From 6e988a7d6c434b57c01a16711975b32d6e5b9755 Mon Sep 17 00:00:00 2001
From: Black Rider <black_rider@esdebian.org>
Date: Tue, 30 Aug 2011 22:05:18 -0300
Subject: system/unhide: Added (utility for discovering hidden processes)

Signed-off-by: Niels Horn <niels.horn@slackbuilds.org>
---
 system/unhide/README | 12 ++++++++++++
 1 file changed, 12 insertions(+)
 create mode 100644 system/unhide/README

(limited to 'system/unhide/README')

diff --git a/system/unhide/README b/system/unhide/README
new file mode 100644
index 0000000000..a5c77eb447
--- /dev/null
+++ b/system/unhide/README
@@ -0,0 +1,12 @@
+Unhide is a forensic tool to find processes and TCP/UCP ports hidden by 
+rootkits, Linux kernel modules or by other techniques. It includes unhide
+and unhide-tcp.
+
+NOTES: The SlackBuild script builds only unhide-tcp and unhide-linux26.
+The original unhide for 2.4 kernels is not built for obvious reasons.
+unhide-linux26 has been linked to "unhide", as many apps (rkhunter, for
+example) expect to find it here. This is also the solution chosen by many
+distributions.
+
+Remember to run unhide as root only. Failing to do so could result in
+a massive arrival of false positives.
-- 
cgit v1.2.3