---------- Forwarded message ---------- From: "aravind vijayan" <aravindvijayan224185@xxxxxxxxx> Date: 27 Nov 2011 22:39 Subject: [ILUG-Cochin.org] unhide To: <mailinglist@xxxxxxxxxxxxxxx> Unhide is a forensic tool to find processes and TCP/UDP ports hidden by rootkits, Linux kernel modules or by other techniques. It includes two utilities: unhide and unhide-tcp. unhide detects hidden processes using three techniques: * comparing the output of /proc and /bin/ps * comparing the information gathered from /bin/ps with the one gathered from system calls (syscall scanning) * full scan of the process ID space (PIDs bruteforcing) unhide-tcp identifies TCP/UDP ports that are listening but are not listed in /bin/netstat through brute forcing of all TCP/UDP ports available. This package can be used by rkhunter in its daily scans. Source : http://linuxappfinder.com/package/unhide http://www.unhide-forensics.info/?Linux Registered Linux user #545296 _______________________________________________ Indian Libre User Group Cochin Mailing List http://www.ilug-cochin.org/mailing-list/ http://mail.ilug-cochin.org/mailman/listinfo/mailinglist_ilug-cochin.org #ilugkochi@xxxxxxxxxxxxxxxx