Package: wnpp Severity: wishlist Owner: Francois Marier <[EMAIL PROTECTED]>
* Package name : unhide Version : 20071102 Upstream Author : [EMAIL PROTECTED] * URL : http://www.security-projects.com/?Unhide * License : GPL Programming Lang: C Description : Forensic tool to find hidden processes and TCP/UDP ports Unhide is a forensic tool to find hidden processes and TCP/UDP ports by rootkits, Linux kernel modules or by other techniques. It includes two utilities: unhide and unhide-tcp. . unhide detects hidden processes using three techniques: - comparing the output of /proc and /bin/ps - comparing the information gathered from /bin/ps with the one gathered from system calls (syscall scanning) - full scan of the process ID space (PIDs bruteforcing) . unhide-tcp identifies TCP/UDP ports that are listening but are not listed in /bin/netstat through brute forcing of all TCP/UDP ports available. This package can be used by rkhunter in its daily scans. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
