On Thu, 2011-07-28 at 11:11 -0400, Dimitri Yioulos wrote: > I understand perfectly that rkhunter depends on unhide to find > hidden network ports, and I have no reason to believe that unhide > doesn't work as advertised. I did update to the latest version, > btw, put it still returns the same information. > > ANY assistance you or anyone can give me to try and resolve this > would be greatly appreciated. > It may be overkill but you could try running unhide via strace to see what is going on. Something like: strace -f unhide sys
You may well want to capture all the output into a file. Use the 'unhide' command rather than 'unhide-tcp' as 'unhide-tcp' does not look for the program name associated with a found PID. Of course you could also try running strace on one of the found PIDs. Eg: strace -p 900 John. -- John Horne, University of Plymouth, UK Tel: +44 (0)1752 587287 Fax: +44 (0)1752 587001 ------------------------------------------------------------------------------ Got Input? Slashdot Needs You. Take our quick survey online. Come on, we don't ask for help often. Plus, you'll get a chance to win $100 to spend on ThinkGeek. http://p.sf.net/sfu/slashdot-survey _______________________________________________ Rkhunter-users mailing list Rkhunter-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/rkhunter-users
