mirror of
https://git.FreeBSD.org/ports.git
synced 2024-10-21 20:38:45 +00:00
deb6e0450c
- Add LICENSE - Remove leading indefinite article from COMMENT - Support STAGEDIR - Remove contiguous blank line from pkg-descr PR: ports/183114 Submitted by: sunpoet (myself) Approved by: maintainer (timeout, 17 days)
15 lines
598 B
Plaintext
15 lines
598 B
Plaintext
Unhide is a forensic tool to find hidden processes and TCP/UDP ports by
|
|
rootkits / LKMs or by another hidden technique. It consists of two
|
|
programs: unhide and unhide-tcp.
|
|
|
|
unhide detects hidden processes through:
|
|
* Comparison of /proc vs /bin/ps output.
|
|
* Comparison of info gathered from /bin/ps with info gathered from.
|
|
* Syscalls (syscall scanning).
|
|
* Full PIDs space ocupation (PIDs bruteforcing).
|
|
|
|
unhide-tcp identifies TCP/UDP ports that are listening but not listed in
|
|
/bin/netstat by doing brute forcing of all TCP/UDP ports availables.
|
|
|
|
WWW: http://www.unhide-forensics.info/
|