unhide-20130526-3.el6.psychotic.i386.rpm


Advertisement

Description

unhide - Tool to find hidden processes and TCP/UDP ports from rootkits

Distribution: CentOS 6
Repository: Psychotic Ninja i386
Package name: unhide
Package version: 20130526
Package release: 3.el6.psychotic
Package architecture: i386
Package type: rpm
Installed size: 145.16 KB
Download size: 59.36 KB
Official Mirror: packages.psychotic.ninja
Unhide is a forensic tool to find processes and TCP/UDP ports hidden by rootkits, Linux kernel modules or by other techniques. It includes two utilities: unhide and unhide-tcp. Unhide detects hidden processes using three techniques: - comparing the output of /proc and /bin/ps - comparing the information gathered from /bin/ps with the one gathered from system calls (syscall scanning) - full scan of the process ID space (PIDs bruteforcing) unhide-tcp identifies TCP/UDP ports that are listening but are not listed in /bin/netstat through brute forcing of all TCP/UDP ports available.

Provides

  • unhide = 20130526-3.el6.psychotic
  • unhide(x86-32) = 20130526-3.el6.psychotic

    Install Howto

    1. Download the latest psychotic-release rpm from
      http://packages.psychotic.ninja/6/base/i386/RPMS/
    2. Install psychotic-release rpm:
      # rpm -Uvh psychotic-release*rpm
    3. Install unhide rpm package:
      # yum --enablerepo=psychotic install unhide

    Files

    • /usr/sbin/unhide
    • /usr/sbin/unhide-tcp
    • /usr/sbin/unhide_rb
    • /usr/share/doc/unhide-20130526/COPYING
    • /usr/share/doc/unhide-20130526/NEWS
    • /usr/share/doc/unhide-20130526/README.txt
    • /usr/share/doc/unhide-20130526/changelog
    • /usr/share/doc/unhide-20130526/sanity-tcp.sh
    • /usr/share/doc/unhide-20130526/sanity.sh
    • /usr/share/man/es/man8/unhide-tcp.8.gz
    • /usr/share/man/es/man8/unhide.8.gz
    • /usr/share/man/fr/man8/unhide-tcp.8.gz
    • /usr/share/man/fr/man8/unhide.8.gz
    • /usr/share/man/man8/unhide-tcp.8.gz
    • /usr/share/man/man8/unhide.8.gz

    Changelog

    2014-08-18 - Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 20130526-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild

    2014-06-08 - Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 20130526-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild

    2014-01-09 - Christopher Meng <rpm@cicku.me> - 20130526-1 - Update to 20130526 - Add multilingual manpages. - SPEC cleanup, build with RELRO.

    2013-07-26 - Parag <paragn AT fedoraproject DOT org> - 1.0-10.20121229 - Update to new version

    2013-02-15 - Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0-9.20100201 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild

    2012-07-22 - Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0-8.20100201 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild

    2012-01-14 - Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0-7.20100201 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild

    2011-02-07 - Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0-6.20100201 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild

    2010-05-03 - Rakesh Pandit <rakesh@fedoraproject.org> 1.0-5.20100201 - Updated to 20100201

    2009-12-04 - Rakesh Pandit <rakesh@fedoraproject.org> 1.0-5.20090810 - Updated to 20090810

    Advertisement
    Advertisement