[ol7_developer_EPEL] unhide-20130526-1.el7.x86_64

Name:unhide
Version:20130526
Release:1.el7
Architecture:x86_64
Group:Unspecified
Size:148979
License:GPLv3
RPM: unhide-20130526-1.el7.x86_64.rpm
Source RPM: unhide-20130526-1.el7.src.rpm
Build Date:Tue Nov 07 2017
Build Host:x86-ol7-builder-01.us.oracle.com
Vendor:Oracle America
URL:http://www.unhide-forensics.info/
Summary:Tool to find hidden processes and TCP/UDP ports from rootkits
Description:
Unhide is a forensic tool to find processes and TCP/UDP ports hidden by
rootkits, Linux kernel modules or by other techniques. It includes two
utilities: unhide and unhide-tcp.

Unhide detects hidden processes using three techniques:

 - comparing the output of /proc and /bin/ps
 - comparing the information gathered from /bin/ps with the one gathered
   from system calls (syscall scanning)
 - full scan of the process ID space (PIDs bruteforcing)

unhide-tcp identifies TCP/UDP ports that are listening but are not listed
in /bin/netstat through brute forcing of all TCP/UDP ports available.

Filelist (Show Changelog) (Show related packages)