How to Detect a Hidden Process in Linux
I have read somewhere that rootkits hide a process by dropping off its
links in task list.First my question is when it is dropped off task list,
how it can be scheduled in kernel 3.*? In fact I want to detect hidden
processes by comparing running processes in task list and processes in
something like runqueue.
No comments:
Post a Comment