I've started my studies with these articles: http://www.phrack.com/search.html?key=rootkits
maybe you can get some info in the chkrootkit project http://www.chkrootkit.org/#list On Jan 31, 2008 5:40 PM, Ahmed Zaki <[EMAIL PROTECTED]> wrote: > Hi all > > I am currently doing a project on rootkits under linux os. I am > specially interested in loadable kernel module rootkits. I wanted to know > where does research stand now in terms of detecting such rootkits. It would > be very helpful if you would be able to point me to resources where I gain > information on the diverse variations of these rootkits and current > available methods of detecting them. Also if there are mechanisms that can > be used to totally avoid detection that would be used by rootkits. > > > > Regards > > Zeeq > > > ------------------------------------------------------------------------ > Test Your IDS > > Is your IDS deployed correctly? > Find out quickly and easily by testing it > with real-world attacks from CORE IMPACT. > Go to > http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw > to learn more. > ------------------------------------------------------------------------ > > -- Hamilton Vera int Administrator (char Network[],char ComputationalSystems[]); Seven Internet http://lib.seven.com.br "Google is my shepherd, no want shall I know" ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------
