Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

UTILITY: RootkitRevealer (FREE)

From: "Cam Beasley, ISO" <cam () AUSTIN UTEXAS EDU>
Date: Tue, 22 Feb 2005 18:00:19 -0600
Folks might want to toss this into their toolkit to assist in detecting
the latest Windows rootkits (eg. HackerDefender) which have been
associated with many IRCbot compromises occurring over the past few
months.  Sysinternals is the source for other free/reliable tools like
TCPview and ProcExp.

<http://www.sysinternals.com/ntw2k/freeware/rootkitreveal.shtml>

"RootkitRevealer is an advanced root kit detection utility. It runs on
Windows NT 4 and higher and its output lists Registry and file system
API discrepancies that may indicate the presence of a user-mode or
kernel-mode rootkit. RootkitRevealer successfully detects all rootkits
published at <http://www.rootkit.com> , including AFX, Vanquish and
HackerDefender."

~cam.

Cam Beasley, CISSP CIFI
InfoSec Operations Mgr
ITS/Information Security Office
University of Texas at Austin
cam () austin utexas edu
----------------------------
Report Abuse/Misuse to:
 - abuse () utexas edu
 - 512.475.9242
----------------------------

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/groups/.
Previous By Date Next
Previous By Thread Next

Current thread: