[Forensics-changes] [SCM] Forensic tool to find hidden processes and ports branch, debian, updated. debian/20080519-4-18-g91f8a45

Daniel Baumann daniel at debian.org
Tue Jul 28 13:48:30 UTC 2009 

The following commit has been merged in the debian branch:
commit 0cad73d2d1aa0d19b0f49e3c7a44cd01c9d86768
Author: Daniel Baumann <daniel at debian.org>
Date:   Tue Jul 28 15:23:12 2009 +0200

    Rewrapping README.Debian.

diff --git a/debian/unhide.README.Debian b/debian/unhide.README.Debian
index 564a9ae..370c411 100644
--- a/debian/unhide.README.Debian
+++ b/debian/unhide.README.Debian
@@ -1,26 +1,25 @@
 unhide for Debian
 -----------------
 
-These utilities are meant to be run as root, otherwise, they will miss certain things or
-report false positives.
+These utilities are meant to be run as root, otherwise, they will miss certain
+things or report false positives.
 
+False positives
+---------------
 
-False positives 
-----------------
+Grsecurity kernels seem to reserver PIDs 300 to 499. They will be reported when
+using unhide's brute-forcing method.
 
-Grsecurity kernels seem to reserver PIDs 300 to 499.  They will be reported when using
-unhide's brute-forcing method.
-
-Some applications can start listening on a port between the time that unhide gets the
-list of open ports in /bin/netstat and the time when it brute-forces ports.  Run it a few
-times to make sure that it's not a permanent port.
+Some applications can start listening on a port between the time that unhide
+gets the list of open ports in /bin/netstat and the time when it brute-forces
+ports. Run it a few times to make sure that it's not a permanent port.
 
 Non-Linux 2.6 kernels
-----------------------
+---------------------
 
-If you want to run unhide on a kernel other than Linux 2.6, make the unhide-posix program
-the default:
+If you want to run unhide on a kernel other than Linux 2.6, make the
+unhide-posix program the default:
 
-   update-alternatives --config unhide
+	# update-alternatives --config unhide
 
  -- Francois Marier <francois at debian.org>  Thu, 06 Dec 2007 16:59:30 +1300

-- 
Forensic tool to find hidden processes and ports

More information about the forensics-changes mailing list