RootKit Detection Tools and Utilities

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
With multiple developers jumping on the bandwagon to come up with detection
tools, I'm just curious: how big a problem or prevalent are rootkits? I'm
asking because I don't know.

--
Remove netnews to reply



Re: RootKit Detection Tools and Utilities

optikl a écrit :

Quoted text here. Click to load it

It looks to me, and it seems like it's not just my opinion, that current
rootkits are essentially rehashed stealth. There is an entire book
dedicated to rootkits and stealth (Hoglund and Butler's "Rootkits") that
describes stealth techniques in detail. It's very technical, so the
average script kiddie is not likely to implement it. This said, I don't
know how prevalent stealth malware is currently.

Of course, I suppose that as an anti-virus company you can't afford not
to jump on that bandwagon, regardless of whether or not rootkits/stealth
malware actually pose a real threat.

Re: RootKit Detection Tools and Utilities

optikl wrote:
Quoted text here. Click to load it

i think you're asking the wrong question...

i think you should be asking "how big a problem is stealth"... the so
called 'rootkits' are just a means to that end... now, take into account
  the financial motivation behind malware nowadays and the free access
to 'rootkit' source code and r&d on the net, and you will probably
realize that however bad the stealth problem may be it's almost
certainly going to get considerably worse...

there will come a time when no serious commercial malware will be
without stealth technology in some form or another... free development
and free code that adds value to commercial malware - it's kind of like
free money, everyone (in the commercial black hat camp at least) will
want some of that...

--
"it's not the right time to be sober
now the idiots have taken over
spreading like a social cancer,
is there an answer?"

Site Timeline