Jump to content

vmagecic

Members
  • Posts

    1
  • Joined

  • Last visited

Reputation

0 Neutral
  1. I think that you need to offer a Live CD version that you can boot off to perform virus and rootkit scans. A "good" rootkit will go undetected by any scanner if the system it is infecting is currently running. This is where a Live CD comes in. You boot off the CD and perform a full scan. As long as the system has internet access, you can have the definitions update (everything is stored in memory) and start the scan. Norton has this option on their CD's to boot into their utilities, but Norton is a horrible scanner and only does viruses and worms. Currently, I am using BartPE to build my own BootCD and I put MBAM on it along with Combofix, in the event that one of our machines is infected. If there is also a way to run MBAM from Linux, creating a Linux Live CD is rather trivial now a days. There are already quite a few out there, Linux Defender was pretty decent, but didn't detect certain pieces of malware. There is also SystemRescueCD, but that uses ClamAV and I have had a lot of misses with ClamAV.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.