Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

unhide-20200120-1 RPM for x86_64

From OpenMandriva Cooker for x86_64 / extra / release

Name: unhide Distribution: OpenMandriva Lx
Version: 20200120 Vendor: OpenMandriva
Release: 1 Build date: Sun Nov 1 14:53:43 2020
Group: System/Configuration/Other Build host: rhel.openmandriva.org
Size: 149417 Source RPM: unhide-20200120-1.src.rpm
Packager: bero <bero@lindev.ch>
Url: http://www.unhide-forensics.info/
Summary: Tool to find hidden processes and TCP/UDP ports from rootkits
 
Unhide is a forensic tool to find hidden processes and TCP/UDP ports by
rootkits / LKMs or by another hidden technique. It includes two
utilities: unhide and unhide-tcp.

Unhide detects hidden processes using six techniques:

  - Compare /proc vs /bin/ps output
  - Compare info gathered from /bin/ps with info gathered by walking through
    the procfs.
  - Compare info gathered from /bin/ps with info gathered from syscalls
    (syscall scanning).
  - Full PIDs space occupation (PIDs bruteforcing)
  - Reverse search, verify that all thread seen by ps are also seen by
    the kernel ( /bin/ps output vs /proc, procfs walking and syscall )
  - Quick compare /proc, procfs walking and syscall vs /bin/ps output.

Unhide-tcp identifies TCP/UDP ports that are listening but are not listed
in /bin/netstat through brute forcing of all TCP/UDP ports available.

Provides

Requires

License

GPLv3+

Changelog

* Tue Feb 08 2011 Jani Välimaa <wally@mandriva.org> 20110113-1mdv2011.0
  + Revision: 636928
  - new version 20110113
  - fix url and source tags
* Sun Nov 14 2010 Jani Välimaa <wally@mandriva.org> 20100819-2mdv2011.0
  + Revision: 597542
  - build with LDFLAGS
  - add symlink for man page too
* Sat Sep 25 2010 Jani Välimaa <wally@mandriva.org> 20100819-1mdv2011.0
  + Revision: 580960
  - new version 20100819
  - fix license and description
* Mon Aug 02 2010 Jani Välimaa <wally@mandriva.org> 20100201-1mdv2011.0
  + Revision: 565116
  - fix source tag
  - import unhide

Files

/usr/sbin/unhide
/usr/sbin/unhide-gids
/usr/sbin/unhide-linux
/usr/sbin/unhide-tcp
/usr/sbin/unhide_rb
/usr/share/doc/unhide
/usr/share/doc/unhide/README.txt
/usr/share/doc/unhide/TODO
/usr/share/licenses/unhide
/usr/share/licenses/unhide/COPYING
/usr/share/man/man8/unhide-gids.8.zst
/usr/share/man/man8/unhide-linux.8.zst
/usr/share/man/man8/unhide-posix.8.zst
/usr/share/man/man8/unhide-tcp.8.zst
/usr/share/man/man8/unhide.8.zst

Generated by rpm2html 1.8.1

Fabrice Bellet, Wed Nov 13 23:03:53 2024