18 April 2005
Hi Fred: Can you point to any articles you've done on "rootkits" and their removal? See: http://tinyurl.com/3uc8a Thanks, Michael H. Bell
A timely question, Michael--- there's growing activity in this area. A "rootkit" is a kind of software that activates each time the system boots. Malware installed as a rootkit is hard to find and very difficult to control because it's up and running before most of the rest of the OS is ready; and certainly before the user interface is up. Rootkits can be a problem for 2K/XP and Unix-like OSes (including Linux, Mac OSX, etc.).
End-user tools are only just now becoming available for this class of malware; most presume a fair degree of knowledge on the part of the user. Examples:
http://www.rootkit.com (Not responding see blog above, Ben)
Reader Richard Schimpff also contacted me about rootkits and provided some links, including this: http://www.eweek.com/article2/0,1759,1785621,00.asp (Thanks, Richard!)
There's sure to be more activity in this area in the future: Stay tuned!
Comments: Post a Comment