Detect rootkits and rootkit behavior with these techniques
Source: Addison Wesley Professional
This sample chapter, taken from Rootkits: Subverting the Windows Kernel, discusses two basic approaches to rootkit detection.
Rootkits can be difficult to detect, especially when they operate in the kernel. This is because akernel rootkit can alter functions used by all software, including those needed by security software.
This sample chapter from the Rootkits: Subverting the Windows Kernel discusses two basic approaches to rootkit detection: detecting the rootkit itself, and detecting the behavior of a rootkit. Once you become familiar with these approaches, you will be in a better position to defend yourself.
Title: Rootkits: Subverting the Windows Kernel
ISBN: 0321294319
Published: July 2005
Author: Jamie Butler, Greg Hoglund
Chapter: Chapter 10: Rootkit Detection
Published by Addison-Wesley Professional
Rootkits can be difficult to detect, especially when they operate in the kernel. This is because akernel rootkit can alter functions used by all software, including those needed by security software.
This sample chapter from the Rootkits: Subverting the Windows Kernel discusses two basic approaches to rootkit detection: detecting the rootkit itself, and detecting the behavior of a rootkit. Once you become familiar with these approaches, you will be in a better position to defend yourself.
Title: Rootkits: Subverting the Windows Kernel
ISBN: 0321294319
Published: July 2005
Author: Jamie Butler, Greg Hoglund
Chapter: Chapter 10: Rootkit Detection
Published by Addison-Wesley Professional
| Format: | Size: | 236.00 | |
| Version: | 1.0 | Date: | Apr 2006 |
| Downloads: | 13216 |
