
	Where results make sense

Topic: Rootkit

Related Topics

Telewest Broadband

Third Intermediate Period

Fast Cars, Danger, Fire and Knives

Pasquin

Robert Anthony Bevis Durant

Sheffield Brightside (UK Parliament constituency)

Udanavarga

Paul Tracy

In the News (Tue 8 Dec 09)

Northern Trust

Marvin Harrison

Peter Chernin

Gary Locke

Match Play

Penelope Cruz

Mickey Rourke

AR Rahman

Danny Boyle

Hugh Jackman

	rootkit.com
		Vanquish is a DLL injection based Romanian rootkit that hides files, folders, registry entries and logs passwords.
		A Cross architecture Solaris rootkit the development of which is aimed to both increase understanding of the Solaris OS and to show that it's not just the external threats that a Solaris Admin should worry about.
		Rootkits are powerful tools to compromise computer systems without detection.
	www.rootkit.com (1625 words)

	What is rootkit? - a definition from Whatis.com - see also: rootkits
		Typically, a cracker installs a rootkit on a computer after first obtaining user-level access, either by exploiting a known vulnerability or cracking a password.
		A rootkit may consist of spyware and other programs that: monitor traffic and keystrokes; create a "backdoor" into the system for the hacker's use; alter log files; attack other machines on the network; and alter existing system tools to escape detection.
		If a rootkit is detected, however, the only sure way to get rid of it is to completely erase the computer's hard drive and reinstall the operating system.
	searchsecurity.techtarget.com /sDefinition/0,,sid14_gci547279,00.html (523 words)

	F-Secure Computer Virus Information Pages: Rootkit
		Rootkit is usually a standalone sofware component that attempts to hide processes, files, registry data and network connections.
		Rootkits are typically not malicious by themselves but are used for malicious purposes by viruses, worms, backdoors and spyware.
		If the rootkit is not detected or it is hidden so that FSAV cannot detect its file, it is still possible to detect the malicious activity by scanning the system with generic rootkit scanner, such as F-Secure BlackLight.
	www.f-secure.com /v-descs/rootkit.shtml (677 words)

	Rootkits - WorldStart Computer Tips and Computer Help
		A Kernel rootkit is one that can actually write code to your Operating System's kernel allowing it to exist on your PC without a trace.
		Rootkits are distributed similar to viruses, through an Operating System's known security hole, downloaded with other programs, or any other common infection techniques.
		Rootkits or more about quality and less about quantity, your typical rootkit isn't looking for another host it just wants to gets its money's worth out of the one it has under its thumb.
	www.worldstart.com /tips/tips.php/1765 (914 words)

	SWI Forums > Root Kit Question
		If a rootkit has a backdoor function like you acknowledge it would need to have in order to be effective at all, that would effectively "announce" the rootkit as well.
		I suppose traditional rootkits could be made to be as hard to remove as possible even when found, but I doubt this is much incentive for that, because the typical reaction of an experienced sysadmin on finding a rooted system is to save the data files, then reformat.
		modern rootkits also have features for keylogging, screencapture, remote access control, so they could also be considered RATS and keyloggers, but strictly speaking this is not part of the primary aim of a rootkit which is to maintain control by hiding the other components used by a hacker from being detected.
	forums.spywareinfo.com /lofiversion/index.php/t52360.html (4677 words)

	Rootkit Detection and Removal
		Detecting the presence of rootkits and the products they are stealthing is not easy Certainly most anti-virus and anti-spyware scanners can't detect them though a few are just now starting to add features to help with detection.
		Because rootkits work by changing the Windows operating itself, it may not be possible to remove the rootkit without causing Windows to become unstable or non-functioning.
		However you won't be able to do this until the rootkit is removed at which point the whole system may become unstable to the point that the malware can not be completely removed.
	www.pcsupportadvisor.com /rootkits.htm (1836 words)

	Windows rootkits of 2005, part one
		A rootkit is a program or set of programs that an intruder uses to hide her presence on a computer system and to allow access to the computer system in the future.
		Notice that the rootkit can safely overwrite the first five bytes of the function because that is the same amount of space required for many types of jumps or for a call instruction, and it is on an even instruction boundary.
		Historically, Windows rootkits have existed for some time; however, in the past year or two, they are beginning to become more readily available to those that deploy other malicious software such as viruses, ad-ware, worms and spyware.
	www.securityfocus.com /infocus/1850 (2383 words)

	USENIX ;login: - rootkits
		Rootkits are used by intruders to hide and secure their presence on your system.
		Rootkit backdoors —; often called trojan horses — can typically be divided into two categories: local programs and network services.
		rootkit is properly installed, the administrator will not be able to tell the difference between the original and a modified program.
	www.usenix.org /publications/login/1999-9/features/rootkits.html (1844 words)

	Anti Rootkit Software, News, Articles and Forums
		A rootkit is a program that is designed to hide itself and other programs, data, and/or activity including viruses, backdoors, keyloggers and spyware on a computer system.
		Rootkits are used to hide the existence of Spyware, Trojans, Keyloggers and other malware on computers.
		The rise in the use of Rootkits can be seen at the moment as more Spyware creators trying to hide their installation from the evolving Spyware scanners and virus writers trying to hide their existance.
	www.antirootkit.com (286 words)

	What is rootkit? - A Word Definition From the Webopedia Computer Dictionary
		Rootkits are difficult to detect because they are activated before your system's Operating System has completely booted up.
		Rootkits are able to intercept data from terminals, network connections, and the keyboard.
		The University of Connecticut has detected a rootkit on one of its servers, almost two years after the stealth program was placed there by malicious hackers.
	www.webopedia.com /TERM/r/rootkit.html (181 words)

	RootkitRevealer v1.71 (Site not responding. Last check: 2007-10-11)
		RootkitRevealer successfully detects all persistent rootkits published at www.rootkit.com, including AFX, Vanquish and HackerDefender (note: RootkitRevealer is not intended to detect rootkits like Fu that don't attempt to hide their files or registry keys).
		The term rootkit is used to describe the mechanisms and techniques whereby malware, including viruses, spyware, and trojans, attempt to hide their presence from spyware blockers, antivirus, and system management utilities.
		There are several rootkit classifications depending on whether the malware survives reboot and whether it executes in user mode or kernel mode.
	www.sysinternals.com /Utilities/RootkitRevealer.html (2009 words)

	LinuxDevCenter.com -- Understanding Rootkits
		The main purpose of a rootkit is to allow intruders to come back to the compromised system later and access it without being detected.
		Because most rootkits will mimic the creation dates and file sizes of the original system binaries while replacing them with infected versions, keeping records of these file statistics is not sufficient.
		Some rootkits may also contain sniffer or keylogger applications that are used to gather passwords for other systems and listen to traffic for sensitive information.
	www.linuxdevcenter.com /pub/a/linux/2001/12/14/rootkit.html (1344 words)

	F-Secure Blacklight > Rootkit Elimination Technology
		Some spyware programs are already using so-called rootkits to hide deep in the system.
		Now, there is a cure, F-Secure BlackLight Rootkit Elimination Technology.
		And, it's time to find out, whether your computer is infected by invisible rootkits.
	www.f-secure.com /blacklight (91 words)

	The basics
		A rootkit may (a) modify the interrupt handler to use a (rootkit-supplied) different syscall table, or (b) modify the entries in the syscall table to point to the rootkits replacement functions.
		Method (a) is currently used by one rootkit only, the SucKIT rootkit presented in Phrack issue 58, article 0x07 ("Linux on-the-fly kernel patching without LKM", by sd & devik).
		A rootkit may overwrite the syscall function to place a jump to its own replacement function at the start of the syscall function.
	la-samhna.de /library/rootkits/basics.html (503 words)

	Resplendence Software - RootKit Hook Analyzer
		RootKit Hook Analyzer is a security tool which will check if there are any rootkits installed on your computer which hook the kernel system services.
		Kernel RootKit Hooks are installed modules which intercept the principal system services that all programs and the operating system rely on.
		RootKit Hook Analyzer also allows you to view installed system modules and drivers with their base addresses as well as file and product information as well as the responsible companies.
	www.resplendence.com /hookanalyzer (448 words)

	What makes a rootkit? \| Tech News on ZDNet
		But in general it matters little, since all the experts agree that the technology ultimately acts as a rootkit would, making it every bit as dangerous as if it were installed by hackers.
		"A rootkit retains access to the system that has been previously compromised, and it hides itself from someone who is authorized to use the computer," said Jon Orbeton, a senior security analyst at security software maker Zone Labs.
		Rootkits are available for sale online and some hackers even offer to create custom rootkits for payment, experts said.
	news.zdnet.com /2100-1009_22-5961568.html (856 words)

	Sophos Anti-Rootkit
		Removing rootkits without compromising system integrity is particularly challenging and needs to be done with care.
		The term rootkit is used to define a Trojan (or technology) used to hide the presence of a malicious object (process, file, registry key, network port) from the computer user or administrator.
		As part of its complete protection of endpoint computers, Sophos Anti-Virus detects rootkits and prevents them being installed on any of your desktops, laptops and servers.
	www.sophos.com /products/free-tools/sophos-anti-rootkit.html (245 words)

	McAfee points finger at open source community over rootkit - Network World
		Rootkits are becoming more prevalent and difficult to detect, and security vendor McAfee says the blame falls squarely on the open source community.
		In its "Rootkits" report being published today, McAfee says the number of rootkits it has collected as malware samples has jumped ninefold this quarter compared with the same quarter a year ago.
		Almost all the rootkits McAfee has identified are intended to hide other code (such as spyware or bots) or conceal processes running in Windows systems.
	www.networkworld.com /news/2006/041706-open-source-rootkits.html (658 words)

	The Sony XCP Rootkit
		Russinovich was stunned to find that his own computer had a rootkit, and even more surprised when he found out the source was a Sony BMG music CD.
		Russinovich has described how difficult it was for him to safely remove the rootkit manually, so manual removal may not be a good idea until more detailed and well-tested procedures become available.
		Sony releases a patch to remove the rootkit aspects of XCP DRM that allow files to be concealed, but it does not remove the DRM software.
	www.pcpitstop.com /spycheck/sonyxcp.asp (1172 words)

	NT RootKit (Site not responding. Last check: 2007-10-11)
		Keep in mind that the rootkit is using raw connections to your ethernet so it can do some amazing things.
		The sessions are not kept seperate but testing has shown that it seems to work quite well as long as two people aren't typing commands at exactly the same time.
		Gotcha: The rootkit IP address has better not conflict with a real machine on your network, else the two will get into an ARP war - and that is not good.
	www.megasecurity.org /Tools/Nt_rootkit_all.html (773 words)

	PC World - The 10 Biggest Security Risks You Don't Know About (Site not responding. Last check: 2007-10-11)
		Rootkits are a malware inventor's dream: They allow worms, bots, and other malevolent software to hide in plain sight.
		Detecting a rootkit on a Windows PC is not unlike shining a flashlight at objects in a darkened room, and then trying to identify each object by the shadow it casts on the wall.
		The discovery was accidental, but rootkit makers will undoubtedly pay attention to it in their next round of malware.
	www.pcworld.com /article/id,126083-page,7/article.html (895 words)

	[No title] (Site not responding. Last check: 2007-10-11)
		Hackers are using a dangerous new tool, rootkits, to hide their activities on computers they have invaded.
		A rootkit, when installed on a compromised Windows server or PC, allows installation of hidden files, hidden services and processes, hidden user accounts and more in the computer's operating system.
		A rootkit is a tool that intercepts kernel-mode software calls and instead of allowing them to be processed normally by the Windows Kernel, it provides an alternate response.
	www.advances.com /software/rootkitshark.htm (631 words)

	eTrust Spyware Encyclopedia - XCP.Sony.Rootkit
		This rootkit driver modifies what information is visible to the operating system in order to cloak the Sony BMG software.
		This represents a vulnerability, which has already been exploited to hide World of Warcraft RING0 hacks as of the time of this writing, and could potentially hide an attacker's files and processes once access to an infected system had been gained.
		The Rootkit functionality hides files and enables hackers and other spyware to hide files with impunity.
	www3.ca.com /securityadvisor/pest/pest.aspx?id=453096362 (843 words)

	'Invisible' Rootkit found in the wild
		Symantec claims that it is the first of the next generation of rootkits.
		The rootkit probably came from the coding hot houses of Russia and a variant called Backdoor.Rustock.B has also been spotted.
		The rootkit runs inside the driver and in kernel threads and controls kernel functions via special IRP functions.
	www.theinquirer.net /default.aspx?article=33065 (228 words)

	Top 4 Rootkit Detectors
		This is the category page for rootkit detectors -- the full network security list is available here.
		RootkitRevealer for detecting registry and file system API discrepancies that may indicate the presence of a user-mode or kernel-mode rootkit.
		It runs many tests, including MD5 hash comparisons, default filenames used by rootkits, wrong file permissions for binaries, and suspicious strings in LKM and KLD modules.
	sectools.org /rootkit-detectors.html (564 words)

	Stories Tagged 'rootkit' » Netscape.com
		Gadgets and Tech – One aspect of the Sysinternals.com Web site that did not survive the transition to Microsoft is the free source code that Cogswell and Russinovich had made available for some of their tools.
		Gadgets and Tech – Increased use of stealth techniques such as rootkits is leading to fewer reports of new viruses, according to a study by net security outfit VeriSign iDefense.
		Gadgets and Tech – The Sony Rootkit Pain Train keeps rolling, this time crossing the border to blow its lonesome whistle up in Quebec, where a judge is overseeing the final details of the Canadian settlement agreement.
	www.netscape.com /tag/rootkit (750 words)

	Anti Rootkit Articles
		Gizmo gives a nice plain explanation of rootkit's, what they are, what they can do and how they do it.
		The software developer behind a leading rootkit program says he is motivated by necessity, curiosity and a desire to expose weaknesses in the Windows operating system and security technology.
		The use of Rootkit's by hackers is one way they can stay hidden to any network admin.
	www.antirootkit.com /articles/index.htm (549 words)

Try your search on: Qwika (all wikis)