UGN Security

linux process hiding

Posted By: tmp001

linux process hiding - 04/28/02 10:58 PM

i wonder if anyone knows any tricks to hide a determinated command you are executing in Linux.

example: I want to execute a file that is a scritp in expect, if i do so, when someone does a `ps auxe | grep MYUSERNAME` they will see /usr/bin/expect -f filename, waht i wish is to prevent that. I tryed stupid things like renaming files, running commands from compiled c programs using system() exec() and nothing worked,
if any one has any new ideas i would ver much like to hear about it.
Posted By: hKzKnight

Re: linux process hiding - 04/29/02 12:29 AM

Sorry getting me a bit lost, prob because been working a lot and lack of sleep. Yet are you trying to say you want to hide what you typed, or hide the username? Usr terms try logging in root, would make it generic. As for hiding the command, arg don't remember was something like -hide -hideall arg, ahhh forgot... I'll look it up tommarow at work (if you dont get an answer tonight) Yet feel free to explore this site,

It's been sitting around in my bookmarks.
Posted By: sinetific

Re: linux process hiding - 05/02/02 07:35 PM

Check out rootkits. Some of them contain programs that will replace the ps command entirely in order to hide processes. Theres an article at neworder that tells about detecting rootkits on your system and how they work. One replaces
(dont be mad bout the link gizzy)
Posted By: hKzKnight

Re: linux process hiding - 05/03/02 12:09 AM

Thats also a cool thing, but I remember a command for it somplace *smacks head, **** memory*... Yet good deal.
© 2018 UGN Security Forum