unhide for Debian
-----------------

These utilities are meant to be run as root, otherwise, they will miss certain
things or report false positives.

False positives
---------------

Grsecurity kernels seem to reserver PIDs 300 to 499. They will be reported when
using unhide's brute-forcing method.

Some applications can start listening on a port between the time that unhide
gets the list of open ports in /bin/netstat and the time when it brute-forces
ports. Run it a few times to make sure that it's not a permanent port.

 -- Francois Marier <francois@debian.org>  Thu, 06 Dec 2007 16:59:30 +1300
 -- Julien Valroff <julien@debian.org>  Fri, 09 Mar 2012 21:53:56 +0100