Security vendors McAfee and Secunia are each offering new freeware aimed at protecting users.
McAfee announced the release July 26 of Rootkit Detective, a tool to help users clean their machines of the most notorious types of weapons hackers have at their disposal. Rootkits can be difficult to detect because they activate before an operating system is completely booted up. According to McAfee, last year the number of rootkits hit 3,284; it has already more than doubled in the first half of this year, to 7,325.
“Rootkit Detective offers the most comprehensive rootkit detection capabilities available today,” Ahmed Sallam, lead research architect at McAfee, said in a statement. “We have achieved extremely high levels of accuracy, using various techniques to find anything that hides itself on a computer.”
Once a rootkit is downloaded, it can be used to hide a backdoor on a computer used by hackers. Rootkit Detective uncovers hidden processes, registry entries and files and lets users safely remove or disable them upon system reboot, according to McAfee, in Santa Clara, Calif. In addition, Rootkit Detective can scan the integrity of a PCs kernel memory and display any modification, which may also point to a system compromise, company officials said.
Since the initial trial release of Rootkit Detective in January, the application has been downloaded more than 110,000 times, they said.
Meanwhile, the Danish security company Secunia has hit the Web with a free security product of its own. The beta version of Secunia Personal Software Inspector is now available for download. According to the company, Secunia PSI works by examining files on a users computer—primarily .exe, .dll and .ocx files—and sending the data to Secunias servers to match it against the data in the Secunia File Signatures Engine to determine the exact applications installed on a users system. This information can then be used to determine if any of the applications are missing security-related updates.
Officials with the Copenhagen-based company said Secunia PSI is not intended to detect whether a system has been compromised, and does not check the integrity of individual files. Instead, it checks specific programs to see if they are vulnerable according to the reported version numbers, company officials said in a posting on Secunias Web site.
Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.
