[Forensics-changes] [SCM] debian-forensics/unhide.rb branch, master, updated. debian/13-1-2-gfaf646b
Julien Valroff
julien at kirya.net
Tue Oct 25 18:30:25 UTC 2011
The following commit has been merged in the master branch:
commit faf646bc2b9f00dec18340d2e2a6e909450ab8e2
Author: Julien Valroff <julien at kirya.net>
Date: Tue Oct 25 20:30:21 2011 +0200
Update package description to be more precise on how unhide.rb compares to the original unhide
diff --git a/debian/changelog b/debian/changelog
index fb08827..4c323c5 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,8 +1,10 @@
unhide.rb (13-2) unstable; urgency=low
* Update DEP-5 uri
+ * Update package description to be more precise on how unhide.rb compares to
+ the original unhide
- -- Julien Valroff <julien at debian.org> Sun, 18 Sep 2011 14:54:24 +0200
+ -- Julien Valroff <julien at debian.org> Tue, 25 Oct 2011 20:29:40 +0200
unhide.rb (13-1) unstable; urgency=low
diff --git a/debian/control b/debian/control
index ee23910..d15d884 100644
--- a/debian/control
+++ b/debian/control
@@ -14,11 +14,15 @@ Architecture: all
Depends: ruby, ${misc:Depends}
Suggests: rkhunter
Description: Forensic tool to find processes hidden by rootkits
- Unhide.rb is a reimplementation of unhide in Ruby.
+ Unhide.rb is a forensic tool to find processes hidden by rootkits.
.
- It currently does the does the same checks as "unhide proc" and "unhide sys",
- while being about 10x faster than the original C code.
+ It looks for active processes in many different ways. Processes found by
+ some means but not others are considered to be "hidden", and are reported
+ to the user.
.
- It also has better diagnostics when hidden processes are found.
+ Unhide.rb is a tentative of rewrite in Ruby of the original Unhide, which
+ is written in C. While being much faster, it does not implement all the
+ diagnostics of the original version. It is also less secure as it cannot
+ be statically compiled.
.
This package can be used by rkhunter in its daily scans.
--
debian-forensics/unhide.rb
More information about the forensics-changes
mailing list