LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Blogs > unSpawn
User Name
Password

Notices

Rate this Entry

Zeppoo: another RK detector for GNU/Linux?

Posted 06-06-2006 at 01:02 PM by unSpawn

OK. So there's a new one on the block. Zeppoo. Dick blogs it as a "Memory level rootkit hunter" and Gadi calls it a "Decent Rootkit Detection for Linux" in his blog , though what's decent about it isn't explained. They also fail to seize the moment to emphasise prevention is better anyway.

Quote:
Originally Posted by Zeppoo
Anti-Rootkits which donít use these methods can be fooled easily.
Like, duh?

And why doesn't anyone post up front why it's qualitatively soo much more advanced compared to tools that have been around for a while like kstat, chk_sysmap, checkidt, unhide etc, etc? Does it always have to boil down to users sacrificing another box/virt to LKM malarky?

Apologies for asking questions, OK.
Posted in Uncategorized
Views 941 Comments 1
« Prev     Main     Next »
Total Comments 1

Comments

  1. Old Comment
    Here's the .fr to .en Google translation. Of course it's badly translated ;-p
    Posted 12-31-1969 at 07:00 PM by unSpawn unSpawn is offline
 

  



All times are GMT -5. The time now is 11:56 PM.

Main Menu
Advertisement

My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration