musc@> $

"Corporate" Blog of Daniele Muscetta, Premier Field Engineer.

Rootkit Detectors

MS Research has published some papers about Rootkit technologies and especially RootKit detection:

This stuff is VERY GOOD to read, and has been positively commented by a lot of people, including Bruce Schneier:

The straightforward links to some of these papers are:

Detecting Stealth Software with Strider GhostBuster

GhostBuster tech report

Of course I am not the first person to blog about this, there are loads of other people who spotted the thing earlier than I did, and this new has been commented by many people.
But it is very interesting, and I encourage everybody who hasn’t done it yet to read it.

Some other comments I spotted about these papers can be found at:

Also, Sysinternals has released today a Rootkit detector (looks like RootKits are finally getting a lot of attention these days…)


–edited again at 1:10 am [GMT+1]
now I see that Robert Hensing has been quicker than me, posting even twice about this subject today: