Windows rootkits of 2005, part three
The third and final article in this series explores five different rootkit detection techniques used to discover Windows rootkit deployments. Additionally, nine different tools designed for administrators are discussed. 2006-01-05 http://www.securityfocus.com/infocus/1854 Windows rootkits of 2005, part two This three-part article series looks at Windows rootkits indepth. Part two focuses on the latest cutting edge rootkit technologies that are used to hide malicious code from security scanners. 2005-11-17 http://www.securityfocus.com/infocus/1851 Windows rootkits of 2005, part one This three-part article series looks at Windows rootkits indepth. Part one discusses what a rootkit is and what makes them so dangerous, by looking at various modes of execution and how they talk to the Windows kernel. 2005-11-04 http://www.securityfocus.com/infocus/1850 Collaborative endpoint security, part one Part one of this article introduces endpoint security solution technologies and proposes a collaborative approach to solving technical challenges that are commonly faced by the community. 2005-10-25 http://www.securityfocus.com/infocus/1849 A new way to bypass Windows heap protections This paper looks at a new way to bypass Windows heap protections on Windows XP SP2 and Windows 2003. 2005-09-01 http://www.securityfocus.com/infocus/1846 Windows Syscall Shellcode This article shows how shellcode can be written and executed on a Windows host without using any native API calls at all. 2005-08-04 http://www.securityfocus.com/infocus/1844 Securing Exchange With ISA Server 2004 This article will highlight the security issues involved with providing Outlook Web Access or full Outlook client connections over the Internet, and then discuss how Microsoft's new ISA Server 2004 can be configured to mitigate these threats. 2004-10-19 http://www.securityfocus.com/infocus/1807 Deploying Network Access Quarantine Control, Part 2 This article discusses Network Access Quarantine Control in Windows Server 2003, which allows administrators to quarantine mobile users and verify their security posture before giving them full access to the network. Part 2 of 2. 2004-08-30 http://www.securityfocus.com/infocus/1799 Deploying Network Access Quarantine Control, Part 1 This article discusses Network Access Quarantine Control with Windows Server 2003, which allows administrators to quarantine mobile users before giving them full network access, by first ensuring these machines are up-to-date according to a baseline security model. 2004-08-04 http://www.securityfocus.com/infocus/1794 Automating Windows Patch Mngt: Part III The final installment of this series discusses two alternative, low cost tools to manage the application of patches to Windows systems, and also provides information on the upcoming, revised Software Update Services (SUS) from Microsoft. 2004-05-10 http://www.securityfocus.com/infocus/1778 |
|
Privacy Statement |