RE: eWeek: Government-Funded Startup Blasts Rootkits

["Justin Polazzo" <jpolazzo () thesportsauthority com>]

-----Original Message-----
From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org]
On Behalf Of Fergie
Sent: Monday, April 24, 2006 8:29 PM
To: funsec () linuxbox org
Subject: [funsec] eWeek: Government-Funded Startup Blasts Rootkits

I guess you have all seen this already?

Via eWeek.

[snip]

A startup funded by the U.S. government's Defense Advanced Research
Projects Agency is ready to emerge from stealth mode with hardware- and
software-based technologies to fight the rapid spread of malicious
rootkits.

Komoku, of College Park, Md., plans to ship a beta of Gamma, a new
rootkit detection tool that builds on a prototype used by several
sensitive U.S. government departments to find operating system
abnormalities that may be linked to malicious rootkit activity.

---------------

Sounds like a winner:

'The company's prototype, called CoPilot, is a high-assurance PCI card
capable of monitoring the host's memory and file system at the hardware
level. It is specifically geared towards high-security servers and
computers.'

'"That was a zero-day rootkit to us, so we decided to throw it at
CoPilot as part of the operational tests. We detected the Sony rootkit
in all its vectors, in real-time," Butler said. '


PCI card malware dection, I like it!

-JP

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.