[unisog] HACKER_DEFENDER

Kevin T. Shivers kts at umd.edu
Fri Feb 25 20:40:19 GMT 2005


FYI -

You and anyone else who has been hit with Hacker Defender or any other 
rootkits might want to check out Sysinternals' new RootkitRevealer tool.
http://www.sysinternals.com/ntw2k/freeware/rootkitreveal.shtml

Some discussion on #unisog has shown that it seems to be a pretty good 
tool.  We haven't had the time to test it here but if it comes from 
Sysinternals I'm pretty sure it's a great tool.  (I <3 TCPView.)

kts

-- 
Kevin T. Shivers

IT Security Analyst                                CSS4417
Office of Information Technology            (301) 405-8836
University of Maryland, College Park

On Fri, 25 Feb 2005, Chuck Haines wrote:

> We recently had an outbreak of the hacker_defender rootkit.  Just a
> heads up to let everyone know to look for it.  More information on
> removal and such can be found at
> http://mother.itsp.purdue.edu/~wirges/resources/public/hacker_defender/.
> We are still in the process of cleaning and disecting it.  I'll
> report back with any other findings besides those listed in the
> information site.
>
> Chuck Haines
> WPI ECE Systems Administrator




More information about the unisog mailing list