Bug#531364: RFA: unhide -- Forensic tool to find hidden processes and ports
Francois Marier wrote: I request an adopter for the unhide package. i could do that on behalf of debian-forensics (forensics-de...@lists.alioth.debian.org). Regards, Daniel -- Address:Daniel Baumann, Burgunderstrasse 3, CH-4562 Biberist Email: daniel.baum...@panthera-systems.net Internet: http://people.panthera-systems.net/~daniel-baumann/ -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#531364: RFA: unhide -- Forensic tool to find hidden processes and ports
On 2009-06-01 at 18:54:00, Daniel Baumann wrote: Francois Marier wrote: I request an adopter for the unhide package. i could do that on behalf of debian-forensics (forensics-de...@lists.alioth.debian.org). Go right ahead, it's all yours. Cheers, Francois -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#531364: RFA: unhide -- Forensic tool to find hidden processes and ports
owner 531364 forensics-de...@lists.alioth.debian.org retitle 531364 ITA: unhide -- Forensic tool to find hidden processes thanks Francois Marier wrote: Go right ahead, it's all yours. ok, will do. not before sunday though. -- Address:Daniel Baumann, Burgunderstrasse 3, CH-4562 Biberist Email: daniel.baum...@panthera-systems.net Internet: http://people.panthera-systems.net/~daniel-baumann/ -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#531364: RFA: unhide -- Forensic tool to find hidden processes and ports
Package: wnpp Severity: normal I request an adopter for the unhide package. The package description is: Unhide is a forensic tool to find processes and TCP/UDP ports hidden by rootkits, Linux kernel modules or by other techniques. It includes two utilities: unhide and unhide-tcp. . unhide detects hidden processes using three techniques: - comparing the output of /proc and /bin/ps - comparing the information gathered from /bin/ps with the one gathered from system calls (syscall scanning) - full scan of the process ID space (PIDs bruteforcing) . unhide-tcp identifies TCP/UDP ports that are listening but are not listed in /bin/netstat through brute forcing of all TCP/UDP ports available. . This package can be used by rkhunter in its daily scans. The package is in good shape and upstream is very nice and responsive. One thing you may want to consider if you adopt this package is how to integrate this version of unhide re-written in ruby which is said to be faster: https://launchpad.net/unhide.rb Cheers, Francois -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org