On 08.04.2011 03:20, Ron Johnson wrote: > On 04/07/2011 09:50 PM, James Brown wrote: >> `unhide` define that there is a hidden process in my system, but don't >> indicate it concretely: >>> ~$ sudo unhide sys >>> Unhide 20100201 >>> http://www.security-projects.com/?Unhide >>> >>> > [snip] >>> >>> [*]Searching for Hidden processes through sysinfo() scanning >>> >>> HIDDEN Processes Found: 1 >> >> >> How can I find out what is that process? >> > > The man page (http://www.unhide-forensics.info/unhide-linux26.html) > mentions options like "-f" and "-v". >
That options are unworkable under unhide-package from Debian Squeeze: $sudo unhide -v sys Unhide 20100201 http://www.security-projects.com/?Unhide usage: unhide proc | sys | brute $apt-cache policy unhide unhide: Installed: 20100201-1 Candidate: 20100201-1 Version table: *** 20100201-1 0 990 http://ftp.debian.org/debian/ squeeze/main amd64 Packages 100 /var/lib/dpkg/status -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4d9e93fb.1080...@gmail.com
