My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
2023/12/13 Council Agenda Packet
>
Council Agenda Packets
>
2023
>
2023/12/13 Council Agenda Packet
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
12/14/2023 8:51:43 AM
Creation date
12/13/2023 5:03:11 PM
Metadata
Fields
Template:
Council Agenda Packet
Date
12/13/2023
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
165
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
Download electronic document
View images
View plain text
What Is a Rootkit? How to Defend and Stop Them? l Fortinet https://www.fortinet.com/resources/cyberglossary/rootkit#:-':text=... <br />camouflage themselves within a user's system. As a result, antivirus solutions that can perform <br />rootkit scans are often required to discover the malware. <br />Rootkit scans search for known attack signatures. One way they go about finding malware is <br />through memory dump analysis, which discovers the instructions that a rootkit executes in a <br />machine's memory. Another method rootkit scans use is behavioral analysis, which searches for <br />rootkit-like behaviors rather than the rootkit itself. This method is capable of alerting users to <br />the presence of a rootkit before they become aware that they are under attack. <br />t sit rot ction -n <br />Rootkits are one of the most difficult malware programs to remove from infected machines. As a <br />result, there is no guaranteed method for recovering a machine infiltrated by a rootkit, but there <br />are steps that users and organizations can take to protect their computers and remove the <br />malware. <br />va <br />Once a rootkit has been detected, the following process should be followed to remove it: <br />1. Back up vital data: The rootkit's reaction upon removal is unpredictable, and it may have <br />defensive measures built in that could affect or damage the machines performance. Back <br />up any important data and files that need to be retained from the machine. <br />2. Boot up in safe mode: Many rootkits attempt to prevent a user from installing security <br />solutions or removing the malware. In this case, restart the machine in safe mode with <br />networking to limit the rootkit's access by pressing F8 in the Windows boot screen. <br />3. Use multiple rootkit scan tools: The wide range of rootkit families means that not all <br />rootkit scans will be capable of discovering them. It is therefore important to use a <br />combination of scanners that offer different capabilities. <br />4. Freeze remainingmalware: Removing the rootkit alone may not always guarantee that the <br />machine is clean. It may have been infected by other malware that remains active or <br />designed to evade rootkit scans. Other security solutions can freeze any malware that <br />remains on the system, which enables malware removal programs to clean up any <br />malicious software. <br />5. Advanced rootkit removal: Some rootkit types are particularly difficult to remove. For <br />example, a firmware or hardware rootkit is unlikely to be removed by standard rootkit <br />scans, and the user may need to back up and wipe their data from the machine and <br />reinstall the OS. However, in the case of a rootkit targeting the BIOS, even a wipe and a <br />reinstall may not be enough to remove the malicious software. This may require the BIOS <br />drive to be wiped and replaced along with a hard reset of the machine. <br />5 of 11 12/17/2021 6• 1 R PM <br />
The URL can be used to link to this page
Your browser does not support the video tag.