Windows rootkits of 2005, part three


The third and final article in this series explores five different rootkit detection techniques used to discover Windows rootkit deployments. Additionally, nine different tools designed for administrators are discussed.

1. Introduction

Rootkits have become very sophisticated over the past few years, and in 2005 we have seen a surge in rootkit deployments in spyware, worms, botnets, and even music CDs. Although once a computer system has been subverted by a rootkit it is extremely difficult to detect or eradicate the rootkit, there are still some different methodologies that detect the rootkit that have worked to varying degrees. Part one looked at what Windows rootkits are and what makes them so dangerous. Part two examined the latest cutting edge rootkit technologies and how they achieve stealth.

Now in part three, we explore five such detection techniques and, where possible, provide information about different rootkit detection tools. Windows rootkits of 2005, part three

Linked by shanmuga Thursday, 5th January 2006 11:45PM