Process monitoring
You can use tools like pspy to monitor processes. This can be very useful to identify vulnerable processes being executed frequently or when a set of requirements are met or additional you can use create your own monitor process.
#!/bin/bash
old_process=$(ps -eo command)
while true; do
new_process=$(ps -eo command)
diff <(echo "$old_process") <(echo "$new_process") | grep "[\\>\\<]" | grep -v "procmon.sh" | grep -v "command"
old_process=$new_process
doneLast updated