E02

 Linux Network and Process Management

Process

• In Linux, a running programme is called a process. It is a programme instance that the Linux kernel is now running. Every process has an own set of resources, including memory and CPU time, as well as a unique process ID (PID).
• A process is given a unique identity known as its Process ID (PID).

Process States

• One of the following states is possible for a process within the system:
• sprinting It is running the code at the moment.
• All set: It is prepared to operate, but CPU time is needed.
• Sleeping: It is momentarily stopped and is awaiting the occurrence of a procedure or event.
• Stopped: Either the user or the system stops it.
• Zombie: Although the process has finished running, it still has a record in the process table.

Process Management

To control the processes, use the following command.

• ps
• ps aux
• ps aux | grep username [replace username with your username in the system]
• cat /proc/<PID>/status [replace <PID> with actual process ID]

top: a real-time process monitor that shows details about every process that is active. Try it out

• top
• top -u root
• top -u username [replace username with your username in the system]
• gnome-system-monitor [opens GUI based system monitor]

kill: a technique for ending a process. Test out kill

• kill <PID>  [replace <PID> with actual process ID]
• kill -9 <PID>  [-9 for forcefully, SIGKILL signal]

You may also use the systemctl command if your system has any installed services. Try it out

• sudo systemctl status service_name [replace the service_name with actual service name]
• sudo systemctl start service_name
• sudo systemctl stop service_name

Network Configuration

• You can access all the network interfaces name with command 

                         -ifconfig or ip addr or ip link

• You can access the routing information of network that your device is connected to with the command 

                       -ip route

• You can get the configuration file inside the /etc/netplan/  folder. It will have a default configuration file in YAML format. By default it uses the NetworkManger to manage your network.
• You can get the configuration about the specific network you are connected to from /etc/NetworkManager/system-connections/<connection-name>
• You can go inside the /etc/NetworkManager/system-connections/ folder and list all the network connections names. 
• Other network configuration files are

                           -/etc/host.conf - contains order in which hostname are resolved

                           -/etc/hosts - map ip address to hostname/domain name

                           -/etc/hostname - contains name of your system hostname which can be used to                                          identify your system in the network.

                           -Some of the other files are /etc/hosts.deny and /etc/hosts.allow

Network Commands

•  netstat - used to display various network information [routing table, interfaces,connection, ports, etc..]
• ping - test host connection reachability
• traceroute - find out the path between source and destination
• nslookup - obtain mapping between ip address and domain name and vice versa 
• ssh - remote login using the shell

Firewall Configuration 

• We will utilise the built-in ufw (uncomplicated firewall) firewall. It is easy to operate. Try using the commands sudo ufw status and sudo ufw enable (if the status is not active, use this one).
• You may now use the command to ban a specific website.
• sudo ufw forbid out to <ip-address> [substitute the website's real IP address for the address; use the nslookup command to find out the address].
• To reload a firewall, use sudo ufw reload.
• If you want to unblock it, you can use the following command
• sudo ufw delete deny out to <ip-address>
• If you want to disable the firewall, you can use the following command
• sudo ufw disable