Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint

Killing Rootkits

It may be impossible to keep a computer hacker-free. A system administrator may diligently wipe out all rootkits and shut down all backdoors, but there’s still no guarantee that there still isn’t something the system administrator may have missed. The only sure way to remove hackers from a computer is by erasing and reinstalling everything from scratch, but this is a drastic, time-consuming, and likely only temporarily successful measure.

Despite their best efforts, system administrators can’t be perfect, and hackers only need one lucky break to slip into a computer undetected. However, dedicated rootkit detectors help tilt the balance in favor of the system administrators by scanning a computer for signs that betray the existence of a rootkit. Microsoft has developed its own rootkit detector, dubbed Strider GhostBuster (http://research.microsoft.com/rootkit). F-Secure has developed a similar rootkit detector called BlackLight (www.f-secure.com/blacklight), shown in Figure 10-4. For a list of various tools to help detect rootkits, visit the home page of security researcher Joanna Rutkowska (www.invisiblethings.org), the Dutch rootkit.nl site (www.rootkit.nl), chkrootkit (www.chkrootkit.org), or SysInternals (www.sysinternals.com) to grab a copy of RootkitRevealer.


  

You are currently reading a PREVIEW of this book.

                                                                                                                    

Get instant access to over $1 million worth of books and videos.

  

Start a Free Trial


  
  • Safari Books Online
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint