Educause Security Discussion mailing list archives
Rootkit discovery tools
From: John Tooley <jtooley () CSUN EDU>
Date: Mon, 26 Jun 2006 16:23:50 -0700
Hello, I'm wondering if anyone out there has found a good set of tools for finding Rootkits. Our requirement is to build a "toolkit" for our technicians to be able scan and detect on each server in our environment. I've found the "rkhunter" app for our Unix-flavors might be a good choice, especially since it can run on a bootable (knoppix) CD and seems to detect a large constituentcy of rootkits. Unfortunately, all I am seeing in the Windows-side is "RootKit Revealer", which is sketchy IMO because it is run in a live environment. Anyway, your input and experience is greatly appreciated. Regards, John John R. Tooley, CISSP Information Security Analyst California State University, Northridge
Current thread:
- Rootkit discovery tools John Tooley (Jun 26)
- <Possible follow-ups>
- Re: Rootkit discovery tools Wes Young (Jun 27)
- Re: Rootkit discovery tools David Taylor (Jun 27)
- Re: Rootkit discovery tools Caroline Couture (Jun 27)
- Re: Rootkit discovery tools Graham Toal (Jun 27)
- Re: Rootkit discovery tools Wyman Miles (Jun 27)
- Re: Rootkit discovery tools David Boyer (Jun 27)
- Re: Rootkit discovery tools James H Moore (Jun 27)
- Re: Rootkit discovery tools David Taylor (Jun 27)
- Re: Rootkit discovery tools Mike Wiseman (Jun 27)
- Re: Rootkit discovery tools Graham Toal (Jun 27)
(Thread continues...)