Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
It might do well to move this to the Security subforum, but in the meanwhile, here are a few suggestions...
Look at the various system logs in /var/log. Do you know very well what this computer is supposed to be doing? Is there any reason that you can think of for this kind of login to be legitimate? If so, it's possible that these are hanging-sessions that are not being cleared up. Maybe they are being initiated by a (let us presume, "legitimate") programmed script, somewhere else, that has a bug in it. ("It doesn't get the response it's looking for, so it tries again. But it doesn't clean up its own mess.") It's pretty unreasonable to think of any person generating this kind of volume, but it's also difficult to imagine an intruder creating such a massive amount of noise, unless he were somehow (and crudely) attempting some weird DOS attack. A "bug" sounds likely to me.
"hugh" should be "huge." "processors" in this case should be "processes" or "sessions."
Last edited by sundialsvcs; 10-29-2012 at 11:41 AM.
These were obviously not zombie or orphan processess, but, these were because of "ssh" commands initiated by some user <username>, who was logged in on your local system, and had did a "ssh <username>@notty" to access notty system using ssh.
Al those processes were many times opened sessions (i.e. terminals) by that user. He logged in from your system and didn't close those terminals or login sessions. That's why you found lot of such processes. You can ask users to limit their sessions and always close/logoff from terminals after they finish their work, else you'll close it.
Fyi, pkill kills processes of specified user and -9 is signal passed to that process. Read more "man kill".