Latest LQ Deal: Linux Power User Bundle
Go Back > Blogs > unSpawn
User Name


Rate this Entry

Zeppoo: another RK detector for GNU/Linux?

Posted 06-06-2006 at 01:02 PM by unSpawn

OK. So there's a new one on the block. Zeppoo. Dick blogs it as a "Memory level rootkit hunter" and Gadi calls it a "Decent Rootkit Detection for Linux" in his blog , though what's decent about it isn't explained. They also fail to seize the moment to emphasise prevention is better anyway.

Originally Posted by Zeppoo
Anti-Rootkits which donít use these methods can be fooled easily.
Like, duh?

And why doesn't anyone post up front why it's qualitatively soo much more advanced compared to tools that have been around for a while like kstat, chk_sysmap, checkidt, unhide etc, etc? Does it always have to boil down to users sacrificing another box/virt to LKM malarky?

Apologies for asking questions, OK.
Posted in Uncategorized
Views 1437 Comments 1
« Prev     Main     Next »
Total Comments 1


  1. Old Comment
    Here's the .fr to .en Google translation. Of course it's badly translated ;-p
    Posted 12-31-1969 at 07:00 PM by unSpawn unSpawn is offline


All times are GMT -5. The time now is 06:57 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration