| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: unhide | Distribution: Dag Apt Repository for Red Hat Enterprise Linux 5 |
| Version: 0.0.20080519 | Vendor: Dag Apt Repository, http://dag.wieers.com/apt/ |
| Release: 1.el5.rf | Build date: Tue Jul 1 00:28:19 2008 |
| Group: Applications/System | Build host: lisse.leuven.wieers.com |
| Size: 1242475 | Source RPM: unhide-0.0.20080519-1.el5.rf.src.rpm |
| Packager: Dag Wieers <dag@wieers.com> | |
| Url: http://www.security-projects.com/?Unhide | |
| Summary: Tool to find hidden processes and TCP/UDP ports from rootkits | |
Unhide is a forensic tool to find processes and TCP/UDP ports hidden by rootkits, Linux kernel modules or by other techniques. It includes two utilities: unhide and unhide-tcp. Unhide detects hidden processes using three techniques: - comparing the output of /proc and /bin/ps - comparing the information gathered from /bin/ps with the one gathered from system calls (syscall scanning) - full scan of the process ID space (PIDs bruteforcing) unhide-tcp identifies TCP/UDP ports that are listening but are not listed in /bin/netstat through brute forcing of all TCP/UDP ports available.
GPL
* Tue Jul 01 2008 Dag Wieers <dag@wieers.com> - 0.0.20080519-1 - +/ - Initial package. (using DAR)
/usr/sbin/unhide /usr/sbin/unhide-tcp /usr/share/doc/unhide-0.0.20080519 /usr/share/doc/unhide-0.0.20080519/COPYING /usr/share/doc/unhide-0.0.20080519/LEEME.txt /usr/share/doc/unhide-0.0.20080519/README.txt /usr/share/man/man8/unhide-tcp.8.gz /usr/share/man/man8/unhide.8.gz
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Jul 9 08:37:53 2024