Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Vista
Windows rootkits of 2005, part three
James Butler, Sherri Sparks

The third and final article in this series explores five different rootkit detection techniques used to discover Windows rootkit deployments. Additionally, nine different tools designed for administrators are discussed.

Submit Comment Mode:
Name:
Subject:
Message:
 
  Enter the characters that appear above
 
Correction re: tripwire 2006-01-06
Anonymous
Tripwire doesn't use CRC checksums. CRC has no cryptographic value - it's meant for detecting accidental file corruption and the like. It is trivial to alter a file and have it keep the same CRC

Tripwire uses cryptographic hashes - in a somewhat older version (all I could quickly find the docu...

[ more ]  




 

Privacy Statement
Copyright 2008, SecurityFocus