Government-Funded Startup Blasts Rootkits
A startup funded by the U.S. government's Defense Advanced Research
Projects Agency is ready to emerge from stealth mode with hardware-
and software-based technologies to fight the rapid spread of malicious
rootkits.
Komoku, of College Park, Md., plans to ship a beta of Gamma, a new
rootkit detection tool that builds on a prototype used by several
sensitive U.S. government departments to find operating system
abnormalities that may be linked to malicious rootkit activity.
A rootkit modifies the flow of the kernel to hide the presence of an
attack or compromise on a machine. It gives a hacker remote user
access to a compromised system while avoiding detection from
anti-virus scanners.
The company's prototype, called CoPilot, is a high-assurance PCI card
capable of monitoring the host's memory and file system at the
hardware level. It is specifically geared towards high-security
servers and computers.
Gamma, meanwhile, is a separate, software-only clone of CoPilot that
will target businesses interested in a low-assurance tool for
protecting laptops and personal computers.
Komoku launched quietly in 2004 with about $2.5 million in funding and
rootkit detection contracts from DARPA, the Department of Homeland
Security and the U.S. Navy.
Full Article:
http://www.eweek.com/article2/0,1895,1951941,00.asp
If you like this article please share it.
The content on this blog may be reprinted provided you do not modify the content and that you give credit to Wizcrafts and provide a link back to the blog home page, or individual blog articles you wish to reprint. Commercial use, or derivative work requires written permission from the author.