Research between North Carolina State and Microsoft has garnered a way to better isolate and centralize kernels--up to 6,000 different kernel hooks--and has stopped nine rootkits. The tool is called HookSafe and runs on Ubuntu Linux 8.04 and uses hardware-based memory. At issue is whether other rootkit technology can bypass this tool, says one rootkit expert. The one hitch so far appears to be a 6 percent performance hit.  Read the full article. [Dark Reading]

Shorten URL: . Click to copy to clipboard or post to Twitter