The Ethical Hacker Network - Microsoft Research On Rootkits

Latest Additions

Who's Online

EH-Net

May 25, 2013, 11:20:52 PM

Welcome, Guest. Please login or register.
Did you miss your activation email?

News: Go back to The Ethical Hacker Network Online Magazine Home Page

EH-Net > Ethical Hacking Discussions and Related Certifications > Network Pen Testing (Moderator: don) > Microsoft Research On Rootkits

Pages: [1] Go Down

« previous next »

	Author	Topic: Microsoft Research On Rootkits (Read 4689 times)
0 Members and 1 Guest are viewing this topic.

don

Editor-In-Chief
Administrator
Hero Member

Offline

Posts: 4169

Editor-In-Chief

Microsoft Research On Rootkits

« on: December 09, 2005, 10:41:23 PM »

MS Research has a program named Strider GhostBuster that works off of a CD that helps to detect rootkits. According to the web site:

Strider GhostBuster detects API-hiding rootkits by doing a "cross-view diff" between "the truth" and "the lie". It's not based on a known-bad signature, and it does not rely on a known-good state. It targets the fundamental weakness of hiding rootkits, and turns the hiding behavior into its own detection mechanism.

http://research.microsoft.com/rootkit/

Be sure to read Bruce Schneier's article on the subject.

Don