Page 1 of 2 12 LastLast
Results 1 to 15 of 18

Thread: Rootkits

  1. #1
    Uranium Lounger CWBillow's Avatar
    Join Date
    Jul 2002
    Location
    Las Vegas, NV USA
    Posts
    6,371
    Thanks
    78
    Thanked 12 Times in 11 Posts

    Rootkits

    With all the talk about rootkits, what can one do for protection and security?

    Regards,
    Chuck Billow
    -------------------------------------------------
    "Good judgment comes from experience, and experience - well, that comes from poor judgment."

    ~ A(lan) A(lexander) Milne (1882-1956)- "House at Pooh Corner"

  2. #2
    Plutonium Lounger
    Join Date
    Mar 2002
    Posts
    84,353
    Thanks
    0
    Thanked 29 Times in 29 Posts

    Re: Rootkits

    See WikiPedia entry for Rootkit

    It's a highly technical subject, tools like SysInternals' RootkitRevealer are confusing if you don't know the ins and outs. General advice: it's wise not to visit "doubtful" sites.

  3. #3
    Silver Lounger
    Join Date
    Oct 2002
    Posts
    1,993
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Rootkits

    Perhaps a search on the Lounge?

    See Rootkit Scanners <post:=489,040>post 489,040</post:>.

    For permanent protection, I do not know.

  4. #4
    Platinum Lounger
    Join Date
    Jan 2001
    Location
    Quedgeley, Gloucester, England
    Posts
    5,333
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Rootkits

    <hr>With all the talk about rootkits, what can one do for protection and security?<hr>
    Act carefully, as Hans says, and wait for the antivirus vendors to come out with fixes. Like the British Sophos...

    John
    <font face="Script MT Bold"><font color=blue><big><big>John</big></big></font color=blue></font face=script>

    Ita, esto, quidcumque...

  5. #5
    Uranium Lounger CWBillow's Avatar
    Join Date
    Jul 2002
    Location
    Las Vegas, NV USA
    Posts
    6,371
    Thanks
    78
    Thanked 12 Times in 11 Posts

    Re: Rootkits

    Hans/Argus:

    Great. The long and the short of it is: You can't really tell if they are there, and, if they are, you can't really guarantee removal, and, if you don't, they very easily could totally screw up your system.

    GOOD News.....

    Regards,
    Chuck
    -------------------------------------------------
    "Good judgment comes from experience, and experience - well, that comes from poor judgment."

    ~ A(lan) A(lexander) Milne (1882-1956)- "House at Pooh Corner"

  6. #6
    Uranium Lounger CWBillow's Avatar
    Join Date
    Jul 2002
    Location
    Las Vegas, NV USA
    Posts
    6,371
    Thanks
    78
    Thanked 12 Times in 11 Posts

    Re: Rootkits

    John:

    That would have been my next question:

    If I'm using Zone Alarm and avast AV, can I pretty much rely on them to keep track of this type of thing too?

    And if I'm understanding, the answer is a qualified 'Yes'.

    Regards,
    Chuck Billow
    -------------------------------------------------
    "Good judgment comes from experience, and experience - well, that comes from poor judgment."

    ~ A(lan) A(lexander) Milne (1882-1956)- "House at Pooh Corner"

  7. #7
    5 Star Lounger
    Join Date
    Jul 2004
    Location
    Ohio
    Posts
    629
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Rootkits

    i don't think zone alarm regulates such things, but the AV software should at some point be updated with a fix for it considering how much publicity it has gotten in the technical world.
    <img src=/w3timages/blueline.gif width=33% height=2>
    <big>John</big>

  8. #8
    Uranium Lounger CWBillow's Avatar
    Join Date
    Jul 2002
    Location
    Las Vegas, NV USA
    Posts
    6,371
    Thanks
    78
    Thanked 12 Times in 11 Posts

    Re: Rootkits

    OK, thanks John.
    -------------------------------------------------
    "Good judgment comes from experience, and experience - well, that comes from poor judgment."

    ~ A(lan) A(lexander) Milne (1882-1956)- "House at Pooh Corner"

  9. #9
    Administrator
    Join Date
    Mar 2001
    Location
    St Louis, Missouri, USA
    Posts
    23,594
    Thanks
    5
    Thanked 1,059 Times in 928 Posts

    Re: Rootkits

    VERY qualified 'yes'. See your own prior post. Rootkits are extremely difficult to detect and problematic to remove. I'll not trust any A/V or anti-spyware program to detect (much less remove) them properly until I read several very good reviews. Even then I'll be skeptical. Your best bet is to be very careful.

    Joe
    Joe

  10. #10
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts

    Re: Rootkits

    One thing we all might have to do is give ourselves a demotion. In other words, log on as a less privileged "ordinary" or "power" user rather than being an "administrator" 24x7. One should only need administrative powers for very specific tasks, like installing new sofware. <img src=/S/grin.gif border=0 alt=grin width=15 height=15> Which is why it is safer to surf (or listen to audio CDs) without those privileges.

  11. #11
    Uranium Lounger CWBillow's Avatar
    Join Date
    Jul 2002
    Location
    Las Vegas, NV USA
    Posts
    6,371
    Thanks
    78
    Thanked 12 Times in 11 Posts

    Re: Rootkits

    I'm just surprised Jefferson, if varmints can wreak all the havoc that they can, that there isn't a way for them to bypass such things as privilege.

    Like tell it: "The next time any Admin logs on, THEN do this...

    Chuck
    -------------------------------------------------
    "Good judgment comes from experience, and experience - well, that comes from poor judgment."

    ~ A(lan) A(lexander) Milne (1882-1956)- "House at Pooh Corner"

  12. #12
    Uranium Lounger CWBillow's Avatar
    Join Date
    Jul 2002
    Location
    Las Vegas, NV USA
    Posts
    6,371
    Thanks
    78
    Thanked 12 Times in 11 Posts

    Re: Rootkits

    Joe:

    I certainly agree in principle...

    But how, when you're dealing with sneaks, and you don't know how to detect them, much less remove them, and in fact even "just" surfing exposes you, how is it that you can *really* be careful, past the obvious (checking downloaded files for viruses etc.)?

    I could set up my system with all store-bought software (oh yea, there's Sony and Microsoft isn't there?), and then never connect to the net or download anything....

    I'm just surprised that, since these guys read all that we do (and more) that we cannot just "play the game" knowing that there are risks.

    I'm also surprised that there isn't some way to "write-protect" the susceptible disk areas...

    Sort of like hunting, wouldn't you say, where you know your gun COULD backfire, so you....... but in the end, there is most certainly an element of faith and trust in the source?


    Chuck
    -------------------------------------------------
    "Good judgment comes from experience, and experience - well, that comes from poor judgment."

    ~ A(lan) A(lexander) Milne (1882-1956)- "House at Pooh Corner"

  13. #13
    Administrator
    Join Date
    Mar 2001
    Location
    St Louis, Missouri, USA
    Posts
    23,594
    Thanks
    5
    Thanked 1,059 Times in 928 Posts

    Re: Rootkits

    It is not 'just surfing'. It is surfing to and downloading from suspicious sites. You don't go to sites mentioned in e-mails particularly from someone you don't know. You don't open attachments you aren't expecting. You be suspicious of everyone and every site. Take Jefferson's adivce and run as a user without administrator privileges.

    There are security advances in each new generation of hardware and OS. But nothing will ever be 100% safe.

    Joe
    Joe

  14. #14
    Uranium Lounger CWBillow's Avatar
    Join Date
    Jul 2002
    Location
    Las Vegas, NV USA
    Posts
    6,371
    Thanks
    78
    Thanked 12 Times in 11 Posts

    Re: Rootkits

    Joe:

    Is it *just* the install/uninstall you lose as a "regular" user?

    Regards,
    Chuck
    -------------------------------------------------
    "Good judgment comes from experience, and experience - well, that comes from poor judgment."

    ~ A(lan) A(lexander) Milne (1882-1956)- "House at Pooh Corner"

  15. #15
    Administrator
    Join Date
    Mar 2001
    Location
    St Louis, Missouri, USA
    Posts
    23,594
    Thanks
    5
    Thanked 1,059 Times in 928 Posts

    Re: Rootkits

    If you want to know about security in XP from a Microsoft perspective review Security At Home and its associated pages. There is a ton of information.

    Joe
    Joe

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •