Intrusion detection reviews for network security
Your Internet network security policies-Time for a rewrite
Honeypot intrusion detection techniques-The Trojans trap the Greeks
McAfee Firewall reviews
Norton personal firewall reviews
Sygate Personal firewall reviews
Why use personal firewalls?The basics
How to detect and defeat a rootkit
Sponsored LinksWhy the cry 'How to defeat a rootkit' is getting shriller
- Microsoft is working on how to detect and defeat rootkits as part of their new Windows security package. Recently,Microsoft announced that rootkits and other spyware backdoors are very, very dangerous and need to be defeated and eliminated
- Global research on how to detect, remove and ultimely defeat a rootkit was of course triggered by the now infamous Sony CD copy protection rootkit spyware incident, in which Sony installed a rootkit on the computer where the CD was installed
Lessons on how to defeat a rootkit- Tools to detect rootkits on your computer
How to defeat rootkits :Rootkit detection tools:Tool 1:How to defeat rootkits: SysInternals' RootkitRevealer : An online tool to detect rootkits and spyware
- RootkitRevealer is an online tool that let you detect rootkits
- RootkitRevealer only detects rootkits and suggests radical measures to eliminate and defeat rootkits such as formatting your PC and reinstalling Windows to remove and defeat rootkits
- RootkitRevealer defeats rootkits by analysing the registry and file system for programs with kernel level permissions.
- The one drawback of RootkitRevealer is the large number of false positives that RootKitRevealer throws up. This is a huge distraction in the fight to defeat rootkits
How to defeat rootkits :Rootkit detection tools for Windows:Tool 2:Microsoft's malicious software detection tool : Spyware and Rootkit detection from the leading operating system maker.
Key Features of Microsoft's Malicious software detection tool
- The first step in the lesson on how to defeat rootkits since this tool is a free download from Microsoft , the leading operating system vendor
- Windows Update automatically downloads the Malicious software detection tool which detects and identifies rootkits along with other malicious software
- A quick scan gives a list of the rootkits on your computer and gives you the option of deletion of the identified rootkits
- This tool is a must-have download in the fight to defeat rootkits
How to defeat rootkits :Rootkit detection tools for Windows:Tool 3:F-Secure's BlackLight beta rootkit detection tool : A good tool to answer your question on how to detect and defeat a rootkit.
Key Features of F-Secure's BlackLight rootkit detection tool
- An ideal tool to defeat rootkits since this rootkit detector requires no downloads
- An online rootkit scan detects rootkits on your computer
- Rootkits with bad intentions are defeated by renaming them and made harmless
How to defeat rootkits :Rootkit detection tools for Windows:Tool 4: IceSword rootkit detection tools for techies: A set of tools to detect rootkits
Key Features of IceSword rootkit detection tools
- This tool is ideal to teach techies how to defeat rootkits as the amount of documentation for the tool and the complex handling makes it difficult to use for ordinary users
- A very comprehensive suite of rootkit detection tools such as as process viewing and port enum facility.
- These rootkit detection tools defeats rootkits by checking typical stealthing techniques used by rootkits
How to defeat rootkits :Rootkit detection tools for Linux :Tool 5: Chkrootkit rootkit detection scripts : A set of tools to detect rootkits on open source Linux
Chkrootkit includes a set of scripts to defeat rootkits. Some of the features of the shell scripts provided by Chkrootkit include
- Defeating rootkits that have attempted to modify standard binaries
- Rootkits generally use LKM trojans for stealthing in Linux. Chkrootkit provide scripts that look for , find, eliminate and defeat LKM trojan based rootkits
- Rootkits employing dirty string replacements are also detected and defeated by Chkrootkit.
How to defeat rootkits :Rootkit detection tools for Linux :Tool 6: Rootkit Hunter rootkit detection scripts : Scripts available under GPL license to detect and defeat rootkits
Some of the features provided by Rootkit Hunter include :
- Defeating LKM trojan based rootkit attacks
- Using MD5 hash compare to ensure integrity of binary files and defend from rootkits which try to modify system binaries
- Detect and defeat rootkits by checking on modified file permissions of binaries
How to defeat rootkits: Rootkit prevention tools: Tool 7: Process Guard:
- Process Guard prevents rootkits from getting into your computer by disabling global hook techniques for stealth entry
- The key lesson here on how to defeat rootkits is that rootkit prevention tools such as Process Guard are most effective since they prevent rootkits from entering your system. Once rootkits stealth into your PC, the only truly effective way of defeating them is by reformatting your hard disk
How to defeat a rootkit-Future methods and tools
- Microsoft's Strider Ghostbuster project will probably lead the way in providing help on how to defeat rootkits and removing spyware. Microsofts Strider Ghostbuster project was originally not meant to handle rootkits and only focus on other spyware, but the recent surge of rootkit attacks has changed the focus of the Strider Ghostbuster technical team which now includes defeating rootkit as an important objective
- Intel has decided to show the software vendors how to defeat rootkits in a foolproof manner. Intel is introducing a hardware based rootkit detection kit which will sit on PC Windows based motherboards and detect any anamalous behavior that could be triggered by rootkits. This is a new and novel approach to defeating rootkits
In summary, a number of independent tools are available to detect and defeat rootkits and spyware, and you will be well advised to protect and defend your computer from this major threat to your privacy.
