Re: 'rooted' NT/2K boxen?

From: H C (keydet89@yahoo.com)
Date: 05/02/02


Date: Thu, 2 May 2002 13:26:18 -0700 (PDT)
From: H C <keydet89@yahoo.com>
To: zeno <bugtraq@cgisecurity.net>


> I haven't seen any type of windows 'rootkit' myself.
> For example a replacement of netstat, nbtstat,
> route, and other utilities to give proccess
> information etc...
>
> If anyone knows of any let me know I'm interested.
> Of course the problem with getting windows
> source is an issue.
 
Older versions of Hoglund's NTRootkit are available
here:
http://www.megasecurity.org/Tools/Nt_rootkit_all.html

The 'newest' version I've been able to find is here:
http://www.ntndis.com/downloads.shtml

click on "Windows NT Rootkit Source".

Not sure how that applies to my original question, but
there it is...

__________________________________________________
Do You Yahoo!?
Yahoo! Health - your guide to health and wellness
http://health.yahoo.com

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com