Adam, Alex,
% unhide proc
% unhide brute
continue to report no problems.
% unhide
is just a call to 'usage' and exit.
I am inclined to the advice of Alex Hudson, who writes that unhide is bound to be racey on virtual machines.

Thanks for your help, both. 


From: Adam Spiers <>
To: Max B <>
Sent: Thu, December 16, 2010 12:18:39 PM
Subject: Re: [bitfolk] 'unhide sys' command, was Re: Exim remote root exploit

On 16 December 2010 12:13, Max B <> wrote:
> Adam,
> thanks more!   I was only dimly aware of the 'lsof' command.

No problem.  I did mention it in my previous mail though ;-)

> unfortunately:
> % unhide sys
> Unhide 20080519
> does not report the pid numbers, nor does the man page indicate a command
> line 'verbose' switch, nor does the unhide command generate a telltale
> /var/log summary:

What about 'unhide proc' or 'unhide brute' or just 'unhide' ?