rootkits finding the hidden processes??

Stuff that don´t fit in the other categories.
Post Reply
xtheblack9x
suck-o-fied!
suck-o-fied!
Posts: 99
Joined: 15 Jan 2006, 17:00
18
Location: USA

rootkits finding the hidden processes??

Post by xtheblack9x »

any good programs that can find the hidden processes that are hidden with root kits? :?

User avatar
bad_brain
Site Owner
Site Owner
Posts: 11638
Joined: 06 Apr 2005, 16:00
19
Location: In your eye floaters.
Contact:

Post by bad_brain »

for Windows use Rootkit Revealer, you can get it in the useful programs-downloads. for *nix systems use chkrootkit, you can get a RH9-RPM in the Unix/Linux-downloads, source files or RPMs for other distros can be found here: http://www.chkrootkit.org or here: http://www.rpmseek.com
:wink:

xtheblack9x
suck-o-fied!
suck-o-fied!
Posts: 99
Joined: 15 Jan 2006, 17:00
18
Location: USA

Post by xtheblack9x »

thanks a million :)

User avatar
Stavros
ΜΟΛΩΝ ΛΑΒΕ
ΜΟΛΩΝ ΛΑΒΕ
Posts: 1099
Joined: 02 Jan 2006, 17:00
18
Location: Mississippi, U.S.A.

Post by Stavros »

Thread revival! Ok, what do I do after I scan with RootkitRevealer and I get some hits?

User avatar
bad_brain
Site Owner
Site Owner
Posts: 11638
Joined: 06 Apr 2005, 16:00
19
Location: In your eye floaters.
Contact:

Post by bad_brain »

well, depends on what has been found. not everything has to be a rootkit, some normal processes hook up on other ones too. google for the results and/or post what has been found... :wink:
rootkits are more used on servers than on normal user boxes, and to install one the system has to be compromised first, it´s not possible to install a rootkit on a box by sending it as an attachment for example like it´s done with the usual malware like trojans.

Post Reply