Letter

unhide - Tool to find hidden processes and TCP/UDP ports from rootkits

Website: http://www.security-projects.com/?Unhide
License: GPLv3
Vendor: Fedora Project
Description:
Unhide is a forensic tool to find processes and TCP/UDP ports hidden by
rootkits, Linux kernel modules or by other techniques. It includes two
utilities: unhide and unhide-tcp.

Unhide detects hidden processes using three techniques:

 - comparing the output of /proc and /bin/ps
 - comparing the information gathered from /bin/ps with the one gathered
   from system calls (syscall scanning)
 - full scan of the process ID space (PIDs bruteforcing)

unhide-tcp identifies TCP/UDP ports that are listening but are not listed
in /bin/netstat through brute forcing of all TCP/UDP ports available.

Packages

unhide-1.0-3.fc11.20080519.ppc64 [26 KiB] Changelog by Fedora Release Engineering (2009-02-25):
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild

Listing created by Repoview-0.6.3-1.fc11