There are so many tools that able to check the hidden process and port, the tools are rootkits/lkms/unhide etc.
In this tutorial i will discuss something more simple to use and the tools is UNHIDE.
Unhide is a tool to find hidden processes and TCP/UDP ports by rootkits / LKMs or by another hidden technique. This tools works under both Linux / Unix, and MS-Windows operating systems.
It detects hidden processes using three techniques:
The proc technique consists of comparing /proc with the output of /bin/ps.
The sys technique consists of comparing information gathered from /bin/ps with information gathered from system calls.
The brute technique consists of bruteforcing the all process IDs. This technique is only available on Linux 2.6 kernels.
↧
How To Find a Hidden Process and Port in Linux and Unix Operating System
↧
