:35,760 --> 00:03:39,480
We shall use of pseudo rights here.

44
00:03:41,080 --> 00:03:42,700
And enter your password here.

45
00:03:42,880 --> 00:03:45,150
So that personal such files.

46
00:03:45,760 --> 00:03:49,930
Yes, because this is just an example here.

47
00:03:50,140 --> 00:03:57,360
So the command will increment on nice value by minus 10, increasing its priority and allocating it

48
00:03:57,370 --> 00:03:58,270
more resources.

49
00:03:59,230 --> 00:04:07,720
On the other hand, we want if we want to be nice to our fellow users and profile cases and give slow

50
00:04:07,720 --> 00:04:09,190
process and lower priority.

51
00:04:09,190 --> 00:04:10,240
We called increment.

52
00:04:10,870 --> 00:04:14,080
It's a nice value positively by 10.

53
00:04:17,560 --> 00:04:17,890
Ten.

54
00:04:20,450 --> 00:04:28,310
So give you this trial process you have currently training under John P is to see how it changed and

55
00:04:28,330 --> 00:04:28,880
if Donald.

56
00:04:30,550 --> 00:04:36,130
So Changi Airport, the training, the priority of running processes with three nice.

57
00:04:38,120 --> 00:04:38,480
So.

58
00:04:40,410 --> 00:04:48,930
The very nice command man takes absolute values between minus 20 and 19 and sets the priority to that

59
00:04:48,930 --> 00:04:54,750
particular level, rather than increasing or decreasing from the level at which it started.

60
00:04:55,290 --> 00:05:02,400
In addition, Regeni's requires the process I.D. of the persons you are targeting rather than the name.

61
00:05:03,060 --> 00:05:09,120
So if the sort of person is using an inordinate amount of resources on your system and you want to give

62
00:05:09,120 --> 00:05:14,400
it a lower priority, there's allowing the other processes in higher priority and more resources in

63
00:05:14,400 --> 00:05:14,850
poultry.

64
00:05:14,850 --> 00:05:22,500
Nice slow process, not by name, which is, for example, but the processing of, for example, six

65
00:05:22,500 --> 00:05:32,040
nine nine nuts, for example, ranges 12 to six nine nine nine six, for example.

66
00:05:32,040 --> 00:05:35,670
This is the process name, for example, but it's a six, nine and six.

67
00:05:36,900 --> 00:05:41,820
So as with nice only the root user kind of arena as a process, as you can see, followed until you

68
00:05:41,820 --> 00:05:42,470
get priority.

69
00:05:42,480 --> 00:05:44,520
No such process here, but we can use.

70
00:05:44,870 --> 00:05:47,040
So the simplicity of the search process here.

71
00:05:47,790 --> 00:05:49,470
So actually, it's nice.

72
00:05:49,470 --> 00:05:56,280
The only root user can realize a process to a negative value to give it a higher priority.

73
00:05:56,640 --> 00:05:59,730
But any user can be nice and reduce it to a priority.

74
00:05:59,790 --> 00:06:00,690
It's really nice.

75
00:06:01,650 --> 00:06:07,480
So you can also use a top utility, uh, talking to a team, uh, to Chengdu.

76
00:06:07,540 --> 00:06:14,170
Nice value with a top utility running simple press that are key here.

77
00:06:15,090 --> 00:06:15,900
Uh, it's.

78
00:06:17,640 --> 00:06:18,960
Let's run it again.

79
00:06:19,230 --> 00:06:22,200
And simpler, simpler press that are key here.

80
00:06:22,800 --> 00:06:24,870
And then, um.

81
00:06:26,090 --> 00:06:27,570
Separately, the process idea.

82
00:06:28,810 --> 00:06:36,730
Uh, and the nice value, for example, um, if I want to change society of Metasploit era supremacy,

83
00:06:36,730 --> 00:06:37,540
there is a running.

84
00:06:38,460 --> 00:06:39,570
Um, near.

85
00:06:43,290 --> 00:06:51,650
Or just a, for example, sincere and nice with 12, when I settle into an integer because the nice

86
00:06:51,660 --> 00:06:55,290
thing is maximum, very simple six, eight years.

87
00:06:57,760 --> 00:07:06,210
So now I will show you the killing processes at times a process will consume way too many system resources,

88
00:07:06,220 --> 00:07:11,320
except in usual behavior or at worse, freeze up.

89
00:07:11,560 --> 00:07:18,010
A process that executes this type of behavior is often referred to as the zombie process.

90
00:07:19,720 --> 00:07:25,360
So for you, you're probably the most problematic symptom that'll be waste, the resources used by the

91
00:07:25,360 --> 00:07:28,750
zombie that caused but better allocated to use for persons.

92
00:07:29,470 --> 00:07:35,140
When you identify a problematic process, you may want to stop it with the kill command.

93
00:07:36,060 --> 00:07:43,260
Here there are many different ways to create a program, and each has its own fuel number.

94
00:07:43,860 --> 00:07:47,670
So the kill command has six to four different signals.

95
00:07:48,710 --> 00:07:53,210
So and each does something slightly different.

96
00:07:53,990 --> 00:07:57,890
So, for example.

97
00:07:59,730 --> 00:08:10,560
I want this here in Mouse Pad Notepad here, so cignal name, for example, I'm the most important signal

98
00:08:10,560 --> 00:08:11,040
names.

99
00:08:13,190 --> 00:08:23,690
So if you don't provide a signal for luck, it defaults if you don't provide proof of space or if you

100
00:08:23,690 --> 00:08:31,910
don't provide a signal flight, it defaults to C term.

101
00:08:33,700 --> 00:08:41,740
So we have a signal name, and I want created here so, so sick hump, for example.

102
00:08:42,370 --> 00:08:44,950
So you can now name.

103
00:08:46,530 --> 00:08:54,210
Name, uh, number or auction and description.

104
00:08:55,290 --> 00:09:02,390
You're so sick up here, no of auction is one, so, uh.

105
00:09:03,610 --> 00:09:09,950
And hand signal signal, so it stops the disc.

106
00:09:10,210 --> 00:09:17,130
The signal, if the processes and the press starts to do with this same process idea restart.

107
00:09:18,700 --> 00:09:20,640
Same process I did.

108
00:09:22,950 --> 00:09:28,440
So it starts with the same society.

109
00:09:29,530 --> 00:09:38,650
So we have segued into 30 years in an into interrupting, not the director and a number of options to

110
00:09:38,650 --> 00:09:38,830
him.

111
00:09:39,160 --> 00:09:44,200
So this is the interrupt single intel wrapped signal.

112
00:09:44,620 --> 00:09:50,830
So it is a weak signal that it's current year to work, but it works in most cases.

113
00:09:51,810 --> 00:09:53,410
We signal.

114
00:09:55,640 --> 00:09:58,130
But what's actually?

115
00:09:59,750 --> 00:10:05,840
The math works here, so we have a SIG.

116
00:10:07,340 --> 00:10:11,800
Appear as number of option is three.

117
00:10:12,170 --> 00:10:17,690
So this is known as the kurdum core number.

118
00:10:18,170 --> 00:10:19,640
Here it is.

119
00:10:19,640 --> 00:10:25,580
The processes and saves the process information in memory and then it saves this information in the

120
00:10:25,580 --> 00:10:28,820
current working directory to a file named court.

121
00:10:29,600 --> 00:10:36,980
Decisions for doing this are beyond the scope of this course, so but you will learn in later lectures.

122
00:10:37,870 --> 00:10:40,820
And so we have a 10 here.

123
00:10:42,520 --> 00:10:50,950
No of is 15, but this is determination and tender and termination signal.

124
00:10:51,790 --> 00:10:53,770
Um, it will it.

125
00:10:57,190 --> 00:11:04,240
Which is the cue in the phone signal signal.

126
00:11:05,770 --> 00:11:06,280
Here.

127
00:11:09,550 --> 00:11:09,860
It's.

128
00:11:12,470 --> 00:11:12,730
Yes.

129
00:11:13,460 --> 00:11:18,950
And last night, I want to show you, is he killed?

130
00:11:19,670 --> 00:11:20,900
So he kill.

131
00:11:21,080 --> 00:11:23,630
He's using no for option nine.

132
00:11:23,900 --> 00:11:26,120
So this is the absolute kill signal.

133
00:11:26,480 --> 00:11:34,820
So it forces the process to stop by sending the process resources to a special device, the not absolute

134
00:11:34,910 --> 00:11:36,440
kill signal.

135
00:11:36,830 --> 00:11:43,940
And, uh, so very serious here and now.

136
00:11:43,940 --> 00:11:48,530
Using the top command, you can identify which processes are using too many resources.

137
00:11:49,310 --> 00:11:52,100
Often this process is willing to give it and they get to it.

138
00:11:52,100 --> 00:11:52,680
But there are.

139
00:11:52,680 --> 00:11:57,890
I mean, there may be malicious processes taking these sources that you will want to kill here.

140
00:11:58,230 --> 00:12:01,590
And let me look at our lecture time here.

141
00:12:01,850 --> 00:12:09,230
So, uh, if you if you just want to restart the process with a whoop signal, enter the minus one option

142
00:12:09,230 --> 00:12:15,380
with Q here, for example, peel minus one kill minus one.

143
00:12:15,770 --> 00:12:19,850
Actually, let's use this kill Metasploit here.

144
00:12:21,390 --> 00:12:26,340
Let's find this Pierce, Alex, here is the matters played here.

145
00:12:26,970 --> 00:12:29,940
Metasploit, Metasploit, Metasploit.

146
00:12:35,560 --> 00:12:37,310
And that's fine, that's great.

147
00:12:37,730 --> 00:12:45,700
Here he is out here and grab a massive console here.

148
00:12:46,300 --> 00:12:50,470
So the our society is one thousand nine hundred seven.

149
00:12:51,400 --> 00:12:54,580
So we can kill it with that.

150
00:12:59,050 --> 00:13:09,190
Actually, it's probably one thousand six hundred seventy one, so keel minus one, one thousand six

151
00:13:09,190 --> 00:13:10,160
hundred seventy one.

152
00:13:10,960 --> 00:13:13,960
So you can see here our Metasploit is killed.

153
00:13:16,840 --> 00:13:22,810
Clearly, in the case of the zombie or malicious process, you likely want to send this clear signal

154
00:13:23,440 --> 00:13:27,880
nine So this is this is the absolute kill signal, and it's very serious.

155
00:13:30,010 --> 00:13:34,870
So with this kill minus nine and.

156
00:13:35,860 --> 00:13:38,520
Process, name, process, idea.

157
00:13:40,160 --> 00:13:43,340
Like that, but good morning, this one here.

158
00:13:43,940 --> 00:13:52,040
So if you don't know the president's idea, you can use the kill all command killall command to kill

159
00:13:52,040 --> 00:13:52,670
the processes.

160
00:13:52,670 --> 00:13:57,080
This command takes the name of the process instead of the process idea as an argument.

161
00:13:58,130 --> 00:14:02,060
For example, kill all minus nine.

162
00:14:02,460 --> 00:14:05,260
Uh, zombie process.

163
00:14:06,080 --> 00:14:07,190
That's not a racist font.

164
00:14:08,660 --> 00:14:15,290
Uh, so finally, you can also terminate the process in the top comment here, simply press that key

165
00:14:15,410 --> 00:14:17,600
card key and into the process.

166
00:14:17,600 --> 00:14:18,980
I'd like that.

167
00:14:19,430 --> 00:14:23,120
So I will, uh, cause this year so.

168
00:14:24,470 --> 00:14:25,790
And we can run Linux.

169
00:14:26,060 --> 00:14:29,000
Run in background of Linux as well here.

170
00:14:29,660 --> 00:14:30,740
Uh, so.

171
00:14:32,700 --> 00:14:39,180
Actually, how many minutes we have, so I have it and you will learn this in the next lecture.

172
00:14:39,300 --> 00:14:40,860
So I'm waiting here in this lecture.