Re: RootKit Detectors - Not all = !

2kmaro Think Premium,ExMod 1 BC join:2000-07-11 ColossalCave clubs:	reply to phoneboy2 Re: RootKit Detectors - Not all = ! said by phoneboy2 : If a Rootkit detector does not boot from it's own CD it will NEVER be trustworthy. Having said that, for a basic perliminary test, I like the no nonsense raw design of sysinternals rootkit revealer. They like to try keep it simple which is usually the best approach. MY opinion is that once you've been rootkit'd, best thing to do is scrub and rebuild from ground up. I know of no sure and certain way to absolutely assure that things are as they should be once it's happened. You might find one piece of it, or one of several - but how do you KNOW that things are all well again. Personally, I'd be satisfied with a product that simply provided no-false-positive indication that you'd been rooted and give you an indication of the source/name of the rootkit. -- ...then THINK! again!!
	to forum · permalink · · 2006-08-29 22:18:33 ·
EP_X0FF @rol.ru	reply to phoneboy2 that is very disputable words fyi next generation of hardwired rootkits will be not detected even from external scanning like boot cd.
	to forum · permalink · 2006-08-28 14:30:25 ·
phoneboy2 @shawcable.net	reply to SpannerITWks If a Rootkit detector does not boot from it's own CD it will NEVER be trustworthy. Having said that, for a basic perliminary test, I like the no nonsense raw design of sysinternals rootkit revealer. They like to try keep it simple which is usually the best approach.
	to forum · permalink · 2006-08-28 13:23:50 ·


Friday, 04-Dec 08:15:55	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com. page compression OFF