Download Chapter 3

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
Document related concepts

Cracking of wireless networks wikipedia , lookup

Stuxnet wikipedia , lookup

Norton 360 wikipedia , lookup

Next-Generation Secure Computing Base wikipedia , lookup

Norton AntiVirus wikipedia , lookup

Computer virus wikipedia , lookup

Mobile security wikipedia , lookup

Antivirus software wikipedia , lookup

Microsoft Security Essentials wikipedia , lookup

Malware wikipedia , lookup

Sony BMG copy protection rootkit scandal wikipedia , lookup

Rootkit wikipedia , lookup

Transcript 
Chapter 3
Rootkits: Sneaky, Stealthy Toolboxes
Outline

What is a Rootkit?

What are Rootkits used for?

Rock Star Rootkit: Sony's famous Malware

How Rootkits Work

Rootkit Scanners

The Simplest Rootkit Removal Technique
What is a Rootkit?



Let's say your computer looks like it is infected
by a virus or by adware, but a scan doesn't
reveal anything.
The solution might lie in a rootkit.
A Rootkit is a technology which hides itself and
other programs and prevents their detection.
What are Rootkits used for?

They are used to make it harder to remove the
malware they hide.
Rock Star Rootkit: Sony's famous
Malware

It started as DRM software: two technologies:

XCP or Mediamax

It “hid” all files whose name started with $sys$

How to tell whether you have a bad CD:

It says “Copy Protected” in the Spine.


On the back it says “Compatible with” and some
system specs.
(see the rest on page 91)
How Rootkits Work

Rootkits conceal the trails that lead to the virus
by modifying the operating system
Rootkit Scanners

Root kit scanners are included in McAfee,
Norton, F-Secure, etc. security utility.

Best to use more than one

Freely available:

F-Secure Blacklight

Rootkit Revealer

Microsoft Windows MaliciousSoftware Removal
Tool

Rootkit Hook Analyzer
The Simplest Rootkit Removal
Technique

Use System Restore (page 99)
Related documents
Rootkits - Clemson
Rootkits - Clemson
ROOTKIT VIRUS
ROOTKIT VIRUS
TDL3 Rootkit Presentation
TDL3 Rootkit Presentation
Remote Domain Security Awareness Training
Remote Domain Security Awareness Training
advised
advised
Slide 1
Slide 1
Section for introduction % \section{Introduction} Over the last several
Section for introduction % \section{Introduction} Over the last several
Copilot - a Coprocessor-based Kernel Runtime Integrity Monitor Timothy Fraser
Copilot - a Coprocessor-based Kernel Runtime Integrity Monitor Timothy Fraser
Windows Rootkit Overview
Windows Rootkit Overview
Information Security Rootkits Dr. Randy M. Kaplan 2 Rootkits What is
Information Security Rootkits Dr. Randy M. Kaplan 2 Rootkits What is
Rootkit
Rootkit
rootkits
rootkits
Rootkits - Symantec
Rootkits - Symantec
Section for Related Work % \section{Related Work} Rootkit detection
Section for Related Work % \section{Related Work} Rootkit detection
Mebromi Rootkit
Mebromi Rootkit
Timely Rootkit Detection During Live Response
Timely Rootkit Detection During Live Response
Rootkits - Dr. Stephen C. Hayne
Rootkits - Dr. Stephen C. Hayne
RootkitRevealer v1.71 - Big
RootkitRevealer v1.71 - Big
IDS - Ecs.csus.edu
IDS - Ecs.csus.edu
Network Security
Network Security
Computer Systems Security
Computer Systems Security
SMM Rootkits: A New Breed of OS Independent Malware
SMM Rootkits: A New Breed of OS Independent Malware