

Linux rootkit detector adds hardware punch to security scanning - Tsiolkovsky
http://gcn.com/articles/2013/09/20/lynuxworks-rootkit-detection-system.aspx

======
MattJ100
But... how does it work? Without such information this article reads little
better than an advertisement.

~~~
exceptione
My thought exactly. My gut feeling says the value is in the range from
"inadequate" to "bullshit" since I cannot see a way in which software on an
external device can run with higher priority than software on the server
itselves to which it is connected.

------
flux_w42
Maybe it injects itself using some hardware hooks, more or less the same way
as described in this this previously submitted article:
[https://news.ycombinator.com/item?id=6393029](https://news.ycombinator.com/item?id=6393029)

With such a hardware root-kit, it could be possible to detect other software
root-kits by looking for patterns in memory and/or other suspicious behaviour.

------
teh_klev
This is a pretty useless fluff article. I am none-the-wiser as to how this
will work to protect my farm of Linux VM's. To add insult to injury the
Lynuxworks website has run out of steam.

------
jimmytidey
At first glance I thought it had a key switch on the front. If it did, then I
would trust it...

