Penetration Testing mailing list archives

root kit detection/penetration

From: cdewitt () indepthsec com
Date: 13 Sep 2005 13:55:49 -0000

What are the best practices for penetration testing the viability of placing root kits on a client's external servers - 
vpn, web, app...?

And, while I'm asking - what are the best practices or countermeasures for root kit placement?

What root kits are still viable/current?

All comments/tomatoes welcome...cd

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

Current thread:

root kit detection/penetration cdewitt (Sep 14)
- RE: [lists] root kit detection/penetration Curt Purdy (Sep 14)
- Re: root kit detection/penetration Javier Fernandez-Sanguino (Sep 15)
  - RE: root kit detection/penetration Omar A. Herrera (Sep 16)
- <Possible follow-ups>
- RE: root kit detection/penetration Chris Fahey (Sep 16)