Chapter 7. Rootkits and Rootkit Detection

Solutions in this chapter:

▪ Rootkits
▪ Rootkits Detection
Summary
Solutions Fast Track
Frequently Asked Questions

Introduction

At the RSA Conference in February 2005, Mike Danseglio and Kurt Dillard, both from Microsoft, mentioned the word rootkit, and the ensuing months saw a flurry of activity as “experts” pontificated about rootkits and software companies produced tools to detect them. Even though rootkits had been around for years, originating in the UNIX world and then migrating over into the Windows realm, this issue was largely misunderstood and in some corners even ignored, in a “head buried in the sand” sort of way. The mention of rootkits at the 2005 conference resulted in a surge of interest in ...

Get Windows Forensic Analysis DVD Toolkit, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.