Fedora 20 Update: unhide-20130526-1.fc20
updates at fedoraproject.org
updates at fedoraproject.org
Fri Jan 10 07:42:04 UTC 2014
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2014-0503
2014-01-10 06:22:47
--------------------------------------------------------------------------------
Name : unhide
Product : Fedora 20
Version : 20130526
Release : 1.fc20
URL : http://www.unhide-forensics.info/
Summary : Tool to find hidden processes and TCP/UDP ports from rootkits
Description :
Unhide is a forensic tool to find processes and TCP/UDP ports hidden by
rootkits, Linux kernel modules or by other techniques. It includes two
utilities: unhide and unhide-tcp.
Unhide detects hidden processes using three techniques:
- comparing the output of /proc and /bin/ps
- comparing the information gathered from /bin/ps with the one gathered
from system calls (syscall scanning)
- full scan of the process ID space (PIDs bruteforcing)
unhide-tcp identifies TCP/UDP ports that are listening but are not listed
in /bin/netstat through brute forcing of all TCP/UDP ports available.
--------------------------------------------------------------------------------
Update Information:
2013-05-26
unhide-posix.c
- Transform 'ret' in global variable to avoid warnings
(note: ret variable was added to avoid warnings with some over pedantic
version of glibc and is otherwise useless).
2013-05-24
unhide-tcp.8 (spanish version), LEEME.txt
- update according to english version.
2013-03-03
unhide-posix.c
- Bugfix : Correct app name in banner of unhide-posix.
unhide-tcp.c
- Continue to simplify packager job:
* on FreeBSD use sockstat instead of fuser, which doesn't show info on internet socket
on this system.
README.txt, LISEZ-MOI.txt
- Add list of build-requires and use-requires
unhide-tcp.8 (french and english version)
- Add notes upon FreeBSD.
2013-02-03
unhide-output.h
- Bugfix : include <stdarg.h>, some old glibc need it
unhide-posix.c, unhide-output.c, unhide-tcp.c
- Simplify packager job:
* put OS specific command between #ifdef (they were previously commented),
* don't use ss by default in unhide-tcp if OS is not linux,
* on FreeBSD use sockstat instead of fuser, which doesn't show info on internet socket
on this system.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 9 2014 Christopher Meng <rpm at cicku.me> - 20130526-1
- Update to 20130526
- Add multilingual manpages.
- SPEC cleanup, build with RELRO.
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update unhide' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list