Full Disclosure mailing list archives

RE: Rootkit For Spyware? Hide your adware from all Adware removers and Anti-viruses

From: Harlan Carvey <keydet89 () yahoo com>
Date: Thu, 23 Sep 2004 06:25:24 -0700 (PDT)

Nothing new about rootkits. They aren't big news
because they are old news.
Although depressing this is defiantly possible.


Old news, yes...but to some, not everyone.  Taking
users (home, corporate, academic, etc.) out of it,
sysadmins and LEOs are still way behind when it comes
to understanding rootkits.  Certain privileges are
required for the installation of user-mode rootkits,
and in the absence of those privs, the rootkits have
been shown to *not* install.  For some level of detail
about this, check out "Windows Forensics and Incident
Recovery" (http://www.windows-ir.com).

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

RE: Rootkit For Spyware? Hide your adware from all Adware removers and Anti-viruses James . Cupps (Sep 23)
- RE: Rootkit For Spyware? Hide your adware from all Adware removers and Anti-viruses Harlan Carvey (Sep 23)
- <Possible follow-ups>
- RE: Rootkit For Spyware? Hide your adware from all Adware removers and Anti-viruses James . Cupps (Sep 23)
  - RE: Rootkit For Spyware? Hide your adware from all Adware removers and Anti-viruses Harlan Carvey (Sep 23)