Re: What is the hidden process?
On 08.04.2011 03:20, Ron Johnson wrote:
> On 04/07/2011 09:50 PM, James Brown wrote:
>> `unhide` define that there is a hidden process in my system, but don't
>> indicate it concretely:
>>> ~$ sudo unhide sys
>>> Unhide 20100201
>>> http://www.security-projects.com/?Unhide
>>>
>>>
> [snip]
>>>
>>> [*]Searching for Hidden processes through sysinfo() scanning
>>>
>>> HIDDEN Processes Found: 1
>>
>>
>> How can I find out what is that process?
>>
>
> The man page (http://www.unhide-forensics.info/unhide-linux26.html)
> mentions options like "-f" and "-v".
>
That options are unworkable under unhide-package from Debian Squeeze:
$sudo unhide -v sys
Unhide 20100201
http://www.security-projects.com/?Unhide
usage: unhide proc | sys | brute
$apt-cache policy unhide
unhide:
Installed: 20100201-1
Candidate: 20100201-1
Version table:
*** 20100201-1 0
990 http://ftp.debian.org/debian/ squeeze/main amd64 Packages
100 /var/lib/dpkg/status
Reply to: