unhide for Debian ----------------- These utilities are meant to be run as root, otherwise, they will miss certain things or report false positives. False positives --------------- Grsecurity kernels seem to reserver PIDs 300 to 499. They will be reported when using unhide's brute-forcing method. Some applications can start listening on a port between the time that unhide gets the list of open ports in /bin/netstat and the time when it brute-forces ports. Run it a few times to make sure that it's not a permanent port. -- Francois Marier Thu, 06 Dec 2007 16:59:30 +1300 -- Julien Valroff Fri, 09 Mar 2012 21:53:56 +0100