 BlackbirdBuilt for SpeedPremium
join:2005-01-14
Fort Wayne, IN
kudos:2
 ·Frontier Communi..
| reply to daveinpoway
Re: One in Five PC's Infected With Rootkits Well, if one were to take the 1-in-5 rootkit infection stats at face value, one would naturally expect that infection rate to carry through pretty much across the spectrum. So are we seeing rootkits at that level across the board... in repair shops, at the consultant/guru level, at corporate IT departments, amongst home users, etc, etc?
Granted, not all folks at all points are looking for rootkits with equal skill or focus - if at all. But still... seems to me, confirmed rootkit infections should be bubbling up in far greater numbers amongst these forum threads than what I'm personally observing. I find it curiously coincidental that Prevx, whose products are aimed at rootkits (among other things) is the one reporting these stats. To clarify: I'm not accusing them. It's just that when you make, sell, and use hammers intensively, everything can start to look like a nail.
--
If God wanted us to work with electrons, He'd make them big enough to see... |
|
qrkxPremium
join:2003-04-26
Montreal, QC | said by Blackbird:To clarify: I'm not accusing them. It's just that when you make, sell, and use hammers intensively, everything can start to look like a nail. Well - nine out of seven dentists believe scotch is better than Novocain.
I thought it is agreed upon the fact that once root-ed zee boxen needs to be incinerated.
What I find amusing is that by the very attempt of hiding their presence, rootkits give themselves away. What if rootkits stop hooking enumerating&query API's and just operate in your face? Are we back to file signatures?
rgds.
|
|
BlackbirdBuilt for SpeedPremium
join:2005-01-14
Fort Wayne, IN
kudos:2 Reviews:
·Frontier Communi..
| said by qrkx:...I thought it is agreed upon the fact that once root-ed zee boxen needs to be incinerated. ... Nah... just the hard-drives and firmware flash chips. And in those rare instances of really pesky rootkits, the metal chassis may have to be scrubbed and rinsed thoroughly... or better still, repainted.
--
If God wanted us to work with electrons, He'd make them big enough to see... |
|
| reply to qrkx
said by qrkx:Well - nine out of seven dentists believe scotch is better than Novocain. And five out of four people have trouble with fractions.
But three out of five people, aren't the other two.
Anyway, is SysInternals RootkitRevealer sufficient, or should one be using more/different tools?
--
Mr. Qwerky - The Lone Stranger
Hi-Ho Tinfoil, Away!
|
|
 ABPremium
join:2006-04-04
Leesburg, VA
kudos:3
·Verizon Online DSL
| reply to Blackbird
said by Blackbird:Well, if one were to take the 1-in-5 rootkit infection stats at face value, one would naturally expect that infection rate to carry through pretty much across the spectrum. So are we seeing rootkits at that level across the board... in repair shops, at the consultant/guru level, at corporate IT departments, amongst home users, etc, etc? No. Just like 25% of all computers in this world are not bots, as Vint Cerf suggested a while back.
But once again-- an A/V vendor saying 'just be careful and use some common sense' doesn't sell much product, does it? |
|
|
|
Reviews:
 ·Time Warner Cable
| reply to Qwerky
Anyway, is SysInternals RootkitRevealer sufficient, or should one be using more/different tools? While running SystInternals RootkitRevealer, it stops every minute or so and gives me an error message about only having partial compatibility with Vista. Now why am I not surprised by that? |
|
ABPremium
join:2006-04-04
Leesburg, VA
kudos:3 Reviews:
·Verizon Online DSL
1 edit | said by lefty1:While running SystInternals RootkitRevealer, it stops every minute or so and gives me an error message about only having partial compatibility with Vista. Now why am I not surprised by that? The most recent version of RR seems to have been released on 11/1/2006-- prior to Vista.
Likely why.
*Edit- sp |
|
