Rootkit Resources
The following Web sites and books are sources of more information on rootkits:
(마소에서 제공하는 강좌를 볼려면 동영상 플레이에 필요한 파일을 설치해야함)
TechNet On-Demand Webcast: Advanced Malware Cleaning
invalid-file
멀웨어 제거에 관한 파워포인트강의
Learn from Mark how to use the Sysinternals tools to identify malware infestations, from standard spyware to kernel-mode rootkits, and clean them off your systems.
Understanding Malware: Viruses, Spyware and Rootkits
Mark's Microsoft TechEd 2005 webinar covers viruses, spyware, and rootkits.
Sony, Rootkits and Digital Rights Management Gone Too Far
Read Mark's blog entry on his discovery and analysis of a Sony rootkit on one of his computers.
Unearthing Rootkits
Mark's June Windows IT Pro Magazine article provides an overview of rootkit technologies and how RootkitRevealer works.
www.rootkit.com
This site contains sample code for a number of user-mode and kernel-mode rootkits as well as ongoing discussions on how to develop rootkits.
Rootkits: Subverting the Windows Kernel
This book by Greg Hoglund and Jamie Butler is the most comprehensive treatment of rootkits available.
www.phrack.org
This site stores the archive of Phrack, a cracker-oriented magazine where developers discuss flaws in security-related products, rootkit techniques, and other malware tricks.
research.microsoft.com/rootkit/
This is the Microsoft Research rootkit home page where Microsoft publishes papers and information on its efforts to combat rootkits.
The Art of Computer Virus Research and Defense, by Peter Szor
Malware: Fighting Malicious Code, by Ed Skoudis and Lenny Zeltser
Windows Internals, 4th Edition, by Mark Russinovich and Dave Solomon (the book doesn't talk about rootkits, but understanding the Windows architecture is helpful to understanding rootkits).