| Paketname | unhide |
| Beschreibung | Forensic tool to find hidden processes and ports |
| Archiv/Repository | Offizielles Ubuntu Archiv lucid (universe) |
| Version | 20080519-6 |
| Sektion | universe/admin |
| Priorität | extra |
| Installierte Größe | 1620 Byte |
| Hängt ab von | |
| Empfohlene Pakete | |
| Paketbetreuer | Ubuntu Developers |
| Quelle | |
| Paketgröße | 757562 Byte |
| Prüfsumme MD5 | 4bf1660350331d26119eca4a3f2c9e3d |
| Prüfsumme SHA1 | efde4d05ee50ab94e893ae203c9865789dee6406 |
| Prüfsumme SHA256 | 6949f01333d6063040f993cb77a0fd50d18d00c08cb4797d6f0468956f69ddc6 |
| Link zum Herunterladen | unhide_20080519-6_i386.deb |
| Ausführliche Beschreibung | Unhide is a forensic tool to find processes and TCP/UDP ports hidden by
rootkits, Linux kernel modules or by other techniques. It includes two
utilities: unhide and unhide-tcp.
.
unhide detects hidden processes using three techniques:
* comparing the output of /proc and /bin/ps
* comparing the information gathered from /bin/ps with the one gathered from
system calls (syscall scanning)
* full scan of the process ID space (PIDs bruteforcing)
.
unhide-tcp identifies TCP/UDP ports that are listening but are not listed in
/bin/netstat through brute forcing of all TCP/UDP ports available.
.
This package can be used by rkhunter in its daily scans.
|