Hi Xiscu!
That's not unhide.rb.
Do apt-get install unhide.rb, then run unhide.rb.
Then post the result of that.
Regards //Johan
2013/1/6 xiscu xi...@email.de
I'm not sure if I have to forward that to you. Sorry if not!
I got :
-
Thank you for the additional information you have supplied regarding
this Bug report.
This is an automatically generated reply to let you know your message
has been received.
Your message has not been forwarded to the package maintainers or
other interested parties; you should ensure that the developers are
aware of the problem you have entered into the system - preferably
quoting the Bug reference number, #624694.
If you wish to submit further information on this problem, please
send it to624694-qu...@bugs.debian.org**.
Please do not send mail toow...@bugs.debian.org unless you wish
to report a problem with the Bug-tracking system.
-- 624694:
http://bugs.debian.org/cgi-**bin/bugreport.cgi?bug=624694http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=624694Debian
Bug Tracking System Contact
ow...@bugs.debian.org with problems -
Original Message
Subject:Bug#624694: Please try unhide.rb
Resent-Date:Sat, 05 Jan 2013 13:45:04 +
Resent-From:Debian BTS debb...@buxtehude.debian.org
Resent-To: xiscu xi...@email.de
Date: Sat, 05 Jan 2013 14:43:50 +0100
From: xiscu xi...@email.de
Reply-To: xiscu xi...@email.de, 624694-qu...@bugs.debian.org
To: 624694-qu...@bugs.debian.org
CC: 624694-submitter@bugs.debian.**org624694-submit...@bugs.debian.org
On 01/04/2013 03:51 PM, Johan Walles wrote:
Hi!
Can you please post the output of running unhide.rb on the same system?
.rb will print the name of any detected hidden processes for you.
Better diagnostics than the original unhide was among the design goals
for unhide.rb.
Regards //Johan
I'm not sure if that what you mean with 'Unhide.rb' (see below) but the
actual output is:
===
# unhide -v sys
Unhide 20110113
http://www.unhide-forensics.**info http://www.unhide-forensics.info
[*]Searching for Hidden processes through getpriority() scanning
[*]Searching for Hidden processes through getpgid() scanning
[*]Searching for Hidden processes through getsid() scanning
[*]Searching for Hidden processes through sched_getaffinity() scanning
[*]Searching for Hidden processes through sched_getparam() scanning
[*]Searching for Hidden processes through sched_getscheduler() scanning
[*]Searching for Hidden processes through sched_rr_get_interval() scanning
[*]Searching for Hidden processes through kill(..,0) scanning
[*]Searching for Hidden processes through comparison of results of
system calls
[*]Searching for Hidden processes through sysinfo() scanning
WARNING : info.procs changed during test : 311 (was 309)
WARNING : info.procs changed during test : 309 (was 311)
HIDDEN Processes Found: 1sysinfo.procs = 309 ps_count = 311
===
# find / -name '*nhide*'
/var/lib/dpkg/info/unhide.**postinst
/var/lib/dpkg/info/unhide.**md5sums
/var/lib/dpkg/info/unhide.**triggers
/var/lib/dpkg/info/unhide.list
/usr/sbin/unhide
/usr/sbin/unhide-tcp
/usr/share/doc/unhide
/usr/share/doc/lm-sensors/**examples/hotplug/unhide_ICH_**SMBus
/usr/share/man/man8/unhide.8.**gz
/usr/share/man/man8/unhide-**posix.8.gz
/usr/share/man/man8/unhide-**tcp.8.gz
/usr/share/man/man8/unhide-**linux26.8.gz
/usr/share/man/es/man8/unhide.**8.gz
/usr/share/man/fr/man8/unhide.**8.gz
/usr/share/lintian/overrides/**unhide
===
___
forensics-devel mailing list
forensics-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/forensics-devel
