unhide-20110113-2-omv4000.x86_64.rpm


Advertisement

Description

unhide - Tool to find hidden processes and TCP/UDP ports from rootkits

Property Value
Distribution OpenMandriva Cooker
Repository OpenMandriva Unsupported Release x86_64
Package filename unhide-20110113-2-omv4000.x86_64.rpm
Package name unhide
Package version 20110113
Package release 2-omv4000
Package architecture x86_64
Package type rpm
Homepage -
License -
Maintainer -
Download size 29.79 KB
Installed size 57.21 KB
Unhide is a forensic tool to find hidden processes and TCP/UDP ports by
rootkits / LKMs or by another hidden technique. It includes two
utilities: unhide and unhide-tcp.
Unhide detects hidden processes using six techniques:
- Compare /proc vs /bin/ps output
- Compare info gathered from /bin/ps with info gathered by walking through
the procfs.
- Compare info gathered from /bin/ps with info gathered from syscalls
(syscall scanning).
- Full PIDs space occupation (PIDs bruteforcing)
- Reverse search, verify that all thread seen by ps are also seen by
the kernel ( /bin/ps output vs /proc, procfs walking and syscall )
- Quick compare /proc, procfs walking and syscall vs /bin/ps output.
Unhide-tcp identifies TCP/UDP ports that are listening but are not listed
in /bin/netstat through brute forcing of all TCP/UDP ports available.

Alternatives

Package Version Architecture Repository
unhide-20110113-2-omv4000.i686.rpm 20110113 i686 OpenMandriva Unsupported Release
unhide - - -

Requires

Name Value
libc.so.6(GLIBC_2.4)(64bit) -
libpthread.so.0()(64bit) -
libpthread.so.0(GLIBC_2.2.5)(64bit) -
rtld(GNU_HASH) -

Provides

Name Value
unhide = 20110113-2
unhide(x86-64) = 20110113-2

Download

Type URL
Mirror abf-downloads.openmandriva.org
Binary Package unhide-20110113-2-omv4000.x86_64.rpm
Source Package unhide-20110113-2.src.rpm

Install Howto

  1. Enable the repository in Software Repository Picker:
    # om-repo-picker
  2. Install unhide rpm package:
    # dnf install unhide

Files

Path
/usr/sbin/unhide
/usr/sbin/unhide-linux26
/usr/sbin/unhide-tcp
/usr/share/doc/unhide/LEEME.txt
/usr/share/doc/unhide/README.txt
/usr/share/doc/unhide/changelog
/usr/share/man/man8/unhide-linux26.8.xz
/usr/share/man/man8/unhide-tcp.8.xz
/usr/share/man/man8/unhide.8.xz

See Also

Package Description
uniconvertor-1.1.5-6-omv4000.x86_64.rpm Universal vector graphics translator
unignuplot-2.0-9-omv4000.noarch.rpm Simplify the command line interface with GNUPlot
unity-asset-pool-0.8.23-2-omv4000.noarch.rpm Pool of assets for Unity (icons)
unix2dos-2.2-12-omv4000.x86_64.rpm UNIX to DOS text file format converter
unixcw-3.1.1-1-omv4000.x86_64.rpm Shared library for Morse programs
unpackssi-20030612-2-omv4000.x86_64.rpm .SSI File Unpacker
unpaper-6.1-2-omv4000.x86_64.rpm Post-processing scanned and photocopied book pages
unrtf-0.21.10-1-omv4000.x86_64.rpm RTF to other formats converter
unsermake-0.4-6-omv4000.noarch.rpm Buildsystem utility to supersed auto* tools
unshield-0.6-5-omv4000.x86_64.rpm A program to extract InstallShield cabinet files
up-0.3-13-omv4000.x86_64.rpm Displays the uptime in a human readable format
updateads-1.0-6-omv4000.noarch.rpm Update BIND ad server listings
upnp-inspector-0.2.2-3-omv4000.x86_64.rpm An UPnP Device and Service analyzer
upse-1.0.0-7-omv4000.x86_64.rpm Playstation sound emulator
uptimed-0.3.17-3-omv4000.x86_64.rpm A daemon to record and keep track of system uptimes
Advertisement
Advertisement