Unhide is a little handy forensic tool to find hidden processes and TCP/UDP ports by rootkits / LKMs or by another hidden technique. This tools works under both Linux / Unix, and MS-Windows operating systems. From the man page:
It detects hidden processes using three techniques:
- The proc technique consists of comparing /proc with the output of /bin/ps.
- The sys technique consists of comparing information gathered from /bin/ps with information gathered from system calls.
- The brute technique consists of bruteforcing the all process IDs. This technique is only available on Linux 2.6 kernels.
Explains how to use netstat command to display current connections and find out if your server is under DoS attack or not.
From my mailbag the other day I received an interesting suggestion about obtaining information regarding all running process and network connections remotely using inetd / xinetd : SSH client can be used to execute a command(s) on a remote UNIX box. Same technique can be used to get current network and system information using netstat [...]
You can use route command to configure routing. Syntax is as follows: route add net {network-address} netmask {subnet} {router-address} Let us assume your router address is 192.168.1.254 and network ID is 192.168.1.0/24, then you can type route command as follows: # route add net 192.168.1.0 netmask 255.255.255.0 192.168.1.254 OR To add a default route: # [...]
