Focus on Linux
Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
curuncula dbr rootkit detection tool
Apr 23 2009 10:13PM
Giuseppe Cocomazzi (sbudella email it)
I've released a little program named Curuncula.
Curuncula is a tool shipped as a loadable kernel module that aims to
detect rootkits based on the Intel debugging support facilities.
Rootkits that set the GD access flag are also detected. It makes use of
the "last branch recording" mechanism prov...
[ more ]
Copyright 2010, SecurityFocus