| Name : unhide
| |
| Version : 0.0.20080519
| Vendor : Dag Apt Repository, http://dag_wieers_com/apt/
|
| Release : 1.rh9.rf
| Date : 2008-07-01 00:28:42
|
| Group : Applications/System
| Source RPM : unhide-0.0.20080519-1.rh9.rf.src.rpm
|
| Size : 0.85 MB
| |
| Packager : Dag Wieers < dag_wieers_com>
| |
| Summary : Tool to find hidden processes and TCP/UDP ports from rootkits
|
Description :
Unhide is a forensic tool to find processes and TCP/UDP ports hidden by
rootkits, Linux kernel modules or by other techniques. It includes two
utilities: unhide and unhide-tcp.
Unhide detects hidden processes using three techniques:
- comparing the output of /proc and /bin/ps
- comparing the information gathered from /bin/ps with the one gathered
from system calls (syscall scanning)
- full scan of the process ID space (PIDs bruteforcing)
unhide-tcp identifies TCP/UDP ports that are listening but are not listed
in /bin/netstat through brute forcing of all TCP/UDP ports available.
|
RPM found in directory: /mirror/vol5/apt.sw.be/redhat/9/en/i386/rpmforge/RPMS |
Hmm ... It's impossible ;-) This RPM doesn't exist on any FTP server
Provides :
unhide
Requires :
