| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: unhide | Distribution: Unknown |
| Version: 0.0.20080519 | Vendor: RPMForge |
| Release: 1.el4.rf | Build date: Thu Jul 24 15:04:37 2008 |
| Group: Applications/System | Build host: neodyme.arrfab.net |
| Size: 965673 | Source RPM: unhide-0.0.20080519-1.el4.rf.src.rpm |
| Packager: Fabian Arrotin <fabian.arrotin@arrfab.net> | |
| Url: http://www.security-projects.com/?Unhide | |
| Summary: Tool to find hidden processes and TCP/UDP ports from rootkits | |
Unhide is a forensic tool to find processes and TCP/UDP ports hidden by rootkits, Linux kernel modules or by other techniques. It includes two utilities: unhide and unhide-tcp. Unhide detects hidden processes using three techniques: - comparing the output of /proc and /bin/ps - comparing the information gathered from /bin/ps with the one gathered from system calls (syscall scanning) - full scan of the process ID space (PIDs bruteforcing) unhide-tcp identifies TCP/UDP ports that are listening but are not listed in /bin/netstat through brute forcing of all TCP/UDP ports available.
GPL
* Wed Jul 02 2008 Dag Wieers <dag@wieers.com> - 0.0.20080519-1 - Initial package. (using DAR)
/usr/sbin/unhide /usr/sbin/unhide-tcp /usr/share/doc/unhide-0.0.20080519 /usr/share/doc/unhide-0.0.20080519/COPYING /usr/share/doc/unhide-0.0.20080519/LEEME.txt /usr/share/doc/unhide-0.0.20080519/README.txt /usr/share/man/man8/unhide-tcp.8.gz /usr/share/man/man8/unhide.8.gz
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Jul 9 08:56:54 2024