Mixed bag & nuts: New security threats: be afraid, be very afraid
Results 1 to 5 of 5

Thread: Mixed bag & nuts: New security threats: be afraid, be very afraid

  1. #1
    AFLAAACKKK!!
    Join Date
    Apr 2004
    Posts
    1,066

    Mixed bag & nuts: New security threats: be afraid, be very afraid

    I never knew that root kits were this powerful...

    source: http://www.snpx.com/cgi-bin/news55.c...5719280?-11434

    The programs could be used by malicious hackers to snoop or take total control of an infected PC, in what is now feared could spawn a new generation of spyware or mass-distributing worm.

    IDG reporter Paul Roberts in San Francisco writes:
    “Once installed, many rootkits simply run quietly in the background, but can easily be spotted by looking for memory processes that are running on the infected system, monitoring outbound communications from the machine, or checking for newly installed programs.

    "However, kernel rootkits, which modify the kernel, or core request processing, component of an operating system, are becoming more common. Rootkit authors are also making huge strides in their ability to hide their creations.

    "In particular, some newer rootkits are able to intercept queries or 'system calls' that are passed to the kernel and filter out queries generated by the rootkit software. The result is that typical signs that a program is running, such as an executable file name, a named process that uses some of the computer's memory, or configuration settings in the operating system's registry, are invisible to administrators and to detection tools.

    "The kernel rootkits are invisible to many detection tools, including anti-virus, host and network intrusion detection sensors (IDS) and antispyware products, researchers say.”

    Are you scared yet?

    I am the uber duck!!1
    Proxy Tools

  2. #2
    Regal Making Handler
    Join Date
    Jun 2002
    Posts
    1,668
    I never knew that root kits were this powerful...
    I did, thats why they are called root kits.
    Otherwise they would be called,"user kits"
    What happens if a big asteroid hits the Earth? Judging from realistic simulations involving a sledge hammer and a common laboratory frog, we can assume it will be pretty bad. - Dave Barry

  3. #3
    Senior Member
    Join Date
    Jan 2003
    Posts
    3,914
    Hey Hey,


    Rootkits that hide themselves have been around for quite some time now.... 10 years now.... They are definately scary.... Trojans are more of what you see running in memory....

    You might want to check out http://www.antionline.com/showthread...hreadid=266102 which has some good root kit hunting programs... and on linux another one to check out is rkhunter...

    I'm keeping this short because I'm at work... but I'll check in and see if a discussion has arrisen later.


    Peace,
    HT
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

  4. #4
    AFLAAACKKK!!
    Join Date
    Apr 2004
    Posts
    1,066
    hmmm... that vice software seems interesting... Is it the best anti rootkit program for windows? Has any other good ones came out? Is this vice program run from a gui?

    And I have another question, compared to virii, worms, spyware/adware, trojans, and other junk, what is the threat to the everday computer user from a rootkit? I guess what I mean is... how often do you see these in an infected computer?
    I am the uber duck!!1
    Proxy Tools

  5. #5
    Junior Member
    Join Date
    Nov 2003
    Posts
    12
    a good source of information on this subject can be gained from reading the material at this site: http://www.rootkit.com
    not only how they are built, but ways to detect and prevent...
    jazz is a state of mind...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •