RUBotted?

Discussion in 'other anti-malware software' started by Someone, Jul 9, 2008.

Thread Status:
Not open for further replies.
  1. Someone

    Someone Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    1,106
    Hi

    I've heard someone over here state that RUBotted is "about the best you can get for the purpose of detecting botnet Trojans. Everything has to go through its network drivers, so no suspicious activity goes unnoticed. And the fact of the matter is that Trojans now comprise over 60% of all malware, with Storm pumping out hundreds of new variants a day."

    And "RUBotted's chance of missing botnet activity are theoretically zero," because "RUBotted replaces Windows' network drivers with its own drivers. It doesn't simply intercept outgoing correspondence; everything has to go through it." so "This is why RUBotted can tell when there is a bot, even if it's masked by a rootkit. It might not give you a filename or a path, but at least it can give you a heads-up."

    Can anyone confirm this? A few months before RUBotted was mentioned and Wilders was quite negative of it, so I'm not sure who's right.

    Thanks
     
  2. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,026
    Location:
    The Netherlands
    Well it does sound interesting, I would also like to know if this is really such a ground breaking method, or nothing new. Is this tech different from the way firewalls work?
     
  3. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Last edited: Jul 9, 2008
Thread Status:
Not open for further replies.