Adam, Alex,

 

% unhide proc

% unhide brute

 

continue to report no problems.

 

% unhide

 

is just a call to 'usage' and exit.

 

I am inclined to the advice of Alex Hudson, who writes that unhide is bound to be racey on virtual machines.

Thanks for your help, both. 

 

Cheers,

Max

 

---

From: Adam Spiers <bitfolk@adamspiers.org>
To: Max B <txtmax@yahoo.ca>
Cc: users@lists.bitfolk.com
Sent: Thu, December 16, 2010 12:18:39 PM
Subject: Re: [bitfolk] 'unhide sys' command, was Re: Exim remote root exploit

On 16 December 2010 12:13, Max B <txtmax@yahoo.ca> wrote:
>
> Adam,
>
> thanks more!   I was only dimly aware of the 'lsof' command.

No problem.  I did mention it in my previous mail though ;-)

> unfortunately:
>
> % unhide sys
> Unhide 20080519
> does not report the pid numbers, nor does the man page indicate a command
> line 'verbose' switch, nor does the unhide command generate a telltale
> /var/log summary:

What about 'unhide proc' or 'unhide brute' or just 'unhide' ?