Recovery:
Although it may be difficult to do, detecting and recovering from a rootkit compromise is possible. There are a number of tools available that can help detect and uninstall the rootkit, thus removing any compromised security systems and cleaning the system of any utilities the hacker may have used.
For more information please see the following websites and/or book.
http://staff.washington.edu/dittrich/misc/faqs/rootkits.faq
http://home.datacomm.ch/prutishauser/textz/backdoors/rootkits-desc.txt
http://www.fish.com/forensics/freezing.pdf
Incident Response: Investigating Computer Crime by Chris Posise and Kevin Mandia (Osborne/McGraw-Hill, 2001)
| <<Previous | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | Next>> |
Provided by: Security Innovation, The Application Security Company