How to Install and Uninstall unhide Package on Ubuntu 16.04 LTS (Xenial Xerus)
Last updated: December 28,2024
1. Install "unhide" package
Please follow the guidelines below to install unhide on Ubuntu 16.04 LTS (Xenial Xerus)
$
sudo apt update
Copied
$
sudo apt install
unhide
Copied
2. Uninstall "unhide" package
This guide covers the steps necessary to uninstall unhide on Ubuntu 16.04 LTS (Xenial Xerus):
$
sudo apt remove
unhide
Copied
$
sudo apt autoclean && sudo apt autoremove
Copied
3. Information about the unhide package on Ubuntu 16.04 LTS (Xenial Xerus)
Package: unhide
Priority: extra
Section: universe/admin
Installed-Size: 133
Maintainer: Ubuntu Developers
Original-Maintainer: Debian Forensics
Architecture: amd64
Version: 20130526-1
Depends: libc6 (>= 2.14)
Suggests: rkhunter
Filename: pool/universe/u/unhide/unhide_20130526-1_amd64.deb
Size: 46622
MD5sum: 653e02e2d5f29a16186119a27c043d82
SHA1: b5dda58750db3b2459f9a00ee82ee86c371f0014
SHA256: 0dbca0c952af8066b0a5e5e6dac8ab170f4c4a17a4843aac70b18a5f8876bb9f
Description-en: Forensic tool to find hidden processes and ports
Unhide is a forensic tool to find processes and TCP/UDP ports hidden by
rootkits, Linux kernel modules or by other techniques. It includes two
utilities: unhide and unhide-tcp.
.
unhide detects hidden processes using the following six techniques:
* Compare /proc vs /bin/ps output
* Compare info gathered from /bin/ps with info gathered by walking thru the
procfs.
* Compare info gathered from /bin/ps with info gathered from syscalls
(syscall scanning).
* Full PIDs space occupation (PIDs bruteforcing)
* Reverse search, verify that all thread seen by ps are also seen by the
kernel (/bin/ps output vs /proc, procfs walking and syscall)
* Quick compare /proc, procfs walking and syscall vs /bin/ps output
.
unhide-tcp identifies TCP/UDP ports that are listening but are not listed in
/bin/netstat through brute forcing of all TCP/UDP ports available.
.
This package can be used by rkhunter in its daily scans.
.
This package is useful for network security checks, in addition to forensics
investigations.
Description-md5: 2b450c591220d6cd58e2fe58256d0e89
Homepage: http://www.unhide-forensics.info
Bugs: https://bugs.launchpad.net/ubuntu/+filebug
Origin: Ubuntu
Priority: extra
Section: universe/admin
Installed-Size: 133
Maintainer: Ubuntu Developers
Original-Maintainer: Debian Forensics
Architecture: amd64
Version: 20130526-1
Depends: libc6 (>= 2.14)
Suggests: rkhunter
Filename: pool/universe/u/unhide/unhide_20130526-1_amd64.deb
Size: 46622
MD5sum: 653e02e2d5f29a16186119a27c043d82
SHA1: b5dda58750db3b2459f9a00ee82ee86c371f0014
SHA256: 0dbca0c952af8066b0a5e5e6dac8ab170f4c4a17a4843aac70b18a5f8876bb9f
Description-en: Forensic tool to find hidden processes and ports
Unhide is a forensic tool to find processes and TCP/UDP ports hidden by
rootkits, Linux kernel modules or by other techniques. It includes two
utilities: unhide and unhide-tcp.
.
unhide detects hidden processes using the following six techniques:
* Compare /proc vs /bin/ps output
* Compare info gathered from /bin/ps with info gathered by walking thru the
procfs.
* Compare info gathered from /bin/ps with info gathered from syscalls
(syscall scanning).
* Full PIDs space occupation (PIDs bruteforcing)
* Reverse search, verify that all thread seen by ps are also seen by the
kernel (/bin/ps output vs /proc, procfs walking and syscall)
* Quick compare /proc, procfs walking and syscall vs /bin/ps output
.
unhide-tcp identifies TCP/UDP ports that are listening but are not listed in
/bin/netstat through brute forcing of all TCP/UDP ports available.
.
This package can be used by rkhunter in its daily scans.
.
This package is useful for network security checks, in addition to forensics
investigations.
Description-md5: 2b450c591220d6cd58e2fe58256d0e89
Homepage: http://www.unhide-forensics.info
Bugs: https://bugs.launchpad.net/ubuntu/+filebug
Origin: Ubuntu