Anti-stealth fighters: testing for rootkit detection and removal

2008-04-01

Andreas Marx

AV-Test.org, Germany

Maik Morgenstern

AV-Test.org, Germany
Editor: Helen Martin

Abstract

While it is easy for a good signature-driven product to find a known sample that has not yet been activated, thanks to rootkit technology it is becoming increasingly challenging for products to detect samples once they are running and trying to hide themselves and other malicious components. Andreas Marx and Maik Morgenstern present the results of two recent rootkit detection tests.

Copyright © 2008 Virus Bulletin

The full article is available to registered users. Click here for free registration or, if you already are a registered user, login to access the full article.

Quick Links

Poll
Do current laws offer enough protection for ethical ('white-hat') hackers?
Yes, the current laws are fine
No, they prevent responsible disclosure of vulnerabilities
The current laws are too lax, we need to be stricter on hacking
I don't know
Leave a comment
View 4 comments

USENIX ATC

VB100 certification
VB100 This month's VB100 comparative on Windows XP brought something of a mixed bag, as several vendors appear to have decreased support for the platform in favour of the newer Windows 8. John Hawes has the full set of results.
See full results.

Virus Bulletin currently has 227,267 registered users.