Re: toolkits

[Lars Bay <lb () con-bay de>]

Guten Tag Brent Clark,

Am Donnerstag, 21. April 2005 um 17:26 schrieben Sie:

BC> Hi all

BC> On my linux boxes I use a chkrootkit to perform a host of 
BC> vulnerabilility checks.
BC> It basically does a checksum etc on some file etc to make sure that they
BC> have not been tampered with.

BC> So my question is, does anyone know of:

BC> A) any other tools besides chkrootkit for Linux.

BC> B) would anyone know of such toolkits for Windows.

BC> Any advice, tips etc, would be most appreciated.

BC> Kind Regards
BC> Brent Clark

hi,

for windows you can check the following pages:

http://www.sysinternals.com/ntw2k/freeware/rootkitreveal.shtml
RootkitRevealer is an advanced patent-pending root kit detection utility. It runs
on Windows NT 4 and higher and its output lists Registry and file system API
discrepancies that may indicate the presence of a user-mode or kernel-mode rootkit.
Its freeware.

http://www.f-secure.com/blacklight/
F-Secure BlackLightTM (Beta Release)
beta trial period until the 1st of July 2005

http://research.microsoft.com/rootkit/
Strider GhostBuster Rootkit Detection


-- 
Mit freundlichen Grüssen
Lars Bay                            mailto:lb () con-bay de