1 / 8

Chapter 3

Rootkits: Sneaky, Stealthy Toolboxes. Chapter 3. Outline. What is a Rootkit? What are Rootkits used for? Rock Star Rootkit: Sony's famous Malware How Rootkits Work Rootkit Scanners The Simplest Rootkit Removal Technique. What is a Rootkit?.

ulric
Download Presentation

Chapter 3

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Rootkits: Sneaky, Stealthy Toolboxes Chapter 3

  2. Outline • What is a Rootkit? • What are Rootkits used for? • Rock Star Rootkit: Sony's famous Malware • How Rootkits Work • Rootkit Scanners • The Simplest Rootkit Removal Technique

  3. What is a Rootkit? • Let's say your computer looks like it is infected by a virus or by adware, but a scan doesn't reveal anything. • The solution might lie in a rootkit. • A Rootkit is a technology which hides itself and other programs and prevents their detection.

  4. What are Rootkits used for? • They are used to make it harder to remove the malware they hide.

  5. Rock Star Rootkit: Sony's famous Malware • It started as DRM software: two technologies: • XCP or Mediamax • It “hid” all files whose name started with $sys$ • How to tell whether you have a bad CD: • It says “Copy Protected” in the Spine. • On the back it says “Compatible with” and some system specs. • (see the rest on page 91)

  6. How Rootkits Work • Rootkits conceal the trails that lead to the virus by modifying the operating system

  7. Rootkit Scanners • Root kit scanners are included in McAfee, Norton, F-Secure, etc. security utility. • Best to use more than one • Freely available: • F-Secure Blacklight • Rootkit Revealer • Microsoft Windows MaliciousSoftware Removal Tool • Rootkit Hook Analyzer

  8. The Simplest Rootkit Removal Technique • Use System Restore (page 99)

More Related