#Linux system check ##一、
- 检查进程id对应的程序,例子,查看id为1640的程序 ls -al /proc/1640/exe 即可
- linux rookit检查 使用rkhunter,下载地址:http://downloads.sourceforge.net/project/rkhunter/rkhunter/1.4.2/rkhunter-1.4.2.tar.gz?r=https%3A%2F%2Fsourceforge.net%2Fprojects%2Frkhunter%2Ffiles%2F&ts=1465653751&use_mirror=heanet