summaryrefslogtreecommitdiff
path: root/system/unhide/README
blob: a5c77eb447c89a42812b0a8a48bf745a590b67d7 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
Unhide is a forensic tool to find processes and TCP/UCP ports hidden by 
rootkits, Linux kernel modules or by other techniques. It includes unhide
and unhide-tcp.

NOTES: The SlackBuild script builds only unhide-tcp and unhide-linux26.
The original unhide for 2.4 kernels is not built for obvious reasons.
unhide-linux26 has been linked to "unhide", as many apps (rkhunter, for
example) expect to find it here. This is also the solution chosen by many
distributions.

Remember to run unhide as root only. Failing to do so could result in
a massive arrival of false positives.