Malware & Rootkits -- Detection and Prevention [LWE San Francisco 2006]

Malware & Rootkits -- Detection and Prevention
LWE San Francisco 2006

Date: 09:00 on Monday, August 14 2006.
Total time: 3hrs
View plan

The Abstract:

This tutorial will cover techniques for detection and removal of rootkits and other types of malware and
be broken into two parts: the first on malware, and the second on rootkits.

Focus will be given to various types of malware, including explinations of viruses, worms, and trojans.
Due to legal constraints, code examples will not be provided for these types of malware. Examples of
exploits used to write malware, such as buffer overflows will be provided and a short hands-on session
will cover both exploiting these vulnerabilities, as well tips for writing secured software.

The second half of the tutorial will focus on rootkits: what they are, how they are used, and various
means of detection. There will be an interactive lab on both detecting and writing a rootkit tool.

Presentations (Slides)

Lab Exercises

Download all available materials

rootkits.zip
rootkits.tbz2