Search

Search for words used in entries on this website

Enter the words[s] to search for here:

Sponsors

Microsoft's GhostBuster Root Kit Detection Tool

Ghostbusters is a new innovative CD based checking tool that Microsoft is experimenting with. It works by booting the system a couple of times from the CD, while comparing the current OS settings with the expected baseline controls of what Windows should be. This detailed checking process can help find startup processes or substituted executable code that might point to a hidden root kit.

Security professionals definitely need a tool they can test out a suspicious server or workstation. The ability to actually clean the system is less important, as a server or PC should be rebuilt from the ground up if it is infected with a root kit. Due to the difficulty of detecting rootkits and their expected growth in the Windows environment, I'm hopeful Microsoft will continue their work in this area.

Microsoft continue work in adding a root kit detection tool to their excellent array of security analysis tools. A root kit detection tool would be particually helpful to network administrators in researching suspicious activities, especially if this malicious activity increases in the future. (continue at source)

Name:			Remember personal info? Yes No
Email:
URL:
Comment:		Emoticons / Textile
Before sending a comment, you have to correctly answer a simple question you know the answer to. This is a countermeasure against automated spam bots. What are the first four letters of Techlog?     ( Register your username / Log in )
Notify:		Yes, send me email when someone replies.
Hide email:		Yes, hide my email address.
Small print: All html tags except <b> and <i> will be removed from your comment. You can make links by just typing the url or mail-address.