Download Chapter 3

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Document related concepts

Cracking of wireless networks wikipedia, lookup

Mobile security wikipedia, lookup

Next-Generation Secure Computing Base wikipedia, lookup

Microsoft Security Essentials wikipedia, lookup

Malware wikipedia, lookup

Stuxnet wikipedia, lookup

Computer virus wikipedia, lookup

Antivirus software wikipedia, lookup

Rootkit wikipedia, lookup

Norton AntiVirus wikipedia, lookup

Norton 360 wikipedia, lookup

Sony BMG copy protection rootkit scandal wikipedia, lookup

Transcript
Chapter 3
Rootkits: Sneaky, Stealthy Toolboxes
Outline

What is a Rootkit?

What are Rootkits used for?

Rock Star Rootkit: Sony's famous Malware

How Rootkits Work

Rootkit Scanners

The Simplest Rootkit Removal Technique
What is a Rootkit?



Let's say your computer looks like it is infected
by a virus or by adware, but a scan doesn't
reveal anything.
The solution might lie in a rootkit.
A Rootkit is a technology which hides itself and
other programs and prevents their detection.
What are Rootkits used for?

They are used to make it harder to remove the
malware they hide.
Rock Star Rootkit: Sony's famous
Malware

It started as DRM software: two technologies:

XCP or Mediamax

It “hid” all files whose name started with $sys$

How to tell whether you have a bad CD:

It says “Copy Protected” in the Spine.


On the back it says “Compatible with” and some
system specs.
(see the rest on page 91)
How Rootkits Work

Rootkits conceal the trails that lead to the virus
by modifying the operating system
Rootkit Scanners

Root kit scanners are included in McAfee,
Norton, F-Secure, etc. security utility.

Best to use more than one

Freely available:

F-Secure Blacklight

Rootkit Revealer

Microsoft Windows MaliciousSoftware Removal
Tool

Rootkit Hook Analyzer
The Simplest Rootkit Removal
Technique

Use System Restore (page 99)