[转载]Timing Rootkits

信息来源：http://www.kd-team.com/

This time the paper is about a new way of looking at how you can detect the presence of a rootkit on a system mostly targeted at the windows operating system. Like you have probably noticed on our site we have posted alternate ways of detecting a rootkit. Both of the ways where just a simple brute force on a function that hadn’t been hooked by the rootkit. You can find them both in the tool section of our site named “Detect Con” and “Detect Proc”. Like you have already guessed, these methods are not full proof.