unhide-tcp
SYNOPSIS
unhide-tcp [options]
DESCRIPTION
unhide-tcp is a forensic tool that identifies TCP/UDP ports that are
listening but are not listed by /sbin/ss (or alternatively by /bin/net-
stat) through brute forcing of all TCP/UDP ports available.
Note : If iproute2 is not available on the system, option -n or -s
SHOULD be given on the command line.
OPTIONS
-h --help
Display help
--brief
Don't display warning messages, that's the default behavior.
-f --fuser
Display fuser output (if available) for the hidden port
-l --lsof
Display lsof output (if available) for the hidden port
-n --netstat
Use /bin/netstat instead of /sbin/ss. On system with many opened
ports, this can slow down the test dramatically.
-s --server
Use a very quick strategy of scanning. On system with a lot of
opened ports, it is hundreds times faster than ss method and ten
thousands times faster than netstat method.
-o --log
Write a log file (unhide-tcp-AAAA-MM-DD.log) in the current
directory.
-V --version
Show version and exit
-v --verbose
Be verbose, display warning message (default : don't display).
This option may be repeated more than once.
Exit status:
0 if no hidden port is found,
4 if one or more hidden TCP port(s) is(are) found,
8 if one or more hidden UDP port(s) is(are) found,
12 if one or more hidden TCP and UDP ports are found.
SEE ALSO
There is NO WARRANTY, to the extent permitted by law.
Administration commands August 2012 UNHIDE-TCP(8)
Man Pages Copyright Respective Owners. Site Copyright (C) 1994 - 2018
Hurricane Electric.
All Rights Reserved.