Re: RootKit Detectors - Not all = !

Author	All Replies
phoneboy2 @shawcable.net	reply to SpannerITWks Re: RootKit Detectors - Not all = ! If a Rootkit detector does not boot from it's own CD it will NEVER be trustworthy. Having said that, for a basic perliminary test, I like the no nonsense raw design of sysinternals rootkit revealer. They like to try keep it simple which is usually the best approach.
phoneboy2 @shawcable.net	to forum · permalink · 2006-08-28 13:23:50 ·
EP_X0FF @rol.ru	that is very disputable words fyi next generation of hardwired rootkits will be not detected even from external scanning like boot cd.
EP_X0FF @rol.ru	to forum · permalink · 2006-08-28 14:30:25 ·
2kmaro Think Premium,ExMod 1 BC join:2000-07-11 ColossalCave clubs:	reply to phoneboy2 said by phoneboy2 : If a Rootkit detector does not boot from it's own CD it will NEVER be trustworthy. Having said that, for a basic perliminary test, I like the no nonsense raw design of sysinternals rootkit revealer. They like to try keep it simple which is usually the best approach. MY opinion is that once you've been rootkit'd, best thing to do is scrub and rebuild from ground up. I know of no sure and certain way to absolutely assure that things are as they should be once it's happened. You might find one piece of it, or one of several - but how do you KNOW that things are all well again. Personally, I'd be satisfied with a product that simply provided no-false-positive indication that you'd been rooted and give you an indication of the source/name of the rootkit. -- ...then THINK! again!!
	to forum · permalink · · 2006-08-29 22:18:33 ·


Tuesday, 10-Nov 05:09:39	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com. page compression OFF