pgrep and pkill commands used for to lookup a process by attribute.
To quick find all instances of ssh running, for user root, execute the following command:
$ pgrep -u root -l ssh
To kill a process, or send a signal use the pkill.
For example, to make syslog reread its configuration file:
$ pkill -HUP syslogd
Another command command is pidof that can tell you how many processes are running. This can be useful for detecting DOS attacks.
$ pidof sshd
4783 4781 30008 30006 29888 29886 2246
Above there are 7 sshd’s running.
Reference: “Tcpdump, Raw Socket and Libpap Tutorial” at http://souptonuts.sourceforge.net/tcpdump_tutorial.html.