unhide-0.0.20110113-1.el6.rf.i686.rpm


Advertisement

Description

unhide - Tool to find hidden processes and TCP/UDP ports from rootkits

Property Value
Distribution CentOS 6
Repository Repoforge (RPMforge) i386
Package name unhide
Package version 0.0.20110113
Package release 1.el6.rf
Package architecture i686
Package type rpm
Installed size 620.95 KB
Download size 250.07 KB
Official Mirror ftp.tu-chemnitz.de
Unhide is a forensic tool to find processes and TCP/UDP ports hidden by
rootkits, Linux kernel modules or by other techniques. It includes two
utilities: unhide and unhide-tcp.
Unhide detects hidden processes using three techniques:
- comparing the output of /proc and /bin/ps
- comparing the information gathered from /bin/ps with the one gathered
from system calls (syscall scanning)
- full scan of the process ID space (PIDs bruteforcing)
unhide-tcp identifies TCP/UDP ports that are listening but are not listed
in /bin/netstat through brute forcing of all TCP/UDP ports available.

Alternatives

Package Version Architecture Repository
unhide-20130526-4.el6.art.i686.rpm 20130526 i686 Atomic
unhide-20130526-4.el6.art.x86_64.rpm 20130526 x86_64 Atomic
unhide-20130526-3.el6.psychotic.i386.rpm 20130526 i386 Psychotic Ninja
unhide-20130526-3.el6.psychotic.x86_64.rpm 20130526 x86_64 Psychotic Ninja
unhide-20130526-1.el6.x86_64.rpm 20130526 x86_64 EPEL
unhide-20130526-1.el6.i686.rpm 20130526 i686 EPEL
unhide-20130428-3.el6.art.i686.rpm 20130428 i686 Atomic
unhide-20130428-3.el6.art.x86_64.rpm 20130428 x86_64 Atomic
unhide - - -

Requires

Name Value
libc.so.6 -
libc.so.6(GLIBC_2.0) -
libc.so.6(GLIBC_2.1) -
libc.so.6(GLIBC_2.3) -
libc.so.6(GLIBC_2.3.4) -
libc.so.6(GLIBC_2.4) -
libpthread.so.0 -
libpthread.so.0(GLIBC_2.0) -
libpthread.so.0(GLIBC_2.1) -
rtld(GNU_HASH) -

Provides

Name Value
unhide = 0.0.20110113-1.el6.rf
unhide(x86-32) = 0.0.20110113-1.el6.rf

Download

Type URL
Binary Package unhide-0.0.20110113-1.el6.rf.i686.rpm
Source Package unhide-0.0.20110113-1.el6.rf.src.rpm

Install Howto

  1. Download latest rpmforge-release rpm from
    http://ftp.tu-chemnitz.de/pub/linux/dag/redhat/el6/en/i386/rpmforge/RPMS/
  2. Install rpmforge-release rpm:
    # rpm -Uvh rpmforge-release*rpm
  3. Install unhide rpm package:
    # yum install unhide

Files

Path
/usr/sbin/unhide
/usr/sbin/unhide-tcp
/usr/share/doc/unhide-0.0.20110113/COPYING
/usr/share/doc/unhide-0.0.20110113/LEEME.txt
/usr/share/doc/unhide-0.0.20110113/README.txt
/usr/share/man/man8/unhide-tcp.8.gz
/usr/share/man/man8/unhide.8.gz

Changelog

2012-02-19 - David Hrbáč <david@hrbac.cz> - 0.0.20110113-1
- new upstream release
2008-07-01 - Dag Wieers <dag@wieers.com> - 0.0.20080519-1
- Initial package. (using DAR)

See Also

Package Description
uni2ascii-4.15-1.el6.rf.i686.rpm Convert between UTF-8 Unicode and 7-bit ASCII equivalents
uni2ascii-4.17-1.el6.rf.i686.rpm Convert between UTF-8 Unicode and 7-bit ASCII equivalents
uni2ascii-4.18-1.el6.rf.i686.rpm Convert between UTF-8 Unicode and 7-bit ASCII equivalents
unison-2.32.52-1.el6.rf.i686.rpm File-synchronization tool
unison-2.40.63-1.el6.rf.i686.rpm File-synchronization tool
unixbench-5.1.2-1.el6.rf.i686.rpm BYTE's UNIX Benchmarks
unoconv-0.4-1.el6.rf.noarch.rpm Tool to convert between any document format supported by OpenOffice
unoconv-0.5-1.el6.rf.noarch.rpm Tool to convert between any document format supported by OpenOffice
unpaper-0.3-1.el6.rf.i686.rpm Post-processing of scanned and photocopied book pages
unrar-3.9.10-1.el6.rf.i686.rpm Extract, test and view RAR archives
unrar-4.0.1-1.el6.rf.i686.rpm Extract, test and view RAR archives
unrar-4.0.2-1.el6.rf.i686.rpm Extract, test and view RAR archives
unrar-4.0.4-1.el6.rf.i686.rpm Extract, test and view RAR archives
unrar-4.0.5-1.el6.rf.i686.rpm Extract, test and view RAR archives
unrar-4.0.6-1.el6.rf.i686.rpm Extract, test and view RAR archives
Advertisement
Advertisement