13 lines
576 B
Plaintext
13 lines
576 B
Plaintext
Unhide is a forensic tool to find processes and TCP/UCP ports hidden by
|
|
rootkits, Linux kernel modules or by other techniques. It includes unhide
|
|
and unhide-tcp.
|
|
|
|
NOTES: The SlackBuild script builds only unhide-tcp and unhide-linux26.
|
|
The original unhide for 2.4 kernels is not built for obvious reasons.
|
|
unhide-linux26 has been linked to "unhide", as many apps (rkhunter, for
|
|
example) expect to find it here. This is also the solution chosen by many
|
|
distributions.
|
|
|
|
Remember to run unhide as root only. Failing to do so could result in
|
|
a massive arrival of false positives.
|