Dailydave mailing list archives
Re: modGREPER - hidden kernel modules detector
From: joanna <joanna () invisiblethings org>
Date: Tue, 07 Jun 2005 10:23:59 +0200
Michael J Freeman wrote:
well... if you bothered to read just a few first words from the description of these tools you would probably find out, that:Whats the difference between this and FLISTER?
"FLISTER is a proof-of-concept code for detecting files hidden (...) by Windows rootkits (...)"
"modGREPER is a hidden module detector for Windows 2000/XP/2003."and of course module != file. kernel modules are things which are loaded into kernel space. some people may now them also as a drivers, although I prefer the term module for some reasons.
EXECUTIVE SUMMARY: modGREPER and FLISTER are completely different tools! joanna. _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com https://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- modGREPER - hidden kernel modules detector Joanna Rutkowska (Jun 06)
- <Possible follow-ups>
- Re: modGREPER - hidden kernel modules detector joanna (Jun 07)
- Re: modGREPER - hidden kernel modules detector Mark (Jun 07)
- Re: modGREPER - hidden kernel modules detector James Butler (Jun 07)
- Re: modGREPER - hidden kernel modules detector Joanna Rutkowska (Jun 07)
- Re: modGREPER - hidden kernel modules detector rd (Jun 24)
- Re: modGREPER - hidden kernel modules detector Mark (Jun 25)
- Re: modGREPER - hidden kernel modules detector Joanna Rutkowska (Jun 07)