Educause Security Discussion mailing list archives
UTILITY: RootkitRevealer (FREE)
From: "Cam Beasley, ISO" <cam () AUSTIN UTEXAS EDU>
Date: Tue, 22 Feb 2005 18:00:19 -0600
Folks might want to toss this into their toolkit to assist in detecting the latest Windows rootkits (eg. HackerDefender) which have been associated with many IRCbot compromises occurring over the past few months. Sysinternals is the source for other free/reliable tools like TCPview and ProcExp. <http://www.sysinternals.com/ntw2k/freeware/rootkitreveal.shtml> "RootkitRevealer is an advanced root kit detection utility. It runs on Windows NT 4 and higher and its output lists Registry and file system API discrepancies that may indicate the presence of a user-mode or kernel-mode rootkit. RootkitRevealer successfully detects all rootkits published at <http://www.rootkit.com> , including AFX, Vanquish and HackerDefender." ~cam. Cam Beasley, CISSP CIFI InfoSec Operations Mgr ITS/Information Security Office University of Texas at Austin cam () austin utexas edu ---------------------------- Report Abuse/Misuse to: - abuse () utexas edu - 512.475.9242 ---------------------------- ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/groups/.
Current thread:
- UTILITY: RootkitRevealer (FREE) Cam Beasley, ISO (Feb 22)