Hiding What is in use on Vista
In the ongoing battle between system developers and those who are out to break the system, advancements from one side are generally met by a corresponding change by the other.
Microsoft's most recent operating system, Windows Vista, has gone a long way to fixing the major security problems that plagued earlier Windows releases. Recent research published by rootkit developers has demonstrated techniques that can be used to hide the existence of an active network port from the operating system.
While this technique alone can't be used as a complete rootkit, it can be used to cover the tracks and hide the presence of a rootkit (or other malware) that has been placed on a system.
Making the job a little easier for those trying to defend these systems (and for the attackers trying to break them), full source code for the developed techniques has been released to various sites.
20 June 2007
Social bookmark this page at eKstreme.
Alternatively, Bookmark or Share via AddThis
Do you like how we cover Information Security news? How about checking out our company services, delivered the same way our news is.
Let our Free OS X Screen Saver deliver the latest security alerts and commentary to your desktop when you're not at your system.
Comments will soon be available for registered users.
Subscribe to our feed.