unhide-20130526-4.el6.art.x86_64.rpm


Advertisement

Description

unhide - Unhide is a forensic tool to find hidden processes and TCP/UDP ports

Property Value
Distribution CentOS 6
Repository Atomic x86_64
Package name unhide
Package version 20130526
Package release 4.el6.art
Package architecture x86_64
Package type rpm
Installed size 1.53 MB
Download size 578.39 KB
Official Mirror www6.atomicorp.com
Unhide is a forensic tool to find processes and TCP/UDP ports hidden by
rootkits, Linux kernel modules or by other techniques. It includes two
utilities: unhide and unhide-tcp.
Unhide detects hidden processes using three techniques:
- comparing the output of /proc and /bin/ps
- comparing the information gathered from /bin/ps with the one gathered
from system calls (syscall scanning)
- full scan of the process ID space (PIDs bruteforcing)
unhide-tcp identifies TCP/UDP ports that are listening but are not listed
in /bin/netstat through brute forcing of all TCP/UDP ports available.

Alternatives

Package Version Architecture Repository
unhide-20130526-4.el6.art.i686.rpm 20130526 i686 Atomic
unhide-20130526-3.el6.psychotic.i386.rpm 20130526 i386 Psychotic Ninja
unhide-20130526-3.el6.psychotic.x86_64.rpm 20130526 x86_64 Psychotic Ninja
unhide-20130526-1.el6.x86_64.rpm 20130526 x86_64 EPEL
unhide-20130526-1.el6.i686.rpm 20130526 i686 EPEL
unhide-20130428-3.el6.art.i686.rpm 20130428 i686 Atomic
unhide-20130428-3.el6.art.x86_64.rpm 20130428 x86_64 Atomic
unhide-0.0.20110113-1.el6.rf.i686.rpm 0.0.20110113 i686 Repoforge (RPMforge)
unhide - - -

Provides

Name Value
unhide = 20130526-4.el6.art
unhide(x86-64) = 20130526-4.el6.art

Download

Type URL
Binary Package unhide-20130526-4.el6.art.x86_64.rpm
Source Package unhide-20130526-4.el6.art.src.rpm

Install Howto

  1. Download latest atomic-release rpm from
    http://www6.atomicorp.com/channels/atomic/centos/6/x86_64/RPMS/
  2. Install atomic-release rpm:
    # rpm -Uvh atomic-release*rpm
  3. Install unhide rpm package:
    # yum install unhide

Files

Path
/usr/bin/unhide
/usr/bin/unhide-tcp
/usr/man/man8/unhide-tcp.8.gz
/usr/man/man8/unhide.8.gz
/usr/share/unhide/LEEME.txt
/usr/share/unhide/README.txt

Changelog

2013-06-18 - Support <support@atomicorp.com> - 20130526-4
- Update to 20130526
2013-03-28 - Support <support@atomicorp.com> - 20130428-3
- Update to 20130428
2012-11-19 - Support <support@atomicorp.com> - 20120905-2
- Update to 20120905
- Rebuild packages --static, and add unhide.rb
- Add post event to symlink to alternately used names (unhide-linux26, etc)

See Also

Package Description
uni2ascii-4.18-1.el6.art.x86_64.rpm Convert between UTF-8 Unicode and 7-bit ASCII equivalents
v8-3.13.7.5-1.el6.art.x86_64.rpm JavaScript Engine
v8-3.14.5.8-1.el6.art.x86_64.rpm JavaScript Engine
v8-devel-3.13.7.5-1.el6.art.x86_64.rpm Development headers and libraries for v8
v8-devel-3.14.5.8-1.el6.art.x86_64.rpm Development headers and libraries for v8
w3af-1.6.0.5-4.el6.art.x86_64.rpm Web Application Attack and Audit Framework
w3af-1.6.0.5-5.el6.art.x86_64.rpm Web Application Attack and Audit Framework
w3af-doc-1.6.0.5-4.el6.art.x86_64.rpm Web Application Attack and Audit Framework - documentation
w3af-doc-1.6.0.5-5.el6.art.x86_64.rpm Web Application Attack and Audit Framework - documentation
wapiti-2.2.1-4.el6.art.noarch.rpm Web application vulnerability scanner
wapiti-2.3.0-5.el6.art.noarch.rpm Web application vulnerability scanner
wmi-1.3.14-3.el6.art.x86_64.rpm wmi
wmi-1.3.14-4.el6.art.x86_64.rpm wmi
xalan-c-1.10.0-7.el6.1.art.x86_64.rpm Xalan XSLT processor for C
xalan-c-devel-1.10.0-7.el6.1.art.x86_64.rpm Header files, libraries and development documentation for xalan-c
Advertisement
Advertisement