1UNHIDE-TCP(8)               System Manager's Manual              UNHIDE-TCP(8)
2
3
4

NAME

6       unhide-tcp — forensic tool to find hidden TCP/UDP ports
7

SYNOPSIS

9       unhide-tcp [options]
10

DESCRIPTION

12       unhide-tcp  is  a  forensic tool that identifies TCP/UDP ports that are
13       listening but are not listed by /sbin/ss (or alternatively by /bin/net‐
14       stat) through brute forcing of all TCP/UDP ports available.
15       Note1  :  On  FreeBSD  ans  OpenBSD, netstat is always used as iproute2
16       doesn't exist on these OS. In addition, on FreeBSD,  sockstat  is  used
17       instead  of fuser.  Note2 : If iproute2 is not available on the system,
18       option -n or -s SHOULD be given on the command line.
19

OPTIONS

21       -h --help
22              Display help
23
24       --brief
25              Don't display warning messages, that's the default behavior.
26
27       -f --fuser
28              Display fuser output (if available) for the hidden port On Free‐
29              BSD,  instead of fuser command, displays the output of the sock‐
30              stat command for the hidden port.
31
32       -l --lsof
33              Display lsof output (if available) for the hidden port
34
35       -n --netstat
36              Use /bin/netstat instead of /sbin/ss. On system with many opened
37              ports, this can slow down the test dramatically.
38
39       -s --server
40              Use  a  very quick strategy of scanning. On system with a lot of
41              opened ports, it is hundreds times faster than ss method and ten
42              thousands times faster than netstat method.
43
44       -o --log
45              Write  a log file (unhide-tcp-AAAA-MM-DD.log) in the current di‐
46              rectory.
47
48       -V --version
49              Show version and exit
50
51       -v --verbose
52              Be verbose, display warning message (default :  don't  display).
53              This option may be repeated more than once.
54
55   Exit status:
56       0      if no hidden port is found,
57
58       4      if one or more hidden TCP port(s) is(are) found,
59
60       8      if one or more hidden UDP port(s) is(are) found,
61
62       12     if one or more hidden TCP and UDP ports are found.
63

BUGS

65       Report    unhide-tcp    bugs    on    the   bug   tracker   on   GitHub
66       (https://github.com/YJesus/Unhide/issues)
67

SEE ALSO

69       unhide (8).
70

AUTHOR

72       This manual page was written by Francois  Marier  (francois@debian.org)
73       and Patrick Gouin (patrickg.github@free.fr).
74       Permission  is  granted to copy, distribute and/or modify this document
75       under the terms of the GNU General Public License,  Version  3  or  any
76       later version published by the Free Software Foundation.
77

LICENSE

79       License   GPLv3+:  GNU  GPL  version  3  or  later  <http://gnu.org/li
80       censes/gpl.html>.
81       This is free software: you are free  to  change  and  redistribute  it.
82       There is NO WARRANTY, to the extent permitted by law.
83
84
85
86Administration commands            June 2022                     UNHIDE-TCP(8)
Impressum