RE: API hooking
- From: "Laura A. Robinson" <larobins@xxxxxxxxxxxxxxxx>
- Date: Thu, 27 Jul 2006 13:10:21 -0400
http://www.hpl.hp.com/techreports/2005/HPL-2005-87.pdf
Feel free to forward this to your SANS presenter. :-)
Laura
-----Original Message-----
From: shyaam@xxxxxxxxx [mailto:shyaam@xxxxxxxxx]
Sent: Thursday, July 27, 2006 8:34 AM
To: focus-ms@xxxxxxxxxxxxxxxxx
Subject: API hooking
Can the API and Process hooks be avoided if the means by
which it happens use some form of encryption. Can shatter
attack be prevented if the kernel knows identity of the
action occurring. If so, then the local Root kit's or
attacker's residing locally can spoof the identity. How are
these planned to be prevented in future.
Kind Regards,
Shyaam
--------------------------------------------------------------
-------------
--------------------------------------------------------------
-------------
---------------------------------------------------------------------------
---------------------------------------------------------------------------
- References:
- API hooking
- From: shyaam
- API hooking
- Prev by Date: RE: .Net Satisfies Security Compliance Satistactions or Not ???
- Next by Date: Re: .Net Satisfies Security Compliance Satistactions or Not ???
- Previous by thread: API hooking
- Next by thread: Impact of removing administrative rights in an enterprise running XP
- Index(es):
