Ubuntu
unhide package

unhide 20220611-1 source package in Ubuntu

Changelog

unhide (20220611-1) unstable; urgency=medium

  * Team upload.

  [ Fukui Daichi ]
  * New upstream release
  * Bumped Std-Ver to 4.6.1
  * Update d/unhide.triggers to use noawait variant
  * Update d/copyright
  * Update d/patches

  [ Samuel Henrique ]
  * d/control: Add Replaces+Breaks to unhide-gui (closes: #1016613)

 -- Fukui Daichi <email address hidden>  Thu, 01 Sep 2022 13:21:51 +0000

Upload details

Uploaded by:
Debian Security Tools
Uploaded to:
Sid
Original maintainer:
Debian Security Tools
Architectures:
any
Section:
admin
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Mantic release universe admin
Lunar release universe admin

Downloads

File Size SHA-256 Checksum
unhide_20220611-1.dsc 1.9 KiB 01d6c7b57270cd53842751a9d95545f914c6e789f7ffa134579c4734cf6c6384
unhide_20220611.orig.tar.gz 78.3 KiB db0c29b6519982df07a9024d37b1e4618d40eaf13c2c01737ec79dcfba108eb6
unhide_20220611-1.debian.tar.xz 8.3 KiB 8f27b434e77490fd747c1fa01c7f7d093d4c92843db6a1f06412b433fa50c9c9

No changes file available.

Binary packages built by this source

unhide: forensic tool to find hidden processes and ports

 Unhide is a forensic tool to find processes and TCP/UDP ports hidden by
 rootkits, Linux kernel modules or by other techniques. It includes two
 utilities: unhide and unhide-tcp.
 .
 unhide detects hidden processes using the following six techniques:
   * Compare /proc vs /bin/ps output
   * Compare info gathered from /bin/ps with info gathered by walking thru the
     procfs.
   * Compare info gathered from /bin/ps with info gathered from syscalls
     (syscall scanning).
   * Full PIDs space occupation (PIDs bruteforcing)
   * Reverse search, verify that all thread seen by ps are also seen by the
     kernel (/bin/ps output vs /proc, procfs walking and syscall)
   * Quick compare /proc, procfs walking and syscall vs /bin/ps output
 .
 unhide-tcp identifies TCP/UDP ports that are listening but are not listed in
 /bin/netstat through brute forcing of all TCP/UDP ports available.
 .
 This package can be used by rkhunter in its daily scans.
 .
 This package is useful for network security checks, in addition to forensics
 investigations.

unhide-dbgsym: debug symbols for unhide
unhide-gui: graphical user interface for unhide

 This package unhide-gui provides a graphical user interface for unhide.
 .
 Unhide is a forensic tool to find processes and TCP/UDP ports hidden by
 rootkits, Linux kernel modules or by other techniques. It includes two
 utilities: unhide and unhide-tcp.
 .
 unhide detects hidden processes using the following six techniques:
   * Compare /proc vs /bin/ps output
   * Compare info gathered from /bin/ps with info gathered by walking thru the
     procfs.
   * Compare info gathered from /bin/ps with info gathered from syscalls
     (syscall scanning).
   * Full PIDs space occupation (PIDs bruteforcing)
   * Reverse search, verify that all thread seen by ps are also seen by the
     kernel (/bin/ps output vs /proc, procfs walking and syscall)
   * Quick compare /proc, procfs walking and syscall vs /bin/ps output
 .
 unhide-tcp identifies TCP/UDP ports that are listening but are not listed in
 /bin/netstat through brute forcing of all TCP/UDP ports available.
 .
 This package is useful for network security checks, in addition to forensics
 investigations.