Security Incidents mailing list archives
Re: 'rooted' NT/2K boxen?
From: H C <keydet89 () yahoo com>
Date: Thu, 2 May 2002 13:26:18 -0700 (PDT)
I haven't seen any type of windows 'rootkit' myself. For example a replacement of netstat, nbtstat, route, and other utilities to give proccess information etc... If anyone knows of any let me know I'm interested. Of course the problem with getting windows source is an issue.
Older versions of Hoglund's NTRootkit are available here: http://www.megasecurity.org/Tools/Nt_rootkit_all.html The 'newest' version I've been able to find is here: http://www.ntndis.com/downloads.shtml click on "Windows NT Rootkit Source". Not sure how that applies to my original question, but there it is... __________________________________________________ Do You Yahoo!? Yahoo! Health - your guide to health and wellness http://health.yahoo.com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- 'rooted' NT/2K boxen? H C (May 02)
- Re: 'rooted' NT/2K boxen? William N. Zanatta (May 02)
- <Possible follow-ups>
- Re: 'rooted' NT/2K boxen? zeno (May 02)
- Re: 'rooted' NT/2K boxen? H C (May 02)
- Re: 'rooted' NT/2K boxen? Cody Hatch (May 02)
- Re: 'rooted' NT/2K boxen? H C (May 02)
- Re: 'rooted' NT/2K boxen? KJK::Hyperion (May 06)
- Re: 'rooted' NT/2K boxen? H C (May 02)
- Re: 'rooted' NT/2K boxen? Cody Hatch (May 02)
- Re: 'rooted' NT/2K boxen? H C (May 03)